/** * Perform the main actions of the page. * @global array Get the home page from the global configuration */ protected function action() { parent::action(); if ($this->user->logged_in()) { $this->setRedirect('home'); return; } $access = I2CE::getUserAccess(); $has_email = $access instanceof I2CE_UserAccess_Mechanism && $access->canChangePassword() && I2CE_User::hasDetail('email'); $this->template->setBodyId("loginPage"); $this->template->setDisplayDataImmediate('has_email', $has_email); if (!$this->isPost() || !$has_email) { return; } if ($this->post('submit') == "Reset") { if (I2CE_Validate::checkString($this->post('username')) && I2CE_User::userExists($this->post('username'), true)) { $user = new I2CE_User($this->post('username'), true, false, true); $email = $user->email; $valid_email = I2CE_Validate::checkEmail($email); $pass = trim(I2CE_User::generatePassword()); if ($user->getRole() != 'guest' && $valid_email && $pass && $user->setPassword($pass)) { if ($this->mailPassword($email, $this->post('username'), $pass)) { $this->template->addTextNode("error_message", "Your password has been reset and mailed to you."); } else { $this->template->addTextNode("error_message", "Your password has been reset, but could not mailed to you. Please contact your system administrator"); } } else { $this->template->addTextNode("error_message", "Your password could not be reset. Please contact your system administrator to change your password."); } } else { $this->template->addTextNode("error_message", "Your username could not be found in the database. Please contact your System Administrator."); } } elseif ($this->post('submit') == "View") { $usernames = I2CE_User::findUsersByInfo(false, array('email' => $this->post('email'))); if (is_array($usernames) && count($usernames) == 1) { reset($usernames); $this->template->addText('<p id="error_message">Your username is: <b>' . current($usernames) . '</b><br />Enter it below to reset your password or return to the login page to login.</p>', 'p'); } else { $this->template->addTextNode("error_message", "That email address was not found in the system. Please contact your System Administrator."); } } else { $this->template->addTextNode("error_message", "Please click one of the submit buttons or only enter one text field."); } }
/** * Checks to make sure all the required fields are valid. * * Checks to make sure the username is unique in the system and that the password matches the confirmed password. * @global array */ public function validate() { parent::validate(); if ($this->id == '0') { if (I2CE_User::userExists($this->username, false)) { $this->setInvalidMessage('username', 'unique'); } } if (strlen($this->password) > 0 && $this->password != $this->confirm) { $this->setInvalidMessage('password', 'mismatch'); } if ($this->id == '0' && $this->password == "" && !$this->generate_password) { $this->setInvalidMessage('password', 'required'); } $saving_user = new I2CE_User('0', true, true, false); if ($saving_user->role != 'admin') { // Allow anyone to set the self service role $role_field = $this->getField('role'); $role_val = $role_field->getDBValue(); $role_val = str_replace('role|', '', $role_val); if ($saving_user->role != $role_val) { $default_ss = ''; I2CE::getConfig()->setIfIsSet($default_ss, "/modules/SelfService/default_user_role"); if ($role_val != $default_ss) { $where = array('operator' => 'AND', 'operand' => array(array('operator' => 'FIELD_LIMIT', 'field' => 'assignable', 'style' => 'yes'), array('operator' => 'FIELD_LIMIT', 'field' => 'trickle_up', 'style' => 'equals', 'data' => array('value' => $saving_user->role)), array('operator' => 'FIELD_LIMIT', 'field' => 'id', 'style' => 'equals', 'data' => array('value' => $role_val)))); $results = I2CE_FormStorage::search('role', false, $where); if (count($results) == 0) { $this->setInvalidMessage('role', 'notallowed'); } } } } }
/** * Add an alert to the given user. * @param string $username * @param string $alert_type * @param string $message * @return boolean */ public function sendUserAlert($username, $alert_type, $message, $link = null, $link_text = null) { if (!I2CE_User::userExists($username, false)) { I2CE::raiseError("Invalid user: {$username} passed to sendUserAlert"); return false; } $ff = I2CE_FormFactory::instance(); $user_alert = $ff->createContainer("user_alert"); $user_alert->getField('alert_type')->setFromDB($alert_type); $user_alert->message = $message; if ($link && $link_text) { $user_alert->link = $link; $user_alert->link_text = $link_text; } $user_alert->setParent("user|" . $username); $save_user = new I2CE_User('0', false, true, false); $user_alert->validate(); if ($user_alert->hasInvalid()) { I2CE::raiseError("Invalid data passed to sendUserAlert"); return false; } if ($user_alert->save($save_user)) { return true; } I2CE::raiseError("Failed to save new user alert"); return false; }
protected function createAdminUser() { if (I2CE::getUserAccessProtocol() !== 'DEFAULT') { return true; } $admins = I2CE_User::findUsersByInfo('admin'); if (is_array($admins) && count($admins) > 0) { I2CE::raiseError("Admin users already found"); return true; // an admin already exists. } if (I2CE_User::userExists('administrator', false)) { //do nothing. somebody has been messing around here. return true; //hopefully whoever allowed this to happen } $admin = new I2CE_User('administrator', false, false, false); $admin->email = '*****@*****.**'; $admin->creator = 'administrator'; $admin->firstname = 'Site'; $admin->lastname = 'Administrator'; $admin->username = '******'; $admin->role = 'admin'; I2CE::raiseError("Creating user 'administrator' with administrative privlages"); return $admin->save('administrator'); }
/** * Checks to make sure all the required fields are valid. * * Checks to make sure the username is unique in the system and that the password matches the confirmed password. * @global array */ public function validate() { parent::validate(); if ($this->id == '0') { if (I2CE_User::userExists($this->username, false)) { $this->setInvalidMessage('username', 'unique'); } } if (strlen($this->password) > 0 && $this->password != $this->confirm) { $this->setInvalidMessage('password', 'mismatch'); } if ($this->id == '0' && $this->password == "" && !$this->generate_password) { $this->setInvalidMessage('password', 'required'); } }