/** * Change registered email * * @return void */ public function changeTask() { // Set the pathway $this->_buildPathway(); // Set the page title $this->_buildTitle(); // Check if the user is logged in if (User::isGuest()) { $return = base64_encode(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=' . $this->_task, false, true)); App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return, false), Lang::txt('COM_MEMBERS_REGISTER_ERROR_LOGIN_TO_UPDATE'), 'warning'); return; } $xprofile = \Hubzero\User\Profile::getInstance(User::get('id')); $login = $xprofile->get('username'); $email = $xprofile->get('email'); $email_confirmed = $xprofile->get('emailConfirmed'); // Instantiate a new view $this->view->title = Lang::txt('COM_MEMBERS_REGISTER_CHANGE'); $this->view->login = $login; $this->view->email = $email; $this->view->email_confirmed = $email_confirmed; $this->view->success = false; // Incoming $return = urldecode(Request::getVar('return', '/')); $this->view->return = $return; // Check if a new email was submitted $pemail = Request::getVar('email', '', 'post'); $update = Request::getVar('update', '', 'post'); if ($update) { if (!$pemail) { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_INVALID_EMAIL')); } if ($pemail && \Components\Members\Helpers\Utility::validemail($pemail)) { // Check if the email address was actually changed if ($pemail == $email) { // Addresses are the same! Redirect App::redirect($return, '', 'message', true); } else { // New email submitted - attempt to save it $xprofile = \Hubzero\User\Profile::getInstance($login); if ($xprofile) { $dtmodify = Date::toSql(); $xprofile->set('email', $pemail); $xprofile->set('modifiedDate', $dtmodify); if ($xprofile->update()) { $user = User::getInstance($login); $user->set('email', $pemail); $user->save(); } else { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_UPDATING_ACCOUNT')); } } else { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_UPDATING_ACCOUNT')); } // Any errors returned? if (!$this->getError()) { // No errors // Attempt to send a new confirmation code $confirm = \Components\Members\Helpers\Utility::genemailconfirm(); $xprofile = new \Hubzero\User\Profile(); $xprofile->load($login); $xprofile->set('emailConfirmed', $confirm); $xprofile->update(); $subject = Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_CONFIRMATION'); $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'confirm')); $eview->option = $this->_option; $eview->controller = $this->_controller; $eview->sitename = Config::get('sitename'); $eview->login = $login; $eview->name = $xprofile->get('name'); $eview->registerDate = $xprofile->get('registerDate'); $eview->baseURL = $this->baseURL; $eview->confirm = $confirm; $msg = new \Hubzero\Mail\Message(); $msg->setSubject($subject)->addTo($pemail)->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' Administrator')->addHeader('X-Component', $this->_option); $message = $eview->loadTemplate(false); $message = str_replace("\n", "\r\n", $message); $msg->addPart($message, 'text/plain'); $eview->setLayout('confirm_html'); $message = $eview->loadTemplate(); $message = str_replace("\n", "\r\n", $message); $msg->addPart($message, 'text/html'); if (!$msg->send()) { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_EMAILING_CONFIRMATION', $pemail)); } // Show the success form $this->view->success = true; } } } else { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_INVALID_EMAIL')); } } // Output the view if ($this->getError()) { $this->view->email = $pemail; $this->view->setError($this->getError()); } $this->view->display(); }
/** * Send out local password set confirmation token * * @return void - redirect to confirm token view */ private function sendtoken() { // Import helpers/classes jimport('joomla.mail.helper'); jimport('joomla.user.helper'); // Make sure they're logged in if ($this->user->isGuest()) { App::redirect(Route::url('index.php?option=com_users&view=login&return=' . base64_encode(Route::url('index.php?option=' . $this->option . '&task=myaccount&active=account&action=sendtoken'))), Lang::txt('You must be a logged in to access this area.'), 'warning'); return; } // Make sure this is an auth link account (i.e. no password set) $hzup = \Hubzero\User\Password::getInstance($this->member->get('id')); if (!empty($hzup->passhash)) { App::abort(404, Lang::txt('PLG_MEMBERS_ACCOUNT_NOT_LINKED_ACCOUNT')); return; } // Generate a new random token and hash it //$token = App::hash(JUserHelper::genRandomPassword()); //$salt = JUserHelper::getSalt('crypt-md5'); //$hashedToken = md5($token.$salt).':'.$salt; $token = abs(\Components\Members\Helpers\Utility::genemailconfirm()); // Store the hashed token $this->setToken($token); // Send the email with the token $this->sendEmail($token); // Redirect user to confirm token view page App::redirect(Route::url($this->member->link() . '&active=account&task=confirmtoken'), Lang::txt('Please check the email associated with this account (' . $this->member->get('email') . ') for your confirmation token!'), 'warning'); return; }
/** * Sets the account activation state of a member * * @return void */ public function stateTask() { // Check for request forgeries Request::checkToken(['get', 'post']); if (!User::authorise('core.manage', $this->_option) && !User::authorise('core.admin', $this->_option) && !User::authorise('core.edit', $this->_option)) { App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR')); } $state = $this->getTask() == 'confirm' ? 1 : 0; // Incoming user ID $ids = Request::getVar('id', array()); $ids = !is_array($ids) ? array($ids) : $ids; // Do we have an ID? if (empty($ids)) { Notify::warning(Lang::txt('COM_MEMBERS_NO_ID')); return $this->cancelTask(); } $i = 0; foreach ($ids as $id) { // Load the profile $user = Member::oneOrFail(intval($id)); if ($state) { $user->set('activation', $state); } else { $user->set('activation', Helpers\Utility::genemailconfirm()); } if (!$user->save()) { Notify::error($user->getError()); continue; } $i++; } if ($i) { Notify::success(Lang::txt('COM_MEMBERS_CONFIRMATION_CHANGED')); } $this->cancelTask(); }
/** * Sets the emailConfirmed state of a member * * @return void */ public function stateTask($state = 1) { // Check for request forgeries Request::checkToken(['get', 'post']); // Incoming user ID $ids = Request::getVar('id', array()); $ids = !is_array($ids) ? array($ids) : $ids; // Do we have an ID? if (empty($ids)) { App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_MEMBERS_NO_ID'), 'error'); return; } foreach ($ids as $id) { // Load the profile $profile = new Profile(); $profile->load(intval($id)); if ($state) { $profile->set('emailConfirmed', $state); } else { $confirm = Helpers\Utility::genemailconfirm(); $profile->set('emailConfirmed', $confirm); } if (!$profile->update()) { App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), $profile->getError(), 'error'); return; } } App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_MEMBERS_CONFIRMATION_CHANGED')); }
/** * Save changes to a profile * Outputs JSON when called via AJAX, redirects to profile otherwise * * @return string JSON */ public function saveTask() { // Check if they are logged in if (User::isGuest()) { return false; } Request::checkToken(array('get', 'post')); $no_html = Request::getVar('no_html', 0); // Incoming user ID $id = Request::getInt('id', 0, 'post'); // Do we have an ID? if (!$id) { App::abort(404, Lang::txt('COM_MEMBERS_NO_ID')); } // Load the profile $member = Member::oneOrFail($id); // Name changed? $name = Request::getVar('name', array(), 'post'); if ($name && !empty($name)) { $member->set('givenName', trim($name['first'])); $member->set('middleName', trim($name['middle'])); $member->set('surname', trim($name['last'])); $name = implode(' ', $name); $name = preg_replace('/\\s+/', ' ', $name); $member->set('name', $name); } // Set profile access $visibility = Request::getVar('profileaccess', null, 'post'); if (!is_null($visibility)) { $member->set('access', $visibility); } // Check email $oldemail = $member->get('email'); $email = Request::getVar('email', null, 'post'); if (!is_null($email)) { $member->set('email', (string) $email); // Unconfirm if the email address changed if ($oldemail != $email) { // Get a new confirmation code $confirm = \Components\Members\Helpers\Utility::genemailconfirm(); $member->set('activation', $confirm); } } // Receieve email updates? $sendEmail = Request::getVar('sendEmail', null, 'post'); if (!is_null($sendEmail)) { $member->set('sendEmail', $sendEmail); } // Usage agreement $usageAgreement = Request::getVar('usageAgreement', null, 'post'); if (!is_null($usageAgreement)) { $member->set('usageAgreement', (int) $usageAgreement); } // Are we declining the terms of use? // If yes we want to set the usage agreement to 0 and profile to private $declineTOU = Request::getVar('declinetou', 0); if ($declineTOU) { $member->set('access', 0); $member->set('usageAgreement', 0); } // Save the changes if (!$member->save()) { $this->setError($member->getError()); if ($no_html) { echo json_encode($this->getErrors()); exit; } return $this->editTask($member); } // Incoming profile edits $profile = Request::getVar('profile', array(), 'post', 'none', 2); $access = Request::getVar('access', array(), 'post'); $field_to_check = Request::getVar('field_to_check', array()); $old = Profile::collect($member->profiles); $profile = array_merge($old, $profile); // Compile profile data foreach ($profile as $key => $data) { if (isset($profile[$key]) && is_array($profile[$key])) { $profile[$key] = array_filter($profile[$key]); } if (isset($profile[$key . '_other']) && trim($profile[$key . '_other'])) { if (is_array($profile[$key])) { $profile[$key][] = $profile[$key . '_other']; } else { $profile[$key] = $profile[$key . '_other']; } unset($profile[$key . '_other']); } } // Validate profile data $fields = Field::all()->including(['options', function ($option) { $option->select('*'); }])->where('action_edit', '!=', Field::STATE_HIDDEN)->ordered()->rows(); $form = new \Hubzero\Form\Form('profile', array('control' => 'profile')); $form->load(Field::toXml($fields, 'edit', $profile)); $form->bind(new \Hubzero\Config\Registry($profile)); $errors = array('_missing' => array(), '_invalid' => array()); if (!$form->validate($profile)) { foreach ($form->getErrors() as $key => $error) { // Filter out fields if (!empty($field_to_check) && !in_array($key, $field_to_check)) { continue; } if ($error instanceof \Hubzero\Form\Exception\MissingData) { $errors['_missing'][$key] = (string) $error; } $errors['_invalid'][$key] = (string) $error; $this->setError((string) $error); } } if ($this->getError()) { if ($no_html) { echo json_encode($errors); exit; } return $this->editTask($member); } // Save profile data if (!$member->saveProfile($profile, $access)) { $this->setError($member->getError()); if ($no_html) { echo json_encode($this->getErrors()); exit; } return $this->editTask($member); } $email = $member->get('email'); // Make sure certain changes make it back to the user table if ($member->get('id') == User::get('id')) { $user = App::get('session')->get('user'); if ($member->get('name') != $user->get('name')) { $user->set('name', $member->get('name')); } // Update session if email is changing if ($member->get('email') != $user->get('email')) { $user->set('email', $member->get('email')); // Add item to session to mark that the user changed emails // this way we can serve profile images for these users but not all // unconfirmed users App::get('session')->set('userchangedemail', 1); } App::get('session')->set('user', $user); } // Send a new confirmation code AFTER we've successfully saved the changes to the e-mail address if ($email != $oldemail) { $this->_sendConfirmationCode($member->get('username'), $email, $confirm); } // If were declinging the terms we want to logout user and tell the javascript if ($declineTOU) { App::get('auth')->logout(); echo json_encode(array('loggedout' => true)); return; } if ($no_html) { // Output JSON echo json_encode(array('success' => true)); exit; } // Redirect App::redirect(Route::url('index.php?option=' . $this->_option . ($id ? '&id=' . $id . '&active=profile' : ''))); }
/** * Save changes to a profile * Outputs JSON when called via AJAX, redirects to profile otherwise * * @return string JSON */ public function saveTask() { // Check if they are logged in if (User::isGuest()) { return false; } Request::checkToken(array('get', 'post')); $no_html = Request::getVar("no_html", 0); // Incoming user ID $id = Request::getInt('id', 0, 'post'); // Do we have an ID? if (!$id) { App::abort(404, Lang::txt('MEMBERS_NO_ID')); return; } // Incoming profile edits $p = Request::getVar('profile', array(), 'post', 'none', 2); $n = Request::getVar('name', array(), 'post'); $a = Request::getVar('access', array(), 'post'); // Load the profile $profile = \Hubzero\User\Profile::getInstance($id); $oldemail = $profile->get('email'); if ($n) { $profile->set('givenName', trim($n['first'])); $profile->set('middleName', trim($n['middle'])); $profile->set('surname', trim($n['last'])); $name = trim($n['first']) . ' '; $name .= trim($n['middle']) != '' ? trim($n['middle']) . ' ' : ''; $name .= trim($n['last']); $profile->set('name', $name); } if (isset($p['bio'])) { $profile->set('bio', trim($p['bio'])); } if (is_array($a) && count($a) > 0) { foreach ($a as $k => $v) { $v = intval($v); if (!in_array($v, array(0, 1, 2, 3, 4))) { $v = 0; } $profile->setParam('access_' . $k, $v); } } if (isset($p['public'])) { $profile->set('public', $p['public']); } // Set some post data for the xregistration class $tags = trim(Request::getVar('tags', '')); if (isset($tags)) { Request::setVar('interests', $tags, 'post'); } // Instantiate a new \Components\Members\Models\Registration $xregistration = new \Components\Members\Models\Registration(); $xregistration->loadPOST(); // Push the posted data to the profile // Note: this is done before the required fields check so, if we need to display the edit form, it'll show all the new changes if (!is_null($xregistration->_registration['email'])) { $profile->set('email', $xregistration->_registration['email']); // Unconfirm if the email address changed if ($oldemail != $xregistration->_registration['email']) { // Get a new confirmation code $confirm = \Components\Members\Helpers\Utility::genemailconfirm(); $profile->set('emailConfirmed', $confirm); } } if (!is_null($xregistration->_registration['countryresident'])) { $profile->set('countryresident', $xregistration->_registration['countryresident']); } if (!is_null($xregistration->_registration['countryorigin'])) { $profile->set('countryorigin', $xregistration->_registration['countryorigin']); } if (!is_null($xregistration->_registration['nativetribe'])) { $profile->set('nativeTribe', $xregistration->_registration['nativetribe']); } if ($xregistration->_registration['org'] != '') { $profile->set('organization', $xregistration->_registration['org']); } elseif ($xregistration->_registration['orgtext'] != '') { $profile->set('organization', $xregistration->_registration['orgtext']); } if (!is_null($xregistration->_registration['web'])) { $profile->set('url', $xregistration->_registration['web']); } if (!is_null($xregistration->_registration['phone'])) { $profile->set('phone', $xregistration->_registration['phone']); } if (!is_null($xregistration->_registration['orgtype'])) { $profile->set('orgtype', $xregistration->_registration['orgtype']); } if (!is_null($xregistration->_registration['sex'])) { $profile->set('gender', $xregistration->_registration['sex']); } if (!is_null($xregistration->_registration['disability'])) { $profile->set('disability', $xregistration->_registration['disability']); } if (!is_null($xregistration->_registration['hispanic'])) { $profile->set('hispanic', $xregistration->_registration['hispanic']); } if (!is_null($xregistration->_registration['race'])) { $profile->set('race', $xregistration->_registration['race']); } if (!is_null($xregistration->_registration['mailPreferenceOption'])) { $profile->set('mailPreferenceOption', $xregistration->_registration['mailPreferenceOption']); } if (!is_null($xregistration->_registration['usageAgreement'])) { $profile->set('usageAgreement', $xregistration->_registration['usageAgreement']); } if (!is_null($xregistration->_registration['orcid'])) { $profile->set('orcid', $xregistration->_registration['orcid']); } $field_to_check = Request::getVar("field_to_check", array()); // Check that required fields were filled in properly if (!$xregistration->check('edit', $profile->get('uidNumber'), $field_to_check)) { if (!$no_html) { $this->_task = 'edit'; $this->editTask($xregistration, $profile); return; } else { echo json_encode($xregistration); exit; } } //are we declining the terms of use //if yes we want to set the usage agreement to 0 and profile to private $declineTOU = Request::getVar('declinetou', 0); if ($declineTOU) { $profile->set('public', 0); $profile->set('usageAgreement', 0); } // Set the last modified datetime $profile->set('modifiedDate', Date::toSql()); // Save the changes if (!$profile->update()) { App::abort(500, $profile->getError()); return false; } // Process tags if (isset($tags) && in_array('interests', $field_to_check)) { $mt = new \Components\Members\Models\Tags($id); $mt->setTags($tags, $id); } $email = $profile->get('email'); $name = $profile->get('name'); // Make sure certain changes make it back to the user table if ($id > 0) { $user = User::getInstance($id); $jname = $user->get('name'); $jemail = $user->get('email'); if ($name != trim($jname)) { $user->set('name', $name); } if ($email != trim($jemail)) { $user->set('email', $email); } if ($name != trim($jname) || $email != trim($jemail)) { if (!$user->save()) { App::abort(500, Lang::txt($user->getError())); return false; } } // Update session if name is changing if ($n && $user->get('name') != App::get('session')->get('user')->get('name')) { $suser = App::get('session')->get('user'); $user->set('name', $suser->get('name')); } // Update session if email is changing if ($user->get('email') != App::get('session')->get('user')->get('email')) { $suser = App::get('session')->get('user'); $user->set('email', $suser->get('email')); // add item to session to mark that the user changed emails // this way we can serve profile images for these users but not all // unconfirmed users $session = App::get('session'); $session->set('userchangedemail', 1); } } // Send a new confirmation code AFTER we've successfully saved the changes to the e-mail address if ($email != $oldemail) { $this->_message = $this->_sendConfirmationCode($profile->get('username'), $email, $confirm); } //if were declinging the terms we want to logout user and tell the javascript if ($declineTOU) { App::get('auth')->logout(); echo json_encode(array('loggedout' => true)); return; } if (!$no_html) { // Redirect App::redirect(Route::url('index.php?option=' . $this->_option . ($id ? '&id=' . $id . '&active=profile' : '')), $this->_message); } else { // Output JSON echo json_encode(array('success' => true)); } }