/**
* Change registered email
*
* @return void
*/
public function changeTask()
{
// Set the pathway
$this->_buildPathway();
// Set the page title
$this->_buildTitle();
// Check if the user is logged in
if (User::isGuest()) {
$return = base64_encode(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=' . $this->_task, false, true));
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return, false), Lang::txt('COM_MEMBERS_REGISTER_ERROR_LOGIN_TO_UPDATE'), 'warning');
return;
}
$xprofile = \Hubzero\User\Profile::getInstance(User::get('id'));
$login = $xprofile->get('username');
$email = $xprofile->get('email');
$email_confirmed = $xprofile->get('emailConfirmed');
// Instantiate a new view
$this->view->title = Lang::txt('COM_MEMBERS_REGISTER_CHANGE');
$this->view->login = $login;
$this->view->email = $email;
$this->view->email_confirmed = $email_confirmed;
$this->view->success = false;
// Incoming
$return = urldecode(Request::getVar('return', '/'));
$this->view->return = $return;
// Check if a new email was submitted
$pemail = Request::getVar('email', '', 'post');
$update = Request::getVar('update', '', 'post');
if ($update) {
if (!$pemail) {
$this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_INVALID_EMAIL'));
}
if ($pemail && \Components\Members\Helpers\Utility::validemail($pemail)) {
// Check if the email address was actually changed
if ($pemail == $email) {
// Addresses are the same! Redirect
App::redirect($return, '', 'message', true);
} else {
// New email submitted - attempt to save it
$xprofile = \Hubzero\User\Profile::getInstance($login);
if ($xprofile) {
$dtmodify = Date::toSql();
$xprofile->set('email', $pemail);
$xprofile->set('modifiedDate', $dtmodify);
if ($xprofile->update()) {
$user = User::getInstance($login);
$user->set('email', $pemail);
$user->save();
} else {
$this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_UPDATING_ACCOUNT'));
}
} else {
$this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_UPDATING_ACCOUNT'));
}
// Any errors returned?
if (!$this->getError()) {
// No errors
// Attempt to send a new confirmation code
$confirm = \Components\Members\Helpers\Utility::genemailconfirm();
$xprofile = new \Hubzero\User\Profile();
$xprofile->load($login);
$xprofile->set('emailConfirmed', $confirm);
$xprofile->update();
$subject = Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_CONFIRMATION');
$eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'confirm'));
$eview->option = $this->_option;
$eview->controller = $this->_controller;
$eview->sitename = Config::get('sitename');
$eview->login = $login;
$eview->name = $xprofile->get('name');
$eview->registerDate = $xprofile->get('registerDate');
$eview->baseURL = $this->baseURL;
$eview->confirm = $confirm;
$msg = new \Hubzero\Mail\Message();
$msg->setSubject($subject)->addTo($pemail)->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' Administrator')->addHeader('X-Component', $this->_option);
$message = $eview->loadTemplate(false);
$message = str_replace("\n", "\r\n", $message);
$msg->addPart($message, 'text/plain');
$eview->setLayout('confirm_html');
$message = $eview->loadTemplate();
$message = str_replace("\n", "\r\n", $message);
$msg->addPart($message, 'text/html');
if (!$msg->send()) {
$this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_EMAILING_CONFIRMATION', $pemail));
}
// Show the success form
$this->view->success = true;
}
}
} else {
$this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_INVALID_EMAIL'));
}
}
// Output the view
if ($this->getError()) {
$this->view->email = $pemail;
$this->view->setError($this->getError());
}
$this->view->display();
}
/**
* Send out local password set confirmation token
*
* @return void - redirect to confirm token view
*/
private function sendtoken()
{
// Import helpers/classes
jimport('joomla.mail.helper');
jimport('joomla.user.helper');
// Make sure they're logged in
if ($this->user->isGuest()) {
App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode(Route::url('index.php?option=' . $this->option . '&task=myaccount&active=account&action=sendtoken'))), Lang::txt('You must be a logged in to access this area.'), 'warning');
return;
}
// Make sure this is an auth link account (i.e. no password set)
$hzup = \Hubzero\User\Password::getInstance($this->member->get('id'));
if (!empty($hzup->passhash)) {
App::abort(404, Lang::txt('PLG_MEMBERS_ACCOUNT_NOT_LINKED_ACCOUNT'));
return;
}
// Generate a new random token and hash it
//$token = App::hash(JUserHelper::genRandomPassword());
//$salt = JUserHelper::getSalt('crypt-md5');
//$hashedToken = md5($token.$salt).':'.$salt;
$token = abs(\Components\Members\Helpers\Utility::genemailconfirm());
// Store the hashed token
$this->setToken($token);
// Send the email with the token
$this->sendEmail($token);
// Redirect user to confirm token view page
App::redirect(Route::url($this->member->link() . '&active=account&task=confirmtoken'), Lang::txt('Please check the email associated with this account (' . $this->member->get('email') . ') for your confirmation token!'), 'warning');
return;
}
/**
* Sets the account activation state of a member
*
* @return void
*/
public function stateTask()
{
// Check for request forgeries
Request::checkToken(['get', 'post']);
if (!User::authorise('core.manage', $this->_option) && !User::authorise('core.admin', $this->_option) && !User::authorise('core.edit', $this->_option)) {
App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
}
$state = $this->getTask() == 'confirm' ? 1 : 0;
// Incoming user ID
$ids = Request::getVar('id', array());
$ids = !is_array($ids) ? array($ids) : $ids;
// Do we have an ID?
if (empty($ids)) {
Notify::warning(Lang::txt('COM_MEMBERS_NO_ID'));
return $this->cancelTask();
}
$i = 0;
foreach ($ids as $id) {
// Load the profile
$user = Member::oneOrFail(intval($id));
if ($state) {
$user->set('activation', $state);
} else {
$user->set('activation', Helpers\Utility::genemailconfirm());
}
if (!$user->save()) {
Notify::error($user->getError());
continue;
}
$i++;
}
if ($i) {
Notify::success(Lang::txt('COM_MEMBERS_CONFIRMATION_CHANGED'));
}
$this->cancelTask();
}
/**
* Sets the emailConfirmed state of a member
*
* @return void
*/
public function stateTask($state = 1)
{
// Check for request forgeries
Request::checkToken(['get', 'post']);
// Incoming user ID
$ids = Request::getVar('id', array());
$ids = !is_array($ids) ? array($ids) : $ids;
// Do we have an ID?
if (empty($ids)) {
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_MEMBERS_NO_ID'), 'error');
return;
}
foreach ($ids as $id) {
// Load the profile
$profile = new Profile();
$profile->load(intval($id));
if ($state) {
$profile->set('emailConfirmed', $state);
} else {
$confirm = Helpers\Utility::genemailconfirm();
$profile->set('emailConfirmed', $confirm);
}
if (!$profile->update()) {
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), $profile->getError(), 'error');
return;
}
}
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_MEMBERS_CONFIRMATION_CHANGED'));
}
/**
* Save changes to a profile
* Outputs JSON when called via AJAX, redirects to profile otherwise
*
* @return string JSON
*/
public function saveTask()
{
// Check if they are logged in
if (User::isGuest()) {
return false;
}
Request::checkToken(array('get', 'post'));
$no_html = Request::getVar('no_html', 0);
// Incoming user ID
$id = Request::getInt('id', 0, 'post');
// Do we have an ID?
if (!$id) {
App::abort(404, Lang::txt('COM_MEMBERS_NO_ID'));
}
// Load the profile
$member = Member::oneOrFail($id);
// Name changed?
$name = Request::getVar('name', array(), 'post');
if ($name && !empty($name)) {
$member->set('givenName', trim($name['first']));
$member->set('middleName', trim($name['middle']));
$member->set('surname', trim($name['last']));
$name = implode(' ', $name);
$name = preg_replace('/\\s+/', ' ', $name);
$member->set('name', $name);
}
// Set profile access
$visibility = Request::getVar('profileaccess', null, 'post');
if (!is_null($visibility)) {
$member->set('access', $visibility);
}
// Check email
$oldemail = $member->get('email');
$email = Request::getVar('email', null, 'post');
if (!is_null($email)) {
$member->set('email', (string) $email);
// Unconfirm if the email address changed
if ($oldemail != $email) {
// Get a new confirmation code
$confirm = \Components\Members\Helpers\Utility::genemailconfirm();
$member->set('activation', $confirm);
}
}
// Receieve email updates?
$sendEmail = Request::getVar('sendEmail', null, 'post');
if (!is_null($sendEmail)) {
$member->set('sendEmail', $sendEmail);
}
// Usage agreement
$usageAgreement = Request::getVar('usageAgreement', null, 'post');
if (!is_null($usageAgreement)) {
$member->set('usageAgreement', (int) $usageAgreement);
}
// Are we declining the terms of use?
// If yes we want to set the usage agreement to 0 and profile to private
$declineTOU = Request::getVar('declinetou', 0);
if ($declineTOU) {
$member->set('access', 0);
$member->set('usageAgreement', 0);
}
// Save the changes
if (!$member->save()) {
$this->setError($member->getError());
if ($no_html) {
echo json_encode($this->getErrors());
exit;
}
return $this->editTask($member);
}
// Incoming profile edits
$profile = Request::getVar('profile', array(), 'post', 'none', 2);
$access = Request::getVar('access', array(), 'post');
$field_to_check = Request::getVar('field_to_check', array());
$old = Profile::collect($member->profiles);
$profile = array_merge($old, $profile);
// Compile profile data
foreach ($profile as $key => $data) {
if (isset($profile[$key]) && is_array($profile[$key])) {
$profile[$key] = array_filter($profile[$key]);
}
if (isset($profile[$key . '_other']) && trim($profile[$key . '_other'])) {
if (is_array($profile[$key])) {
$profile[$key][] = $profile[$key . '_other'];
} else {
$profile[$key] = $profile[$key . '_other'];
}
unset($profile[$key . '_other']);
}
}
// Validate profile data
$fields = Field::all()->including(['options', function ($option) {
$option->select('*');
}])->where('action_edit', '!=', Field::STATE_HIDDEN)->ordered()->rows();
$form = new \Hubzero\Form\Form('profile', array('control' => 'profile'));
$form->load(Field::toXml($fields, 'edit', $profile));
$form->bind(new \Hubzero\Config\Registry($profile));
$errors = array('_missing' => array(), '_invalid' => array());
if (!$form->validate($profile)) {
foreach ($form->getErrors() as $key => $error) {
// Filter out fields
if (!empty($field_to_check) && !in_array($key, $field_to_check)) {
continue;
}
if ($error instanceof \Hubzero\Form\Exception\MissingData) {
$errors['_missing'][$key] = (string) $error;
}
$errors['_invalid'][$key] = (string) $error;
$this->setError((string) $error);
}
}
if ($this->getError()) {
if ($no_html) {
echo json_encode($errors);
exit;
}
return $this->editTask($member);
}
// Save profile data
if (!$member->saveProfile($profile, $access)) {
$this->setError($member->getError());
if ($no_html) {
echo json_encode($this->getErrors());
exit;
}
return $this->editTask($member);
}
$email = $member->get('email');
// Make sure certain changes make it back to the user table
if ($member->get('id') == User::get('id')) {
$user = App::get('session')->get('user');
if ($member->get('name') != $user->get('name')) {
$user->set('name', $member->get('name'));
}
// Update session if email is changing
if ($member->get('email') != $user->get('email')) {
$user->set('email', $member->get('email'));
// Add item to session to mark that the user changed emails
// this way we can serve profile images for these users but not all
// unconfirmed users
App::get('session')->set('userchangedemail', 1);
}
App::get('session')->set('user', $user);
}
// Send a new confirmation code AFTER we've successfully saved the changes to the e-mail address
if ($email != $oldemail) {
$this->_sendConfirmationCode($member->get('username'), $email, $confirm);
}
// If were declinging the terms we want to logout user and tell the javascript
if ($declineTOU) {
App::get('auth')->logout();
echo json_encode(array('loggedout' => true));
return;
}
if ($no_html) {
// Output JSON
echo json_encode(array('success' => true));
exit;
}
// Redirect
App::redirect(Route::url('index.php?option=' . $this->_option . ($id ? '&id=' . $id . '&active=profile' : '')));
}
/**
* Save changes to a profile
* Outputs JSON when called via AJAX, redirects to profile otherwise
*
* @return string JSON
*/
public function saveTask()
{
// Check if they are logged in
if (User::isGuest()) {
return false;
}
Request::checkToken(array('get', 'post'));
$no_html = Request::getVar("no_html", 0);
// Incoming user ID
$id = Request::getInt('id', 0, 'post');
// Do we have an ID?
if (!$id) {
App::abort(404, Lang::txt('MEMBERS_NO_ID'));
return;
}
// Incoming profile edits
$p = Request::getVar('profile', array(), 'post', 'none', 2);
$n = Request::getVar('name', array(), 'post');
$a = Request::getVar('access', array(), 'post');
// Load the profile
$profile = \Hubzero\User\Profile::getInstance($id);
$oldemail = $profile->get('email');
if ($n) {
$profile->set('givenName', trim($n['first']));
$profile->set('middleName', trim($n['middle']));
$profile->set('surname', trim($n['last']));
$name = trim($n['first']) . ' ';
$name .= trim($n['middle']) != '' ? trim($n['middle']) . ' ' : '';
$name .= trim($n['last']);
$profile->set('name', $name);
}
if (isset($p['bio'])) {
$profile->set('bio', trim($p['bio']));
}
if (is_array($a) && count($a) > 0) {
foreach ($a as $k => $v) {
$v = intval($v);
if (!in_array($v, array(0, 1, 2, 3, 4))) {
$v = 0;
}
$profile->setParam('access_' . $k, $v);
}
}
if (isset($p['public'])) {
$profile->set('public', $p['public']);
}
// Set some post data for the xregistration class
$tags = trim(Request::getVar('tags', ''));
if (isset($tags)) {
Request::setVar('interests', $tags, 'post');
}
// Instantiate a new \Components\Members\Models\Registration
$xregistration = new \Components\Members\Models\Registration();
$xregistration->loadPOST();
// Push the posted data to the profile
// Note: this is done before the required fields check so, if we need to display the edit form, it'll show all the new changes
if (!is_null($xregistration->_registration['email'])) {
$profile->set('email', $xregistration->_registration['email']);
// Unconfirm if the email address changed
if ($oldemail != $xregistration->_registration['email']) {
// Get a new confirmation code
$confirm = \Components\Members\Helpers\Utility::genemailconfirm();
$profile->set('emailConfirmed', $confirm);
}
}
if (!is_null($xregistration->_registration['countryresident'])) {
$profile->set('countryresident', $xregistration->_registration['countryresident']);
}
if (!is_null($xregistration->_registration['countryorigin'])) {
$profile->set('countryorigin', $xregistration->_registration['countryorigin']);
}
if (!is_null($xregistration->_registration['nativetribe'])) {
$profile->set('nativeTribe', $xregistration->_registration['nativetribe']);
}
if ($xregistration->_registration['org'] != '') {
$profile->set('organization', $xregistration->_registration['org']);
} elseif ($xregistration->_registration['orgtext'] != '') {
$profile->set('organization', $xregistration->_registration['orgtext']);
}
if (!is_null($xregistration->_registration['web'])) {
$profile->set('url', $xregistration->_registration['web']);
}
if (!is_null($xregistration->_registration['phone'])) {
$profile->set('phone', $xregistration->_registration['phone']);
}
if (!is_null($xregistration->_registration['orgtype'])) {
$profile->set('orgtype', $xregistration->_registration['orgtype']);
}
if (!is_null($xregistration->_registration['sex'])) {
$profile->set('gender', $xregistration->_registration['sex']);
}
if (!is_null($xregistration->_registration['disability'])) {
$profile->set('disability', $xregistration->_registration['disability']);
}
if (!is_null($xregistration->_registration['hispanic'])) {
$profile->set('hispanic', $xregistration->_registration['hispanic']);
}
if (!is_null($xregistration->_registration['race'])) {
$profile->set('race', $xregistration->_registration['race']);
}
if (!is_null($xregistration->_registration['mailPreferenceOption'])) {
$profile->set('mailPreferenceOption', $xregistration->_registration['mailPreferenceOption']);
}
if (!is_null($xregistration->_registration['usageAgreement'])) {
$profile->set('usageAgreement', $xregistration->_registration['usageAgreement']);
}
if (!is_null($xregistration->_registration['orcid'])) {
$profile->set('orcid', $xregistration->_registration['orcid']);
}
$field_to_check = Request::getVar("field_to_check", array());
// Check that required fields were filled in properly
if (!$xregistration->check('edit', $profile->get('uidNumber'), $field_to_check)) {
if (!$no_html) {
$this->_task = 'edit';
$this->editTask($xregistration, $profile);
return;
} else {
echo json_encode($xregistration);
exit;
}
}
//are we declining the terms of use
//if yes we want to set the usage agreement to 0 and profile to private
$declineTOU = Request::getVar('declinetou', 0);
if ($declineTOU) {
$profile->set('public', 0);
$profile->set('usageAgreement', 0);
}
// Set the last modified datetime
$profile->set('modifiedDate', Date::toSql());
// Save the changes
if (!$profile->update()) {
App::abort(500, $profile->getError());
return false;
}
// Process tags
if (isset($tags) && in_array('interests', $field_to_check)) {
$mt = new \Components\Members\Models\Tags($id);
$mt->setTags($tags, $id);
}
$email = $profile->get('email');
$name = $profile->get('name');
// Make sure certain changes make it back to the user table
if ($id > 0) {
$user = User::getInstance($id);
$jname = $user->get('name');
$jemail = $user->get('email');
if ($name != trim($jname)) {
$user->set('name', $name);
}
if ($email != trim($jemail)) {
$user->set('email', $email);
}
if ($name != trim($jname) || $email != trim($jemail)) {
if (!$user->save()) {
App::abort(500, Lang::txt($user->getError()));
return false;
}
}
// Update session if name is changing
if ($n && $user->get('name') != App::get('session')->get('user')->get('name')) {
$suser = App::get('session')->get('user');
$user->set('name', $suser->get('name'));
}
// Update session if email is changing
if ($user->get('email') != App::get('session')->get('user')->get('email')) {
$suser = App::get('session')->get('user');
$user->set('email', $suser->get('email'));
// add item to session to mark that the user changed emails
// this way we can serve profile images for these users but not all
// unconfirmed users
$session = App::get('session');
$session->set('userchangedemail', 1);
}
}
// Send a new confirmation code AFTER we've successfully saved the changes to the e-mail address
if ($email != $oldemail) {
$this->_message = $this->_sendConfirmationCode($profile->get('username'), $email, $confirm);
}
//if were declinging the terms we want to logout user and tell the javascript
if ($declineTOU) {
App::get('auth')->logout();
echo json_encode(array('loggedout' => true));
return;
}
if (!$no_html) {
// Redirect
App::redirect(Route::url('index.php?option=' . $this->_option . ($id ? '&id=' . $id . '&active=profile' : '')), $this->_message);
} else {
// Output JSON
echo json_encode(array('success' => true));
}
}
