function Users_user_validate()
{
if (isset($_REQUEST['userIds']) or isset($_REQUEST['batch'])) {
return;
}
$type = isset($_REQUEST['identifierType']) ? $_REQUEST['identifierType'] : Q_Config::get("Users", "login", "identifierType", "email,mobile");
$parts = explode(',', $type);
$accept_mobile = true;
$expected = 'email address or mobile number';
$fields = array('emailAddress', 'mobileNumber', 'identifier');
if (count($parts) === 1) {
if ($parts[0] === 'email') {
$expected = 'email address';
$fields = array('emailAddress', 'identifier');
$accept_mobile = false;
} else {
if ($parts[0] === 'mobile') {
$expected = 'mobile number';
$fields = array('mobileNumber', 'identifier');
}
}
}
if (!isset($_REQUEST['identifier'])) {
throw new Q_Exception("a valid {$expected} is required", $fields);
}
if (!Q_Valid::email($_REQUEST['identifier'])) {
if (!$accept_mobile) {
throw new Q_Exception("a valid {$expected} is required", $fields);
}
if (!Q_Valid::phone($_REQUEST['identifier'])) {
throw new Q_Exception("a valid {$expected} is required", $fields);
}
}
$identifier = Users::requestedIdentifier($type);
// check our db
if ($user = Users::userFromContactInfo($type, $identifier)) {
$verified = !!Users::identify($type, $identifier);
return array('exists' => $user->id, 'verified' => $verified, 'username' => $user->username, 'icon' => $user->icon, 'passphrase_set' => !empty($user->passphraseHash), 'fb_uid' => $user->fb_uid ? $user->fb_uid : null);
}
if ($type === 'email') {
$email = new Users_Email();
Q_Valid::email($identifier, $normalized);
$email->address = $normalized;
$exists = $email->retrieve();
} else {
if ($type === 'mobile') {
$mobile = new Users_Mobile();
Q_Valid::phone($identifier, $normalized);
$mobile->number = $normalized;
$exists = $mobile->retrieve();
}
}
if (empty($exists) and Q_Config::get('Users', 'login', 'noRegister', false)) {
$nicetype = $type === 'email' ? 'email address' : 'mobile number';
throw new Q_Exception("This {$nicetype} was not registered", array('identifier'));
}
}
function Users_user_response_data($params)
{
$identifier = Users::requestedIdentifier($type);
// check our db
if ($user = Users::userFromContactInfo($type, $identifier)) {
$verified = !!Users::identify($type, $identifier);
return array('exists' => $user->id, 'verified' => $verified, 'username' => $user->username, 'icon' => $user->icon, 'passphrase_set' => !empty($user->passphraseHash), 'fb_uid' => $user->fb_uid ? $user->fb_uid : null);
}
if ($type === 'email') {
$email = new Users_Email();
Q_Valid::email($identifier, $normalized);
$email->address = $normalized;
$exists = $email->retrieve();
} else {
if ($type === 'mobile') {
$mobile = new Users_Mobile();
Q_Valid::phone($identifier, $normalized);
$mobile->number = $normalized;
$exists = $mobile->retrieve();
}
}
if (empty($exists) and Q_Config::get('Users', 'login', 'noRegister', false)) {
$nicetype = $type === 'email' ? 'email address' : 'mobile number';
throw new Q_Exception("This {$nicetype} was not registered", array('identifier'));
}
// Get Gravatar info
// WARNING: INTERNET_REQUEST
$hash = md5(strtolower(trim($identifier)));
$thumbnailUrl = Q_Request::baseUrl() . "/action.php/Users/thumbnail?hash={$hash}&size=80&type=" . Q_Config::get('Users', 'login', 'iconType', 'wavatar');
$json = @file_get_contents("http://www.gravatar.com/{$hash}.json");
$result = json_decode($json, true);
if ($result) {
if ($type === 'email') {
$result['emailExists'] = !empty($exists);
} else {
if ($type === 'mobile') {
$result['mobileExists'] = !empty($exists);
}
}
return $result;
}
// otherwise, return default
$email_parts = explode('@', $identifier, 2);
$result = array("entry" => array(array("id" => "571", "hash" => "357a20e8c56e69d6f9734d23ef9517e8", "requestHash" => "357a20e8c56e69d6f9734d23ef9517e8", "profileUrl" => "http://gravatar.com/test", "preferredUsername" => ucfirst($email_parts[0]), "thumbnailUrl" => $thumbnailUrl, "photos" => array(), "displayName" => "", "urls" => array())));
if ($type === 'email') {
$result['emailExists'] = !empty($exists);
} else {
$result['mobileExists'] = !empty($exists);
}
if ($terms_label = Users::termsLabel('register')) {
$result['termsLabel'] = $terms_label;
}
return $result;
}
function users_activate_post()
{
$email_address = Pie_Dispatcher::uri()->email_address;
$mobile_number = Pie_Dispatcher::uri()->mobile_number;
$email = null;
$mobile = null;
if ($email_address) {
$email = new Users_Email();
$email->address = $email_address;
// NOTE: not sharded by user_id
if (!$email->retrieve()) {
throw new Pie_Exception_MissingRow(array('table' => 'email', 'criteria' => "address = {$email_address}"));
}
$user = new Users_User();
$user->id = $email->user_id;
if (!$user->retrieve()) {
throw new Pie_Exception_MissingRow(array('table' => 'user', 'criteria' => 'id = ' . $user->id));
}
if ($email->activation_code != $_REQUEST['code']) {
throw new Pie_Exception("The activation code does not match.", 'code');
}
$user->setEmailAddress($email->address);
// may throw exception
$type = "email address";
}
if ($mobile_number) {
$mobile = new Users_Mobile();
$mobile->number = $mobile_number;
// NOTE: not sharded by user_id
if (!$mobile->retrieve()) {
throw new Pie_Exception_MissingRow(array('table' => 'mobile phone', 'criteria' => "number = {$mobile_number}"));
}
$user = new Users_User();
$user->id = $mobile->user_id;
if (!$user->retrieve()) {
throw new Pie_Exception_MissingRow(array('table' => 'user', 'criteria' => 'id = ' . $user->id));
}
if ($mobile->activation_code != $_REQUEST['code']) {
throw new Pie_Exception("The activation code does not match.", 'code');
}
$user->setMobileNumber($mobile->number);
// may throw exception
$type = "mobile number";
}
if ($type) {
Pie_Response::addNotice("users/activate", "Your {$type} has been activated.");
}
Users::$cache['user'] = $user;
}
function Users_identifier_tool($options)
{
$defaults = array('uri' => 'Users/identifier', 'omit' => array(), 'fields' => array(), 'title' => "Contact Info", 'collapsed' => false, 'toggle' => false, 'editing' => true, 'complete' => true, 'inProcess' => false, 'prompt' => "In order for things to work, we must be able to reach you.", 'button_content' => 'OK');
extract(array_merge($defaults, $options));
$default_fields = array('emailAddress' => array('type' => 'text', 'label' => 'Email'));
$fields = array_merge($default_fields, $fields);
$user = Users::loggedInUser(true);
$email = null;
if (isset($user->emailAddress)) {
$fields['emailAddress']['value'] = $user->emailAddress;
} else {
if ($user->emailAddressPending) {
$link = Q_Html::a('#resend', array('class' => 'Users_idenfitier_tool_resend'), "You can re-send the activation email");
$email = new Users_Email();
$email->address = $user->emailAddressPending;
if ($email->retrieve()) {
switch ($email->state) {
case 'active':
if ($email->userId == $user->id) {
$message = "Please confirm this email address.<br>{$link}";
} else {
$message = "This email seems to belong to another user";
}
break;
case 'suspended':
$message = "This address has been suspended.";
break;
case 'unsubscribed':
$message = "The owner of this address has unsubscribed";
break;
case 'unverified':
default:
$message = "Not verified yet.<br>{$link}";
break;
}
$fields['emailAddress']['value'] = $email->address;
$fields['emailAddress']['message'] = $message;
} else {
// something went wrong, so we'll try to correct it
$user->emailAddressPending = "";
$user->save();
}
}
}
$onSuccess = Q_Request::special('onSuccess', Q_Request::url());
$form = $static = compact('fields');
return Q::tool('Q/panel', compact('uri', 'onSuccess', 'form', 'static', 'title', 'collapsed', 'toggle', 'complete', 'editing', 'inProcess', 'setSlots'));
}
function users_before_pie_response_notices()
{
if ($user = Users::loggedInUser()) {
if (empty($user->email_address)) {
$email = new Users_Email();
$email->user_id = $user->id;
if ($email->retrieve()) {
$resend_button = "<button id='notices_set_email'>try again</button>";
Pie_Response::addNotice('email', "Please check your email to activate your account. Any problems, {$resend_button}");
} else {
$set_email_button = "<button id='notices_set_email'>set an email address</button> for your account.";
Pie_Response::addNotice('email', "You need to {$set_email_button}");
}
Pie_Response::addScriptLine("jQuery(function() {\n\t\t\t\t\$('#notices_set_email').click(function() { Pie.Users.setEmail(); });\n\t\t\t}); ");
}
}
}
function Streams_user_response_data($params)
{
$identifier = Users::requestedIdentifier($type);
$hash = md5(strtolower(trim($identifier)));
$icon = Q_Config::get('Users', 'register', 'icon', 'leaveDefault', false) ? $url = "plugins/Users/img/icons/default/80.png" : Q_Request::baseUrl() . "/action.php/Users/thumbnail?hash={$hash}&size=80&type=" . Q_Config::get('Users', 'login', 'iconType', 'wavatar');
// check our db
if ($user = Users::userFromContactInfo($type, $identifier)) {
$displayname = Streams::displayName($user);
$verified = !!Users::identify($type, $identifier);
return array('exists' => $user->id, 'verified' => $verified, 'username' => $user->username, 'displayName' => $displayname, 'icon' => $verified ? $icon : $user->icon, 'passphrase_set' => !empty($user->passphraseHash), 'fb_uid' => $user->fb_uid ? $user->fb_uid : null);
}
if ($type === 'email') {
$email = new Users_Email();
Q_Valid::email($identifier, $normalized);
$email->address = $normalized;
$exists = $email->retrieve();
} else {
if ($type === 'mobile') {
$mobile = new Users_Mobile();
Q_Valid::phone($identifier, $normalized);
$mobile->number = $normalized;
$exists = $mobile->retrieve();
}
}
if (empty($exists) and Q_Config::get('Users', 'login', 'noRegister', false)) {
$nicetype = $type === 'email' ? 'email address' : 'mobile number';
throw new Q_Exception("This {$nicetype} was not registered", array('identifier'));
}
$result = array("entry" => array(array("thumbnailUrl" => $icon)));
if ($type === 'email') {
$result['emailExists'] = !empty($exists);
} else {
$result['mobileExists'] = !empty($exists);
}
if ($terms_label = Users::termsLabel('register')) {
$result['termsLabel'] = $terms_label;
}
return $result;
}
function Users_activate_objects_email($emailAddress, &$email)
{
Q_Response::removeNotice('Users/activate/objects');
$email = new Users_Email();
if (!Q_Valid::email($emailAddress, $normalized)) {
return;
}
$email->address = $normalized;
if (!$email->retrieve()) {
throw new Q_Exception_MissingRow(array('table' => 'email', 'criteria' => "address {$normalized}"));
}
$user = Users::loggedInUser();
if ($user) {
if ($user->id != $email->userId) {
throw new Q_Exception("You are logged in as a different user. Please log out first.");
}
} else {
$user = new Users_User();
$user->id = $email->userId;
if (!$user->retrieve()) {
throw new Q_Exception("Missing user corresponding to this email address.", "emailAddress");
}
}
if ($email->activationCode != $_REQUEST['code']) {
throw new Q_Exception("The activation code does not match. Did you get a newer email?", 'code');
}
$timestamp = Users_Email::db()->getCurrentTimestamp();
if ($timestamp > Users_Email::db()->fromDateTime($email->activationCodeExpires)) {
throw new Q_Exception("Activation code expired");
}
if (Q_Request::method() !== 'POST' and empty($_REQUEST['p']) and isset($user->emailAddress) and $user->emailAddress == $email->address) {
$displayName = Streams::displayName($user);
Q_Response::setNotice('Users/activate/objects', "{$normalized} has already been activated for {$displayName}", true);
return $user;
}
return $user;
}
/**
* @method setEmailAddress
* @param {string} $emailAddress
* @param {boolean} [$verified=false]
* @throws {Q_Exception_MissingRow}
* If e-mail address is missing
* @throws {Users_Exception_AlreadyVerified}
* If user is already verified
* @throws {Users_Exception_WrongState}
* If verification state is wrong
*/
function setEmailAddress($emailAddress, $verified = false)
{
$email = new Users_Email();
Q_Valid::email($emailAddress, $normalized);
$email->address = $normalized;
$retrieved = $email->retrieve('*', array('ignoreCache' => true));
if (empty($email->activationCode)) {
$email->activationCode = '';
$email->activationCodeExpires = '0000-00-00 00:00:00';
}
$email->authCode = md5(microtime() + mt_rand());
if ($verified) {
$email->userId = $this->id;
} else {
if (!$retrieved) {
throw new Q_Exception_MissingRow(array('table' => "an email", 'criteria' => "address {$emailAddress}"), 'emailAddress');
}
if ($email->userId != $this->id) {
// We're going to tell them it's verified for someone else,
// even though it may not have been verified yet.
// In the future, might throw a more accurate exception.
throw new Users_Exception_AlreadyVerified(array('key' => 'email address', 'userId' => $email->userId));
}
if (!in_array($email->state, array('unverified', 'active'))) {
throw new Users_Exception_WrongState(array('key' => $email->address, 'state' => $email->state), 'emailAddress');
}
}
// Everything is okay. Assign it!
$email->state = 'active';
$email->save();
$ui = new Users_Identify();
$ui->identifier = "email_hashed:" . Q_Utils::hash($normalized);
$ui->state = 'verified';
$ui->userId = $this->id;
$ui->save(true);
$this->emailAddressPending = '';
$this->emailAddress = $emailAddress;
$this->save();
$user = $this;
Q_Response::removeNotice('Users/email');
/**
* @event Users/setEmailAddress {after}
* @param {string} user
* @param {string} email
*/
Q::event('Users/setEmailAddress', compact('user', 'email'), 'after');
return true;
}
function setEmailAddress($email_address)
{
$e = new Users_Email();
$e->address = $email_address;
if (!$e->retrieve()) {
throw new Pie_Exception_MissingRow(array('table' => "an email", 'criteria' => "address {$email_address}"), 'email_address');
}
if ($e->user_id != $this->id) {
// We're going to tell them it's verified for someone else,
// even though it may not have been verified yet.
// In the future, might throw a more accurate exception.
throw new Users_Exception_AlreadyVerified(array('key' => $e->address, 'user_id' => $e->user_id));
}
if ($e->state != 'unverified') {
throw new Users_Exception_WrongState(array('key' => $e->address, 'state' => $e->state), 'email_address');
}
// Everything is okay. Assign it!
$this->email_address = $email_address;
$e->state = 'active';
$e->save();
Pie::event('users/setEmailAddress', compact('email_address'), 'after');
return true;
}
function Assets_after_Assets_charge($params)
{
$user = $payments = $amount = $currency = $charge = $adapter = $options = null;
extract($params, EXTR_OVERWRITE);
$description = 'a product or service';
$stream = Q::ifset($options, 'stream', null);
if ($stream) {
$publisherId = $stream->publisherId;
$publisher = Users_User::fetch($publisherId, true);
if ($stream->type === 'Assets/subscription') {
$plan = Streams::fetchOne($stream->getAttribute('planPublisherId'), $stream->getAttribute('planPublisherId'), $stream->getAttribute('planStreamName'), true);
$months = $stream->getAttribute('months');
$startDate = $stream->getAttribute('startDate');
$endDate = $stream->getAttribute('endDate');
}
$description = $stream->title;
} else {
$publisherId = Users::communityId();
$publisher = Users_User::fetch($publisherId, true);
}
if (isset($options['description'])) {
$description = $options['description'];
}
$currencies = Q::json_decode(file_get_contents(ASSETS_PLUGIN_CONFIG_DIR . DS . 'currencies.json'), true);
if (!isset($currencies['symbols'][$currency])) {
throw new Q_Exception_BadValue(array('internal' => 'currency', 'problem' => 'no symbol found'), 'currency');
}
if (!isset($currencies['names'][$currency])) {
throw new Q_Exception_BadValue(array('internal' => 'currency', 'problem' => 'no name found'), 'currency');
}
$symbol = $currencies['symbols'][$currency];
$currencyName = $currencies['names'][$currency];
$communityId = Users::communityId();
$communityName = Users::communityName();
$communitySuffix = Users::communitySuffix();
$link = Q_Request::baseUrl('action.php') . "/Assets/payment?publisherId={$publisherId}&userId=" . $user->id;
$fields = compact('user', 'publisher', 'publisherId', 'communityId', 'communityName', 'communitySuffix', 'description', 'subscription', 'stream', 'plan', 'currency', 'name', 'symbol', 'currencyName', 'amount', 'months', 'startDate', 'endDate', 'link');
if ($user->emailAddress) {
$email = new Users_Email();
$email->address = $user->emailAddress;
$email->retrieve(true);
$emailSubject = Q_Config::get('Assets', 'transactional', 'charged', 'subject', false);
$emailView = Q_Config::get('Assets', 'transactional', 'charged', 'body', false);
if ($emailSubject !== false and $emailView) {
$email->sendMessage($emailSubject, $emailView, $fields);
}
} else {
if ($user->mobileNumber) {
$mobile = new Users_Mobile();
$mobile->number = $user->mobileNumber;
$mobile->retrieve(true);
if ($mobileView = Q_Config::get('Assets', 'transactional', 'charged', 'sms', false)) {
$mobile->sendMessage($mobileView, $fields);
}
}
}
if ($publisher->emailAddress) {
$email = new Users_Email();
$email->address = $publisher->emailAddress;
$email->retrieve(true);
$emailSubject = Q_Config::get('Assets', 'transactional', 'charge', 'subject', false);
$emailView = Q_Config::get('Assets', 'transactional', 'charge', 'body', false);
if ($emailSubject !== false and $emailView) {
$email->sendMessage($emailSubject, $emailView, $fields);
}
} else {
if ($publisher->mobileNumber) {
$mobile = new Users_Mobile();
$mobile->number = $publisher->mobileNumber;
$mobile->retrieve(true);
if ($mobileView = Q_Config::get('Assets', 'transactional', 'charge', 'sms', false)) {
$mobile->sendMessage($mobileView, $fields);
}
}
}
}
