/** * Method to parse and send invites * * @return void */ public function doinviteTask() { // Check if they're logged in if (User::isGuest()) { $this->loginTask(Lang::txt('COM_GROUPS_INVITE_MUST_BE_LOGGED_IN')); return; } Request::checkToken(); //check to make sure we have cname if (!$this->cn) { $this->_errorHandler(400, Lang::txt('COM_GROUPS_ERROR_NO_ID')); } // Load the group page $this->view->group = Group::getInstance($this->cn); // Ensure we found the group info if (!$this->view->group || !$this->view->group->get('gidNumber')) { $this->_errorHandler(404, Lang::txt('COM_GROUPS_ERROR_NOT_FOUND')); } // Check authorization if ($this->_authorize() != 'manager' && !$this->_authorizedForTask('group.invite')) { $this->_errorHandler(403, Lang::txt('COM_GROUPS_ERROR_NOT_AUTH')); } //get request vars $logins = trim(Request::getVar('logins', '')); $msg = trim(Request::getVar('msg', '')); if (!$logins) { $this->setNotification(Lang::txt('COM_GROUPS_INVITE_MUST_ENTER_DATA'), 'error'); $this->inviteTask(); return; } // Get all the group's members $members = $this->view->group->get('members'); $applicants = $this->view->group->get('applicants'); $current_invitees = $this->view->group->get('invitees'); // Get invite emails $group_inviteemails = new \Hubzero\User\Group\InviteEmail(); $current_inviteemails = $group_inviteemails->getInviteEmails($this->view->group->get('gidNumber'), true); //vars needed $invitees = array(); $inviteemails = array(); $badentries = array(); $apps = array(); $mems = array(); // Explode the string of logins/e-mails into an array $la = preg_split("/[,;]/", $logins); $la = array_map('trim', $la); // turn usernames into proper IDs foreach ($la as $k => $l) { // ignore uids & email addresses if (!is_numeric($l) && strpos($l, '@') === false) { // load by username $profile = User::getInstance($l); if ($profile && $profile->get('id')) { unset($la[$k]); $la[] = $profile->get('id'); } } } // handle each entered foreach ($la as $l) { // If it was a user id if (is_numeric($l)) { $user = User::getInstance($l); $uid = $user->get('id'); // Ensure we found an account if ($uid != '') { // If not a member if (!in_array($uid, $members) && !in_array($uid, $current_invitees)) { // If an applicant // Make applicant a member if (in_array($uid, $applicants)) { $apps[] = $uid; $mems[] = $uid; } else { $invitees[] = $uid; } } else { $badentries[] = array($uid, Lang::txt('COM_GROUPS_INVITE_USER_IS_ALREADY_MEMBER')); } } } else { require_once PATH_CORE . DS . 'components' . DS . 'com_members' . DS . 'helpers' . DS . 'utility.php'; // If not a userid check if proper email if (\Components\Members\Helpers\Utility::validemail($l)) { // Try to find an account that might match this e-mail $this->database->setQuery("SELECT u.id FROM `#__users` AS u WHERE u.email=" . $this->database->quote($l) . " OR u.email LIKE " . $this->database->quote($l . '%') . " LIMIT 1;"); $uid = $this->database->loadResult(); if (!$this->database->query()) { $this->setNotification($this->database->getErrorMsg(), 'error'); } // If we found an ID, add it to the invitees list if ($uid) { // Check if user is already member or invitee // Check if applicant remove from applicants and add as member // Check if in current email invitee if not add a new email invite if (in_array($uid, $members) || in_array($uid, $current_invitees)) { $badentries[] = array($uid, Lang::txt('COM_GROUPS_INVITE_USER_IS_ALREADY_MEMBER')); } elseif (in_array($uid, $applicants)) { $apps[] = $uid; $mems[] = $uid; } else { $invitees[] = $uid; } } else { if (!in_array($l, $current_inviteemails)) { $inviteemails[] = array('email' => $l, 'gidNumber' => $this->view->group->get('gidNumber'), 'token' => $this->_randomString(32)); } else { $badentries[] = array($l, Lang::txt('COM_GROUPS_INVITE_EMAIL_ALREADY_INVITED')); } } } else { $badentries[] = array($l, Lang::txt('COM_GROUPS_INVITE_EMAIL_NOT_VALID')); } } } // Add the users to the invitee list and save $this->view->group->remove('applicants', $apps); $this->view->group->add('members', $mems); $this->view->group->add('invitees', $invitees); $this->view->group->update(); // Add the inviteemails foreach ($inviteemails as $ie) { $group_inviteemails = new \Hubzero\User\Group\InviteEmail(); $group_inviteemails->set('email', $ie['email']); $group_inviteemails->set('gidNumber', $ie['gidNumber']); $group_inviteemails->set('token', $ie['token']); $group_inviteemails->save(); } // log invites Log::log(array('gidNumber' => $this->view->group->get('gidNumber'), 'action' => 'membership_invites_sent', 'comments' => array_merge($invitees, $inviteemails))); // Build the "from" info for e-mails $from = array('name' => Config::get('sitename') . ' ' . Lang::txt(strtoupper($this->_name)), 'email' => Config::get('mailfrom')); // Message subject $subject = Lang::txt('COM_GROUPS_INVITE_EMAIL_SUBJECT', $this->view->group->get('cn')); // Message body for HUB user $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'invite_plain')); $eview->option = $this->_option; $eview->sitename = Config::get('sitename'); $eview->user = User::getInstance(); $eview->group = $this->view->group; $eview->msg = $msg; $plain = $eview->loadTemplate(false); $plain = str_replace("\n", "\r\n", $plain); $eview->setLayout('invite'); $html = $eview->loadTemplate(); $html = str_replace("\n", "\r\n", $html); // build array of group invites to send $groupInvitees = array(); $activity = array(); foreach ($invitees as $invitee) { if ($profile = User::getInstance($invitee)) { $groupInvitees[$profile->get('email')] = $profile->get('name'); $activity[] = $profile->get('name') . '(' . $profile->get('email') . ')'; } } // only email regular invitees if we have any if (count($groupInvitees) > 0) { // create new message $message = new \Hubzero\Mail\Message(); // build message object and send $message->setSubject($subject)->addFrom($from['email'], $from['name'])->setTo($groupInvitees)->addHeader('X-Mailer', 'PHP/' . phpversion())->addHeader('X-Component', 'com_groups')->addHeader('X-Component-Object', 'group_invite')->addPart($plain, 'text/plain')->addPart($html, 'text/html')->send(); } // Log activity $url = Route::url('index.php?option=' . $this->_option . '&cn=' . $this->view->group->get('cn')); foreach ($invitees as $invitee) { Event::trigger('system.logActivity', ['activity' => ['action' => 'invited', 'scope' => 'group', 'scope_id' => $this->view->group->get('gidNumber'), 'description' => Lang::txt('COM_GROUPS_ACTIVITY_GROUP_USER_INVITED', '<a href="' . $url . '">' . $this->view->group->get('description') . '</a>'), 'details' => array('title' => $this->view->group->get('description'), 'url' => $url, 'cn' => $this->view->group->get('cn'), 'gidNumber' => $this->view->group->get('gidNumber'))], 'recipients' => array(['user', $invitee])]); } $recipients = array(['group', $this->view->group->get('gidNumber')], ['user', User::get('id')]); foreach ($this->view->group->get('managers') as $recipient) { $recipients[] = ['user', $recipient]; } Event::trigger('system.logActivity', ['activity' => ['action' => 'invited', 'scope' => 'group', 'scope_id' => $this->view->group->get('gidNumber'), 'description' => Lang::txt('COM_GROUPS_ACTIVITY_GROUP_USERS_INVITED', implode(', ', $activity), '<a href="' . $url . '">' . $this->view->group->get('description') . '</a>'), 'details' => array('title' => $this->view->group->get('description'), 'url' => $url, 'cn' => $this->view->group->get('cn'), 'gidNumber' => $this->view->group->get('gidNumber'))], 'recipients' => $recipients]); // send message to users invited via email foreach ($inviteemails as $mbr) { // Message body for HUB user $eview2 = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'inviteemail_plain')); $eview2->option = $this->_option; $eview2->sitename = Config::get('sitename'); $eview2->user = User::getInstance(); $eview2->group = $this->view->group; $eview2->msg = $msg; $eview2->token = $mbr['token']; $plain = $eview2->loadTemplate(false); $plain = str_replace("\n", "\r\n", $plain); $eview2->setLayout('inviteemail'); $html = $eview2->loadTemplate(); $html = str_replace("\n", "\r\n", $html); // create new message $message = new \Hubzero\Mail\Message(); // build message object and send $message->setSubject($subject)->addFrom($from['email'], $from['name'])->setTo(array($mbr['email']))->addHeader('X-Mailer', 'PHP/' . phpversion())->addHeader('X-Component', 'com_groups')->addHeader('X-Component-Object', 'group_inviteemail')->addPart($plain, 'text/plain')->addPart($html, 'text/html')->send(); } // Push all invitees together $all_invites = array_merge($invitees, $inviteemails); // Declare success/error message vars $success_message = ''; $error_message = ''; if (count($all_invites) > 0) { $success_message = Lang::txt('COM_GROUPS_INVITE_SUCCESS_MESSAGE'); foreach ($all_invites as $invite) { if (is_numeric($invite)) { $user = User::getInstance($invite); $success_message .= ' - ' . $user->get('name') . '<br />'; } else { $success_message .= ' - ' . $invite['email'] . '<br />'; } } } if (count($badentries) > 0) { $error_message = Lang::txt('COM_GROUPS_INVITE_ERROR_MESSAGE'); foreach ($badentries as $entry) { if (is_numeric($entry[0])) { $user = User::getInstance($entry[0]); if ($user->get('name') != '') { $error_message .= ' - ' . $user->get('name') . ' → ' . $entry[1] . '<br />'; } else { $error_message .= ' - ' . $entry[0] . ' → ' . $entry[1] . '<br />'; } } else { $error_message .= ' - ' . $entry[0] . ' → ' . $entry[1] . '<br />'; } } } // Push some notifications to the view $this->setNotification($success_message, 'passed'); $this->setNotification($error_message, 'error'); // Redirect back to view group App::redirect($url); }
/** * Check data * * @param string $task * @param integer $id * @return boolean */ public function check($task = 'create', $id = 0, $field_to_check = array()) { $sitename = Config::get('sitename'); if ($id == 0) { $id = User::get('id'); } $registration = $this->_registration; if ($task == 'proxy') { $task = 'proxycreate'; } $this->_missing = array(); $this->_invalid = array(); $registrationUsername = $this->registrationField('registrationUsername', 'RROO', $task); $registrationPassword = $this->registrationField('registrationPassword', 'RRHH', $task); $registrationConfirmPassword = $this->registrationField('registrationConfirmPassword', 'RRHH', $task); $registrationFullname = $this->registrationField('registrationFullname', 'RRRR', $task); $registrationEmail = $this->registrationField('registrationEmail', 'RRRR', $task); $registrationConfirmEmail = $this->registrationField('registrationConfirmEmail', 'RRRR', $task); $registrationOptIn = $this->registrationField('registrationOptIn', 'HHHH', $task); $registrationCAPTCHA = $this->registrationField('registrationCAPTCHA', 'HHHH', $task); $registrationTOU = $this->registrationField('registrationTOU', 'HHHH', $task); if ($task == 'update') { if (empty($registration['login'])) { $registrationUsername = REG_REQUIRED; } else { $registrationUsername = REG_READONLY; } $registrationPassword = REG_HIDE; $registrationConfirmPassword = REG_HIDE; if (empty($registration['email'])) { $registrationEmail = REG_REQUIRED; } } if ($task == 'edit') { $registrationUsername = REG_READONLY; $registrationPassword = REG_HIDE; $registrationConfirmPassword = REG_HIDE; } if (User::get('auth_link_id') && $task == 'create') { $registrationPassword = REG_HIDE; $registrationConfirmPassword = REG_HIDE; } $login = $registration['login']; $email = $registration['email']; $confirmEmail = $registration['confirmEmail']; if ($registrationUsername == REG_REQUIRED) { if (empty($login)) { $this->_missing['login'] = '******'; $this->_invalid['login'] = '******'; } } if ($registrationUsername != REG_HIDE) { $allowNumericFirstCharacter = $task == 'update' ? true : false; if (!empty($login) && !Helpers\Utility::validlogin($login, $allowNumericFirstCharacter)) { $this->_invalid['login'] = '******'; } } if (!empty($login) && ($task == 'create' || $task == 'proxycreate' || $task == 'update')) { $uid = User::getInstance($login)->get('id'); if ($uid && $uid != $id) { $this->_invalid['login'] = '******' . htmlentities($login) . '" already exists. Please try another.'; } if (\Hubzero\Utility\Validate::reserved('username', $login)) { $this->_invalid['login'] = '******' . htmlentities($login) . '" already exists. Please try another.'; } // system username check $puser = posix_getpwnam($login); if (!empty($puser) && $uid && $uid != $puser['uid']) { // log error and display error to user \Log::error('System username/userid does not match DB username/password for user: '******'login'] = '******'; } } if ($registrationPassword == REG_REQUIRED) { if (empty($registration['password'])) { $this->_missing['password'] = '******'; $this->_invalid['password'] = '******'; } } /* if ($registrationPassword != REG_HIDE) { if (!empty($registration['password'])) { $result = Helpers\Utility::valid_password($registration['password']); if ($result) $this->_invalid['password'] = $result; } } */ if ($registrationConfirmPassword == REG_REQUIRED) { if (empty($registration['confirmPassword'])) { $this->_missing['confirmPassword'] = '******'; $this->_invalid['confirmPassword'] = '******'; } } if ($registrationPassword != REG_HIDE && $registrationConfirmPassword != REG_HIDE) { if ($registration['password'] != $registration['confirmPassword']) { $this->_invalid['confirmPassword'] = '******'; } } if ($registrationPassword == REG_REQUIRED) { $score = $this->scorePassword($registration['password'], $registration['login']); if ($score < PASS_SCORE_MEDIOCRE) { $this->_invalid['password'] = '******'; } else { if ($score >= PASS_SCORE_MEDIOCRE && $score < PASS_SCORE_GOOD) { // Mediocre pass } else { if ($score >= PASS_SCORE_GOOD && $score < PASS_SCORE_STRONG) { // Good pass } else { if ($score >= PASS_SCORE_STRONG) { // Strong pass } } } } $rules = \Hubzero\Password\Rule::all()->whereEquals('enabled', 1)->rows(); $msg = \Hubzero\Password\Rule::verify($registration['password'], $rules, $login, $registration['name']); if (!empty($msg)) { $this->_invalid['password'] = $msg; } } if ($registrationFullname == REG_REQUIRED) { if (empty($registration['name'])) { $this->_missing['name'] = 'Full Name'; $this->_invalid['name'] = 'Please provide a name.'; } else { $bits = explode(' ', $registration['name']); $surname = null; $middleName = null; $givenName = null; if (count($bits) == 1) { $givenName = array_shift($bits); } else { $surname = array_pop($bits); if (count($bits) >= 1) { $givenName = array_shift($bits); } if (count($bits) >= 1) { $middleName = implode(' ', $bits); } } if (!$givenName || !$surname) { $this->_missing['name'] = 'Full Name'; $this->_invalid['name'] = 'Please provide a name.'; } } } if ($registrationFullname != REG_HIDE) { if (!empty($registration['name']) && !Helpers\Utility::validname($registration['name'])) { $this->_invalid['name'] = 'Invalid name. You may be using characters that are not allowed.'; } } if ($registrationEmail == REG_REQUIRED) { if (empty($email)) { $this->_missing['email'] = 'Valid Email'; $this->_invalid['email'] = 'Please provide a valid e-mail address.'; } } if ($registrationEmail != REG_HIDE) { if (empty($email)) { $this->_missing['email'] = 'Valid Email'; } elseif (!Helpers\Utility::validemail($email)) { $this->_invalid['email'] = 'Invalid email address. Please correct and try again.'; } else { $usersConfig = \Component::params('com_users'); $allow_duplicate_emails = $usersConfig->get('allow_duplicate_emails'); // Check if the email is already in use $row = \Hubzero\User\User::all()->whereEquals('email', $email)->where('id', '!=', (int) $id)->row(); $xid = intval($row->get('id')); // 0 = not allowed // 1 = allowed (i.e. no check needed) // 2 = only existing accounts (grandfathered) if ($xid && ($allow_duplicate_emails == 0 || $allow_duplicate_emails == 2)) { if ($allow_duplicate_emails == 0) { $this->_invalid['email'] = 'An existing account is already using this e-mail address.'; } else { if ($allow_duplicate_emails == 2) { // If duplicates are only allowed in grandfathered accounts, // then new accounts shouldn't be created with the same email. if ($task == 'create' || $task == 'proxycreate') { $this->_invalid['email'] = 'An existing account is already using this e-mail address.'; } else { // We also need to catch existing users who might try to change their // email to an existing email address on the hub. For that, we need to // check and see if their email address is changing with this save. $row = \Hubzero\User\User::oneOrNew((int) $id); $currentEmail = $row->get('email'); if ($currentEmail != $email) { $this->_invalid['email'] = 'An existing account is already using this e-mail address.'; } } } } } } } if ($registrationConfirmEmail == REG_REQUIRED) { if (empty($confirmEmail) && empty($this->_invalid['email'])) { $this->_missing['confirmEmail'] = 'Valid Email Confirmation'; $this->_invalid['confirmEmail'] = 'Please provide a valid e-mail address again.'; } } if ($registrationConfirmEmail != REG_HIDE) { if ($email != $confirmEmail) { if (empty($this->_invalid['email'])) { $this->_invalid['confirmEmail'] = 'Email addresses do not match. Please correct and try again.'; $this->_invalid['email'] = 'Email addresses do not match. Please correct and try again.'; } } } if ($registrationOptIn == REG_REQUIRED) { if (is_null($registration['sendEmail']) || intval($registration['sendEmail']) < 0) { $this->_missing['sendEmail'] = 'Receive Email Updates'; $this->_invalid['sendEmail'] = 'Receive Email Updates has not been selected'; } } if ($registrationCAPTCHA == REG_REQUIRED) { $botcheck = Request::getVar('botcheck', ''); if ($botcheck) { $this->_invalid['captcha'] = 'Error: Invalid CAPTCHA response.'; } $validcaptchas = Event::trigger('captcha.onCheckAnswer'); if (count($validcaptchas) > 0) { foreach ($validcaptchas as $validcaptcha) { if (!$validcaptcha) { $this->_invalid['captcha'] = 'Error: Invalid CAPTCHA response.'; } } } } if ($registrationTOU == REG_REQUIRED) { if (empty($registration['usageAgreement'])) { $this->_missing['usageAgreement'] = 'Usage Agreement'; $this->_invalid['usageAgreement'] = 'Registration requires acceptance of the usage agreement'; } } /* Everything below is currently done elsewhere @TODO Move code to here or refactor? if ($registrationAddress == REG_REQUIRED) { if (count($registration['address']) == 0) { $this->_missing['address'] = 'Member Address'; $this->_invalid['address'] = 'Member Address'; } } // Load all fields not hidden $fields = Field::all() ->including(['options', function ($option){ $option ->select('*') ->ordered(); }]) ->where('action_' . $task, '!=', Field::STATE_HIDDEN) ->ordered() ->rows(); if (!isset($registration['_profile'])) { $registration['_profile'] = array(); } // Find missing required fields foreach ($fields as $field) { if ($field->get('type') != 'hidden') { if (!isset($registration['_profile'][$field->get('name')])) { continue; } $value = $registration['_profile'][$field->get('name')]; if (empty($value) && $field->get('action_' . $task) == Field::STATE_REQUIRED) { $this->_missing[$field->get('name')] = $field->get('label'); } } } // Validate input $form = new \Hubzero\Form\Form('profile', array('control' => 'profile')); $form->load(Field::toXml($fields, $action)); $form->bind(new \Hubzero\Config\Registry($registration['_profile'])); if (!$form->validate($registration['_profile'])) { foreach ($form->getErrors() as $error) { $this->_invalid[] = $error; } }*/ // Filter out fields if (!empty($field_to_check)) { if ($this->_missing) { foreach ($this->_missing as $k => $v) { if (!in_array($k, $field_to_check)) { unset($this->_missing[$k]); } } } if ($this->_invalid) { foreach ($this->_invalid as $k => $v) { if (!in_array($k, $field_to_check)) { unset($this->_invalid[$k]); } } } } if (empty($this->_missing) && empty($this->_invalid)) { return true; } return false; }
/** * Short description for 'check' * * Long description (if any) ... * * @param string $task Parameter description (if any) ... * @param integer $id Parameter description (if any) ... * @return boolean Return description (if any) ... */ public function check($task = 'create', $id = 0, $field_to_check = array()) { $sitename = Config::get('sitename'); if ($id == 0) { $id = User::get('id'); } $registration = $this->_registration; if ($task == 'proxy') { $task = 'proxycreate'; } $this->_missing = array(); $_invalid = array(); $registrationUsername = $this->registrationField('registrationUsername', 'RROO', $task); $registrationPassword = $this->registrationField('registrationPassword', 'RRHH', $task); $registrationConfirmPassword = $this->registrationField('registrationConfirmPassword', 'RRHH', $task); $registrationFullname = $this->registrationField('registrationFullname', 'RRRR', $task); $registrationEmail = $this->registrationField('registrationEmail', 'RRRR', $task); $registrationConfirmEmail = $this->registrationField('registrationConfirmEmail', 'RRRR', $task); $registrationURL = $this->registrationField('registrationURL', 'HHHH', $task); $registrationPhone = $this->registrationField('registrationPhone', 'HHHH', $task); $registrationEmployment = $this->registrationField('registrationEmployment', 'HHHH', $task); $registrationOrganization = $this->registrationField('registrationOrganization', 'HHHH', $task); $registrationCitizenship = $this->registrationField('registrationCitizenship', 'HHHH', $task); $registrationResidency = $this->registrationField('registrationResidency', 'HHHH', $task); $registrationSex = $this->registrationField('registrationSex', 'HHHH', $task); $registrationDisability = $this->registrationField('registrationDisability', 'HHHH', $task); $registrationHispanic = $this->registrationField('registrationHispanic', 'HHHH', $task); $registrationRace = $this->registrationField('registrationRace', 'HHHH', $task); $registrationInterests = $this->registrationField('registrationInterests', 'HHHH', $task); $registrationReason = $this->registrationField('registrationReason', 'HHHH', $task); $registrationOptIn = $this->registrationField('registrationOptIn', 'HHHH', $task); $registrationCAPTCHA = $this->registrationField('registrationCAPTCHA', 'HHHH', $task); $registrationTOU = $this->registrationField('registrationTOU', 'HHHH', $task); $registrationAddress = $this->registrationField('registrationAddress', 'OOOO', $task); $registrationORCID = $this->registrationField('registrationORCID', 'HHHO', $task); if ($task == 'update') { if (empty($registration['login'])) { $registrationUsername = REG_REQUIRED; } else { $registrationUsername = REG_READONLY; } $registrationPassword = REG_HIDE; $registrationConfirmPassword = REG_HIDE; if (empty($registration['email'])) { $registrationEmail = REG_REQUIRED; } } if ($task == 'edit') { $registrationUsername = REG_READONLY; $registrationPassword = REG_HIDE; $registrationConfirmPassword = REG_HIDE; } if (User::get('auth_link_id') && $task == 'create') { $registrationPassword = REG_HIDE; $registrationConfirmPassword = REG_HIDE; } $login = $registration['login']; $email = $registration['email']; $confirmEmail = $registration['confirmEmail']; if ($registrationUsername == REG_REQUIRED) { if (empty($login)) { $this->_missing['login'] = '******'; $this->_invalid['login'] = '******'; } } if ($registrationUsername != REG_HIDE) { $allowNumericFirstCharacter = $task == 'update' ? true : false; if (!empty($login) && !Helpers\Utility::validlogin($login, $allowNumericFirstCharacter)) { $this->_invalid['login'] = '******'; } } if (!empty($login) && ($task == 'create' || $task == 'proxycreate' || $task == 'update')) { jimport('joomla.user.helper'); $uid = \JUserHelper::getUserId($login); if ($uid && $uid != $id) { $this->_invalid['login'] = '******' . htmlentities($login) . '" already exists. Please try another.'; } if (\Hubzero\Utility\Validate::reserved('username', $login)) { $this->_invalid['login'] = '******' . htmlentities($login) . '" already exists. Please try another.'; } // system username check $puser = posix_getpwnam($login); if (!empty($puser) && $uid && $uid != $puser['uid']) { // log error and display error to user \Log::error('System username/userid does not match DB username/password for user: '******'login'] = '******'; } } if ($registrationPassword == REG_REQUIRED) { if (empty($registration['password'])) { $this->_missing['password'] = '******'; $this->_invalid['password'] = '******'; } } /* if ($registrationPassword != REG_HIDE) { if (!empty($registration['password'])) { $result = Helpers\Utility::valid_password($registration['password']); if ($result) $this->_invalid['password'] = $result; } } */ if ($registrationConfirmPassword == REG_REQUIRED) { if (empty($registration['confirmPassword'])) { $this->_missing['confirmPassword'] = '******'; $this->_invalid['confirmPassword'] = '******'; } } if ($registrationPassword != REG_HIDE && $registrationConfirmPassword != REG_HIDE) { if ($registration['password'] != $registration['confirmPassword']) { $this->_invalid['confirmPassword'] = '******'; } } if ($registrationPassword == REG_REQUIRED) { $score = $this->scorePassword($registration['password'], $registration['login']); if ($score < PASS_SCORE_MEDIOCRE) { $this->_invalid['password'] = '******'; } else { if ($score >= PASS_SCORE_MEDIOCRE && $score < PASS_SCORE_GOOD) { // Mediocre pass } else { if ($score >= PASS_SCORE_GOOD && $score < PASS_SCORE_STRONG) { // Good pass } else { if ($score >= PASS_SCORE_STRONG) { // Strong pass } } } } $rules = \Hubzero\Password\Rule::getRules(); $msg = \Hubzero\Password\Rule::validate($registration['password'], $rules, $login, $registration['name']); if (!empty($msg)) { $this->_invalid['password'] = $msg; } } if ($registrationFullname == REG_REQUIRED) { if (empty($registration['name'])) { $this->_missing['name'] = 'Full Name'; $this->_invalid['name'] = 'Please provide a name.'; } else { $bits = explode(' ', $registration['name']); $surname = null; $middleName = null; $givenName = null; if (count($bits) == 1) { $givenName = array_shift($bits); } else { $surname = array_pop($bits); if (count($bits) >= 1) { $givenName = array_shift($bits); } if (count($bits) >= 1) { $middleName = implode(' ', $bits); } } if (!$givenName) { $this->_missing['name'] = 'Full Name'; $this->_invalid['name'] = 'Please provide a name.'; } } } if ($registrationFullname != REG_HIDE) { if (!empty($registration['name']) && !Helpers\Utility::validname($registration['name'])) { $this->_invalid['name'] = 'Invalid name. You may be using characters that are not allowed.'; } } if ($registrationEmail == REG_REQUIRED) { if (empty($email)) { $this->_missing['email'] = 'Valid Email'; $this->_invalid['email'] = 'Please provide a valid e-mail address.'; } } if ($registrationEmail != REG_HIDE) { if (empty($email)) { $this->_missing['email'] = 'Valid Email'; } elseif (!Helpers\Utility::validemail($email)) { $this->_invalid['email'] = 'Invalid email address. Please correct and try again.'; } else { $usersConfig = \Component::params('com_users'); $allow_duplicate_emails = $usersConfig->get('allow_duplicate_emails'); // Check if the email is already in use $db = \App::get('db'); $query = "SELECT `id` FROM `#__users` WHERE `email` = " . $db->quote($email) . " AND `id` != " . (int) $id; $db->setQuery($query); $xid = intval($db->loadResult()); // 0 = not allowed // 1 = allowed (i.e. no check needed) // 2 = only existing accounts (grandfathered) if ($xid && ($allow_duplicate_emails == 0 || $allow_duplicate_emails == 2)) { if ($allow_duplicate_emails == 0) { $this->_invalid['email'] = 'An existing account is already using this e-mail address.'; } else { if ($allow_duplicate_emails == 2) { // If duplicates are only allowed in grandfathered accounts, // then new accounts shouldn't be created with the same email. if ($task == 'create' || $task == 'proxycreate') { $this->_invalid['email'] = 'An existing account is already using this e-mail address.'; } else { // We also need to catch existing users who might try to change their // email to an existing email address on the hub. For that, we need to // check and see if their email address is changing with this save. $db = \App::get('db'); $query = "SELECT `email` FROM `#__users` WHERE `id` = " . (int) $id; $db->setQuery($query); $currentEmail = $db->loadResult(); if ($currentEmail != $email) { $this->_invalid['email'] = 'An existing account is already using this e-mail address.'; } } } } } } } if ($registrationConfirmEmail == REG_REQUIRED) { if (empty($confirmEmail) && empty($this->_invalid['email'])) { $this->_missing['confirmEmail'] = 'Valid Email Confirmation'; $this->_invalid['confirmEmail'] = 'Please provide a valid e-mail address again.'; } } if ($registrationConfirmEmail != REG_HIDE) { if ($email != $confirmEmail) { if (empty($this->_invalid['email'])) { $this->_invalid['confirmEmail'] = 'Email addresses do not match. Please correct and try again.'; $this->_invalid['email'] = 'Email addresses do not match. Please correct and try again.'; } } } if ($registrationURL == REG_REQUIRED) { if (empty($registration['web'])) { $this->_missing['web'] = 'Personal Web Page'; $this->_invalid['web'] = 'Please provide a valid website URL'; } } if ($registrationURL != REG_HIDE) { $registration['web'] = trim($registration['web']); if (!empty($registration['web']) && (strstr($registration['web'], ' ') || !Helpers\Utility::validurl($registration['web']))) { $this->_invalid['web'] = 'Invalid web site URL. You may be using characters that are not allowed.'; } } if ($registrationORCID == REG_REQUIRED) { if (empty($registration['orcid'])) { $this->_missing['orcid'] = 'ORCID'; $this->_invalid['orcid'] = 'Please provide a valid ORCID'; } } if ($registrationORCID != REG_HIDE) { if (!empty($registration['orcid']) && !Helpers\Utility::validorcid($registration['orcid'])) { $this->_invalid['orcid'] = 'Invalid ORCID. It should be in the form of XXXX-XXXX-XXXX-XXXX.'; } } if ($registrationPhone == REG_REQUIRED) { if (empty($registration['phone'])) { $this->_missing['phone'] = 'Phone Number'; $this->_invalid['phone'] = 'Please provide a valid phone number'; } } if ($registrationPhone != REG_HIDE) { if (!empty($registration['phone']) && !Helpers\Utility::validphone($registration['phone'])) { $this->_invalid['phone'] = 'Invalid phone number. You may be using characters that are not allowed.'; } } if ($registrationEmployment == REG_REQUIRED) { if (empty($registration['orgtype'])) { $this->_missing['orgtype'] = 'Employment Type'; $this->_invalid['orgtype'] = 'Please make an employment type selection'; } } /* if ($registrationEmployment != REG_HIDE) if (empty($registration['orgtype'])) { //if (!Helpers\Utility::validateOrgType($registration['orgtype']) ) $this->_invalid['orgtype'] = 'Invalid employment status. Please make a new selection.'; } */ if ($registrationOrganization == REG_REQUIRED) { if (empty($registration['org']) && empty($registration['orgtext'])) { $this->_missing['org'] = 'Organization'; $this->_invalid['org'] = 'Invalid affiliation'; } } if ($registrationOrganization != REG_HIDE) { if (!empty($registration['org']) && !Helpers\Utility::validtext($registration['org'])) { $this->_invalid['org'] = 'Invalid affiliation. You may be using characters that are not allowed.'; } elseif (!empty($registration['orgtext']) && !Helpers\Utility::validtext($registration['orgtext'])) { $this->_invalid['org'] = 'Invalid affiliation. You may be using characters that are not allowed.'; } } if ($registrationCitizenship == REG_REQUIRED) { if (empty($registration['countryorigin'])) { $this->_missing['countryorigin'] = 'Country of Citizenship / Permanent Residence'; $this->_invalid['countryorigin'] = 'Invalid country of origin.'; } } if ($registrationCitizenship != REG_HIDE) { if (!empty($registration['countryorigin']) && !Helpers\Utility::validtext($registration['countryorigin'])) { $this->_invalid['countryorigin'] = 'Invalid country of origin. You may be using characters that are not allowed.'; } } if ($registrationResidency == REG_REQUIRED) { if (empty($registration['countryresident'])) { $this->_missing['countryresident'] = 'Country of Current Residence'; $this->_invalid['countryresident'] = 'Invalid country of residency'; } } if ($registrationResidency != REG_HIDE) { if (!empty($registration['countryresident']) && !Helpers\Utility::validtext($registration['countryresident'])) { $this->_invalid['countryresident'] = 'Invalid country of residency. You may be using characters that are not allowed.'; } } if ($registrationSex == REG_REQUIRED) { if (empty($registration['sex'])) { $this->_missing['sex'] = 'Gender'; $this->_invalid['sex'] = 'Please select gender.'; } } if ($registrationSex != REG_HIDE) { if (!empty($registration['sex']) && !Helpers\Utility::validtext($registration['sex'])) { $this->_invalid['sex'] = 'Invalid gender selection.'; } } if ($registrationDisability == REG_REQUIRED) { if (empty($registration['disability'])) { $this->_missing['disability'] = 'Disability Information'; $this->_invalid['disability'] = 'Please indicate any disabilities you may have.'; } } if ($registrationDisability != REG_HIDE) { if (!empty($registration['disability']) && in_array('yes', $registration['disability'])) { $this->_invalid['disability'] = 'Invalid disability selection.'; } } if ($registrationHispanic == REG_REQUIRED) { if (empty($registration['hispanic'])) { $this->_missing['hispanic'] = 'Hispanic Ethnic Heritage'; $this->_invalid['hispanic'] = 'Please make a selection or choose not to reveal.'; } } /* if ($registrationHispanic != REG_HIDE) { if (empty($registration['hispanic'])) { $this->_invalid['hispanic'] = 'Invalid hispanic heritage selection.'; } } */ if ($registrationRace == REG_REQUIRED) { if ($task == 'edit') { $corigin_incoming = in_array('countryorigin', $field_to_check) ? true : false; $profile = \Hubzero\User\Profile::getInstance(User::get('id')); } else { $corigin_incoming = true; } if (empty($registration['race']) && ($corigin_incoming && strtolower($registration['countryorigin']) == 'us' || !$corigin_incoming && isset($profile) && strtolower($profile->get('countryorigin')) == 'us')) { $this->_missing['race'] = 'Racial Background'; $this->_invalid['race'] = 'Please make a selection or choose not to reveal.'; } } /* if ($registrationRace != REG_HIDE) { if (!empty($registration['race']) || !Helpers\Utility::validtext($registration['race'])) { $this->_invalid['race'] = 'Invalid racial selection.'; } } */ if ($registrationInterests == REG_REQUIRED) { if (empty($registration['interests']) || $registration['interests'] == '') { $this->_missing['interests'] = 'Interests'; $this->_invalid['interests'] = 'Please select materials your are interested in'; } } /* if ($registrationInterests != REG_HIDE) { if (!empty($registration['edulevel']) && !Helpers\Utility::validtext($registration['edulevel'])) $this->_invalid['interests'] = 'Invalid interest selection.'; if (!empty($registration['role']) && !Helpers\Utility::validtext($registration['role'])) $this->_invalid['interests'] = 'Invalid interest selection.'; } */ if ($registrationReason == REG_REQUIRED) { if (empty($registration['reason']) && empty($registration['reasontxt'])) { $this->_missing['reason'] = 'Reason for registering'; $this->_invalid['reason'] = 'Reason for registering'; } } if ($registrationReason != REG_HIDE) { if (!empty($registration['reason']) && !Helpers\Utility::validtext($registration['reason'])) { $this->_invalid['reason'] = 'Invalid reason text. You may be using characters that are not allowed.'; } if (!empty($registration['reasontxt']) && !Helpers\Utility::validtext($registration['reasontxt'])) { $this->_invalid['reason'] = 'Invalid reason text. You may be using characters that are not allowed.'; } } if ($registrationOptIn == REG_REQUIRED) { if (is_null($registration['mailPreferenceOption']) || intval($registration['mailPreferenceOption']) < 0) { $this->_missing['mailPreferenceOption'] = 'Receive Email Updates'; $this->_invalid['mailPreferenceOption'] = 'Receive Email Updates has not been selected'; } } if ($registrationCAPTCHA == REG_REQUIRED) { $botcheck = Request::getVar('botcheck', ''); if ($botcheck) { $this->_invalid['captcha'] = 'Error: Invalid CAPTCHA response.'; } $validcaptchas = Event::trigger('hubzero.onValidateCaptcha'); if (count($validcaptchas) > 0) { foreach ($validcaptchas as $validcaptcha) { if (!$validcaptcha) { $this->_invalid['captcha'] = 'Error: Invalid CAPTCHA response.'; } } } } if ($registrationTOU == REG_REQUIRED) { if (empty($registration['usageAgreement'])) { $this->_missing['usageAgreement'] = 'Usage Agreement'; $this->_invalid['usageAgreement'] = 'Registration requires acceptance of the usage agreement'; } } /* if ($registrationTOU != REG_HIDE) if (!empty($registration['usageAgreement'])) $this->_invalid['usageAgreement'] = 'Usage Agreement has not been Read and Accepted'; */ if ($registrationAddress == REG_REQUIRED) { if (count($registration['address']) == 0) { $this->_missing['address'] = 'Member Address'; $this->_invalid['address'] = 'Member Address'; } } if (!empty($field_to_check)) { if ($this->_missing) { foreach ($this->_missing as $k => $v) { if (!in_array($k, $field_to_check)) { unset($this->_missing[$k]); } } } if ($this->_invalid) { foreach ($this->_invalid as $k => $v) { if (!in_array($k, $field_to_check)) { unset($this->_invalid[$k]); } } } } if (empty($this->_missing) && empty($this->_invalid)) { return true; } return false; }
/** * Change registered email * * @return void */ public function changeTask() { // Set the pathway $this->_buildPathway(); // Set the page title $this->_buildTitle(); // Check if the user is logged in if (User::isGuest()) { $return = base64_encode(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller . '&task=' . $this->_task, false, true)); App::redirect(Route::url('index.php?option=com_users&view=login&return=' . $return, false), Lang::txt('COM_MEMBERS_REGISTER_ERROR_LOGIN_TO_UPDATE'), 'warning'); return; } $xprofile = \Hubzero\User\Profile::getInstance(User::get('id')); $login = $xprofile->get('username'); $email = $xprofile->get('email'); $email_confirmed = $xprofile->get('emailConfirmed'); // Instantiate a new view $this->view->title = Lang::txt('COM_MEMBERS_REGISTER_CHANGE'); $this->view->login = $login; $this->view->email = $email; $this->view->email_confirmed = $email_confirmed; $this->view->success = false; // Incoming $return = urldecode(Request::getVar('return', '/')); $this->view->return = $return; // Check if a new email was submitted $pemail = Request::getVar('email', '', 'post'); $update = Request::getVar('update', '', 'post'); if ($update) { if (!$pemail) { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_INVALID_EMAIL')); } if ($pemail && \Components\Members\Helpers\Utility::validemail($pemail)) { // Check if the email address was actually changed if ($pemail == $email) { // Addresses are the same! Redirect App::redirect($return, '', 'message', true); } else { // New email submitted - attempt to save it $xprofile = \Hubzero\User\Profile::getInstance($login); if ($xprofile) { $dtmodify = Date::toSql(); $xprofile->set('email', $pemail); $xprofile->set('modifiedDate', $dtmodify); if ($xprofile->update()) { $user = User::getInstance($login); $user->set('email', $pemail); $user->save(); } else { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_UPDATING_ACCOUNT')); } } else { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_UPDATING_ACCOUNT')); } // Any errors returned? if (!$this->getError()) { // No errors // Attempt to send a new confirmation code $confirm = \Components\Members\Helpers\Utility::genemailconfirm(); $xprofile = new \Hubzero\User\Profile(); $xprofile->load($login); $xprofile->set('emailConfirmed', $confirm); $xprofile->update(); $subject = Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_CONFIRMATION'); $eview = new \Hubzero\Mail\View(array('name' => 'emails', 'layout' => 'confirm')); $eview->option = $this->_option; $eview->controller = $this->_controller; $eview->sitename = Config::get('sitename'); $eview->login = $login; $eview->name = $xprofile->get('name'); $eview->registerDate = $xprofile->get('registerDate'); $eview->baseURL = $this->baseURL; $eview->confirm = $confirm; $msg = new \Hubzero\Mail\Message(); $msg->setSubject($subject)->addTo($pemail)->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' Administrator')->addHeader('X-Component', $this->_option); $message = $eview->loadTemplate(false); $message = str_replace("\n", "\r\n", $message); $msg->addPart($message, 'text/plain'); $eview->setLayout('confirm_html'); $message = $eview->loadTemplate(); $message = str_replace("\n", "\r\n", $message); $msg->addPart($message, 'text/html'); if (!$msg->send()) { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_EMAILING_CONFIRMATION', $pemail)); } // Show the success form $this->view->success = true; } } } else { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_INVALID_EMAIL')); } } // Output the view if ($this->getError()) { $this->view->email = $pemail; $this->view->setError($this->getError()); } $this->view->display(); }
?> " by <a href="<?php echo Route::url('index.php?option=' . $this->option . '&controller=' . $this->controller . '&task=resend&return=' . $this->return); ?> ">clicking here</a>.</p> </div> <?php } ?> <fieldset> <h3><?php echo Lang::txt('Correct Email Address'); ?> </h3> <label<?php if (!$this->email || !\Components\Members\Helpers\Utility::validemail($this->email)) { echo ' class="fieldWithErrors"'; } ?> > <?php echo Lang::txt('Valid E-mail:'); ?> <input name="email" id="email" type="text" size="51" value="<?php echo $this->escape($this->email); ?> " /> </label> </fieldset> <div class="clear"></div>
// get all sessions $sessions = Hubzero\Session\Helper::getAllSessions(array('guest' => 0, 'distinct' => 1)); // Loop through the results $html = ''; if ($this->limit == 0) { $this->limit = 500; } for ($i = 0, $n = $this->limit; $i < $n; $i++) { $cls = ''; $inviteemail = false; if ($i + $this->start >= count($this->groupusers)) { break; } $guser = $this->groupusers[$i + $this->start]; $u = User::getInstance($guser); if (\Components\Members\Helpers\Utility::validemail($guser)) { $inviteemail = true; $pic = rtrim(Request::base(true), '/') . '/core/components/com_groups/site/assets/img/emailthumb.png'; } else { if (!is_object($u)) { continue; } else { $pic = $u->picture(0); } } switch ($this->filter) { case 'invitees': $status = Lang::txt('PLG_GROUPS_MEMBERS_STATUS_INVITEE'); break; case 'pending': $status = Lang::txt('PLG_GROUPS_MEMBERS_STATUS_PENDING');
/** * Cancel membership of one or more users * * @return void */ private function confirmcancel() { if ($this->authorized != 'manager' && $this->authorized != 'admin') { return false; } if ($this->membership_control == 0) { return false; } $database = App::get('db'); // An array for the users we're going to deny $users = array(); $user_emails = array(); // Incoming array of users to demote $mbrs = Request::getVar('users', array(), 'post'); // Set a flag for emailing any changes made $admchange = ''; require_once PATH_CORE . DS . 'components' . DS . 'com_members' . DS . 'helpers' . DS . 'utility.php'; foreach ($mbrs as $mbr) { //if an email address if (\Components\Members\Helpers\Utility::validemail($mbr)) { $user_emails[] = $mbr; $this->notifyEmailInvitedUser($mbr); } else { // Retrieve user's account info $targetuser = User::getInstance($mbr); // Ensure we found an account if (is_object($targetuser) && $targetuser->get('id')) { $admchange .= "\t\t" . $targetuser->get('name') . "\r\n"; $admchange .= "\t\t" . $targetuser->get('username') . ' (' . $targetuser->get('email') . ')'; $admchange .= count($mbrs) > 1 ? "\r\n" : ''; // Add them to the array of users to cancel invitations $users[] = $targetuser->get('id'); // Log activity $recipients = array(['group', $this->group->get('gidNumber')], ['user', $targetuser->get('id')]); foreach ($this->group->get('managers') as $recipient) { $recipients[] = ['user', $recipient]; } Event::trigger('system.logActivity', ['activity' => ['action' => 'denied', 'scope' => 'group.membership', 'scope_id' => $this->group->get('gidNumber'), 'description' => Lang::txt('PLG_GROUPS_MEMBERS_ACTIVITY_CANCELLED', '<a href="' . Route::url('index.php?option=com_members&id=' . $targetuser->get('id')) . '">' . $targetuser->get('name') . '</a>', '<a href="' . Route::url('index.php?option=com_groups&cn=' . $this->group->get('cn')) . '">' . $this->group->get('description') . '</a>'), 'details' => array('user_id' => $targetuser->get('id'), 'group_id' => $this->group->get('gidNumber'))], 'recipients' => $recipients]); // E-mail the user, letting them know the invitation has been cancelled $this->notifyUser($targetuser); } else { $this->setError(Lang::txt('PLG_GROUPS_MESSAGES_ERROR_USER_NOTFOUND') . ' ' . $mbr); } } } // Remove users from managers list $this->group->remove('invitees', $users); // Save changes $this->group->update(); //delete any email invited users $db = App::get('db'); foreach ($user_emails as $ue) { $sql = "DELETE FROM `#__xgroups_inviteemails` WHERE email=" . $db->Quote($ue); $db->setQuery($sql); $db->query(); } // log invites \Components\Groups\Models\Log::log(array('gidNumber' => $this->group->get('gidNumber'), 'action' => 'membership_invite_cancelled', 'comments' => array_merge($users, $user_emails))); App::redirect(Route::url('index.php?option=com_groups&cn=' . $this->group->get('cn') . '&active=members&filter=invitees'), '', '', true); }