public function getTestUser()
{
$user = new User();
$user->setDisplayName("John Doe");
$user->setUsername("testuser");
return $user;
}
private function validateInput(User $user, $password1, $password2, UserRepository $userRepo, Text $text)
{
$valid = true;
if (!Validate::username($user->getUsername())) {
$valid = false;
$text->addError($text->t("users.the_username") . " " . Validate::getLastError($text));
}
if (!Validate::displayName($user->getDisplayName())) {
$valid = false;
$text->addError($text->t("users.the_display_name") . " " . Validate::getLastError($text));
}
if (!Validate::password($password1, $password2)) {
$valid = false;
$text->addError($text->t("users.the_password") . " " . Validate::getLastError($text));
}
if (!Validate::email($user->getEmail())) {
$valid = false;
$text->addError($text->t("users.the_email") . " " . Validate::getLastError($text));
}
if ($userRepo->isUsernameInUse($user->getUsername())) {
// User with that name already exists
$valid = false;
$text->addError($text->tReplaced("errors.already_in_use_on_this_site", $text->t("users.the_username")));
}
if (!empty($user->getEmail()) && $userRepo->isEmailInUse($user->getEmail())) {
// User with that email already exists
$valid = false;
$text->addError($text->tReplaced("errors.already_in_use_on_this_site", $text->t("users.the_email")));
}
return $valid;
}
private function getTestUser()
{
$user = new User();
$user->setDisplayName("John Doe");
$user->setUsername("testuser");
// Make user look like existing user by setting a primary key
$user->setField(new Field(Field::TYPE_PRIMARY_KEY, "id", "foo"), 10);
return $user;
}
/** Returns the HTML of the comments of the user, including the header */
public function get_comments_html(Website $website)
{
$oComments = new CommentRepository($website->getDatabase());
$comments = $oComments->getCommentsUser($this->user->getId());
$returnValue = '<h3 class="notable">' . $website->t("comments.comments") . "</h3>\n";
if (count($comments) > 0) {
$commentsTemplate = new CommentsTreeTemplate($website->getText(), $comments, true, $this->user);
$returnValue .= $commentsTemplate->getText();
} else {
$returnValue .= "<p><em>" . $website->t("comments.no_comments_found_user") . "</em></p>";
}
return $returnValue;
}
private function validateInput(User $user, $password, Authentication $auth, UserRepository $userRepo, Text $text)
{
$valid = true;
if (!Validate::username($user->getUsername())) {
$valid = false;
$text->addError($text->t("users.the_username") . " " . Validate::getLastError($text));
}
if (!Validate::displayName($user->getDisplayName())) {
$valid = false;
$text->addError($text->t("users.the_display_name") . " " . Validate::getLastError($text));
}
if (!Validate::password($password, $password)) {
$valid = false;
$text->addError($text->t("users.the_password") . " " . Validate::getLastError($text));
}
if (!Validate::email($user->getEmail())) {
$valid = false;
$text->addError($text->t("users.the_email") . " " . Validate::getLastError($text));
}
if ($userRepo->isUsernameInUse($user->getUsername())) {
// User with that name already exists
$valid = false;
$text->addError($text->tReplaced("errors.already_in_use_on_this_site", $text->t("users.the_username")));
}
if (!empty($user->getEmail()) && $userRepo->isEmailInUse($user->getEmail())) {
// User with that email already exists
$valid = false;
$text->addError($text->tReplaced("errors.already_in_use_on_this_site", $text->t("users.the_email")));
}
if (!$auth->isValidRankForAccounts($user->getRank())) {
// Invlaid rank
$valid = false;
$text->addError($text->t("users.the_rank") . " " . $text->t("errors.is_invalid"));
}
return $valid;
}
protected function getSingleComment(Comment $comment)
{
$text = $this->text;
$id = $comment->getId();
$author = htmlSpecialChars($comment->getUserDisplayName());
$postDate = "";
if ($comment->getDateCreated() !== null) {
$postDate = strFTime('%a %d %b %Y %X', $comment->getDateCreated()->getTimestamp());
}
$body = nl2br(htmlSpecialChars($comment->getBodyRaw()));
$avatarUrl = User::getAvatarUrlFromEmail($comment->getUserEmail(), 40);
// Add link and rank to author when linked to account
if ($comment->getUserId() > 0) {
$author = '<a href="' . $text->e($text->getUrlPage("account", $comment->getUserId())) . '">' . $author . '</a>';
}
// Edit and delete links
$actionLinksHtml = $this->getActionLinks($comment);
// Reply and context links
if ($this->viewedOutOfContext) {
$replyOrContextLink = <<<EOT
<a class="arrow" href="{$text->e($comment->getUrl($text))}">
{$text->t("comments.view_context")}
</a>
EOT;
} else {
// No child comments possible yet
$replyOrContextLink = "";
}
$output = <<<COMMENT
<article class="comment" id="comment_{$id}">
<header>
<img src="{$avatarUrl}" alt="" />
<h3 class="comment_title">{$author}</h3>
<p class="comment_actions">
{$actionLinksHtml}
</p>
<p class="comment_date">{$postDate}</p>
</header>
<p class="comment_body">{$body}</p>
<footer>
<p>{$replyOrContextLink}</p>
</footer>
</article>
COMMENT;
return $output;
}
/**
* Creates a new user with the given username, display name and password.
* @param string $username The username.
* @param string $displayName The display name.
* @param string $password The password (plaintext).
* @return User The newly created user. Needs to be saved to a
* {@link UserRepository}.
*/
public static function createNewUser($username, $displayName, $password)
{
$user = new User();
$user->setUsername($username);
$user->setDisplayName($displayName);
$user->setPassword($password);
$user->rank = Authentication::RANK_USER;
$now = new DateTime();
$user->setLastLogin($now);
$user->joined = $now;
return $user;
}
/**
* Creates a new comment for the given user. This method will succeed even
* if the given article doesn't allow comments.
* @param User $user The author of the comment.
* @param Article $article The article that is commented on.
* @param string $text The comment of the user.
* @return Comment The comment.
*/
public static function createForUser(User $user, Article $article, $text)
{
$comment = new Comment(0);
$comment->articleId = $article->getId();
$comment->userId = $user->getId();
$comment->userName = $user->getUsername();
$comment->userDisplayName = $user->getDisplayName();
$comment->userEmail = $user->getEmail();
$comment->userRank = $user->getRank();
$comment->created = new DateTime();
$comment->body = (string) $text;
return $comment;
}
/** Gets the links for the bottom of the page */
public function get_account_links_html(Website $website)
{
$textToDisplay = "";
if ($this->editing_someone_else) {
// Editing someone else, don't show "My account" link
$textToDisplay .= <<<EOT
<p>
<a class="arrow" href="{$website->getUrlPage("account", $this->user->getId())}">
{$website->tReplaced("users.profile_page_of", $this->user->getDisplayName())}
</a><br />
<a class="arrow" href="{$website->getUrlPage("account_management")}">
{$website->t("main.account_management")}
</a>
EOT;
} else {
$textToDisplay .= '<p><a class="arrow" href="' . $website->getUrlPage("account") . '">' . $website->t("main.my_account") . "</a>\n";
if ($website->isLoggedInAsStaff(true)) {
$textToDisplay .= '<br /><a class="arrow" href="' . $website->getUrlPage("account_management") . '">' . $website->t("main.account_management") . "</a>\n";
}
$textToDisplay .= "</p>";
}
return $textToDisplay;
}
/**
* Call this when logging in an user. If password is correct, the last
* login date is updated. If the password storage method was outdated, the
* password is rehashed.
*
* @param User $user The user.
* @param string $password_unhashed The password entered by the user.
*/
protected function loginCheck(User $user, $password_unhashed)
{
if ($this->userRepo == null) {
// Unable to log in when userRepo is not present
return false;
}
$password_hashed = $user->getPasswordHashed();
$loggedIn = false;
if (strLen($password_hashed) == 32 && $password_hashed[0] != '$') {
// Still md5(sha1($pass)), update
if (md5(sha1($password_unhashed)) == $password_hashed) {
// Gets saved later on, when updating the last login
$user->setPassword($password_unhashed);
$loggedIn = true;
}
}
// Try to use modern password verification
if (!$loggedIn) {
$loggedIn = crypt($password_unhashed, $password_hashed) === $password_hashed;
}
if ($loggedIn) {
$status = $user->getStatus();
// Check whether the account is deleted
if ($status == Authentication::STATUS_DELETED) {
// Act like the account doesn't exist
return false;
}
// Check whether the account is banned
if ($status == Authentication::STATUS_BANNED) {
$text = $this->website->getText();
$text->addError($text->tReplaced("users.status.banned.your_account", $user->getStatusText()));
return false;
}
// Check password strength
if ($user->isWeakPassword($password_unhashed)) {
$text = $this->website->getText();
$text->addError($text->t("users.your_password_is_insecure"), Link::of($text->getUrlPage("edit_password"), $text->t("users.password.edit")));
}
// Update last login date (and possibly password hash, see above) if successfull
$user->setLastLogin(new DateTime());
$this->userRepo->save($user);
}
return $loggedIn;
}
/**
* Sets the author of this article to the given user.
* @param User $user The user.
*/
public function setAuthor(User $user)
{
$this->author = $user->getDisplayName();
$this->authorId = $user->getId();
$this->updateLastEdited();
}
private function getTestUser()
{
$user = new User();
$user->setDisplayName("John Doe");
$user->setUsername("testuser");
$user->setRank(Authentication::RANK_USER);
$user->setField(new Field(Field::TYPE_PRIMARY_KEY, "id", "id"), 10);
return $user;
}
/**
* Creates a new document with the given title, intro and author. The
* document is not saved automatically.
* @param string $title Title of the document.
* @param string $intro Intro of the document.
* @param User $user
* @return Document The document.
*/
public static function createNew($title, $intro, User $user)
{
$document = new Document();
$document->title = (string) $title;
$document->intro = (string) $intro;
$document->userId = (int) $user->getId();
$document->created = new DateTime();
return $document;
}
