public function UserController_TempBan_Create($Sender, $Args)
{
$Sender->Permission('Garden.Moderation.Manage');
$UserID = (int) GetValue('0', $Args);
$Unban = (bool) GetValue('1', $Args);
$User = Gdn::UserModel()->GetID($UserID, DATASET_TYPE_ARRAY);
if (!$User) {
throw NotFoundException($User);
}
$UserModel = Gdn::UserModel();
if ($Sender->Form->AuthenticatedPostBack()) {
if ($Unban) {
$UserModel->Unban($UserID, array('RestoreContent' => $Sender->Form->GetFormValue('RestoreContent')));
} else {
$Minutes = $Sender->Form->GetValue('TempBanPeriodMinutes');
$Hours = $Sender->Form->GetValue('TempBanPeriodHours');
$Days = $Sender->Form->GetValue('TempBanPeriodDays');
$Months = $Sender->Form->GetValue('TempBanPeriodMonths');
$Years = $Sender->Form->GetValue('TempBanPeriodYears');
if (!(empty($Minutes) && empty($Hours) && empty($Days) && empty($Months) && empty($Years))) {
$AutoExpirePeriod = Gdn_Format::ToDateTime(strtotime("+{$Years} years {$Months} months {$Days} days {$Hours} hours {$Minutes} minutes"));
} else {
$Sender->Form->AddError('ValidateRequired', 'Ban Period');
}
if (!ValidateRequired($Sender->Form->GetFormValue('Reason'))) {
$Sender->Form->AddError('ValidateRequired', 'Reason');
}
if ($Sender->Form->GetFormValue('Reason') == 'Other' && !ValidateRequired($Sender->Form->GetFormValue('ReasonText'))) {
$Sender->Form->AddError('ValidateRequired', 'Reason Text');
}
if ($Sender->Form->ErrorCount() == 0) {
if ($Sender->Form->GetFormValue('Reason') == 'Other') {
$Reason = $Sender->Form->GetFormValue('ReasonText');
} else {
$Reason = $Sender->Form->GetFormValue('Reason');
}
Gdn::Locale()->SetTranslation('HeadlineFormat.Ban', FormatString('{RegardingUserID,You} banned {ActivityUserID,you} until {BanExpire, date}.', array('BanExpire' => $AutoExpirePeriod)));
$UserModel->Ban($UserID, array('Reason' => $Reason));
$UserModel->SetField($UserID, 'BanExpire', $AutoExpirePeriod);
}
}
if ($Sender->Form->ErrorCount() == 0) {
// Redirect after a successful save.
if ($Sender->Request->Get('Target')) {
$Sender->RedirectUrl = $Sender->Request->Get('Target');
} else {
$Sender->RedirectUrl = Url(UserUrl($User));
}
}
}
$Sender->SetData('User', $User);
$Sender->AddSideMenu();
$Sender->Title($Unban ? T('Unban User') : T('Temporary Ban User'));
if ($Unban) {
$Sender->View = 'Unban';
} else {
$Sender->View = $this->ThemeView('tempban');
}
$Sender->Render();
}
/**
* Recalculate counters.
*
* @param bool $Table
* @param bool $Column
* @param bool $From
* @param bool $To
* @param bool $Max
* @throws Exception
* @throws Gdn_UserException
*/
public function counts($Table = false, $Column = false, $From = false, $To = false, $Max = false)
{
increaseMaxExecutionTime(300);
$this->permission('Garden.Settings.Manage');
if ($Table && $Column && strcasecmp($this->Request->requestMethod(), Gdn_Request::INPUT_POST) == 0) {
if (!ValidateRequired($Table)) {
throw new Gdn_UserException("Table is required.");
}
if (!ValidateRequired($Column)) {
throw new Gdn_UserException("Column is required.");
}
$Result = $this->Model->counts($Table, $Column, $From, $To);
$this->setData('Result', $Result);
} else {
$this->setData('Jobs', array());
$this->fireEvent('CountJobs');
}
$this->setData('Title', t('Recalculate Counts'));
$this->render('Job');
}
public function Counts($Table = FALSE, $Column = FALSE, $From = FALSE, $To = FALSE, $Max = FALSE)
{
$this->Permission('Garden.Settings.Manage');
if ($Table && $Column && strcasecmp($this->Request->RequestMethod(), Gdn_Request::INPUT_POST) == 0) {
if (!ValidateRequired($Table)) {
throw new Gdn_UserException("Table is required.");
}
if (!ValidateRequired($Column)) {
throw new Gdn_UserException("Column is required.");
}
$Result = $this->Model->Counts($Table, $Column, $From, $To);
$this->SetData('Result', $Result);
} else {
$this->SetData('Jobs', array());
$this->FireEvent('CountJobs');
}
$this->SetData('Title', T('Recalculate Counts'));
$this->AddSideMenu();
$this->Render('Job');
}
/**
* Ban a user and optionally delete their content.
*
* @since 2.1
* @param type $UserID
*/
public function ban($UserID, $Unban = false)
{
$this->permission(array('Garden.Moderation.Manage', 'Garden.Users.Edit', 'Moderation.Users.Ban'), false);
$User = Gdn::userModel()->getID($UserID, DATASET_TYPE_ARRAY);
if (!$User) {
throw notFoundException($User);
}
$UserModel = Gdn::userModel();
// Block banning the super admin or system accounts.
$User = $UserModel->getID($UserID);
if (val('Admin', $User) == 2) {
throw forbiddenException("@You may not ban a system user.");
} elseif (val('Admin', $User)) {
throw forbiddenException("@You may not ban a super admin.");
}
// Is the user banned for other reasons?
$this->setData('OtherReasons', BanModel::isBanned(val('Banned', $User, 0), ~BanModel::BAN_AUTOMATIC));
if ($this->Form->authenticatedPostBack()) {
if ($Unban) {
$UserModel->unban($UserID, array('RestoreContent' => $this->Form->getFormValue('RestoreContent')));
} else {
if (!ValidateRequired($this->Form->getFormValue('Reason'))) {
$this->Form->addError('ValidateRequired', 'Reason');
}
if ($this->Form->getFormValue('Reason') == 'Other' && !ValidateRequired($this->Form->getFormValue('ReasonText'))) {
$this->Form->addError('ValidateRequired', 'Reason Text');
}
if ($this->Form->errorCount() == 0) {
if ($this->Form->getFormValue('Reason') == 'Other') {
$Reason = $this->Form->getFormValue('ReasonText');
} else {
$Reason = $this->Form->getFormValue('Reason');
}
// Just because we're banning doesn't mean we can nuke their content
$DeleteContent = checkPermission('Garden.Moderation.Manage') ? $this->Form->getFormValue('DeleteContent') : false;
$UserModel->ban($UserID, array('Reason' => $Reason, 'DeleteContent' => $DeleteContent));
}
}
if ($this->Form->errorCount() == 0) {
// Redirect after a successful save.
if ($this->Request->get('Target')) {
$this->RedirectUrl = $this->Request->get('Target');
} elseif ($this->deliveryType() == DELIVERY_TYPE_ALL) {
$this->RedirectUrl = url(userUrl($User));
} else {
$this->jsonTarget('', '', 'Refresh');
}
}
}
// Permission flag for view
$this->setData('_MayDeleteContent', checkPermission('Garden.Moderation.Manage'));
$this->setData('User', $User);
$this->addSideMenu();
$this->title($Unban ? t('Unban User') : t('Ban User'));
if ($Unban) {
$this->View = 'Unban';
}
$this->render();
}
/**
* Connect the user with an external source.
*
* This controller method is meant to be used with plugins that set its data array to work.
* Events: ConnectData
*
* @since 2.0.0
* @access public
*
* @param string $Method Used to register multiple providers on ConnectData event.
*/
public function Connect($Method)
{
$this->AddJsFile('entry.js');
$this->View = 'connect';
$IsPostBack = $this->Form->IsPostBack() && $this->Form->GetFormValue('Connect', NULL) !== NULL;
if (!$IsPostBack) {
// Here are the initial data array values. that can be set by a plugin.
$Data = array('Provider' => '', 'ProviderName' => '', 'UniqueID' => '', 'FullName' => '', 'Name' => '', 'Email' => '', 'Photo' => '', 'Target' => $this->Target());
$this->Form->SetData($Data);
$this->Form->AddHidden('Target', $this->Request->Get('Target', '/'));
}
// The different providers can check to see if they are being used and modify the data array accordingly.
$this->EventArguments = array($Method);
// Fire ConnectData event & error handling.
$CurrentData = $this->Form->FormValues();
try {
$this->FireEvent('ConnectData');
} catch (Gdn_UserException $Ex) {
$this->Form->AddError($Ex);
return $this->Render('ConnectError');
} catch (Exception $Ex) {
if (Debug()) {
$this->Form->AddError($Ex);
} else {
$this->Form->AddError('There was an error fetching the connection data.');
}
return $this->Render('ConnectError');
}
if (!UserModel::NoEmail()) {
if (!$this->Form->GetFormValue('Email') || $this->Form->GetFormValue('EmailVisible')) {
$this->Form->SetFormValue('EmailVisible', TRUE);
$this->Form->AddHidden('EmailVisible', TRUE);
if ($IsPostBack) {
$this->Form->SetFormValue('Email', GetValue('Email', $CurrentData));
}
}
}
$FormData = $this->Form->FormValues();
// debug
// Make sure the minimum required data has been provided to the connect.
if (!$this->Form->GetFormValue('Provider')) {
$this->Form->AddError('ValidateRequired', T('Provider'));
}
if (!$this->Form->GetFormValue('UniqueID')) {
$this->Form->AddError('ValidateRequired', T('UniqueID'));
}
if (!$this->Data('Verified')) {
// Whatever event handler catches this must Set the data 'Verified' to true to prevent a random site from connecting without credentials.
// This must be done EVERY postback and is VERY important.
$this->Form->AddError('The connection data has not been verified.');
}
if ($this->Form->ErrorCount() > 0) {
return $this->Render();
}
$UserModel = Gdn::UserModel();
// Check to see if there is an existing user associated with the information above.
$Auth = $UserModel->GetAuthentication($this->Form->GetFormValue('UniqueID'), $this->Form->GetFormValue('Provider'));
$UserID = GetValue('UserID', $Auth);
// Check to synchronise roles upon connecting.
if (($this->Data('Trusted') || C('Garden.SSO.SynchRoles')) && $this->Form->GetFormValue('Roles', NULL) !== NULL) {
$SaveRoles = TRUE;
// Translate the role names to IDs.
$Roles = $this->Form->GetFormValue('Roles', NULL);
$Roles = RoleModel::GetByName($Roles);
$RoleIDs = array_keys($Roles);
if (empty($RoleIDs)) {
// The user must have at least one role. This protects that.
$RoleIDs = $this->UserModel->NewUserRoleIDs();
}
$this->Form->SetFormValue('RoleID', $RoleIDs);
} else {
$SaveRoles = FALSE;
}
if ($UserID) {
// The user is already connected.
$this->Form->SetFormValue('UserID', $UserID);
if (C('Garden.Registration.ConnectSynchronize', TRUE)) {
$User = Gdn::UserModel()->GetID($UserID, DATASET_TYPE_ARRAY);
$Data = $this->Form->FormValues();
// Don't overwrite the user photo if the user uploaded a new one.
$Photo = GetValue('Photo', $User);
if (!GetValue('Photo', $Data) || $Photo && !StringBeginsWith($Photo, 'http')) {
unset($Data['Photo']);
}
// Synchronize the user's data.
$UserModel->Save($Data, array('NoConfirmEmail' => TRUE, 'FixUnique' => TRUE, 'SaveRoles' => $SaveRoles));
}
// Always save the attributes because they may contain authorization information.
if ($Attributes = $this->Form->GetFormValue('Attributes')) {
$UserModel->SaveAttribute($UserID, $Attributes);
}
// Sign the user in.
Gdn::Session()->Start($UserID, TRUE, TRUE);
Gdn::UserModel()->FireEvent('AfterSignIn');
// $this->_SetRedirect(TRUE);
$this->_SetRedirect($this->Request->Get('display') == 'popup');
} elseif ($this->Form->GetFormValue('Name') || $this->Form->GetFormValue('Email')) {
$NameUnique = C('Garden.Registration.NameUnique', TRUE);
$EmailUnique = C('Garden.Registration.EmailUnique', TRUE);
$AutoConnect = C('Garden.Registration.AutoConnect');
// Get the existing users that match the name or email of the connection.
$Search = FALSE;
if ($this->Form->GetFormValue('Name') && $NameUnique) {
$UserModel->SQL->OrWhere('Name', $this->Form->GetFormValue('Name'));
$Search = TRUE;
}
if ($this->Form->GetFormValue('Email') && ($EmailUnique || $AutoConnect)) {
$UserModel->SQL->OrWhere('Email', $this->Form->GetFormValue('Email'));
$Search = TRUE;
}
if ($Search) {
$ExistingUsers = $UserModel->GetWhere()->ResultArray();
} else {
$ExistingUsers = array();
}
// Check to automatically link the user.
if ($AutoConnect && count($ExistingUsers) > 0) {
foreach ($ExistingUsers as $Row) {
if ($this->Form->GetFormValue('Email') == $Row['Email']) {
$UserID = $Row['UserID'];
$this->Form->SetFormValue('UserID', $UserID);
$Data = $this->Form->FormValues();
if (C('Garden.Registration.ConnectSynchronize', TRUE)) {
// Don't overwrite a photo if the user has already uploaded one.
$Photo = GetValue('Photo', $Row);
if (!GetValue('Photo', $Data) || $Photo && !StringBeginsWith($Photo, 'http')) {
unset($Data['Photo']);
}
$UserModel->Save($Data, array('NoConfirmEmail' => TRUE, 'FixUnique' => TRUE, 'SaveRoles' => $SaveRoles));
}
if ($Attributes = $this->Form->GetFormValue('Attributes')) {
$UserModel->SaveAttribute($UserID, $Attributes);
}
// Save the userauthentication link.
$UserModel->SaveAuthentication(array('UserID' => $UserID, 'Provider' => $this->Form->GetFormValue('Provider'), 'UniqueID' => $this->Form->GetFormValue('UniqueID')));
// Sign the user in.
Gdn::Session()->Start($UserID, TRUE, TRUE);
Gdn::UserModel()->FireEvent('AfterSignIn');
// $this->_SetRedirect(TRUE);
$this->_SetRedirect($this->Request->Get('display') == 'popup');
$this->Render();
return;
}
}
}
$CurrentUserID = Gdn::Session()->UserID;
// Massage the existing users.
foreach ($ExistingUsers as $Index => $UserRow) {
if ($EmailUnique && $UserRow['Email'] == $this->Form->GetFormValue('Email')) {
$EmailFound = $UserRow;
break;
}
if ($UserRow['Name'] == $this->Form->GetFormValue('Name')) {
$NameFound = $UserRow;
}
if ($CurrentUserID > 0 && $UserRow['UserID'] == $CurrentUserID) {
unset($ExistingUsers[$Index]);
$CurrentUserFound = TRUE;
}
}
if (isset($EmailFound)) {
// The email address was found and can be the only user option.
$ExistingUsers = array($UserRow);
$this->SetData('NoConnectName', TRUE);
} elseif (isset($CurrentUserFound)) {
$ExistingUsers = array_merge(array('UserID' => 'current', 'Name' => sprintf(T('%s (Current)'), Gdn::Session()->User->Name)), $ExistingUsers);
}
if (!isset($NameFound) && !$IsPostBack) {
$this->Form->SetFormValue('ConnectName', $this->Form->GetFormValue('Name'));
}
$this->SetData('ExistingUsers', $ExistingUsers);
if (UserModel::NoEmail()) {
$EmailValid = TRUE;
} else {
$EmailValid = ValidateRequired($this->Form->GetFormValue('Email'));
}
if ($this->Form->GetFormValue('Name') && $EmailValid && (!is_array($ExistingUsers) || count($ExistingUsers) == 0)) {
// There is no existing user with the suggested name so we can just create the user.
$User = $this->Form->FormValues();
$User['Password'] = RandomString(50);
// some password is required
$User['HashMethod'] = 'Random';
$User['Source'] = $this->Form->GetFormValue('Provider');
$User['SourceID'] = $this->Form->GetFormValue('UniqueID');
$User['Attributes'] = $this->Form->GetFormValue('Attributes', NULL);
$User['Email'] = $this->Form->GetFormValue('ConnectEmail', $this->Form->GetFormValue('Email', NULL));
// $UserID = $UserModel->InsertForBasic($User, FALSE, array('ValidateEmail' => FALSE, 'NoConfirmEmail' => TRUE, 'SaveRoles' => $SaveRoles));
$UserID = $UserModel->Register($User, array('CheckCaptcha' => FALSE, 'ValidateEmail' => FALSE, 'NoConfirmEmail' => TRUE, 'SaveRoles' => $SaveRoles));
$User['UserID'] = $UserID;
$this->Form->SetValidationResults($UserModel->ValidationResults());
if ($UserID) {
$UserModel->SaveAuthentication(array('UserID' => $UserID, 'Provider' => $this->Form->GetFormValue('Provider'), 'UniqueID' => $this->Form->GetFormValue('UniqueID')));
$this->Form->SetFormValue('UserID', $UserID);
Gdn::Session()->Start($UserID, TRUE, TRUE);
Gdn::UserModel()->FireEvent('AfterSignIn');
// Send the welcome email.
if (C('Garden.Registration.SendConnectEmail', FALSE)) {
try {
$UserModel->SendWelcomeEmail($UserID, '', 'Connect', array('ProviderName' => $this->Form->GetFormValue('ProviderName', $this->Form->GetFormValue('Provider', 'Unknown'))));
} catch (Exception $Ex) {
// Do nothing if emailing doesn't work.
}
}
$this->_SetRedirect(TRUE);
}
}
}
// Save the user's choice.
if ($IsPostBack) {
// The user has made their decision.
$PasswordHash = new Gdn_PasswordHash();
$UserSelect = $this->Form->GetFormValue('UserSelect');
if (!$UserSelect || $UserSelect == 'other') {
// The user entered a username.
$ConnectNameEntered = TRUE;
if ($this->Form->ValidateRule('ConnectName', 'ValidateRequired')) {
$ConnectName = $this->Form->GetFormValue('ConnectName');
$User = FALSE;
if (C('Garden.Registration.NameUnique')) {
// Check to see if there is already a user with the given name.
$User = $UserModel->GetWhere(array('Name' => $ConnectName))->FirstRow(DATASET_TYPE_ARRAY);
}
if (!$User) {
$this->Form->ValidateRule('ConnectName', 'ValidateUsername');
}
}
} else {
// The user selected an existing user.
$ConnectNameEntered = FALSE;
if ($UserSelect == 'current') {
if (Gdn::Session()->UserID == 0) {
// This shouldn't happen, but a use could sign out in another browser and click submit on this form.
$this->Form->AddError('@You were uexpectidly signed out.');
} else {
$UserSelect = Gdn::Session()->UserID;
}
}
$User = $UserModel->GetID($UserSelect, DATASET_TYPE_ARRAY);
}
if (isset($User) && $User) {
// Make sure the user authenticates.
if (!$User['UserID'] == Gdn::Session()->UserID) {
if ($this->Form->ValidateRule('ConnectPassword', 'ValidateRequired', sprintf(T('ValidateRequired'), T('Password')))) {
try {
if (!$PasswordHash->CheckPassword($this->Form->GetFormValue('ConnectPassword'), $User['Password'], $User['HashMethod'], $this->Form->GetFormValue('ConnectName'))) {
if ($ConnectNameEntered) {
$this->Form->AddError('The username you entered has already been taken.');
} else {
$this->Form->AddError('The password you entered is incorrect.');
}
}
} catch (Gdn_UserException $Ex) {
$this->Form->AddError($Ex);
}
}
}
} elseif ($this->Form->ErrorCount() == 0) {
// The user doesn't exist so we need to add another user.
$User = $this->Form->FormValues();
$User['Name'] = $User['ConnectName'];
$User['Password'] = RandomString(50);
// some password is required
$User['HashMethod'] = 'Random';
$UserID = $UserModel->Register($User, array('CheckCaptcha' => FALSE, 'NoConfirmEmail' => TRUE, 'SaveRoles' => $SaveRoles));
$User['UserID'] = $UserID;
$this->Form->SetValidationResults($UserModel->ValidationResults());
if ($UserID) {
// // Add the user to the default roles.
// $UserModel->SaveRoles($UserID, C('Garden.Registration.DefaultRoles'));
// Send the welcome email.
$UserModel->SendWelcomeEmail($UserID, '', 'Connect', array('ProviderName' => $this->Form->GetFormValue('ProviderName', $this->Form->GetFormValue('Provider', 'Unknown'))));
}
}
if ($this->Form->ErrorCount() == 0) {
// Save the authentication.
if (isset($User) && GetValue('UserID', $User)) {
$UserModel->SaveAuthentication(array('UserID' => $User['UserID'], 'Provider' => $this->Form->GetFormValue('Provider'), 'UniqueID' => $this->Form->GetFormValue('UniqueID')));
$this->Form->SetFormValue('UserID', $User['UserID']);
}
// Sign the appropriate user in.
Gdn::Session()->Start($this->Form->GetFormValue('UserID', TRUE, TRUE));
Gdn::UserModel()->FireEvent('AfterSignIn');
$this->_SetRedirect(TRUE);
}
}
$this->Render();
}
/**
* Look for users with an invalid role and apply the role specified to those users.
*/
public function fixUserRole()
{
$this->permission('Garden.Settings.Manage');
if ($this->Request->isAuthenticatedPostBack()) {
if (ValidateRequired($this->Form->getFormValue('DefaultUserRole'))) {
$this->Model->fixUserRole($this->Form->getFormValue('DefaultUserRole'));
$this->setData('CompletedFix', true);
}
}
$this->addSideMenu();
$this->render();
}
public function controller_Modify($Sender)
{
$Sender->DeliveryMethod(DELIVERY_METHOD_JSON);
$Sender->DeliveryType(DELIVERY_TYPE_DATA);
$UserID = Gdn::Request()->Get('UserID');
if ($UserID != Gdn::Session()->UserID) {
$Sender->Permission(array('Garden.Users.Edit', 'Moderation.Signatures.Edit'), FALSE);
}
$User = Gdn::UserModel()->GetID($UserID);
if (!$User) {
throw new Exception("No such user '{$UserID}'", 404);
}
$Translation = array('Plugin.Signatures.Sig' => 'Body', 'Plugin.Signatures.Format' => 'Format', 'Plugin.Signatures.HideAll' => 'HideAll', 'Plugin.Signatures.HideImages' => 'HideImages', 'Plugin.Signatures.HideMobile' => 'HideMobile');
$UserMeta = $this->GetUserMeta($UserID, '%');
$SigData = array();
foreach ($Translation as $TranslationField => $TranslationShortcut) {
$SigData[$TranslationShortcut] = GetValue($TranslationField, $UserMeta, NULL);
}
$Sender->SetData('Signature', $SigData);
if ($Sender->Form->IsPostBack()) {
$Sender->SetData('Success', FALSE);
// Validate the signature.
if (function_exists('ValidateSignature')) {
$Sig = $Sender->Form->GetFormValue('Body');
$Format = $Sender->Form->GetFormValue('Format');
if (ValidateRequired($Sig) && !ValidateSignature($Sig, $Format)) {
$Sender->Form->AddError('Signature invalid.');
}
}
if ($Sender->Form->ErrorCount() == 0) {
foreach ($Translation as $TranslationField => $TranslationShortcut) {
$UserMetaValue = $Sender->Form->GetValue($TranslationShortcut, NULL);
if (is_null($UserMetaValue)) {
continue;
}
if ($TranslationShortcut == 'Body' && empty($UserMetaValue)) {
$UserMetaValue = NULL;
}
$Key = $this->TrimMetaKey($TranslationField);
switch ($Key) {
case 'Format':
if (strcasecmp($UserMetaValue, 'Raw') == 0) {
$UserMetaValue = NULL;
}
// don't allow raw signatures.
break;
}
if ($Sender->Form->ErrorCount() == 0) {
$this->SetUserMeta($UserID, $Key, $UserMetaValue);
}
}
$Sender->SetData('Success', TRUE);
}
}
$Sender->Render();
}
function ValidateEnum($Value, $Field)
{
return in_array($Value, $Field->Enum) || $Field->AllowNull && !ValidateRequired($Value);
}
/**
*
* @param array $User
* @return bool|string
* @since 2.1
*/
public function ValidateSpamRegistration($User)
{
$DiscoveryText = GetValue('DiscoveryText', $User);
$Log = ValidateRequired($DiscoveryText);
$Spam = SpamModel::IsSpam('Registration', $User, array('Log' => $Log));
if ($Spam) {
if ($Log) {
// The user entered discovery text.
return self::REDIRECT_APPROVE;
} else {
$this->Validation->AddValidationResult('DiscoveryText', 'Tell us why you want to join!');
return FALSE;
}
}
return TRUE;
}
public function SSO($UserID = FALSE)
{
$this->Permission('Garden.Users.Edit');
$ProviderModel = new Gdn_AuthenticationProviderModel();
$Form = new Gdn_Form();
if ($this->Request->IsPostBack()) {
// Make sure everything has been posted.
$Form->ValidateRule('ClientID', 'ValidateRequired');
$Form->ValidateRule('UniqueID', 'ValidateRequired');
if (!ValidateRequired($Form->GetFormValue('Username')) && !ValidateRequired($Form->GetFormValue('Email'))) {
$Form->AddError('Username or Email is required.');
}
$Provider = $ProviderModel->GetProviderByKey($Form->GetFormValue('ClientID'));
if (!$Provider) {
$Form->AddError(sprintf('%1$s "%2$s" not found.', T('Provider'), $Form->GetFormValue('ClientID')));
}
if ($Form->ErrorCount() > 0) {
throw new Gdn_UserException($Form->ErrorString());
}
// Grab the user.
$User = FALSE;
if ($Email = $Form->GetFormValue('Email')) {
$User = Gdn::UserModel()->GetByEmail($Email);
}
if (!$User && ($Username = $Form->GetFormValue('Username'))) {
$User = Gdn::UserModel()->GetByUsername($Username);
}
if (!$User) {
throw new Gdn_UserException(sprintf(T('User not found.'), strtolower(T(UserModel::SigninLabelCode()))), 404);
}
// Validate the user's password.
$PasswordHash = new Gdn_PasswordHash();
$Password = $this->Form->GetFormValue('Password', NULL);
if ($Password !== NULL && !$PasswordHash->CheckPassword($Password, GetValue('Password', $User), GetValue('HashMethod', $User))) {
throw new Gdn_UserException(T('Invalid password.'), 401);
}
// Okay. We've gotten this far. Let's save the authentication.
$User = (array) $User;
Gdn::UserModel()->SaveAuthentication(array('UserID' => $User['UserID'], 'Provider' => $Form->GetFormValue('ClientID'), 'UniqueID' => $Form->GetFormValue('UniqueID')));
$Row = Gdn::UserModel()->GetAuthentication($Form->GetFormValue('UniqueID'), $Form->GetFormValue('ClientID'));
if ($Row) {
$this->SetData('Result', $Row);
} else {
throw new Gdn_UserException(T('There was an error saving the data.'));
}
} else {
$User = Gdn::UserModel()->GetID($UserID);
if (!$User) {
throw NotFoundException('User');
}
$Result = Gdn::SQL()->Select('ua.ProviderKey', '', 'ClientID')->Select('ua.ForeignUserKey', '', 'UniqueID')->Select('ua.UserID')->Select('p.Name')->Select('p.AuthenticationSchemeAlias', '', 'Type')->From('UserAuthentication ua')->Join('UserAuthenticationProvider p', 'ua.ProviderKey = p.AuthenticationKey')->Where('UserID', $UserID)->Get()->ResultArray();
$this->SetData('Result', $Result);
}
$this->Render('Blank', 'Utility', 'Dashboard');
}
function ValidateEmail($Value, $Field = '')
{
if (!ValidateRequired($Value)) {
return TRUE;
}
$Result = PHPMailer::ValidateAddress($Value);
$Result = (bool) $Result;
return $Result;
}
/**
* Ban a user and optionally delete their content.
* @since 2.1
* @param type $UserID
*/
public function Ban($UserID, $Unban = FALSE)
{
$this->Permission('Garden.Moderation.Manage');
$User = Gdn::UserModel()->GetID($UserID, DATASET_TYPE_ARRAY);
if (!$User) {
throw NotFoundException($User);
}
// $this->Form = new Gdn_Form();
$UserModel = Gdn::UserModel();
if ($this->Form->IsPostBack()) {
if ($Unban) {
$UserModel->Unban($UserID, array('RestoreContent' => $this->Form->GetFormValue('RestoreContent')));
} else {
if (!ValidateRequired($this->Form->GetFormValue('Reason'))) {
$this->Form->AddError('ValidateRequired', 'Reason');
}
if ($this->Form->GetFormValue('Reason') == 'Other' && !ValidateRequired($this->Form->GetFormValue('ReasonText'))) {
$this->Form->AddError('ValidateRequired', 'Reason Text');
}
if ($this->Form->ErrorCount() == 0) {
if ($this->Form->GetFormValue('Reason') == 'Other') {
$Reason = $this->Form->GetFormValue('ReasonText');
} else {
$Reason = $this->Form->GetFormValue('Reason');
}
$UserModel->Ban($UserID, array('Reason' => $Reason, 'DeleteContent' => $this->Form->GetFormValue('DeleteContent')));
}
}
if ($this->Form->ErrorCount() == 0) {
// Redirect after a successful save.
if ($this->Request->Get('Target')) {
$this->RedirectUrl = $this->Request->Get('Target');
} else {
$this->RedirectUrl = UserUrl($User);
}
}
}
$this->SetData('User', $User);
$this->AddSideMenu();
$this->Title($Unban ? T('Unban User') : T('Ban User'));
if ($Unban) {
$this->View = 'Unban';
}
$this->Render();
}
