public function pwverify()
{
$this->breadcrumb->add('Neues Passwort generieren');
$this->header();
if (Me::get()->loggedIn()) {
CmsPage::error('Sie sind bereits angemeldet!');
} else {
$uid = Request::get(1, VAR_INT);
$hash = Request::get(2, VAR_ALNUM);
$user = UserUtils::getById($uid);
if ($user !== null && $user->isActive() && strcmp($hash, $user->getVerificationCode()) == 0) {
$pw = Password::generate();
$pwh = Hash::generate($pw);
$db = Database::getObject();
$db->query("UPDATE <p>user SET pw = <pwh>, verification = '' WHERE id = <uid:int>", compact("uid", "pwh"));
if ($db->affectedRows() == 1) {
$db = Database::getObject();
$db->query("UPDATE <p>user SET verification = <pwh> WHERE id = <uid:int> AND active = 1", compact("pwh", "uid"));
$tpl = Response::getObject()->getTemplate('Cms/mails/pwremind_newpw');
$tpl->assign('pw', $pw, false);
$tpl->assign('name', UserUtils::getSalutation($user->getGender(), $user->getForeName(), $user->getSurName()), false);
CmsTools::sendMail($user->getEmail(), Config::get('general.title') . ': Ihr neues Passwort', $tpl->parse());
CmsPage::ok("Ihr neues Passwort wurden Ihnen per E-Mail zugeschicht.", URI::build("cms/user/login"));
} else {
CmsPage::error("Es ist ein Fehler bei der Generierung eines neuen Passworts aufgetreten. Bitte wernden Sie sich an den Systemadministrator.", URI::build("cms/contact"));
}
} else {
CmsPage::error("Die angegebenen Daten sind nicht mehr gültig.", URI::build("cms/user/pwremind"));
}
}
$this->footer();
}
public function edit()
{
$id = Request::get(1, VAR_INT);
$action = Request::get(2, VAR_URI);
$this->breadcrumb->add('Bearbeiten');
$this->header();
$member = UserUtils::getById($id);
if ($member === null) {
CmsPage::error('Das angeforderte Mitglied wurde leider nicht gefunden.');
$this->members();
} else {
$min_year = date('Y') - 110;
$max_year = date('Y') - 8;
$countries = CmsTools::getCountries();
$db = Database::getObject();
$db->query("SELECT id, title FROM <p>group WHERE registered = 1 ORDER BY admin ASC, editor ASC, title");
$groups = array();
while ($row = $db->fetchAssoc()) {
$groups[$row['id']] = $row['title'];
}
$options = UserPages::getFieldValidation($countries, $min_year, $max_year);
$options['pw1'][Validator::OPTIONAL] = true;
$options['email'] = array(Validator::MULTIPLE => array(array(Validator::MESSAGE => 'Die E-Mail-Adresse ist nicht korrekt.', Validator::CALLBACK => Validator::CB_MAIL), array(Validator::MESSAGE => 'Diese E-Mail-Adresse ist bereits registriert.', Validator::CLOSURE => function ($mail) use($id) {
$other = UserUtils::getByEmail($mail);
return !($other !== null && $id != $other->getId());
})));
if (Me::get()->getId() != $id) {
$options['group_id'] = array(Validator::MESSAGE => 'Die Gruppe ist nicht gültig.', Validator::LIST_CS => array_keys($groups));
$options['active'] = array(Validator::OPTIONAL => true, Validator::EQUALS => 1, Validator::VAR_TYPE => VAR_INT);
}
$error = array();
$data = array();
if ($action == 'send') {
extract(Validator::checkRequest($options));
if (count($error) > 0) {
CmsPage::error($error);
} else {
// Update data
if (!empty($data['pw1']) && !empty($data['pw2'])) {
$data['pw'] = Hash::generate($data['pw1']);
}
// prepare SQL update
$sql = $data;
unset($sql['pw1'], $sql['pw2'], $sql['birthday'], $sql['birthmonth'], $sql['birthyear']);
if (Me::get()->getId() == $id) {
unset($sql['group_id'], $sql['active']);
// Don't allow to change own group or active state
}
$dt = new DT();
$dt->setDate($data['birthyear'], $data['birthmonth'], $data['birthday']);
$sql['birth'] = $dt->dbDate();
$update = array();
foreach ($sql as $field => $value) {
$update[] = "{$field} = <{$field}>";
}
$update = implode(', ', $update);
$sql['id'] = $id;
$db->query("UPDATE <p>user SET {$update} WHERE id = <id:int>", $sql);
// Update global data about me
Session::getObject()->refreshMe();
CmsPage::ok("Ihre Angaben wurden erfolgreich gespeichert.");
}
}
$user = $member->getArray();
$user = array_merge($user, $data);
$tpl = Response::getObject()->appendTemplate("Cms/admin/members_edit");
$tpl->assign('user', $user);
$tpl->assign('r_birthday', range(1, 31));
$tpl->assign('r_birthmonth', range(1, 12));
$tpl->assign('r_birthyear', range($min_year, $max_year));
$tpl->assign('countries', $countries);
$tpl->assign('groups', $groups);
$tpl->output();
}
$this->footer();
}
