/**
* @return Zend_Mail
* @throws Zend_Mail_Protocol_Exception
*/
public static function getMail(Users_Model_User $user, $subject)
{
$file = CommunityID_Resources::getResourcePath('reminder_mail.txt');
$emailTemplate = file_get_contents($file);
$emailTemplate = str_replace('{userName}', $user->getFullName(), $emailTemplate);
$currentUrl = Zend_OpenId::selfURL();
preg_match('#(.*)/manageusers/sendreminder#', $currentUrl, $matches);
$emailTemplate = str_replace('{registrationURL}', $matches[1] . '/register/eula?token=' . $user->token, $emailTemplate);
// can't use $this->_config 'cause it's a static function
$configEmail = Zend_Registry::get('config')->email;
switch (strtolower($configEmail->transport)) {
case 'smtp':
Zend_Mail::setDefaultTransport(new Zend_Mail_Transport_Smtp($configEmail->host, $configEmail->toArray()));
break;
case 'mock':
Zend_Mail::setDefaultTransport(new Zend_Mail_Transport_Mock());
break;
default:
Zend_Mail::setDefaultTransport(new Zend_Mail_Transport_Sendmail());
}
$mail = new Zend_Mail('UTF-8');
$mail->setBodyText($emailTemplate);
$mail->setFrom($configEmail->supportemail);
$mail->addTo($user->email);
$mail->setSubject($subject);
return $mail;
}
public function direct($config)
{
$currentUrl = urldecode(Zend_OpenId::selfURL());
if ($config->subdomain->enabled) {
$protocol = Monkeys_Controller_Action::getProtocol();
preg_match('#(.*)\\.' . $config->subdomain->hostname . '#', $currentUrl, $matches);
return "{$protocol}://" . ($config->subdomain->use_www ? 'www.' : '') . $config->subdomain->hostname . '/openid/provider';
} else {
preg_match('#(.*)/(identity|openid)?/#', $currentUrl, $matches);
return $matches[1] . '/openid/provider';
}
}
/**
* @return Zend_Mail
* @throws Zend_Mail_Protocol_Exception
*/
public static function getMail(Exception $ex, User $user, $errors)
{
$exceptionClass = get_class($ex);
$stack = $ex->getTraceAsString();
$stackDetail = print_r($errors, true);
$currentUrl = Zend_OpenId::selfURL();
if ($user->role = ROLE_GUEST) {
$userLabel = 'Anonymous';
} else {
$userLabel = $user->getFullName() . '(' . $user->username . ')';
}
$body = <<<EOD
Dear Admin,
An error has occured in your Community-ID installation.
URL requested: {$currentUrl}
By User: {$userLabel}
Exception: {$exceptionClass}
Call stack:
{$stack}
Call stack detail:
{$stackDetail}
EOD;
// can't use $this-_config 'cause it's a static function
$configEmail = Zend_Registry::get('config')->email;
switch (strtolower($configEmail->transport)) {
case 'smtp':
Zend_Mail::setDefaultTransport(new Zend_Mail_Transport_Smtp($configEmail->host, $configEmail->toArray()));
break;
case 'mock':
Zend_Mail::setDefaultTransport(new Zend_Mail_Transport_Mock());
break;
default:
Zend_Mail::setDefaultTransport(new Zend_Mail_Transport_Sendmail());
}
$mail = new Zend_Mail();
$mail->setBodyText($body);
$mail->setFrom($this->_config->email->supportemail);
$mail->addTo($configEmail->adminemail);
$mail->setSubject('Community-ID error report');
return $mail;
}
$dir = realpath(__DIR__ . "/../../..");
set_include_path("{$dir}/incubator/library" . PATH_SEPARATOR . "{$dir}/library" . PATH_SEPARATOR . get_include_path());
/**
* @see Zend_Auth
*/
require_once "Zend/Auth.php";
/**
* @see Zend_Auth_Adapter_OpenId
*/
require_once "Zend/Auth/Adapter/OpenId.php";
$status = "";
$auth = Zend_Auth::getInstance();
if (isset($_POST['openid_action']) && $_POST['openid_action'] == "login" && !empty($_POST['openid_identifier']) || isset($_GET['openid_mode']) || isset($_POST['openid_mode'])) {
$result = $auth->authenticate(new Zend_Auth_Adapter_OpenId(@$_POST['openid_identifier']));
if ($result->isValid()) {
Zend_OpenId::redirect(Zend_OpenId::selfURL());
} else {
$auth->clearIdentity();
foreach ($result->getMessages() as $message) {
$status .= "{$message}<br>\n";
}
}
} else {
if ($auth->hasIdentity()) {
if (isset($_POST['openid_action']) && $_POST['openid_action'] == "logout") {
$auth->clearIdentity();
} else {
$status = "You are logged-in as " . $auth->getIdentity() . "<br>\n";
}
}
}
} else {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!isset($_POST['openid_action']) && isset($_POST['openid_mode'])) {
$ret = $server->handle($_POST, new Zend_OpenId_Extension_Sreg());
} else {
if (isset($_POST['openid_action'])) {
if ($_POST['openid_action'] == 'login' && isset($_POST['openid_url']) && isset($_POST['openid_password'])) {
if (!$server->login($_POST['openid_url'], $_POST['openid_password'])) {
$session->error = 'Wrong identity/password!';
$session->id = $_POST['openid_url'];
}
unset($_GET['openid_action']);
Zend_OpenId::redirect($_SERVER['PHP_SELF'], $_GET);
} else {
if ($_POST['openid_action'] == 'register' && isset($_POST['openid_name']) && isset($_POST['openid_password']) && isset($_POST['openid_password2'])) {
$url = Zend_OpenId::selfURL() . '?openid=' . $_POST['openid_name'];
if ($_POST['openid_password'] != $_POST['openid_password2']) {
$session->name = $_POST['openid_name'];
$session->error = 'Password mismatch.';
header('Location: ' . $_SERVER['PHP_SELF'] . '?openid.action=register');
} else {
if ($server->register($url, $_POST['openid_password'])) {
header('Location: ' . $_SERVER['PHP_SELF'] . '?openid.action=registration_complete&openid.name=' . $_POST['openid_name']);
} else {
$session->error = 'Registration failed. Try another name.';
header('Location: ' . $_SERVER['PHP_SELF'] . '?openid.action=register');
}
}
exit;
} else {
if ($_POST['openid_action'] == 'trust') {
public function idAction()
{
$this->view->headLink()->headLink(array('rel' => 'openid.server', 'href' => $this->_helper->ProviderUrl($this->_config)));
$this->view->headLink()->headLink(array('rel' => 'openid2.provider', 'href' => $this->_helper->ProviderUrl($this->_config)));
$this->view->idUrl = urldecode(Zend_OpenId::selfURL());
}
public function saveaccountinfoAction()
{
$isNewUser = is_null($this->targetUser->id) ? true : false;
if (!$isNewUser && $this->targetUser->id != $this->user->id || $this->_config->ldap->enabled && !$this->_config->ldap->keepRecordsSynced) {
throw new Monkeys_AccessDeniedException();
}
$form = new Users_Form_AccountInfo(null, $this->targetUser);
$formData = $this->_request->getPost();
$form->populate($formData);
if (!$form->isValid($formData)) {
return $this->_redirectInvalidForm($form);
}
$existingUsernameOrEmail = false;
$oldUsername = $this->targetUser->username;
$newUsername = $form->getValue('username');
if ($isNewUser && $this->_usernameAlreadyExists($newUsername) || !$isNewUser && $oldUsername != $newUsername && $this->_usernameAlreadyExists($newUsername)) {
$form->username->addError($this->view->translate('This username is already in use'));
$existingUsernameOrEmail = true;
}
$newEmail = $form->getValue('email');
if ($isNewUser && $this->_emailAlreadyExists($newEmail) || !$isNewUser && $this->targetUser->email != $newEmail && $this->_emailAlreadyExists($newEmail)) {
$form->email->addError($this->view->translate('This E-mail is already in use'));
$existingUsernameOrEmail = true;
}
if ($existingUsernameOrEmail) {
return $this->_redirectInvalidForm($form);
}
if ($this->_config->yubikey->enabled) {
$this->targetUser->auth_type = $form->getValue('authMethod');
$yubikey = trim($form->getValue('yubikey'));
if ($form->getValue('authMethod') == Users_Model_User::AUTH_YUBIKEY) {
// only store or update yubikey for new users or existing that filled in something
if ($isNewUser || $yubikey) {
if (!($publicId = $this->_getYubikeyPublicId($yubikey))) {
$form->yubikey->addError($this->view->translate('Could not validate Yubikey'));
return $this->_redirectInvalidForm($form);
}
$this->targetUser->yubikey_publicid = $publicId;
}
}
}
$this->targetUser->username = $newUsername;
$this->targetUser->firstname = $form->getValue('firstname');
$this->targetUser->lastname = $form->getValue('lastname');
$this->targetUser->email = $newEmail;
if ($isNewUser) {
$this->targetUser->accepted_eula = 1;
$this->targetUser->registration_date = date('Y-m-d');
preg_match('#(.*)/users/profile.*#', Zend_OpenId::selfURL(), $matches);
$this->targetUser->generateOpenId($matches[1]);
$this->targetUser->role = Users_Model_User::ROLE_REGISTERED;
$this->targetUser->setClearPassword($form->getValue('password1'));
}
if ($this->_config->ldap->enabled && $this->_config->ldap->keepRecordsSynced) {
$ldap = Monkeys_Ldap::getInstance();
if ($isNewUser) {
$this->targetUser->setPassword($form->getValue('password1'));
$ldap->add($this->targetUser);
} else {
if ($oldUsername != $newUsername) {
$ldap->modifyUsername($this->targetUser, $oldUsername);
}
$ldap->modify($this->targetUser);
}
// LDAP passwords must not be stored in the DB
$this->targetUser->setPassword('');
}
$this->targetUser->save();
if ($isNewUser) {
$this->targetUser->createDefaultProfile($this->view);
}
/**
* When the form is submitted through a YUI request using a file, an iframe is used,
* so the framework doesn't detected it as ajax, so we have to manually ensure the
* layout is not shown.
*/
$this->_helper->layout->disableLayout();
$this->_forward('accountinfo', null, null, array('userid' => $this->targetUser->id));
}
public function btnLogin_Click($strFormId, $strControlId, $strParameter)
{
require_once "Zend/Auth.php";
require_once "Zend/Auth/Adapter/OpenId.php";
require_once "Zend/Auth/Storage/NonPersistent.php";
$this->txtOpenIdUrl->Text = preg_replace('/\\/$/', '', $this->txtOpenIdUrl->Text);
$status = "";
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate(new Zend_Auth_Adapter_OpenId($this->txtOpenIdUrl->Text));
if ($result->isValid()) {
Zend_OpenId::redirect(Zend_OpenId::selfURL());
} else {
$auth->clearIdentity();
foreach ($result->getMessages() as $message) {
$status .= "{$message}<br>\n";
}
$this->lblMessage->ForeColor = 'red';
$this->lblMessage->Text = 'OpenId: ' . $status;
return false;
}
}
public function getUserWithUsername($username, $generateNewIfMissing = false, Zend_View $view = null)
{
$select = $this->select()->where('username=?', $username);
$user = $this->fetchRow($select);
$ldapOptions = Zend_Registry::get('config')->ldap;
if ($ldapOptions->enabled) {
$ldap = Monkeys_Ldap::getInstance();
try {
$ldapUserData = $ldap->get("cn={$username},{$ldapOptions->baseDn}");
} catch (Exception $e) {
if ($e->getCode() == Monkeys_Ldap::EXCEPTION_SEARCH) {
return false;
}
throw $e;
}
if ($user) {
// this fields are always overridden from what comes from LDAP, because they might change
$user->overrideWithLdapData($ldapUserData);
} else {
// user is registered in LDAP, but not in CID's db
$user = $this->createRow();
$user->registration_date = date('Y-m-d');
$user->overrideWithLdapData($ldapUserData);
if ($user->role != Users_Model_User::ROLE_ADMIN) {
preg_match('#(.*)/users/login/authenticate#', Zend_OpenId::selfURL(), $matches);
$user->generateOpenId($matches[1]);
}
if ($generateNewIfMissing) {
$user->save();
$profileId = $user->createDefaultProfile($view);
$user->generatePersonalInfo($ldapUserData, $profileId);
}
}
}
return $user;
}
