public function register()
{
if (Session::get('logged')) {
Url::redirect();
}
$data['title'] = 'הרשמה';
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if ($username == '') {
$error[] = 'שם משתמש הוא שדה נדרש';
}
if ($this->_model->get_user($username)) {
$error[] = 'שם המשתמש תפוס, בעסה';
}
if ($password == '') {
$error[] = 'צריך סיסמא כדי להירשם, אחרת כל אחד יוכל להיכנס במקומך...';
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error[] = 'כדי להירשם צריך מייל, למקרה ששכחת את הסיסמא';
}
if (!$error) {
$postdata = array('user_name' => $username, 'user_password' => Password::make($password), 'user_email' => $email);
$this->_model->add_user($postdata);
$this->login_user($username);
// Session::set('message','User Added');
Url::redirect();
}
}
View::renderTemplate('header', $data);
View::render('register', $data, $error);
View::renderTemplate('footer', $data);
}
public function edit($id)
{
$data['title'] = 'Edit Member';
$data['row'] = $this->model->get_member($id);
if (isset($_POST['submit'])) {
if ($_POST['token'] != Session::get('token')) {
Url::redirect('admin/login');
}
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if ($username == '') {
$error[] = 'Username is required';
}
if ($password == '') {
$error[] = 'Password is required';
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error[] = 'Email is not valid';
}
if (!$error) {
$postdata = array('member_username' => $username, 'member_password' => Password::make($password), 'member_email' => $email);
$where = array('member_id' => $id);
$this->model->update_member($postdata, $where);
Session::set('message', 'Member Updated');
Url::redirect('admin/members');
}
}
View::renderadmintemplate('header', $data);
View::render('admin/members/edit', $data, $error);
View::renderadmintemplate('footer', $data);
}
public function login()
{
if (Session::get('loggedin')) {
Url::redirect('admin');
}
$model = new \Models\Admin\Auth();
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$username = $_POST['member_username'];
$password = $_POST['member_password'];
if (Password::verify($_POST['member_password'], $model->getHash($_POST['member_username'])) == 0) {
$error[] = 'Wrong username of password';
} else {
$data['user_infos'] = $model->get_user_infos($_POST['member_username']);
Session::set('member_id', $data['user_infos'][0]->member_id);
Session::set('member_username', $username);
Session::set('member_password', '' . $password . '');
Session::set('loggedin', true);
Url::redirect('admin');
}
}
View::renderadmintemplate('loginheader', $data);
View::render('admin/login', $data, $error);
View::renderadmintemplate('footer', $data);
}
public function login()
{
Hooks::addHook('js', 'Controllers\\auth@js');
Hooks::addHook('css', 'Controllers\\auth@css');
$error = 'hi';
$success = 'hi';
if (Session::get('loggedin')) {
Url::redirect();
}
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
//validation
if (Password::verify($password, $this->_model->getHash($username)) == false) {
$error[] = 'Wrong username or password';
}
//if validation has passed carry on
if (!$error) {
Session::set('loggedin', true);
Session::set('username', $username);
Session::set('memberID', $this->_model->getID($username));
$data = array('lastLogin' => date('Y-m-d G:i:s'));
$where = array('memberID' => $this->_model->getID($username));
$this->_model->update($data, $where);
$error = 'hi';
Url::redirect();
}
}
$data['title'] = 'Login';
View::rendertemplate('header', $data);
View::render('auth/login', $data, $error, $success);
View::rendertemplate('footer', $data);
}
public function register()
{
if (Session::get('loggedin')) {
Url::redirect('');
}
$data['title'] = "Registrace";
$model = new \Models\Users();
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$repeatPassword = $_POST['repeatPassword'];
$email = $_POST['email'];
if ($password == $repeatPassword) {
if (!$model->exists($username)) {
// array of values for new user
$postdata = array('name' => $username, 'pass' => Password::make($password), 'email' => $email);
$model->add($postdata);
Url::redirect('login');
} else {
$error[] = 'Jméno je již zabráno. Zkuste prosím jiné';
}
} else {
$error[] = 'Heslo a ověření hesla se neshodují. Zkuste je prosím vyplnit znovu.';
}
}
View::renderTemplate('header', $data);
View::render('auth\\register', $data, $error);
View::renderTemplate('footer', $data);
}
public function login()
{
if (Session::get('loggedin')) {
Url::redirect('admin-panel');
}
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$correo = $_POST['correo'];
$password = $_POST['password'];
if ($correo == '' || !isset($correo)) {
$data['error'][0] = 'Correo es un campo obligatorio';
}
if ($password == '' || !isset($password)) {
$data['error'][1] = 'Password es un campo obligatorio';
}
if (Password::verify($password, $this->_model->getHash($correo)) == false) {
$data['error'][2] = 'Correo o password incorrectos';
}
if (!$data['error']) {
$data['usuario'] = $this->_model->getUsuario($correo);
Session::set('loggedin', true);
Session::set('idUsuario', $data[usuario][0]->idUsuario);
Session::set('nombre', $data[usuario][0]->nombre);
Session::set('apellidoPaterno', $data[usuario][0]->apellidoPaterno);
$dataUsuario = array('fechaConexion' => date("Y-m-d H:i:s"));
$where = array('correo' => $correo);
$this->_model->updateUsuario($dataUsuario, $where);
Url::redirect('admin-panel');
}
}
View::renderTemplate('header', $data);
View::render('Auth/Login', $data);
View::renderTemplate('footer', $data);
}
protected function checkCookie()
{
if (isset($_COOKIE['rf_user_cookie']) && isset($_COOKIE['rf_user_id_cookie']) && isset($_COOKIE['rf_user_pass_cookie'])) {
$result = $this->_user->checkUserCookie($_COOKIE['rf_user_cookie']);
if (\Helpers\Password::verify($_COOKIE['rf_user_pass_cookie'], $result[0]['password'])) {
\Helpers\Session::set('user', $_COOKIE['rf_user_cookie']);
\Helpers\Session::set('user_id', $_COOKIE['rf_user_id_cookie']);
}
}
}
public function sendPassword($email)
{
$result = $this->db->select("SELECT * FROM rf_users WHERE email = :email", array(':email' => $email), PDO::FETCH_ASSOC);
if (empty($result)) {
return 'Пользователь с таким email не найден.';
}
$login = $result[0]['login'];
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$newPassword = substr(str_shuffle($chars), 0, 6);
$data = array('password' => \Helpers\Password::make($newPassword));
$where = array('login' => $login);
$this->db->update('rf_users', $data, $where);
$mail = new \Helpers\PhpMailer\mail();
$mail->CharSet = 'UTF-8';
$mail->setFrom('*****@*****.**');
$mail->addAddress($email);
$mail->subject('Восстановление пароля');
$mail->body('<p>Новый пароль для пользователя <b>' . $login . '</b>: <b>' . $newPassword . '</b></p><br>Сообщение сгенерировано роботом, отвечать на него не нужно.');
$mail->send();
return 'Сообщение успешно отправлено!';
}
public function login()
{
if (Session::get('loggedin')) {
Url::redirect();
}
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$user = $_POST['user'];
$password = $_POST['password'];
if (Password::verify($password, $this->_model->getHash($user)) == false) {
$error[] = 'Wrong username or password';
}
if (!$error) {
Session::set('loggedin', true);
Session::set('userId', $this->_model->getId($user));
Url::redirect();
}
}
View::renderTemplate('header', $data);
View::render('auth/login', $data, $error);
View::renderTemplate('footer', $data);
}
public function runLogin($post)
{
$data = $this->getMemberHash($post['login_username']);
if (Password::verify($post['login_password'], $data[0]->parola)) {
Session::set('id', $data[0]->idAutori);
Session::set('username', $data[0]->nume_login);
Session::set('loggedin', true);
Session::set('level', 'teacher');
if ($post['login_remember_me']) {
$tokenString = hash('sha256', mt_rand());
$updateData = array('rememberme_token' => $tokenString);
$where = array('idAutori' => $data[0]->idAutori);
$this->db->update('autori', $updateData, $where);
$cookieStringFirstPart = $data[0]->idAutori . ':' . $tokenString;
$cookieStringHash = hash('sha256', $cookieStringFirstPart);
$cookieString = $cookieStringFirstPart . ':' . $cookieStringHash;
setcookie("rememberme", $cookieString, time() + COOKIE_RUNTIME);
//, "/", COOKIE_DOMAIN);
}
} else {
$error[] = 'Wrong username or password.';
}
return $error;
}
/**
* Deletes a user's account. Requires user's password
* @param string $username
* @param string $password
* @return boolean
*/
function deleteAccount($username, $password)
{
if (strlen($username) == 0) {
$this->errormsg[] = $this->lang['deleteaccount_username_empty'];
} elseif (strlen($username) > MAX_USERNAME_LENGTH) {
$this->errormsg[] = $this->lang['deleteaccount_username_long'];
} elseif (strlen($username) < MIN_USERNAME_LENGTH) {
$this->errormsg[] = $this->lang['deleteaccount_username_short'];
}
if (strlen($password) == 0) {
$this->errormsg[] = $this->lang['deleteaccount_password_empty'];
} elseif (strlen($password) > MAX_PASSWORD_LENGTH) {
$this->errormsg[] = $this->lang['deleteaccount_password_long'];
} elseif (strlen($password) < MIN_PASSWORD_LENGTH) {
$this->errormsg[] = $this->lang['deleteaccount_password_short'];
}
if (count($this->errormsg) == 0) {
$query = $this->db->select("SELECT password FROM " . PREFIX . "users WHERE username=:username", array(":username" => $username));
$count = count($query);
if ($count == 0) {
$this->logActivity("UNKNOWN", "AUTH_DELETEACCOUNT_FAIL", "Username Incorrect ({$username})");
$this->errormsg[] = $this->lang['deleteaccount_username_incorrect'];
return false;
} else {
$db_password = $query[0]->password;
$verify_password = \Helpers\Password::verify($password, $db_password);
if ($verify_password) {
$this->db->delete(PREFIX . "users", array("username" => $username));
$this->db->delete(PREFIX . "sessions", array("username" => $username));
$this->logActivity($username, "AUTH_DELETEACCOUNT_SUCCESS", "Account deleted - Sessions deleted");
$this->successmsg[] = $this->lang['deleteaccount_success'];
return true;
} else {
$this->logActivity($username, "AUTH_DELETEACCOUNT_FAIL", "Password incorrect ( DB : {$db_password} / Given : {$password} )");
$this->errormsg[] = $this->lang['deleteaccount_password_incorrect'];
return false;
}
}
} else {
return false;
}
}
public function inscription()
{
$data['title'] = "Inscription";
$data['inscription'] = "Ici l'espace pour créer un compte";
$_POST = Gump::sanitize($_POST);
if (isset($_POST['pseudo'])) {
//Validate data using Gump
$is_valid = Gump::is_valid($_POST, array('pseudo' => 'required|alpha_numeric', 'email' => 'required|valid_email', 'password' => 'required', 'password-again' => 'required'));
if ($is_valid === true) {
//Test for duplicate username`
$user = $this->userSQL->prepareFindByLogin($_POST['pseudo']);
if ($_POST['password'] != $_POST['password-again']) {
$error[] = "Les deux mots de passes doivent être identiques";
}
if ($user != false) {
$error[] = 'Ce compte existe déjà';
}
$user = $this->userSQL->prepareFindByEmail($_POST['email'])->execute();
//Test for dupicate email address
if (count($user) > 0) {
$error[] = 'Ce compte email existe déjà.';
}
$data['erreurs'] = $error;
View::renderTemplate('header', $data);
View::render('connexion/inscription', $data);
View::renderTemplate('footer', $data);
} else {
$error = $is_valid;
}
if (!$error) {
//Register and return the data as an array $data[]
$pseudo = $_POST['pseudo'];
$mail = $_POST['email'];
$password = Password::make($_POST['password']);
$user = new Personne($pseudo, $mail, $password);
print_r($user);
$this->entityManager->save($user);
Session::set('id', $user->getId());
Session::set('pseudo', $user->login);
Session::set('level', $user->currentLvl);
Session::set('loggedin', true);
Url::redirect();
}
}
}
/**
* Handle account registrations and view rendering
*/
public function register()
{
// If the user is already logged in, redirect
if (\Helpers\Session::get('loggedin')) {
\Helpers\Url::redirect('Courses');
}
// If the registration form is submitted
if (isset($_POST['submit'])) {
// Check if the student exists
$studentExists = $this->account->studentExists($_POST['student_id']);
// If user does not exists
if (!$studentExists) {
$validator = new GUMP();
// Sanitize the submission
$_POST = $validator->sanitize($_POST);
// Set the data
$input_data = array('student_id' => $_POST['student_id'], 'student_name' => $_POST['student_name'], 'student_phone' => $_POST['student_phone'], 'student_password' => $_POST['student_password'], 'student_password_confirmation' => $_POST['student_password_confirmation']);
// Define custom validation rules
$rules = array('student_id' => 'required|numeric|min_len,5', 'student_name' => 'required|alpha_space', 'student_phone' => 'required|phone_number', 'student_password' => 'required|regex,/^\\S*(?=\\S{6,})(?=\\S*[a-z])(?=\\S*[A-Z])(?=\\S*[\\d])\\S*$/', 'student_password_confirmation' => 'required|contains,' . $_POST['student_password']);
// Define validation filters
$filters = array('student_id' => 'trim|sanitize_string', 'student_name' => 'trim|sanitize_string', 'student_phone' => 'trim|sanitize_string', 'student_password' => 'trim', 'student_password_confirmation' => 'trim');
// Validate the data
$_POST = $validator->filter($_POST, $filters);
$validated = $validator->validate($_POST, $rules);
// If data is valid
if ($validated === true) {
// Create password hash
$password = $_POST['student_password'];
$hash = \Helpers\Password::make($password);
// Insert student into DB
$student_data = array('StudentId' => $_POST['student_id'], 'Name' => $_POST['student_name'], 'Phone' => $_POST['student_phone'], 'Password' => $hash);
// Insert the student into the database
$this->account->insertStudent($student_data);
// Get the newly created user hash
$currentUser = $this->account->getStudentHash($_POST['student_id']);
// Create a session with user info
\Helpers\Session::set('StudentId', $currentUser[0]->StudentId);
\Helpers\Session::set('Name', $currentUser[0]->Name);
\Helpers\Session::set('loggedin', true);
// Redirect to course selection page
\Helpers\Url::redirect('Courses');
} else {
// Set errors
$error = $validator->get_errors_array();
}
} else {
// Set additional error
$error['exists'] = 'ID already exists';
}
}
$data['title'] = 'New User';
View::renderTemplate('header', $data, 'account');
View::render('account/register', $data, $error);
View::renderTemplate('footer', $data, 'account');
}
public function update($id)
{
$data['title'] = "Actualizar Administrador";
$data['pagina'] = "administradores";
$data['usuario'] = $this->_model->getById($id)[0];
if (isset($_POST['submit'])) {
$dataUsuario = array();
$nombre = $_POST['nombre'];
$apellidoPaterno = $_POST['apellidoPaterno'];
$apellidoMaterno = $_POST['apellidoMaterno'];
$correo = $_POST['correo'];
$password = $_POST['password'];
$cpassword = $_POST['cpassword'];
if (isset($nombre) && $nombre != '') {
$dataUsuario['nombre'] = Data::ucw($nombre);
} else {
$data['error'][0] = 'Nombre es un campo obligatorio';
}
if (isset($apellidoPaterno) && $apellidoPaterno != '') {
$dataUsuario['apellidoPaterno'] = Data::ucw($apellidoPaterno);
} else {
$data['error'][1] = 'Apellido Paterno es un campo obligatorio';
}
if (isset($apellidoMaterno) && $apellidoMaterno != '') {
$dataUsuario['apellidoMaterno'] = Data::ucw($apellidoMaterno);
} else {
$data['error'][2] = 'Apellido Materno es un campo obligatorio';
}
if (isset($correo) && $correo != '') {
$dataUsuario['correo'] = $correo;
} else {
$data['error'][3] = 'Correo es un campo obligatorio';
}
if (isset($password) && isset($cpassword) && $password != '' && $cpassword != '') {
$dataUsuario['password'] = Password::make($password);
}
if ($cpassword != $password) {
$data['error'][4] = 'Contraseñas no coinciden';
}
if (!$data['error']) {
$dataUsuario['fechaEdicion'] = date("Y-m-d H:i:s");
$where = array('idUsuario' => $id);
if (count($this->_model->getByCorreo($correo)) > 1) {
$data['error'][5] = 'El correo ' . $correo . ' ya se encuentra registrado';
} else {
$this->_model->update($dataUsuario, $where);
Url::redirect('admin-administradores');
}
}
}
View::renderTemplate('headerAdmin', $data);
View::render('Administrador/Update', $data);
View::renderTemplate('footerAdmin', $data);
}
public function refresh()
{
\Helpers\GUMP::set_field_name('new-email', 'email');
\Helpers\GUMP::set_field_name('new-password', 'Пароль');
\Helpers\GUMP::set_field_name('confirm-new-password', 'Подтверждение пароля');
$validated = \Helpers\GUMP::is_valid($_POST, array('user-id' => 'required|integer', 'old-email' => 'required|valid_email', 'new-email' => 'required|valid_email', 'new-password' => 'required|max_len,32|min_len,4', 'confirm-new-password' => 'required|max_len,32|min_len,4'));
if (is_array($validated)) {
echo $validated[0];
die;
}
if ($_POST['new-password'] != $_POST['confirm-new-password']) {
echo 'Пароли не совпадают.';
die;
}
if (mb_strtolower($_POST['old-email']) != mb_strtolower($_POST['new-email'])) {
$checkEmail = $this->_user->checkEmail(mb_strtolower($_POST['new-email']));
if (!empty($checkEmail)) {
echo 'Этот email уже есть в базе.';
die;
}
}
$newPass = \Helpers\Password::make($_POST['new-password']);
$this->_user->updateUser($_POST['new-email'], $newPass, $_POST['user-id']);
}
/**
* Edit User
*/
public function edit($id)
{
$data['js'] = array(Url::assetPath('js') . 'plugins/forms/selects/select2.min.js', Url::assetPath('js') . 'plugins/tables/datatables/datatables.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/responsive.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/buttons.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/jszip/jszip.min.js', Url::assetPath('js') . 'plugins/moment/moment.min.js', Url::assetPath('js') . 'plugins/pickers/bootstrap-datetimepicker.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/jquery.dataTables.yadcf.js', Url::assetPath('js') . 'plugins/forms/inputs/passy.js', Url::assetPath('js') . 'plugins/forms/inputs/email-autocomplete.js', Url::assetPath('js') . 'plugins/forms/inputs/slugify.js', Url::assetPath('js') . 'plugins/forms/validation/validate.min.js', Url::assetPath('js') . 'plugins/forms/styling/uniform.min.js', Url::assetPath('js') . 'plugins/extensions/sticky-tabs.js', Url::assetPath('js') . 'plugins/media/cropper.min.js', Url::assetPath('js') . 'pages/profile.js');
$data['user'] = $this->user->getUser($id);
$data['user_groups'] = $this->user->getUserGroups($id);
$data['user_departments'] = $this->user->getUserDepartments($id);
$data['user_teams'] = $this->user->getUserTeams($id);
$data['user_direct_mangers'] = $this->user->getUserDirectManager($id);
$data['user_indirect_mangers'] = $this->user->getUserIndirectManager($id);
$data['user_roles'] = $this->user->getUserRoles($id);
$data['users'] = $this->user->getUsers();
$data['groups'] = $this->group->getGroups();
$data['departments'] = $this->department->getDepartments();
$data['companies'] = $this->company->getCompanies();
$data['offices'] = $this->office->getOffices();
$data['teams'] = $this->team->getTeams();
$data['user_types'] = $this->user_type->getUserTypes();
$data['activity_log'] = $this->user->getPersonalActivityLog(Session::get('id'));
$data['prac_etaty'] = $this->optima->getPracEtaty();
$data['languages'] = $this->interface_language->getLanguages();
$data['roles'] = $this->role->getRoles();
$rolePermissions = $this->permission->getRolePermissions($data['user_roles']);
$userPermissions = $this->permission->getUserPermissions($id);
$data['permissions'] = $this->buildPermissionsTable($id, $rolePermissions, $userPermissions);
if (isset($_POST['save_details'])) {
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
if (!empty($_POST['birthday'])) {
$birthday = Date::convertLocalDateToSQL($_POST['birthday'], $_SESSION['dateformat']);
} else {
$birthday = NULL;
}
$birthday_agree = $_POST['birthday_agree'];
$position_title = $_POST['position_title'];
$department_id = $_POST['department'];
$company = $_POST['company'];
$office = $_POST['office'];
$office_location = $_POST['office_location'];
$user_type = $_POST['user_type'];
$phone_business = $_POST['phone_business'];
$phone_personal = $_POST['phone_personal'];
$mobile_business = $_POST['mobile_business'];
$mobile_personal = $_POST['mobile_personal'];
$email_business = $_POST['email_business'];
$email_personal = $_POST['email_personal'];
$skype = $_POST['skype'];
$linkedin = $_POST['linkedin'];
$twitter = $_POST['twitter'];
$twitter = $_POST['twitter'];
$facebook = $_POST['facebook'];
$facebook = $_POST['facebook'];
$googleplus = $_POST['googleplus'];
$optima_id = $_POST['optima_id'];
if (!empty($_POST['date_of_employment'])) {
$date_of_employment = Date::convertLocalDateToSQL($_POST['date_of_employment'], $_SESSION['dateformat']);
} else {
$date_of_employment = NULL;
}
if (!empty($_POST['date_of_termination'])) {
$date_of_termination = Date::convertLocalDateToSQL($_POST['date_of_termination'], $_SESSION['dateformat']);
} else {
$date_of_termination = NULL;
}
$sign_attendance_list = $_POST['sign_attendance_list'];
if ($first_name == '') {
$error[] = $this->language->get('first_name_required');
}
if ($last_name == '') {
$error[] = $this->language->get('last_name_required');
}
if ($user_type == '') {
$error[] = $this->language->get('user_type_required');
}
if (!$error) {
//user
$data = array('first_name' => $first_name, 'last_name' => $last_name, 'optima_id' => $optima_id);
$where = array('id' => $id);
$this->user->update($data, $where);
//details
$data_details = array('user_id' => $id, 'birthday' => $birthday, 'birthday_agree' => $birthday_agree, 'position_title' => $position_title, 'company_id' => $company, 'office_id' => $office, 'office_location' => $office_location, 'user_type_id' => $user_type, 'phone_business' => $phone_business, 'phone_personal' => $phone_personal, 'mobile_business' => $mobile_business, 'mobile_personal' => $mobile_personal, 'email_business' => $email_business, 'email_personal' => $email_personal, 'skype' => $skype, 'linkedin' => $linkedin, 'twitter' => $twitter, 'facebook' => $facebook, 'googleplus' => $googleplus, 'date_of_employment' => $date_of_employment, 'date_of_termination' => $date_of_termination, 'sign_attendance_list' => $sign_attendance_list);
$this->user->updateDetails($data_details);
//departments
if (isset($_POST['departments'])) {
$where_department = array('user_id' => $id);
$this->user->deleteUserDepartments($where_department);
foreach ($_POST['departments'] as $department_id) {
$data_department = array('department_id' => $department_id, 'user_id' => $id);
$this->user->updateUserDepartments($data_department);
}
} else {
$where_department = array('user_id' => $id);
$this->user->deleteUserDepartments($where_department, '');
}
//teams
if (isset($_POST['teams'])) {
$where_team = array('user_id' => $id);
$this->user->deleteUserTeams($where_team);
foreach ($_POST['teams'] as $team_id) {
$data_team = array('team_id' => $team_id, 'user_id' => $id);
$this->user->updateUserTeams($data_team);
}
} else {
$where_team = array('user_id' => $id);
$this->user->deleteUserTeams($where_team, '');
}
//groups
if (isset($_POST['groups'])) {
$where_group = array('user_id' => $id);
$this->user->deleteUserGroups($where_group);
foreach ($_POST['groups'] as $group_id) {
$data_group = array('group_id' => $group_id, 'user_id' => $id);
$this->user->updateUserGroups($data_group);
}
} else {
$where_group = array('user_id' => $id);
$this->user->deleteUserGroups($where_group, '');
}
//direct managers
if (isset($_POST['direct_mangers']) && !empty($_POST['direct_mangers']) && $_POST['direct_mangers'] != 0) {
$where_direct_mangers = array('user_id' => $id, 'indirect' => '0');
$this->user->deleteUserMangers($where_direct_mangers);
foreach ($_POST['direct_mangers'] as $manager_id) {
$data_direct_mangers = array('manager_id' => $manager_id != '' ? $manager_id : NULL, 'user_id' => $id, 'indirect' => '0');
$this->user->updateUserMangers($data_direct_mangers);
}
} else {
$data_direct_mangers = array('manager_id' => NULL, 'user_id' => $id, 'indirect' => '0');
$this->user->updateUserMangers($data_direct_mangers);
}
//indirect managers
if (isset($_POST['indirect_mangers'])) {
$where_indirect_mangers = array('user_id' => $id, 'indirect' => '1');
$this->user->deleteUserMangers($where_indirect_mangers);
foreach ($_POST['indirect_mangers'] as $manager_id) {
$data_indirect_mangers = array('manager_id' => $manager_id != 'null' ? $manager_id : NULL, 'user_id' => $id, 'indirect' => '1');
$this->user->updateUserMangers($data_indirect_mangers);
}
} else {
$where_indirect_mangers = array('user_id' => $id, 'indirect' => '1');
$this->user->deleteUserMangers($where_indirect_mangers, '');
}
Session::set('success', $this->language->get('msg_user_edit'));
Log::notice('log_user_edit_details', json_encode(array($data, $data_details, $data_department, $data_team, $data_group, $data_direct_mangers, $data_indirect_mangers)));
Url::redirect('users/edit/' . $id);
}
}
if (isset($_POST['save_settings'])) {
$dateformat = $_POST['dateformat'];
$timeformat = $_POST['timeformat'];
$interface_language = $_POST['interface_language'];
$timezone = $_POST['timezone'];
if ($dateformat == '') {
$error[] = $this->language->get('dateformat_required');
}
if ($timeformat == '') {
$error[] = $this->language->get('timeformat_required');
}
if ($interface_language == '') {
$error[] = $this->language->get('interface_language_required');
}
if ($timezone == '') {
$error[] = $this->language->get('timezone_required');
}
if (!$error) {
//user
$data = array('dateformat' => $dateformat, 'timeformat' => $timeformat, 'language_id' => $interface_language, 'timezone' => $timezone);
$where = array('id' => $id);
$this->user->update($data, $where);
Session::set('timezone', $timezone);
Session::set('dateformat', $dateformat);
Session::set('timeformat', $timeformat);
Session::set('language_id', $interface_language);
Session::set('success', $this->language->get('msg_user_edit'));
Log::notice('log_user_edit_settings', json_encode($data));
Url::redirect('users/edit/' . $id . '#settings');
}
}
if (isset($_POST['save_authentication'])) {
$username = $_POST['username'];
if (!empty($_POST['status'])) {
$status = $_POST['status'];
} else {
$status = 0;
}
$password = Password::make($_POST['password']);
if ($username == '') {
$error[] = $this->language->get('username_required');
}
if (!$error) {
if (!empty($_POST['password'])) {
$data = array('username' => $username, 'status' => $status, 'password' => $password, 'password_updated_at' => date("Y-m-d H:i:s"));
//log
$data_log = array('username' => $username, 'status' => $status, 'password' => '***', 'password_updated_at' => date("Y-m-d H:i:s"));
} else {
$data = array('username' => $username, 'status' => $status);
//log
$data_log = array('username' => $username, 'status' => $status);
}
$where = array('id' => $id);
$this->user->update($data, $where);
Session::set('success', $this->language->get('msg_user_edit'));
Log::notice('log_user_edit_authentication', json_encode($data_log));
Url::redirect('users/edit/' . $id . '#authentication');
}
}
if (isset($_POST['save_roles'])) {
if (isset($_POST['roles'])) {
$where_role = array('user_id' => $id);
$this->user->deleteUserRoles($where_role);
$roles_log = array();
foreach ($_POST['roles'] as $role_id) {
$data_role = array('role_id' => $role_id, 'user_id' => $id);
$this->user->updateUserRoles($data_role);
$roles_log[] = $data_role;
}
} else {
$where_role = array('user_id' => $id);
$this->user->deleteUserRoles($where_role, '');
}
Session::set('success', $this->language->get('msg_user_edit'));
Log::notice('log_user_edit_roles', json_encode($roles_log));
Url::redirect('users/edit/' . $id . '#permissions');
}
if (isset($_POST['save_permissions'])) {
$permissions = $_POST['permission'];
$where_permission = array('user_id' => $id);
$this->user->deletePermissionsForUser($where_permission);
if (!empty($permissions)) {
$permissions_log = array();
foreach ($permissions as $permission) {
$permisions_ids .= $permission . ', ';
$data_permission = array('permission_id' => $permission, 'user_id' => $id);
$permissions_log[] = $data_permission;
$this->user->insertPermissionsForUser($data_permission);
}
}
$permisions_ids = substr($permisions_ids, 0, -2);
Session::set('success', $this->language->get('msg_user_edit'));
Log::notice('log_user_edit_permissions', json_encode($permissions_log));
Url::redirect('users/edit/' . $id . '#permissions');
}
View::renderTemplate('header', $data);
View::render('users/edit', $data, $error);
View::renderTemplate('footer', $data);
}
/**
* Attempts registration based on user input
*
*/
public function register()
{
$data["title"] = "Register";
if (isset($_POST["register_button"])) {
$name = $_POST["register_name"];
$email = $_POST["register_email"];
$password1 = $_POST["register_password"];
$password2 = $_POST["confirm_password"];
//Validation (this will be expanded)
if ($name == "") {
$error["no_name"] = "Name is required";
}
if ($email == "") {
$error["no_email"] = "Email is required";
} else {
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error["not_valid_email"] = "Not a valid email";
} else {
if ($this->_model->exists($email)) {
$error["email_exists"] = "This email is already registered";
}
}
}
if ($password1 == "") {
$error["no_password"] = "******";
} else {
if (strlen($password1) < 8) {
$error["password_short"] = "Password must be atleast 9 characters";
} else {
if (ctype_lower($password1)) {
$error["no_uppercase"] = "Password must contain atleast one upper case letter";
} else {
if ($password1 != $password2) {
$error["no_password_match"] = "Passwords do not match";
}
}
}
}
// For the captcha
$rainCaptcha = new \Helpers\RainCaptcha();
if (!$rainCaptcha->checkAnswer($_POST['captcha'])) {
$error["captcha"] = "Not valid captcha.";
}
//If no errors were detected then we'll carry on and register the user
if (!$error) {
$postdata = array("name" => $name, "email" => $email, "password" => Password::make($password1));
$this->_model->insert_user($postdata);
$this->_model->sendVerificationEmail($email, $name);
Session::set("message", "A verification email has been sent to the entered email address.");
}
}
View::renderTemplate("header", $data);
View::render("auth/register", $data, $error);
View::renderTemplate("footer", $data);
}
public function register()
{
//Sanitize Data using Gump helper
$_POST = Gump::sanitize($_POST);
if (isset($_POST['login'])) {
//Validate data using Gump
$is_valid = Gump::is_valid($_POST, array('login' => 'required|alpha_numeric', 'email' => 'required|valid_email', 'password' => 'required', 'password-again' => 'required'));
if ($is_valid === true) {
//Test for duplicate username`
$user = $this->userSQL->prepareFindByLogin($_POST['login']);
if ($_POST['password'] != $_POST['password-again']) {
$error[] = "Les deux mots de passes doivent être identiques";
}
if ($user != false) {
$error[] = 'Ce compte existe déjà';
}
$user = $this->userSQL->prepareFindByEmail($_POST['email'])->execute();
//Test for dupicate email address
if (count($user) > 0) {
$error[] = 'Ce compte email existe déjà.';
}
} else {
$error = $is_valid;
}
if (!$error) {
//Register and return the data as an array $data[]
$user = new Utilisateur($_POST['login'], $_POST['email'], Password::make($_POST['password']), "");
$this->entityManager->save($user);
Session::set('id', $user->getId());
Session::set('login', $user->login);
Session::set('loggedin', true);
Url::redirect();
}
}
$data['title'] = 'Inscription';
View::rendertemplate('header', $data);
View::render('user/register', $data, $error);
View::rendertemplate('footer', $data);
}
/**
* Password Recovery
*/
public function recovery()
{
$data['title'] = $this->language->get('title_recovery');
if (isset($_POST['submit'])) {
$email = $_POST['email'];
//validation
if (Password::verify($password, $this->model->getHash($username)) == false) {
$error[] = $this->language->get('error_recovery');
}
//if validation has passed carry on
if (!$error) {
$userDb = $this->model->getUser($username);
$user = $userDb[0];
Session::set('loggedin', true);
Session::set('id', $user->id);
Session::set('first_name', $user->first_name);
Session::set('last_name', $user->last_name);
Session::set('timezone', $user->timezone);
Session::set('dateformat', $user->dateformat);
Session::set('timeformat', $user->timeformat);
Session::set('dateformat_moment', Date::convertPHPToMomentFormat($user->dateformat));
Session::set('timeformat_moment', Date::convertPHPToMomentFormat($user->timeformat));
Session::set('language_id', 1);
Session::set('language_code', 'en');
if (!Cookie::exists('navigation')) {
Cookie::set('navigation', '');
}
Log::info('logged_in');
//$data = array('lastLogin' => date('Y-m-d H:i:s'));
//$where = array('id' => $this->_model->getId($username));
//$this->_model->update($data,$where);
Url::redirect();
} else {
$data['username'] = $username;
}
}
View::renderTemplate('header', $data, 'auth');
View::render('auth/recovery', $data, $error);
View::renderTemplate('footer', $data, 'auth');
}