/** * @before _secured, _admin */ public function add() { $view = $this->getActionView(); $view->set('submstoken', $this->mutliSubmissionProtectionToken()); if (RequestMethods::post('submitAddUser')) { if ($this->checkCSRFToken() !== true && $this->checkMutliSubmissionProtectionToken(RequestMethods::post('submstoken')) !== true) { self::redirect('/admin/user/'); } $errors = array(); if (RequestMethods::post('password') !== RequestMethods::post('password2')) { $errors['password2'] = array('Hesla se neshodují'); } $email = App_Model_User::first(array('email = ?' => RequestMethods::post('email')), array('email')); if ($email) { $errors['email'] = array('Tento email se již používá'); } $salt = PasswordManager::createSalt(); $hash = PasswordManager::hashPassword(RequestMethods::post('password'), $salt); $cfg = Registry::get('configuration'); $fileManager = new FileManager(array('thumbWidth' => $cfg->thumb_width, 'thumbHeight' => $cfg->thumb_height, 'thumbResizeBy' => $cfg->thumb_resizeby, 'maxImageWidth' => $cfg->photo_maxwidth, 'maxImageHeight' => $cfg->photo_maxheight)); $photoNameRaw = RequestMethods::post('firstname') . '-' . RequestMethods::post('lastname'); $photoName = $this->_createUrlKey($photoNameRaw); $fileErrors = $fileManager->uploadBase64Image(RequestMethods::post('croppedimage'), $photoName, 'members', time() . '_')->getUploadErrors(); $files = $fileManager->getUploadedFiles(); if (!empty($fileErrors)) { $errors['croppedimage'] = $fileErrors; } if (!empty($files)) { foreach ($files as $i => $file) { if ($file instanceof \THCFrame\Filesystem\Image) { $user = new App_Model_User(array('firstname' => RequestMethods::post('firstname'), 'lastname' => RequestMethods::post('lastname'), 'email' => RequestMethods::post('email'), 'password' => $hash, 'salt' => $salt, 'role' => RequestMethods::post('role', 'role_member'), 'imgMain' => trim($file->getFilename(), '.'), 'imgThumb' => trim($file->getThumbname(), '.'))); break; } } } if (empty($errors) && $user->validate()) { $userId = $user->save(); Event::fire('admin.log', array('success', 'User id: ' . $userId)); $view->successMessage('Uživatel' . self::SUCCESS_MESSAGE_1); self::redirect('/admin/user/'); } else { Event::fire('admin.log', array('fail')); $view->set('errors', $errors + $user->getErrors())->set('submstoken', $this->revalidateMutliSubmissionProtectionToken())->set('user', $user); } } }