$sql = 'alter table ' . $g_tbl_praefix . '_members add constraint ' . $g_tbl_praefix . '_FK_MEM_ROL foreign key (mem_rol_id) references ' . $g_tbl_praefix . '_roles (rol_id) on delete restrict on update restrict'; $gDb->query($sql, false); $sql = 'alter table ' . $g_tbl_praefix . '_members add constraint ' . $g_tbl_praefix . '_FK_MEM_USR foreign key (mem_usr_id) references ' . $g_tbl_praefix . '_users (usr_id) on delete restrict on update restrict'; $gDb->query($sql, false); $sql = 'create index IDX_' . $g_tbl_praefix . '_MEM_ROL_USR_ID on ' . TBL_MEMBERS . ' (mem_rol_id, mem_usr_id)'; $gDb->query($sql); $sql = 'UPDATE ' . TBL_ROLES . ' SET rol_webmaster = 1 WHERE rol_name = \'' . $gL10n->get('SYS_WEBMASTER') . '\' '; $gDb->query($sql); // convert <br /> to a normal line feed $emailText = preg_replace('/<br[[:space:]]*\\/?[[:space:]]*>/', chr(13) . chr(10), $gL10n->get('SYS_SYSMAIL_REFUSE_REGISTRATION')); // create new system user $systemUser = new TableUsers($gDb); $systemUser->setValue('usr_login_name', $gL10n->get('SYS_SYSTEM')); $systemUser->setValue('usr_valid', '0'); $systemUser->setValue('usr_timestamp_create', DATETIME_NOW); $systemUser->save(false); // no registered user -> UserIdCreate couldn't be filled $sql = 'SELECT usf_id FROM ' . TBL_USER_FIELDS . ' WHERE usf_name_intern = \'LAST_NAME\''; $pdoStatement = $gDb->query($sql); $usfRow = $pdoStatement->fetch(); $sql = 'INSERT INTO ' . TBL_USER_DATA . ' (usd_usf_id, usd_usr_id, usd_value) VALUES (' . $usfRow['usf_id'] . ', ' . $systemUser->getValue('usr_id') . ', \'' . $gL10n->get('SYS_SYSTEM') . '\')'; $gDb->query($sql); $sql = 'UPDATE ' . TBL_MEMBERS . ' SET mem_usr_id_create = ' . $systemUser->getValue('usr_id') . ' , mem_timestamp_create = \'' . DATETIME_NOW . '\''; $gDb->query($sql); $sql = 'UPDATE ' . TBL_MEMBERS . ' SET mem_usr_id_create = ' . $systemUser->getValue('usr_id') . ' , mem_timestamp_create = \'' . DATETIME_NOW . '\'';
* * @copyright 2004-2016 The Admidio Team * @see http://www.admidio.org/ * @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only * * Parameters: * * aid .. Activation id for confirmation of new password * usr_id .. Id of the user who wants a new password *********************************************************************************************** */ require_once 'common.php'; // Initialize and check the parameters $getActivationId = admFuncVariableIsValid($_GET, 'aid', 'string', array('requireValue' => true)); $getUserId = admFuncVariableIsValid($_GET, 'usr_id', 'int', array('requireValue' => true)); // Systemmails und Passwort zusenden muessen aktiviert sein if ($gPreferences['enable_system_mails'] != 1 || $gPreferences['enable_password_recovery'] != 1) { $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } $user = new TableUsers($gDb, $getUserId); if ($user->getValue('usr_activation_code') === $getActivationId) { // activate the new password $user->setPassword($user->getValue('usr_new_password'), false, false); $user->setPassword('', true, false); $user->setValue('usr_activation_code', ''); $user->save(); $gMessage->setForwardUrl($g_root_path . '/adm_program/system/login.php', 2000); $gMessage->show($gL10n->get('SYS_PWACT_PW_SAVED')); } else { $gMessage->show($gL10n->get('SYS_PWACT_CODE_INVALID')); }
$db->query($sql); if ($gDbType === 'postgresql') { // soundex is not a default function in PostgreSQL $sql = 'UPDATE ' . TBL_PREFERENCES . ' SET prf_value = \'0\' WHERE prf_name LIKE \'system_search_similar\''; $db->query($sql); } // create new organization $gCurrentOrganization = new Organization($db, $_SESSION['orga_shortname']); $gCurrentOrganization->setValue('org_longname', $_SESSION['orga_longname']); $gCurrentOrganization->setValue('org_shortname', $_SESSION['orga_shortname']); $gCurrentOrganization->setValue('org_homepage', $_SERVER['HTTP_HOST']); $gCurrentOrganization->save(); // create user webmaster and assign roles $webmaster = new TableUsers($db); $webmaster->setValue('usr_login_name', $_SESSION['user_login']); $webmaster->setPassword($_SESSION['user_password']); $webmaster->setValue('usr_usr_id_create', $gCurrentUser->getValue('usr_id')); $webmaster->setValue('usr_timestamp_create', DATETIME_NOW); $webmaster->save(false); // no registered user -> UserIdCreate couldn't be filled // write all preferences from preferences.php in table adm_preferences require_once 'db_scripts/preferences.php'; // set some specific preferences whose values came from user input of the installation wizard $orga_preferences['email_administrator'] = $_SESSION['orga_email']; $orga_preferences['system_language'] = $language; // calculate the best cost value for your server performance $benchmarkResults = PasswordHashing::costBenchmark(); $orga_preferences['system_hashing_cost'] = $benchmarkResults['cost']; // create all necessary data for this organization $gCurrentOrganization->setPreferences($orga_preferences, false);
/** * Set a new value for a column of the database table if the column has the prefix @b usr_ * otherwise the value of the profile field of the table adm_user_data will set. * If the user log is activated than the change of the value will be logged in @b adm_user_log. * The value is only saved in the object. You must call the method @b save to store the new value to the database * @param string $columnName The name of the database column whose value should get a new value or the * internal unique profile field name * @param mixed $newValue The new value that should be stored in the database field * @param bool $checkValue The value will be checked if it's valid. If set to @b false than the value will * not be checked. * @return bool Returns @b true if the value is stored in the current object and @b false if a check failed * @par Examples * @code // set data of adm_users column * $gCurrentUser->getValue('usr_login_name', 'Admidio'); * // reads data of adm_user_fields * $gCurrentUser->getValue('EMAIL', '*****@*****.**'); @endcode */ public function setValue($columnName, $newValue, $checkValue = true) { global $gCurrentUser, $gPreferences; $returnCode = true; $oldFieldValue = $this->mProfileFieldsData->getValue($columnName, 'database'); if (strpos($columnName, 'usr_') !== 0) { // user data from adm_user_fields table // only to a update if value has changed if (strcmp($newValue, $oldFieldValue) !== 0) { // Disabled fields can only be edited by users with the right "edit_users" except on registration. // Here is no need to check hidden fields because we check on save() method that only users who // can edit the profile are allowed to save and change data. if ($this->mProfileFieldsData->getProperty($columnName, 'usf_disabled') == 0 || $this->mProfileFieldsData->getProperty($columnName, 'usf_disabled') == 1 && $gCurrentUser->hasRightEditProfile($this, false) || $gCurrentUser->getValue('usr_id') == 0 && $this->getValue('usr_id') == 0) { $returnCode = $this->mProfileFieldsData->setValue($columnName, $newValue); } } } else { // users data from adm_users table $returnCode = parent::setValue($columnName, $newValue); } $newFieldValue = $this->mProfileFieldsData->getValue($columnName, 'database'); // Nicht alle Aenderungen werden geloggt. Ausnahmen: // usr_id ist Null, wenn der User neu angelegt wird. Das wird bereits dokumentiert. // Felder, die mit usr_ beginnen, werden nicht geloggt // Falls die Feldwerte sich nicht geaendert haben, wird natuerlich ebenfalls nicht geloggt if ($gPreferences['profile_log_edit_fields'] == 1 && $this->getValue('usr_id') != 0 && strpos($columnName, 'usr_') === false && $newFieldValue !== $oldFieldValue && $returnCode === true) { $logEntry = new TableAccess($this->db, TBL_USER_LOG, 'usl'); $logEntry->setValue('usl_usr_id', $this->getValue('usr_id')); $logEntry->setValue('usl_usf_id', $this->mProfileFieldsData->getProperty($columnName, 'usf_id')); $logEntry->setValue('usl_value_old', $oldFieldValue); $logEntry->setValue('usl_value_new', $newFieldValue); $logEntry->setValue('usl_comm', ''); $logEntry->save(); } return $returnCode; }
* Activate new password * * Copyright : (c) 2004 - 2015 The Admidio Team * Homepage : http://www.admidio.org * License : GNU Public License 2 http://www.gnu.org/licenses/gpl-2.0.html * * Parameters: * * aid .. Activation id for confirmation of new password * usr_id .. Id of the user who wants a new password *****************************************************************************/ require_once 'common.php'; // Initialize and check the parameters $getActivationId = admFuncVariableIsValid($_GET, 'aid', 'string', array('requireValue' => true)); $getUserId = admFuncVariableIsValid($_GET, 'usr_id', 'numeric', array('requireValue' => true)); // Systemmails und Passwort zusenden muessen aktiviert sein if ($gPreferences['enable_system_mails'] != 1 || $gPreferences['enable_password_recovery'] != 1) { $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } $user = new TableUsers($gDb, $getUserId); if ($user->getValue('usr_activation_code') == $getActivationId) { // activate the new password $user->setValue('usr_password', $user->getValue('usr_new_password')); $user->setValue('usr_new_password', ''); $user->setValue('usr_activation_code', ''); $user->save(); $gMessage->setForwardUrl($g_root_path . '/adm_program/system/login.php', 2000); $gMessage->show($gL10n->get('SYS_PWACT_PW_SAVED')); } else { $gMessage->show($gL10n->get('SYS_PWACT_CODE_INVALID')); }