/**
* Used by subclasses to validate access keys when they are allowed.
* @param $userId int The user this key refers to
* @param $reviewId int The ID of the review this key refers to
* @param $newKey string The new key name, if one was supplied; otherwise, the existing one (if it exists) is used
* @return object Valid user object if the key was valid; otherwise NULL.
*/
function &validateAccessKey($userId, $reviewId, $newKey = null)
{
$press =& Request::getPress();
if (!$press || !$press->getSetting('reviewerAccessKeysEnabled')) {
$accessKey = false;
return $accessKey;
}
define('REVIEWER_ACCESS_KEY_SESSION_VAR', 'ReviewerAccessKey');
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
$session =& Request::getSession();
// Check to see if a new access key is being used.
if (!empty($newKey)) {
if (Validation::isLoggedIn()) {
Validation::logout();
}
$keyHash = $accessKeyManager->generateKeyHash($newKey);
$session->setSessionVar(REVIEWER_ACCESS_KEY_SESSION_VAR, $keyHash);
} else {
$keyHash = $session->getSessionVar(REVIEWER_ACCESS_KEY_SESSION_VAR);
}
// Now that we've gotten the key hash (if one exists), validate it.
$accessKey =& $accessKeyManager->validateKey('ReviewerContext', $userId, $keyHash, $reviewId);
if ($accessKey) {
$userDao =& DAORegistry::getDAO('UserDAO');
$user =& $userDao->getUser($accessKey->getUserId(), false);
return $user;
}
// No valid access key -- return NULL.
return $accessKey;
}
function sendReminder($reviewAssignment, $article, $journal)
{
$reviewAssignmentDao =& DAORegistry::getDAO('ReviewAssignmentDAO');
$userDao =& DAORegistry::getDAO('UserDAO');
$reviewId = $reviewAssignment->getId();
$reviewer =& $userDao->getUser($reviewAssignment->getReviewerId());
if (!isset($reviewer)) {
return false;
}
import('mail.ArticleMailTemplate');
$reviewerAccessKeysEnabled = $journal->getSetting('reviewerAccessKeysEnabled');
$email = new ArticleMailTemplate($article, $reviewerAccessKeysEnabled ? 'REVIEW_REMIND_AUTO_ONECLICK' : 'REVIEW_REMIND_AUTO', null, false, $journal);
$email->setJournal($journal);
$email->setFrom($journal->getSetting('contactEmail'), $journal->getSetting('contactName'));
$email->addRecipient($reviewer->getEmail(), $reviewer->getFullName());
$email->setAssoc(ARTICLE_EMAIL_REVIEW_REMIND, ARTICLE_EMAIL_TYPE_REVIEW, $reviewId);
$email->setSubject($email->getSubject($journal->getPrimaryLocale()));
$email->setBody($email->getBody($journal->getPrimaryLocale()));
$urlParams = array();
if ($reviewerAccessKeysEnabled) {
import('security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
// Key lifetime is the typical review period plus four weeks
$keyLifetime = ($journal->getSetting('numWeeksPerReview') + 4) * 7;
$urlParams['key'] = $accessKeyManager->createKey('ReviewerContext', $reviewer->getId(), $reviewId, $keyLifetime);
}
$submissionReviewUrl = Request::url($journal->getPath(), 'reviewer', 'submission', $reviewId, $urlParams);
$paramArray = array('reviewerName' => $reviewer->getFullName(), 'reviewerUsername' => $reviewer->getUsername(), 'journalUrl' => $journal->getUrl(), 'reviewerPassword' => $reviewer->getPassword(), 'reviewDueDate' => strftime(Config::getVar('general', 'date_format_short'), strtotime($reviewAssignment->getDateDue())), 'weekLaterDate' => strftime(Config::getVar('general', 'date_format_short'), strtotime('+1 week')), 'editorialContactSignature' => $journal->getSetting('contactName') . "\n" . $journal->getLocalizedTitle(), 'passwordResetUrl' => Request::url($journal->getPath(), 'login', 'resetPassword', $reviewer->getUsername(), array('confirm' => Validation::generatePasswordResetHash($reviewer->getId()))), 'submissionReviewUrl' => $submissionReviewUrl);
$email->assignParams($paramArray);
$email->send();
$reviewAssignment->setDateReminded(Core::getCurrentDate());
$reviewAssignment->setReminderWasAutomatic(1);
$reviewAssignmentDao->updateReviewAssignment($reviewAssignment);
}
function sendReminder($reviewAssignment, $paper, $conference, $schedConf)
{
$reviewAssignmentDao = DAORegistry::getDAO('ReviewAssignmentDAO');
$userDao = DAORegistry::getDAO('UserDAO');
$reviewId = $reviewAssignment->getId();
$reviewer =& $userDao->getById($reviewAssignment->getReviewerId());
if (!isset($reviewer)) {
return false;
}
import('classes.mail.PaperMailTemplate');
$reviewerAccessKeysEnabled = $schedConf->getSetting('reviewerAccessKeysEnabled');
$email = new PaperMailTemplate($paper, $reviewerAccessKeysEnabled ? 'REVIEW_REMIND_AUTO_ONECLICK' : 'REVIEW_REMIND_AUTO', $conference->getPrimaryLocale(), false, $conference, $schedConf);
$email->setConference($conference);
$email->setSchedConf($schedConf);
$contactEmail = $schedConf->getSetting('contactEmail') ? $schedConf->getSetting('contactEmail') : $conference->getSetting('contactEmail');
$contactName = $schedConf->getSetting('contactName') ? $schedConf->getSetting('contactName') : $conference->getSetting('contactName');
$email->setFrom($contactEmail, $contactName);
$email->addRecipient($reviewer->getEmail(), $reviewer->getFullName());
$email->setAssoc(PAPER_EMAIL_REVIEW_REMIND, PAPER_EMAIL_TYPE_REVIEW, $reviewId);
$email->setSubject($email->getSubject($conference->getPrimaryLocale()));
$email->setBody($email->getBody($conference->getPrimaryLocale()));
$urlParams = array();
if ($reviewerAccessKeysEnabled) {
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
// Key lifetime is the typical review period plus four weeks
if ($schedConf->getSetting('reviewDeadlineType') == REVIEW_DEADLINE_TYPE_ABSOLUTE) {
// Get number of days from now until review deadline date
$reviewDeadlineDate = $schedConf->getSetting('numWeeksPerReviewAbsolute');
$daysDiff = ($reviewDeadlineDate - strtotime(date("Y-m-d"))) / (60 * 60 * 24);
$keyLifetime = (round($daysDiff / 7) + 4) * 7;
} elseif ($schedConf->getSetting('reviewDeadlineType') == REVIEW_DEADLINE_TYPE_RELATIVE) {
$keyLifetime = ((int) $schedConf->getSetting('numWeeksPerReviewRelative') + 4) * 7;
}
$urlParams['key'] = $accessKeyManager->createKey('ReviewerContext', $reviewer->getId(), $reviewId, $keyLifetime);
}
$submissionReviewUrl = Request::url($conference->getPath(), $schedConf->getPath(), 'reviewer', 'submission', $reviewId, $urlParams);
// Format the review due date
$reviewDueDate = strtotime($reviewAssignment->getDateDue());
$dateFormatShort = Config::getVar('general', 'date_format_short');
if ($reviewDueDate === -1 || $reviewDueDate === false) {
// Use something human-readable if unspecified.
$reviewDueDate = '_____';
} else {
$reviewDueDate = strftime($dateFormatShort, $reviewDueDate);
}
$paramArray = array('reviewerName' => $reviewer->getFullName(), 'reviewerUsername' => $reviewer->getUsername(), 'conferenceUrl' => Request::url($conference->getPath()), 'schedConfUrl' => Request::url($conference->getPath(), $schedConf->getPath()), 'reviewerPassword' => $reviewer->getPassword(), 'reviewDueDate' => $reviewDueDate, 'weekLaterDate' => strftime(Config::getVar('general', 'date_format_short'), strtotime('+1 week')), 'editorialContactSignature' => $contactName . "\n" . $schedConf->getLocalizedName(), 'passwordResetUrl' => Request::url($conference->getPath(), $schedConf->getPath(), 'login', 'resetPassword', $reviewer->getUsername(), array('confirm' => Validation::generatePasswordResetHash($reviewer->getId()))), 'submissionReviewUrl' => $submissionReviewUrl);
$email->assignParams($paramArray);
$email->send();
$reviewAssignment->setDateReminded(Core::getCurrentDate());
$reviewAssignment->setReminderWasAutomatic(1);
$reviewAssignmentDao->updateObject($reviewAssignment);
}
function sendReminder($reviewAssignment, $submission, $context)
{
$reviewAssignmentDao = DAORegistry::getDAO('ReviewAssignmentDAO');
$userDao = DAORegistry::getDAO('UserDAO');
$reviewId = $reviewAssignment->getId();
$reviewer = $userDao->getById($reviewAssignment->getReviewerId());
if (!isset($reviewer)) {
return false;
}
import('classes.mail.ArticleMailTemplate');
$reviewerAccessKeysEnabled = $context->getSetting('reviewerAccessKeysEnabled');
$email = new ArticleMailTemplate($submission, $reviewerAccessKeysEnabled ? 'REVIEW_REMIND_AUTO_ONECLICK' : 'REVIEW_REMIND_AUTO', $context->getPrimaryLocale(), $context, false);
$email->setContext($context);
$email->setReplyTo(null);
$email->addRecipient($reviewer->getEmail(), $reviewer->getFullName());
$email->setSubject($email->getSubject($context->getPrimaryLocale()));
$email->setBody($email->getBody($context->getPrimaryLocale()));
$urlParams = array();
if ($reviewerAccessKeysEnabled) {
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
// Key lifetime is the typical review period plus four weeks
$keyLifetime = ($context->getSetting('numWeeksPerReview') + 4) * 7;
$urlParams['key'] = $accessKeyManager->createKey('ReviewerContext', $reviewer->getId(), $reviewId, $keyLifetime);
}
$submissionReviewUrl = Request::url($context->getPath(), 'reviewer', 'submission', $reviewId, $urlParams);
// Format the review due date
$reviewDueDate = strtotime($reviewAssignment->getDateDue());
$dateFormatShort = Config::getVar('general', 'date_format_short');
if ($reviewDueDate === -1 || $reviewDueDate === false) {
// Default to something human-readable if no date specified
$reviewDueDate = '_____';
} else {
$reviewDueDate = strftime($dateFormatShort, $reviewDueDate);
}
$paramArray = array('reviewerName' => $reviewer->getFullName(), 'reviewerUsername' => $reviewer->getUsername(), 'contextUrl' => Request::url($context->getPath()), 'reviewerPassword' => $reviewer->getPassword(), 'reviewDueDate' => $reviewDueDate, 'weekLaterDate' => strftime(Config::getVar('general', 'date_format_short'), strtotime('+1 week')), 'editorialContactSignature' => $context->getSetting('contactName') . "\n" . $context->getLocalizedName(), 'passwordResetUrl' => Request::url($context->getPath(), 'login', 'resetPassword', $reviewer->getUsername(), array('confirm' => Validation::generatePasswordResetHash($reviewer->getId()))), 'submissionReviewUrl' => $submissionReviewUrl);
$email->assignParams($paramArray);
$email->send();
$reviewAssignment->setDateReminded(Core::getCurrentDate());
$reviewAssignment->setReminderWasAutomatic(1);
$reviewAssignmentDao->updateObject($reviewAssignment);
}
/**
* Tests if the request contains a valid access token. If this is the case
* the regular login process will be skipped
*
* @param $request PKPRequest
* @return void
*/
function _validateAccessKey($request)
{
$accessKeyCode = $request->getUserVar('key');
$reviewId = $request->getUserVar('reviewId');
if (!($accessKeyCode && $reviewId)) {
return false;
}
// Check if the user is already logged in
$sessionManager = SessionManager::getManager();
$session = $sessionManager->getUserSession();
if ($session->getUserId()) {
return false;
}
import('lib.pkp.classes.security.AccessKeyManager');
$reviewerSubmissionDao = DAORegistry::getDAO('ReviewerSubmissionDAO');
$reviewerSubmission = $reviewerSubmissionDao->getReviewerSubmission($reviewId);
// Validate the access key
$context = $request->getContext();
$accessKeyManager = new AccessKeyManager();
$accessKeyHash = AccessKeyManager::generateKeyHash($accessKeyCode);
$accessKey = $accessKeyManager->validateKey($context->getId(), $reviewerSubmission->getReviewerId(), $accessKeyHash);
if (!$accessKey) {
return false;
}
// Get the reviewer user object
$userDao = DAORegistry::getDAO('UserDAO');
$user = $userDao->getById($accessKey->getUserId());
if (!$user) {
return false;
}
// Register the user object in the session
import('lib.pkp.classes.security.PKPValidation');
$reason = null;
if (PKPValidation::registerUserSession($user, $reason)) {
$this->submission = $reviewerSubmission;
$this->user = $user;
}
}
/**
* Reminds a reviewer about a review assignment.
* @param $sectionEditorSubmission object
* @param $reviewId int
* @param $send boolean
* @param $request object
* @return boolean true iff no error was encountered
*/
function remindReviewer($sectionEditorSubmission, $reviewId, $send, $request)
{
$sectionEditorSubmissionDao =& DAORegistry::getDAO('SectionEditorSubmissionDAO');
$reviewAssignmentDao =& DAORegistry::getDAO('ReviewAssignmentDAO');
$userDao =& DAORegistry::getDAO('UserDAO');
$journal =& $request->getJournal();
$user =& $request->getUser();
$reviewAssignment =& $reviewAssignmentDao->getById($reviewId);
$reviewerAccessKeysEnabled = $journal->getSetting('reviewerAccessKeysEnabled');
// If we're using access keys, disable the address fields
// for this message. (Prevents security issue: section editor
// could CC or BCC someone else, or change the reviewer address,
// in order to get the access key.)
$preventAddressChanges = $reviewerAccessKeysEnabled;
import('classes.mail.ArticleMailTemplate');
$email = new ArticleMailTemplate($sectionEditorSubmission, $reviewerAccessKeysEnabled ? 'REVIEW_REMIND_ONECLICK' : 'REVIEW_REMIND');
if ($preventAddressChanges) {
$email->setAddressFieldsEnabled(false);
}
if ($send && !$email->hasErrors()) {
HookRegistry::call('SectionEditorAction::remindReviewer', array(&$sectionEditorSubmission, &$reviewAssignment, &$email));
$reviewer =& $userDao->getUser($reviewAssignment->getReviewerId());
if ($reviewerAccessKeysEnabled) {
import('lib.pkp.classes.security.AccessKeyManager');
import('pages.reviewer.ReviewerHandler');
$accessKeyManager = new AccessKeyManager();
// Key lifetime is the typical review period plus four weeks
$keyLifetime = ($journal->getSetting('numWeeksPerReview') + 4) * 7;
$email->addPrivateParam('ACCESS_KEY', $accessKeyManager->createKey('ReviewerContext', $reviewer->getId(), $reviewId, $keyLifetime));
}
if ($preventAddressChanges) {
// Ensure that this messages goes to the reviewer, and the reviewer ONLY.
$email->clearAllRecipients();
$email->addRecipient($reviewer->getEmail(), $reviewer->getFullName());
}
$email->send($request);
$reviewAssignment->setDateReminded(Core::getCurrentDate());
$reviewAssignment->setReminderWasAutomatic(0);
$reviewAssignmentDao->updateReviewAssignment($reviewAssignment);
return true;
} elseif ($reviewAssignment->getSubmissionId() == $sectionEditorSubmission->getId()) {
$reviewer =& $userDao->getUser($reviewAssignment->getReviewerId());
if (!$request->getUserVar('continued')) {
if (!isset($reviewer)) {
return true;
}
$email->addRecipient($reviewer->getEmail(), $reviewer->getFullName());
$submissionUrl = $request->url(null, 'reviewer', 'submission', $reviewId, $reviewerAccessKeysEnabled ? array('key' => 'ACCESS_KEY') : array());
// Format the review due date
$reviewDueDate = strtotime($reviewAssignment->getDateDue());
$dateFormatShort = Config::getVar('general', 'date_format_short');
if ($reviewDueDate === -1 || $reviewDueDate === false) {
// Default to something human-readable if no date specified
$reviewDueDate = '_____';
} else {
$reviewDueDate = strftime($dateFormatShort, $reviewDueDate);
}
$paramArray = array('reviewerName' => $reviewer->getFullName(), 'reviewerUsername' => $reviewer->getUsername(), 'reviewerPassword' => $reviewer->getPassword(), 'reviewDueDate' => $reviewDueDate, 'editorialContactSignature' => $user->getContactSignature(), 'passwordResetUrl' => $request->url(null, 'login', 'resetPassword', $reviewer->getUsername(), array('confirm' => Validation::generatePasswordResetHash($reviewer->getId()))), 'submissionReviewUrl' => $submissionUrl);
$email->assignParams($paramArray);
}
$email->displayEditForm($request->url(null, null, 'remindReviewer', 'send'), array('reviewerId' => $reviewer->getId(), 'articleId' => $sectionEditorSubmission->getId(), 'reviewId' => $reviewId));
return false;
}
return true;
}
/**
* Register a new user.
* @param $request PKPRequest
* @return int|null User ID, or false on failure
*/
function execute($request)
{
$requireValidation = Config::getVar('email', 'require_validation');
$userDao = DAORegistry::getDAO('UserDAO');
// New user
$user = $userDao->newDataObject();
$user->setUsername($this->getData('username'));
// Set the base user fields (name, etc.)
$user->setFirstName($this->getData('firstName'));
$user->setMiddleName($this->getData('middleName'));
$user->setLastName($this->getData('lastName'));
$user->setInitials($this->getData('initials'));
$user->setEmail($this->getData('email'));
$user->setCountry($this->getData('country'));
$user->setAffiliation($this->getData('affiliation'), null);
// Localized
$user->setDateRegistered(Core::getCurrentDate());
$user->setInlineHelp(1);
// default new users to having inline help visible.
if (isset($this->defaultAuth)) {
$user->setPassword($this->getData('password'));
// FIXME Check result and handle failures
$this->defaultAuth->doCreateUser($user);
$user->setAuthId($this->defaultAuth->authId);
}
$user->setPassword(Validation::encryptCredentials($this->getData('username'), $this->getData('password')));
if ($requireValidation) {
// The account should be created in a disabled
// state.
$user->setDisabled(true);
$user->setDisabledReason(__('user.login.accountNotValidated'));
}
parent::execute($user);
$userDao->insertObject($user);
$userId = $user->getId();
if (!$userId) {
return false;
}
// Associate the new user with the existing session
$sessionManager = SessionManager::getManager();
$session = $sessionManager->getUserSession();
$session->setSessionVar('username', $user->getUsername());
// Save the roles
import('lib.pkp.classes.user.form.UserFormHelper');
$userFormHelper = new UserFormHelper();
$userFormHelper->saveRoleContent($this, $user);
// Insert the user interests
import('lib.pkp.classes.user.InterestManager');
$interestManager = new InterestManager();
$interestManager->setInterestsForUser($user, $this->getData('interests'));
import('lib.pkp.classes.mail.MailTemplate');
if ($requireValidation) {
// Create an access key
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
$accessKey = $accessKeyManager->createKey('RegisterContext', $user->getId(), null, Config::getVar('email', 'validation_timeout'));
// Send email validation request to user
$mail = new MailTemplate('USER_VALIDATE');
$this->_setMailFrom($request, $mail);
$context = $request->getContext();
$mail->assignParams(array('userFullName' => $user->getFullName(), 'activateUrl' => $request->url($context->getPath(), 'user', 'activateUser', array($this->getData('username'), $accessKey))));
$mail->addRecipient($user->getEmail(), $user->getFullName());
$mail->send();
unset($mail);
}
return $userId;
}
/**
* Removes an email address and associated access key from email notifications
* @param $email string
* @param $password string
* @return boolean
*/
function unsubscribeGuest($email, $password)
{
$application =& PKPApplication::getApplication();
$productName = $application->getName();
$context =& Request::getContext();
$contextId = $context->getId();
$result =& $this->retrieve('SELECT setting_id FROM notification_settings WHERE setting_name = ? AND product = ? AND context = ?', array('mailList', $productName, (int) $contextId));
$row = $result->GetRowAssoc(false);
$userId = (int) $row['setting_id'];
$result->Close();
unset($result);
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
$accessKeyHash = AccessKeyManager::generateKeyHash($password);
$accessKey = $accessKeyManager->validateKey('MailListContext', $userId, $accessKeyHash);
if ($accessKey) {
$this->update('DELETE FROM notification_settings WHERE setting_name = ? AND setting_value = ? AND product = ? AND context = ?', array('mailList', $email, $productName, (int) $contextId));
$accessKeyDao =& DAORegistry::getDAO('AccessKeyDAO');
$accessKeyDao->deleteObject($accessKey);
return true;
} else {
return false;
}
}
/**
* Register a new user.
*/
function execute()
{
$requireValidation = Config::getVar('email', 'require_validation');
if ($this->existingUser) {
// If using implicit auth - we hardwire that we are working on an existing user
// Existing user in the system
$userDao =& DAORegistry::getDAO('UserDAO');
if ($this->implicitAuth) {
// If we are using implicit auth - then use the session username variable - rather than data from the form
$sessionManager =& SessionManager::getManager();
$session =& $sessionManager->getUserSession();
$user =& $userDao->getUserByUsername($session->getSessionVar('username'));
} else {
$user =& $userDao->getUserByUsername($this->getData('username'));
}
if ($user == null) {
return false;
}
$userId = $user->getId();
} else {
// New user
$user = new User();
$user->setUsername($this->getData('username'));
$user->setSalutation($this->getData('salutation'));
$user->setFirstName($this->getData('firstName'));
$user->setMiddleName($this->getData('middleName'));
$user->setInitials($this->getData('initials'));
$user->setLastName($this->getData('lastName'));
$user->setGender($this->getData('gender'));
$user->setAffiliation($this->getData('affiliation'), null);
// Localized
$user->setSignature($this->getData('signature'), null);
// Localized
$user->setEmail($this->getData('email'));
$user->setUrl($this->getData('userUrl'));
$user->setPhone($this->getData('phone'));
$user->setFax($this->getData('fax'));
$user->setMailingAddress($this->getData('mailingAddress'));
$user->setBiography($this->getData('biography'), null);
// Localized
$user->setDateRegistered(Core::getCurrentDate());
$user->setCountry($this->getData('country'));
$site =& Request::getSite();
$availableLocales = $site->getSupportedLocales();
$locales = array();
foreach ($this->getData('userLocales') as $locale) {
if (Locale::isLocaleValid($locale) && in_array($locale, $availableLocales)) {
array_push($locales, $locale);
}
}
$user->setLocales($locales);
if (isset($this->defaultAuth)) {
$user->setPassword($this->getData('password'));
// FIXME Check result and handle failures
$this->defaultAuth->doCreateUser($user);
$user->setAuthId($this->defaultAuth->authId);
}
$user->setPassword(Validation::encryptCredentials($this->getData('username'), $this->getData('password')));
if ($requireValidation) {
// The account should be created in a disabled
// state.
$user->setDisabled(true);
$user->setDisabledReason(Locale::translate('user.login.accountNotValidated'));
}
$userDao =& DAORegistry::getDAO('UserDAO');
$userDao->insertUser($user);
$userId = $user->getId();
if (!$userId) {
return false;
}
// Add reviewing interests to interests table
import('lib.pkp.classes.user.InterestManager');
$interestManager = new InterestManager();
$interestManager->insertInterests($userId, $this->getData('interestsKeywords'), $this->getData('interests'));
$sessionManager =& SessionManager::getManager();
$session =& $sessionManager->getUserSession();
$session->setSessionVar('username', $user->getUsername());
}
$press =& Request::getPress();
$roleDao =& DAORegistry::getDAO('RoleDAO');
// Roles users are allowed to register themselves in
$allowedRoles = array('reader' => 'registerAsReader', 'author' => 'registerAsAuthor', 'reviewer' => 'registerAsReviewer');
$pressSettingsDao =& DAORegistry::getDAO('PressSettingsDAO');
if (!$pressSettingsDao->getSetting($press->getId(), 'allowRegReader')) {
unset($allowedRoles['reader']);
}
if (!$pressSettingsDao->getSetting($press->getId(), 'allowRegAuthor')) {
unset($allowedRoles['author']);
}
if (!$pressSettingsDao->getSetting($press->getId(), 'allowRegReviewer')) {
unset($allowedRoles['reviewer']);
}
foreach ($allowedRoles as $k => $v) {
$roleId = $roleDao->getRoleIdFromPath($k);
if ($this->getData($v) && !$roleDao->userHasRole($press->getId(), $userId, $roleId)) {
$role = new Role();
$role->setPressId($press->getId());
$role->setUserId($userId);
$role->setRoleId($roleId);
$roleDao->insertRole($role);
}
}
if (!$this->existingUser) {
import('classes.mail.MailTemplate');
if ($requireValidation) {
// Create an access key
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
$accessKey = $accessKeyManager->createKey('RegisterContext', $user->getId(), null, Config::getVar('email', 'validation_timeout'));
// Send email validation request to user
$mail = new MailTemplate('USER_VALIDATE');
$mail->setFrom($press->getSetting('contactEmail'), $press->getSetting('contactName'));
$mail->assignParams(array('userFullName' => $user->getFullName(), 'activateUrl' => Request::url($press->getPath(), 'user', 'activateUser', array($this->getData('username'), $accessKey))));
$mail->addRecipient($user->getEmail(), $user->getFullName());
$mail->send();
unset($mail);
}
if ($this->getData('sendPassword')) {
// Send welcome email to user
$mail = new MailTemplate('USER_REGISTER');
$mail->setFrom($press->getSetting('contactEmail'), $press->getSetting('contactName'));
$mail->assignParams(array('username' => $this->getData('username'), 'password' => String::substr($this->getData('password'), 0, 30), 'userFullName' => $user->getFullName()));
$mail->addRecipient($user->getEmail(), $user->getFullName());
$mail->send();
unset($mail);
}
}
// By default, self-registering readers will receive
// press updates. (The double set is here to prevent a
// duplicate insert error msg if there was a notification entry
// left over from a previous role.)
if (isset($allowedRoles['reader']) && $this->getData($allowedRoles['reader'])) {
$notificationStatusDao =& DAORegistry::getDAO('NotificationStatusDAO');
$notificationStatusDao->setPressNotifications($press->getId(), $userId, false);
$notificationStatusDao->setPressNotifications($press->getId(), $userId, true);
}
}
/**
* Send the automatic review reminder to the reviewer.
* @param $reviewAssignment ReviewAssignment
* @param $submission Submission
* @param $context Context
* @param $reminderType string
* REVIEW_REMIND_AUTO, REVIEW_REQUEST_REMIND_AUTO
*/
function sendReminder($reviewAssignment, $submission, $context, $reminderType = REVIEW_REMIND_AUTO)
{
$reviewAssignmentDao = DAORegistry::getDAO('ReviewAssignmentDAO');
$userDao = DAORegistry::getDAO('UserDAO');
$reviewId = $reviewAssignment->getId();
$reviewer = $userDao->getById($reviewAssignment->getReviewerId());
if (!isset($reviewer)) {
return false;
}
import('lib.pkp.classes.mail.SubmissionMailTemplate');
$emailKey = $reminderType;
$reviewerAccessKeysEnabled = $context->getSetting('reviewerAccessKeysEnabled');
switch (true) {
case $reviewerAccessKeysEnabled && $reminderType == REVIEW_REMIND_AUTO:
$emailKey = 'REVIEW_REMIND_AUTO_ONECLICK';
break;
case $reviewerAccessKeysEnabled && $reminderType == REVIEW_REQUEST_REMIND_AUTO:
$emailKey = 'REVIEW_REQUEST_REMIND_AUTO_ONECLICK';
break;
}
$email = new SubmissionMailTemplate($submission, $emailKey, $context->getPrimaryLocale(), $context, false);
$email->setContext($context);
$email->setReplyTo(null);
$email->addRecipient($reviewer->getEmail(), $reviewer->getFullName());
$email->setSubject($email->getSubject($context->getPrimaryLocale()));
$email->setBody($email->getBody($context->getPrimaryLocale()));
$urlParams = array('submissionId' => $reviewAssignment->getSubmissionId());
if ($reviewerAccessKeysEnabled) {
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
// Key lifetime is the typical review period plus four weeks
$keyLifetime = ($context->getSetting('numWeeksPerReview') + 4) * 7;
$urlParams['key'] = $accessKeyManager->createKey('ReviewerContext', $reviewer->getId(), $reviewId, $keyLifetime);
}
$application = PKPApplication::getApplication();
$request = $application->getRequest();
$dispatcher = $application->getDispatcher();
$submissionReviewUrl = $dispatcher->url($request, ROUTE_PAGE, $context->getPath(), 'reviewer', 'submission', null, $urlParams);
// Format the review due date
$reviewDueDate = strtotime($reviewAssignment->getDateDue());
$dateFormatShort = Config::getVar('general', 'date_format_short');
if ($reviewDueDate === -1 || $reviewDueDate === false) {
// Default to something human-readable if no date specified
$reviewDueDate = '_____';
} else {
$reviewDueDate = strftime($dateFormatShort, $reviewDueDate);
}
// Format the review response due date
$responseDueDate = strtotime($reviewAssignment->getDateResponseDue());
if ($responseDueDate === -1 || $responseDueDate === false) {
// Default to something human-readable if no date specified
$responseDueDate = '_____';
} else {
$responseDueDate = strftime($dateFormatShort, $responseDueDate);
}
AppLocale::requireComponents(LOCALE_COMPONENT_PKP_REVIEWER);
AppLocale::requireComponents(LOCALE_COMPONENT_PKP_COMMON);
$paramArray = array('reviewerName' => $reviewer->getFullName(), 'reviewerUserName' => $reviewer->getUsername(), 'reviewDueDate' => $reviewDueDate, 'responseDueDate' => $responseDueDate, 'editorialContactSignature' => $context->getSetting('contactName') . "\n" . $context->getLocalizedName(), 'passwordResetUrl' => $dispatcher->url($request, ROUTE_PAGE, $context->getPath(), 'login', 'resetPassword', $reviewer->getUsername(), array('confirm' => Validation::generatePasswordResetHash($reviewer->getId()))), 'submissionReviewUrl' => $submissionReviewUrl, 'messageToReviewer' => __('reviewer.step1.requestBoilerplate'), 'abstractTermIfEnabled' => $submission->getLocalizedAbstract() == '' ? '' : __('common.abstract'));
$email->assignParams($paramArray);
$email->send();
$reviewAssignment->setDateReminded(Core::getCurrentDate());
$reviewAssignment->setReminderWasAutomatic(1);
$reviewAssignmentDao->updateObject($reviewAssignment);
}
/**
* Register a new user.
*/
function execute()
{
$requireValidation = Config::getVar('email', 'require_validation');
// New user
$user = new User();
$user->setUsername($this->getData('username'));
$user->setSalutation($this->getData('salutation'));
$user->setFirstName($this->getData('firstName'));
$user->setMiddleName($this->getData('middleName'));
$user->setInitials($this->getData('initials'));
$user->setLastName($this->getData('lastName'));
$user->setGender($this->getData('gender'));
$user->setAffiliation($this->getData('affiliation'), null);
// Localized
$user->setSignature($this->getData('signature'), null);
// Localized
$user->setEmail($this->getData('email'));
$user->setUrl($this->getData('userUrl'));
$user->setPhone($this->getData('phone'));
$user->setFax($this->getData('fax'));
$user->setMailingAddress($this->getData('mailingAddress'));
$user->setBiography($this->getData('biography'), null);
// Localized
$user->setInterests($this->getData('interests'), null);
// Localized
$user->setDateRegistered(Core::getCurrentDate());
$user->setCountry($this->getData('country'));
$site =& Request::getSite();
$availableLocales = $site->getSupportedLocales();
$locales = array();
foreach ($this->getData('userLocales') as $locale) {
if (Locale::isLocaleValid($locale) && in_array($locale, $availableLocales)) {
array_push($locales, $locale);
}
}
$user->setLocales($locales);
if (isset($this->defaultAuth)) {
$user->setPassword($this->getData('password'));
// FIXME Check result and handle failures
$this->defaultAuth->doCreateUser($user);
$user->setAuthId($this->defaultAuth->authId);
}
$user->setPassword(Validation::encryptCredentials($this->getData('username'), $this->getData('password')));
if ($requireValidation) {
// The account should be created in a disabled
// state.
$user->setDisabled(true);
$user->setDisabledReason(Locale::translate('user.login.accountNotValidated'));
}
$userDao =& DAORegistry::getDAO('UserDAO');
$userDao->insertUser($user);
$userId = $user->getId();
if (!$userId) {
return false;
}
$sessionManager =& SessionManager::getManager();
$session =& $sessionManager->getUserSession();
$session->setSessionVar('username', $user->getUsername());
$roleDao =& DAORegistry::getDAO('RoleDAO');
// Roles users are allowed to register themselves in
$allowedRoles = array('submitter' => 'registerAsSubmitter');
if (!$site->getSetting('enableSubmit')) {
unset($allowedRoles['submitter']);
}
foreach ($allowedRoles as $k => $v) {
$roleId = $roleDao->getRoleIdFromPath($k);
if ($this->getData($v) && !$roleDao->roleExists($userId, $roleId)) {
$role = new Role();
$role->setUserId($userId);
$role->setRoleId($roleId);
$roleDao->insertRole($role);
}
}
import('classes.mail.MailTemplate');
if ($requireValidation) {
// Create an access key
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
$accessKey = $accessKeyManager->createKey('RegisterContext', $user->getId(), null, Config::getVar('email', 'validation_timeout'));
// Send email validation request to user
$mail = new MailTemplate('USER_VALIDATE');
$mail->setFrom($site->getLocalizedSetting('contactEmail'), $site->getLocalizedSetting('contactName'));
$mail->assignParams(array('userFullName' => $user->getFullName(), 'activateUrl' => Request::url('user', 'activateUser', array($this->getData('username'), $accessKey))));
$mail->addRecipient($user->getEmail(), $user->getFullName());
$mail->send();
unset($mail);
}
if ($this->getData('sendPassword')) {
// Send welcome email to user
$mail = new MailTemplate('USER_REGISTER');
$mail->setFrom($site->getLocalizedSetting('contactEmail'), $site->getLocalizedSetting('contactName'));
$mail->assignParams(array('username' => $this->getData('username'), 'password' => String::substr($this->getData('password'), 0, 30), 'userFullName' => $user->getFullName()));
$mail->addRecipient($user->getEmail(), $user->getFullName());
$mail->send();
unset($mail);
}
}
/**
* Send the registration confirmation email.
* @param $user object
*/
function sendConfirmationEmail($user, $password, $sendPassword)
{
$schedConf =& Request::getSchedConf();
import('mail.MailTemplate');
if (Config::getVar('email', 'require_validation')) {
// Create an access key
import('security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
$accessKey = $accessKeyManager->createKey('RegisterContext', $user->getId(), null, Config::getVar('email', 'validation_timeout'));
// Send email validation request to user
$mail = new MailTemplate('USER_VALIDATE');
$mail->setFrom($schedConf->getSetting('contactEmail'), $schedConf->getSetting('contactName'));
$mail->assignParams(array('userFullName' => $user->getFullName(), 'activateUrl' => Request::url(null, null, 'user', 'activateUser', array($user->getUsername(), $accessKey))));
$mail->addRecipient($user->getEmail(), $user->getFullName());
$mail->send();
unset($mail);
}
if ($sendPassword) {
// Send welcome email to user
$mail = new MailTemplate('USER_REGISTER');
$mail->setFrom($schedConf->getSetting('contactEmail'), $schedConf->getSetting('contactName'));
$mail->assignParams(array('username' => $user->getUsername(), 'password' => String::substr($password, 0, 30)));
$mail->addRecipient($user->getEmail(), $user->getFullName());
$mail->send();
unset($mail);
}
}
/**
* Reminds a reviewer about a review assignment.
* @param $trackDirectorSubmission object
* @param $reviewId int
* @return boolean true iff no error was encountered
*/
function remindReviewer($trackDirectorSubmission, $reviewId, $send = false)
{
$trackDirectorSubmissionDao =& DAORegistry::getDAO('TrackDirectorSubmissionDAO');
$reviewAssignmentDao =& DAORegistry::getDAO('ReviewAssignmentDAO');
$userDao =& DAORegistry::getDAO('UserDAO');
$conference =& Request::getConference();
$schedConf =& Request::getSchedConf();
$user =& Request::getUser();
$reviewAssignment =& $reviewAssignmentDao->getReviewAssignmentById($reviewId);
$reviewerAccessKeysEnabled = $schedConf->getSetting('reviewerAccessKeysEnabled');
// If we're using access keys, disable the address fields
// for this message. (Prevents security issue: track director
// could CC or BCC someone else, or change the reviewer address,
// in order to get the access key.)
$preventAddressChanges = $reviewerAccessKeysEnabled;
import('mail.PaperMailTemplate');
$email = new PaperMailTemplate($trackDirectorSubmission, $reviewerAccessKeysEnabled ? 'REVIEW_REMIND_ONECLICK' : 'REVIEW_REMIND');
if ($preventAddressChanges) {
$email->setAddressFieldsEnabled(false);
}
if ($send && !$email->hasErrors()) {
HookRegistry::call('TrackDirectorAction::remindReviewer', array(&$trackDirectorSubmission, &$reviewAssignment, &$email));
$email->setAssoc(PAPER_EMAIL_REVIEW_REMIND, PAPER_EMAIL_TYPE_REVIEW, $reviewId);
$reviewer =& $userDao->getUser($reviewAssignment->getReviewerId());
if ($reviewerAccessKeysEnabled) {
import('security.AccessKeyManager');
import('pages.reviewer.ReviewerHandler');
$accessKeyManager = new AccessKeyManager();
// Key lifetime is the typical review period plus four weeks
if ($schedConf->getSetting('reviewDeadlineType') == REVIEW_DEADLINE_TYPE_ABSOLUTE) {
// Get number of days from now until review deadline date
$reviewDeadlineDate = strtotime($schedConf->getSetting('numWeeksPerReviewAbsolute'));
$daysDiff = ($reviewDeadlineDate - strtotime(date("Y-m-d"))) / (60 * 60 * 24);
$keyLifetime = (round($daysDiff / 7) + 4) * 7;
} elseif ($schedConf->getSetting('reviewDeadlineType') == REVIEW_DEADLINE_TYPE_RELATIVE) {
$keyLifetime = ((int) $schedConf->getSetting('numWeeksPerReviewRelative') + 4) * 7;
}
$email->addPrivateParam('ACCESS_KEY', $accessKeyManager->createKey('ReviewerContext', $reviewer->getId(), $reviewId, $keyLifetime));
}
if ($preventAddressChanges) {
// Ensure that this messages goes to the reviewer, and the reviewer ONLY.
$email->clearAllRecipients();
$email->addRecipient($reviewer->getEmail(), $reviewer->getFullName());
}
$email->send();
$reviewAssignment->setDateReminded(Core::getCurrentDate());
$reviewAssignment->setReminderWasAutomatic(0);
$reviewAssignmentDao->updateReviewAssignment($reviewAssignment);
return true;
} elseif ($reviewAssignment->getPaperId() == $trackDirectorSubmission->getPaperId()) {
$reviewer =& $userDao->getUser($reviewAssignment->getReviewerId());
if (!Request::getUserVar('continued')) {
if (!isset($reviewer)) {
return true;
}
$email->addRecipient($reviewer->getEmail(), $reviewer->getFullName());
$submissionUrl = Request::url(null, null, 'reviewer', 'submission', $reviewId, $reviewerAccessKeysEnabled ? array('key' => 'ACCESS_KEY') : array());
//
// FIXME: Assign correct values!
//
$paramArray = array('reviewerName' => $reviewer->getFullName(), 'reviewerUsername' => $reviewer->getUsername(), 'reviewerPassword' => $reviewer->getPassword(), 'reviewDueDate' => strftime(Config::getVar('general', 'date_format_short'), strtotime($reviewAssignment->getDateDue())), 'editorialContactSignature' => $user->getContactSignature(), 'passwordResetUrl' => Request::url(null, null, 'login', 'resetPassword', $reviewer->getUsername(), array('confirm' => Validation::generatePasswordResetHash($reviewer->getId()))), 'submissionReviewUrl' => $submissionUrl);
$email->assignParams($paramArray);
}
$email->displayEditForm(Request::url(null, null, null, 'remindReviewer', 'send'), array('reviewerId' => $reviewer->getId(), 'paperId' => $trackDirectorSubmission->getPaperId(), 'reviewId' => $reviewId));
return false;
}
return true;
}
/**
* Save review assignment
* @param $args array
* @param $request PKPRequest
*/
function execute($args, $request)
{
$submission = $this->getSubmission();
$context = $request->getContext();
$currentReviewRound = $this->getReviewRound();
$stageId = $currentReviewRound->getStageId();
$reviewDueDate = $this->getData('reviewDueDate');
$responseDueDate = $this->getData('responseDueDate');
// Get reviewer id and validate it.
$reviewerId = (int) $this->getData('reviewerId');
if (!$this->_isValidReviewer($context, $submission, $currentReviewRound, $reviewerId)) {
fatalError('Invalid reviewer id.');
}
$reviewMethod = (int) $this->getData('reviewMethod');
import('lib.pkp.classes.submission.action.EditorAction');
$editorAction = new EditorAction();
$editorAction->addReviewer($request, $submission, $reviewerId, $currentReviewRound, $reviewDueDate, $responseDueDate, $reviewMethod);
// Get the reviewAssignment object now that it has been added.
$reviewAssignmentDao = DAORegistry::getDAO('ReviewAssignmentDAO');
/* @var $reviewAssignmentDao ReviewAssignmentDAO */
$reviewAssignment = $reviewAssignmentDao->getReviewAssignment($currentReviewRound->getId(), $reviewerId, $currentReviewRound->getRound(), $stageId);
$reviewAssignment->setDateNotified(Core::getCurrentDate());
$reviewAssignment->setCancelled(0);
$reviewAssignment->stampModified();
// Ensure that the review form ID is valid, if specified
$reviewFormId = (int) $this->getData('reviewFormId');
$reviewFormDao = DAORegistry::getDAO('ReviewFormDAO');
$reviewForm = $reviewFormDao->getById($reviewFormId, Application::getContextAssocType(), $context->getId());
$reviewAssignment->setReviewFormId($reviewForm ? $reviewFormId : null);
$reviewAssignmentDao->updateObject($reviewAssignment);
// Grant access for this review to all selected files.
$submissionFileDao = DAORegistry::getDAO('SubmissionFileDAO');
import('lib.pkp.classes.submission.SubmissionFile');
// File constants
$submissionFiles = $submissionFileDao->getLatestRevisionsByReviewRound($currentReviewRound, SUBMISSION_FILE_REVIEW_FILE);
$selectedFiles = (array) $this->getData('selectedFiles');
$reviewFilesDao = DAORegistry::getDAO('ReviewFilesDAO');
foreach ($submissionFiles as $submissionFile) {
if (in_array($submissionFile->getFileId(), $selectedFiles)) {
$reviewFilesDao->grant($reviewAssignment->getId(), $submissionFile->getFileId());
}
}
// Notify the reviewer via email.
import('lib.pkp.classes.mail.SubmissionMailTemplate');
$templateKey = $this->getData('template');
$mail = new SubmissionMailTemplate($submission, $templateKey, null, null, null, false);
if ($mail->isEnabled() && !$this->getData('skipEmail')) {
$userDao = DAORegistry::getDAO('UserDAO');
/* @var $userDao UserDAO */
$reviewer = $userDao->getById($reviewerId);
$user = $request->getUser();
$mail->addRecipient($reviewer->getEmail(), $reviewer->getFullName());
$mail->setBody($this->getData('personalMessage'));
$dispatcher = $request->getDispatcher();
// Set the additional arguments for the one click url
$reviewUrlArgs = array('submissionId' => $this->getSubmissionId());
if ($context->getSetting('reviewerAccessKeysEnabled')) {
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
$expiryDays = $context->getSetting('numWeeksPerReview') + 4 * 7;
$accessKey = $accessKeyManager->createKey($context->getId(), $reviewerId, $reviewAssignment->getId(), $expiryDays);
$reviewUrlArgs = array_merge($reviewUrlArgs, array('reviewId' => $reviewAssignment->getId(), 'key' => $accessKey));
}
// Assign the remaining parameters
$mail->assignParams(array('reviewerName' => $reviewer->getFullName(), 'responseDueDate' => $responseDueDate, 'reviewDueDate' => $reviewDueDate, 'reviewerUserName' => $reviewer->getUsername(), 'submissionReviewUrl' => $dispatcher->url($request, ROUTE_PAGE, null, 'reviewer', 'submission', null, $reviewUrlArgs)));
$mail->send($request);
}
return $reviewAssignment;
}
/**
* Check credentials and activate a new user
* @param $args array
* @param $request PKPRequest
*/
function activateUser($args, $request)
{
$username = array_shift($args);
$accessKeyCode = array_shift($args);
$userDao = DAORegistry::getDAO('UserDAO');
$user = $userDao->getByUsername($username);
if (!$user) {
$request->redirect(null, 'login');
}
// Checks user and token
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
$accessKeyHash = AccessKeyManager::generateKeyHash($accessKeyCode);
$accessKey = $accessKeyManager->validateKey('RegisterContext', $user->getId(), $accessKeyHash);
if ($accessKey != null && $user->getDateValidated() === null) {
// Activate user
$user->setDisabled(false);
$user->setDisabledReason('');
$user->setDateValidated(Core::getCurrentDate());
$userDao->updateObject($user);
$templateMgr = TemplateManager::getManager($request);
$templateMgr->assign('message', 'user.login.activated');
return $templateMgr->display('frontend/pages/message.tpl');
}
$request->redirect(null, 'login');
}
/**
* Check credentials and activate a new user
* @author Marc Bria <*****@*****.**>
*/
function activateUser($args)
{
$username = array_shift($args);
$accessKeyCode = array_shift($args);
$journal =& Request::getJournal();
$userDao =& DAORegistry::getDAO('UserDAO');
$user =& $userDao->getUserByUsername($username);
if (!$user) {
Request::redirect(null, 'login');
}
// Checks user & token
import('security.AccessKeyManager');
$accessKeyManager =& new AccessKeyManager();
$accessKeyHash = AccessKeyManager::generateKeyHash($accessKeyCode);
$accessKey =& $accessKeyManager->validateKey('RegisterContext', $user->getUserId(), $accessKeyHash);
if ($accessKey != null && $user->getDateValidated() === null) {
// Activate user
$user->setDisabled(false);
$user->setDisabledReason('');
$user->setDateValidated(Core::getCurrentDate());
$userDao->updateUser($user);
$templateMgr =& TemplateManager::getManager();
$templateMgr->assign('message', 'user.login.activated');
return $templateMgr->display('common/message.tpl');
}
Request::redirect(null, 'login');
}
/**
* Register a new user.
* @return int|null User ID, or false on failure
*/
function execute($request)
{
$requireValidation = Config::getVar('email', 'require_validation');
$userDao = DAORegistry::getDAO('UserDAO');
if ($this->existingUser) {
// If using implicit auth - we hardwire that we are working on an existing user
// Existing user in the system
if ($this->implicitAuth) {
// If we are using implicit auth - then use the session username variable - rather than data from the form
$sessionManager = SessionManager::getManager();
$session = $sessionManager->getUserSession();
$user = $userDao->getByUsername($session->getSessionVar('username'));
} else {
$user = $userDao->getByUsername($this->getData('username'));
}
if (!$user) {
return false;
}
$userId = $user->getId();
} else {
// New user
$user = $userDao->newDataObject();
$user->setUsername($this->getData('username'));
// Set the base user fields (name, etc.)
$this->_setBaseUserFields($user, $request);
$user->setDateRegistered(Core::getCurrentDate());
$user->setInlineHelp(1);
// default new users to having inline help visible.
if (isset($this->defaultAuth)) {
$user->setPassword($this->getData('password'));
// FIXME Check result and handle failures
$this->defaultAuth->doCreateUser($user);
$user->setAuthId($this->defaultAuth->authId);
}
$user->setPassword(Validation::encryptCredentials($this->getData('username'), $this->getData('password')));
if ($requireValidation) {
// The account should be created in a disabled
// state.
$user->setDisabled(true);
$user->setDisabledReason(__('user.login.accountNotValidated'));
}
$userDao->insertObject($user);
$userId = $user->getId();
if (!$userId) {
return false;
}
$this->_updateUserInterests($user);
// Associate the new user with the existing session
$sessionManager = SessionManager::getManager();
$session = $sessionManager->getUserSession();
$session->setSessionVar('username', $user->getUsername());
}
$this->_updateUserGroups($user);
if (!$this->existingUser) {
import('lib.pkp.classes.mail.MailTemplate');
if ($requireValidation) {
// Create an access key
import('lib.pkp.classes.security.AccessKeyManager');
$accessKeyManager = new AccessKeyManager();
$accessKey = $accessKeyManager->createKey('RegisterContext', $user->getId(), null, Config::getVar('email', 'validation_timeout'));
// Send email validation request to user
$mail = new MailTemplate('USER_VALIDATE');
$this->_setMailFrom($request, $mail);
$mail->assignParams(array('userFullName' => $user->getFullName(), 'activateUrl' => $request->url($context->getPath(), 'user', 'activateUser', array($this->getData('username'), $accessKey))));
$mail->addRecipient($user->getEmail(), $user->getFullName());
$mail->send();
unset($mail);
}
if ($this->getData('sendPassword')) {
// Send welcome email to user
$mail = new MailTemplate('USER_REGISTER');
$this->_setMailFrom($request, $mail);
$mail->assignParams(array('username' => $this->getData('username'), 'password' => String::substr($this->getData('password'), 0, 30), 'userFullName' => $user->getFullName()));
$mail->addRecipient($user->getEmail(), $user->getFullName());
$mail->send();
unset($mail);
}
}
return $userId;
}
