public function action_login()
{
$lUsername = Input::post('username', null);
$lPassword = Input::post('password', null);
$lError = ['status' => 'error', 'message' => 'error_msg_1'];
if (empty($lUsername) || empty($lPassword)) {
die(json_encode(['status' => 'error', 'message' => 'Missing params'], JSON_UNESCAPED_UNICODE));
}
$lUser = Model_User::query()->where('username', $lUsername)->get_one();
if (empty($lUser)) {
die(json_encode($lError, JSON_UNESCAPED_UNICODE));
}
$lUser = $lUser->to_array();
$lUser['profile_fields'] = unserialize($lUser['profile_fields']);
if (!empty($lUser['profile_fields']['is_deleted'])) {
die(json_encode($lError, JSON_UNESCAPED_UNICODE));
}
if (!empty($lUser['profile_fields']['is_blocked'])) {
die(json_encode(['status' => 'error', 'message' => 'User is blocked'], JSON_UNESCAPED_UNICODE));
}
if (Auth::login($lUsername, $lPassword)) {
die(json_encode(['status' => 'ok'], JSON_UNESCAPED_UNICODE));
}
die(json_encode($lError, JSON_UNESCAPED_UNICODE));
}
/**
* 新規会員数
*
* @access private
* @param
* @return int
* @author ida
*/
private function getMailMagazieCount()
{
$query = \Model_User::query();
$query->where(array(array('mm_flag', \Model_User::MM_FLAG_OK), array('register_status', 'IN', array(\Model_User::REGISTER_STATUS_INACTIVATED, \Model_User::REGISTER_STATUS_ACTIVATED))));
$count = $query->count();
return $count;
}
public function action_remove($user_id)
{
// check for admin
if (!Auth::member(5)) {
\Response::redirect_back('home');
}
$user = Model_User::query()->where('id', $user_id)->get_one();
$user->delete();
Response::Redirect('users');
}
public function action_index()
{
$this->dataGlobal['pageTitle'] = __('backend.category.manage');
// Pagination
$config = array('pagination_url' => \Uri::current(), 'total_items' => \Model_User::count(), 'per_page' => floor(\Model_User::count() / 2), 'uri_segment' => 'page');
$this->data['pagination'] = $pagination = \Pagination::forge('authors_pagination', $config);
// Get categories
$this->data['authors'] = \Model_User::query()->offset($pagination->offset)->limit($pagination->per_page)->order_by('created_at', 'DESC')->get();
return \Response::forge(\View::forge('backend/author/index')->set($this->data, null, false));
}
public function action_index()
{
$this->template = View::forge("students/template");
// login
if (Input::post("email", null) !== null and Security::check_token()) {
$email = Input::post('email', null);
$password = Input::post('password', null);
$where = [["email", $email], ["deleted_at", 0]];
$gameUser = Model_User::find("all", ["where" => $where]);
if (count($gameUser) >= 1) {
if ($this->auth->login($email, $password)) {
if (Input::post('remember_me', null) == 1) {
$this->auth->remember_me();
}
$type = Input::post('type', 0);
if (Input::post('pay', 0) != 1 && Input::post('doc', 0) != 1) {
Response::redirect('/students/top');
} else {
if (Input::post('pay') != 0 || Input::post('pay') != NULL) {
if (Input::post('method', 0) == 1) {
Response::redirect('/coursefee/cash/?g=1#upload');
} elseif (Input::post('method', 0) == 2) {
Response::redirect('/coursefee/remit/?g=2#done');
} elseif (Input::post('method', 0) == 3) {
Response::redirect('/students/courses');
} elseif (Input::post('method', 0) == 4) {
Response::redirect('/coursefee/cash/?g=4#upload');
}
}
if (Input::post('doc', 0) != 0 || Input::post('doc') != NULL) {
$user = Model_User::query()->where('email', $email)->where('deleted_at', 0)->limit(1)->get_one();
$query = Model_User::find($user->id);
$place = $query->place;
if ($place == 1) {
Response::redirect('/join/?open=2');
} else {
Response::redirect('/join/?open=1');
}
}
}
} else {
Response::redirect('/students/signin?e=1');
}
} else {
Response::redirect('/students/signin?e=1');
}
}
$view = View::forge("students/signin");
$this->template->content = $view;
$this->template->title = "Signin";
$this->template->auth_status = false;
}
public function post_is_unique()
{
if (Input::is_ajax()) {
// $this->format = 'json';
$username = Input::post('username');
$username = Model_User::query()->where('email', $username)->get_one();
if ($username === null) {
return $this->response(array('unique' => true));
}
return $this->response(array('unique' => false));
}
return false;
}
/**
* Get all categorys from author
* @param string $author username
*/
public function action_show_by_author($author = false)
{
$author = $this->data['author'] = \Model_User::query()->where('username', $author)->get_one();
if (!$author) {
\Messages::error(__('frontend.author.not-found'));
\Response::redirect_back(\Router::get('homepage'));
} else {
// Pagination
$config = array('pagination_url' => \Uri::current(), 'total_items' => count($author->posts), 'per_page' => \Config::get('application.pagination.per_page'), 'uri_segment' => 'page');
$this->data['pagination'] = $pagination = \Pagination::forge('category_pagination', $config);
// Get categorys
$this->data['categories'] = Model_Category::query()->where('user_id', $author->id)->order_by('created_at', 'DESC')->offset($pagination->offset)->limit($pagination->per_page)->get();
return \Response::forge(\View::forge('frontend/category/author')->set($this->data, null, false));
}
}
public function action_index()
{
$where = [["group_id", 1], ["deleted_at", 0]];
$query = Model_User::query()->where('group_id', '=', 1)->where('deleted_at', '=', 0);
if ($search_text = Input::get("search_text", "")) {
$query->where_open()->where('email', 'like', "%{$search_text}%")->or_where('firstname', 'like', "%{$search_text}%")->or_where('middlename', 'like', "%{$search_text}%")->or_where('lastname', 'like', "%{$search_text}%")->or_where('lastname', 'like', "%{$search_text}%")->or_where(DB::expr("CONCAT(trim(firstname),' ',trim(middlename))"), 'like', "%{$search_text}%")->or_where(DB::expr("CONCAT(trim(middlename),' ',trim(firstname))"), 'like', "%{$search_text}%")->or_where(DB::expr("CONCAT(trim(firstname),' ',trim(lastname))"), 'like', "%{$search_text}%")->or_where(DB::expr("CONCAT(trim(lastname),' ',trim(firstname))"), 'like', "%{$search_text}%")->or_where(DB::expr("CONCAT(trim(middlename),' ',trim(lastname))"), 'like', "%{$search_text}%")->or_where(DB::expr("CONCAT(trim(lastname),' ',trim(middlename))"), 'like', "%{$search_text}%")->or_where(DB::expr("CONCAT(trim(firstname),' ',trim(middlename),' ',trim(lastname))"), 'like', "%{$search_text}%")->or_where(DB::expr("CONCAT(trim(lastname),' ',trim(middlename),' ',trim(firstname))"), 'like', "%{$search_text}%")->or_where(DB::expr("CONCAT(trim(lastname),' ',trim(firstname),' ',trim(middlename))"), 'like', "%{$search_text}%")->order_by("id", "desc")->where_close();
}
$data["result"] = $query->get();
$data["users"] = Model_User::find("all", ["where" => $where, "order_by" => [["id", "desc"]]]);
Input::get("search_text", "") ? $pages = 'result' : ($pages = 'users');
$config = array('pagination_url' => "?search_text=" . Input::get("search_text", ""), 'uri_segment' => "p", 'num_links' => 9, 'per_page' => 20, 'total_items' => count($data[$pages]));
$data["pager"] = Pagination::forge('mypagination', $config);
$data[$pages] = array_slice($data[$pages], $data["pager"]->offset, $data["pager"]->per_page);
$view = View::forge("admin/students/index", $data);
$this->template->content = $view;
}
public function action_showAll()
{
$lPage = Input::get('current_page', 0);
\Config::load('db', true);
$lItemsPerPage = \Config::get('db.items_per_page');
$lResult = Model_User::query()->limit($lItemsPerPage)->offset($lPage * $lItemsPerPage)->get();
$lUsers = [];
$n = 0;
foreach ($lResult as $lVal) {
$lUsers[$n] = $lVal->to_array();
$lUsers[$n]['profile_fields'] = unserialize($lUsers[$n]['profile_fields']);
$n++;
}
$lPagination = Pagination::forge('data_table', array('pagination_url' => '/main/index', 'total_items' => DB::count_last_query(), 'num_links' => 3, 'per_page' => $lItemsPerPage, 'current_page' => $lPage, 'uri_segment' => 'current_page'))->render();
$this->template->content = View::forge('users/show_all_users', ['pagination' => $lPagination, 'users' => $lUsers]);
return $this->template;
}
public function action_index()
{
// was the login form posted?
if (\Input::method() == 'POST') {
// perform a login
if (Auth::login(Input::Post('username'), Input::Post('password'))) {
// the user is succesfully logged in
\Response::redirect_back('home');
} else {
// ERROR USER NAME OR PASS BAD
$user = Model_User::query()->where('username', Input::Post('username'))->get_one();
if (empty($user) === false) {
Session::Set('error', 'Invalid password!');
} else {
Session::Set('error', 'There is no username / email : ' . Input::Post('username'));
}
}
}
$this->template->content = View::forge('login/index');
}
public function action_delete()
{
$lUserId = Input::post('user_id', null);
if (!$lUserId || !is_numeric($lUserId)) {
die(json_encode(['status' => 'error', 'message' => 'Invalid user ID'], JSON_UNESCAPED_UNICODE));
}
$lUser = Model_User::query()->where('id', $lUserId)->get_one()->to_array();
$lUser = array_merge($lUser, unserialize($lUser['profile_fields']));
$lIsOwner = $lUser['id'] == $this->current_user['id'];
if (!$this->is_admin && !$lIsOwner) {
die(json_encode(['status' => 'error', 'message' => 'Access denied'], JSON_UNESCAPED_UNICODE));
}
$lResult = Auth::update_user(['is_deleted' => true], $lUser['username']);
if ($lResult) {
if ($lIsOwner) {
Auth::logout();
}
die(json_encode(['status' => 'ok'], JSON_UNESCAPED_UNICODE));
}
die(json_encode(['status' => 'error', 'message' => 'User was not deleted'], JSON_UNESCAPED_UNICODE));
}
public function action_edit()
{
$this->template->scripts[] = 'profile.js';
$this->template->scripts[] = 'file_uploader.js';
$this->template->styles[] = 'file_uploader.css';
$lUserId = Input::get('user_id', null);
$lUser = Model_User::query()->where('id', $lUserId)->get_one()->to_array();
$lUser = array_merge($lUser, unserialize($lUser['profile_fields']));
$lIsOwner = $lUser['id'] == $this->current_user['id'];
$lIsAdmin = $this->current_user['role_id'] == AuthModule::UR_ADMIN;
if (!$lIsOwner && !$lIsAdmin) {
throw new Exception('You do not have access');
}
//$lUserData = Auth::get_profile_fields();
//$lUserData['user_id'] = $this->current_user['id'];
//$lUserData['email'] = Auth::get_email();
//$lUserData['username'] = Auth::get('username');
if (!empty($lUser['avatar_id'])) {
$lUser['avatar'] = Model_Avatars::getById($lUser['avatar_id']);
}
$this->template->content = View::forge('user_edit', ['user_data' => $lUser, 'admin_mode' => $lIsAdmin && !$lIsOwner]);
return $this->template;
}
public function action_login()
{
$login_log = new Model_Users_Log_Login();
if (Input::method() == 'POST') {
if (Auth::login(Input::post('username'), Input::post('password'))) {
list($driver, $user_id) = Auth::get_user_id();
$login_log->user_id = $user_id;
$login_log->status = 1;
$login_log->login_time = strtotime('NOW');
$login_log->attempted_login = Input::post('username');
$login_log->ip_address = $_SERVER['REMOTE_ADDR'];
$login_log->save();
Response::redirect('/');
} else {
$query = Model_User::query()->where('username', Input::post('username'));
if ($query->count() > 0) {
$attempt = $query->get_one();
$user_id = $attempt->id;
$login_log->user_id = $user_id;
$login_log->status = 2;
$login_log->login_time = strtotime('NOW');
$login_log->attempted_login = Input::post('username');
$login_log->ip_address = $_SERVER['REMOTE_ADDR'];
} else {
$user_id = 0;
$login_log->user_id = $user_id;
$login_log->status = 2;
$login_log->login_time = strtotime('NOW');
$login_log->attempted_login = Input::post('username');
$login_log->ip_address = $_SERVER['REMOTE_ADDR'];
}
$login_log->save();
Session::set_flash('fail', 'Invalid Username or Password!');
}
}
return View::forge('welcome/login', array('title' => 'Login'));
}
public function action_mailRegist($token = null)
{
if ($token == null) {
return Response::forge("不正なパラメータです。");
}
//メール送信済みユーザーからtokenが一致するものを取得
$query = Model_MailUser::query()->where('token', $token);
$user = $query->get_one();
if ($user == null) {
return Response::forge("不正なパラメータです。");
}
$query2 = Model_User::query()->where('username', $user->userName);
$count = $query2->count();
if ($count != 0) {
$dsc2 = <<<END
<BR>
既に登録済みです。
<a href = "/index">トップページに戻る</a>\t\t\t\t
END;
return Response::forge($dsc2);
}
//メール送信からの経過時刻
$diffTime = time() - $user->created_at;
// return Response::forge($diffTime.'秒経過');
if ($diffTime < REGIST_TIME) {
//ユーザー登録成功
Auth::create_user($user->userName, $user->password, $user->email, 3);
//3 = user
//新規作成したユーザーでログイン
if (Auth::validate_user($user->userName, $user->password)) {
Auth::login($user->userName, $user->password);
$dsc2 = <<<END
<BR>
ユーザー登録に成功しました。
<a href = "/index">トップページに戻る</a>\t\t\t\t
END;
$log = new Logging();
$log->writeLog_Info('New user regist.');
return Response::forge($dsc2);
}
return Response::forge("ユーザー登録に失敗しました。");
} else {
$log = new Logging();
$log->writeLog_Info('New user regist time out');
return Response::forge("ユーザー登録制限時間を過ぎました。");
}
}
public static function valid_field($field, $val)
{
$result = Model_User::query()->where(array($field => $val));
return $result->count() > 0;
}
public function action_callback()
{
// Opauth can throw all kinds of nasty bits, so be prepared
try {
// get the Opauth object
$opauth = \Auth_Opauth::forge(false);
// and process the callback
$status = $opauth->login_or_register();
// fetch the provider name from the opauth response so we can display a message
$provider = $opauth->get('auth.provider', '?');
// deal with the result of the callback process
switch ($status) {
// a local user was logged-in, the provider has been linked to this user
case 'linked':
// inform the user the link was succesfully made
// and set the redirect url for this status
Session::set('success', 'You have connected your ' . $provider . ' account!');
break;
// the provider was known and linked, the linked account as logged-in
// the provider was known and linked, the linked account as logged-in
case 'logged_in':
// inform the user the login using the provider was succesful
// and set the redirect url for this status
break;
// we don't know this provider login, ask the user to create a local account first
// we don't know this provider login, ask the user to create a local account first
case 'register':
// inform the user the login using the provider was succesful, but we need a local account to continue
// and set the redirect url for this status
switch ($provider) {
case 'Twitter':
$user_login = $opauth->get('auth.raw.screen_name');
$email = $opauth->get('auth.raw.screen_name') . '@twitter.com';
break;
case 'Google':
$user_login = str_replace('@gmail.com', '', $opauth->get('auth.raw.email'));
$email = $opauth->get('auth.raw.email');
break;
case 'Facebook':
$user_login = $opauth->get('auth.raw.username');
$email = $opauth->get('auth.raw.username') . '@facebook.com';
break;
}
// call Auth to create this user
$found_user = Model_User::query()->where('username', $user_login)->or_where('email', $email)->get_one();
if (empty($found_user) === false) {
if ($found_user->email == $email) {
// FORCE LOGIN AND REGISTER
Auth::force_login($found_user->id);
} else {
// Username already taken
Session::set('error', $user_login . ' , Username already taken, please register manually or try a differnt account');
Response::Redirect(Uri::Base());
}
} else {
$user_id = \Auth::create_user($user_login, md5($opauth->get('auth.credentials.token')), $email, \Config::get('application.user.default_group', 3), array('fullname' => $opauth->get('auth.info.name')));
Controller_Auth::Create_User($opauth, $user_id);
}
$opauth->login_or_register();
Session::set('success', 'You have connected your ' . $provider . ' account!');
break;
// we didn't know this provider login, but enough info was returned to auto-register the user
// we didn't know this provider login, but enough info was returned to auto-register the user
case 'registered':
// inform the user the login using the provider was succesful, and we created a local account
// and set the redirect url for this status
break;
default:
throw new \FuelException('Auth_Opauth::login_or_register() has come up with a result that we dont know how to handle.');
}
// redirect to the url set
\Response::redirect(Uri::Base());
} catch (\OpauthException $e) {
Session::set('error', ucfirst($e->getMessage()) . '!');
\Response::redirect_back();
} catch (\OpauthCancelException $e) {
Session::set('error', 'Something went wrong!');
\Response::redirect_back();
}
}
public function force_login()
{
if (DBUtil::table_exists('v2_urls')) {
if (DB::count_records('urls') < DB::count_records('v2_urls')) {
\Controller_Migrate::migrate();
}
}
if (Input::Method() === 'POST') {
// call Auth to create this user
$new_user = \Auth::create_user(Input::POST('username'), Input::POST('password'), Input::POST('email'), 5, array('fullname' => Input::POST('name')));
} else {
// call Auth to create this user
$new_user = \Auth::create_user('meela', 'password', '*****@*****.**', 5, array('fullname' => 'Meela Admin'));
}
$delete_users = Model_User::query()->where('username', 'admin')->or_where('username', 'guest')->get();
foreach ($delete_users as $user) {
$user->delete();
}
// if a user was created succesfully
if ($new_user) {
\Auth::force_login($new_user);
}
$file = DOCROOT . 'assets/url_stats_countries.csv';
// Insert data into temporary table from file
$query = 'LOAD DATA LOCAL INFILE "' . $file . '" INTO TABLE url_stats_countries fields terminated by "," enclosed by \'"\' lines terminated by "\\n" (id,start_ip,end_ip,country,created_at,updated_at)';
\DB::query($query)->execute();
Response::Redirect(Uri::Create('admin/settings'));
}
public function action_mock_phone($id)
{
$data = array();
$user = \Model_User::query()->where('id', $id)->get_one();
$data['user'] = $user;
$this->template = View::forge('template_phone');
$this->template->title = 'Balls';
if (isset($user->lostpassword_hash)) {
$hash = Crypt::encode($user->lostpassword_hash, 'R@nd0mK~Y');
$data['url'] = \Uri::create('user/password/recover/' . $hash);
$this->template->content = View::forge('user/password/phone', $data);
} else {
$this->template->content = View::forge('user/password/expired');
}
}
/**
* 更新用户余额
*
* @param unknown $aUser
* @param unknown $aParam
*/
public static function updMoney($aUser, $aParam, $iPayID = 0)
{
if (Db_Orm::getCommitCnt() == 0) {
throw new Exception('处理钱一定要用事务处理!');
return false;
}
if ($aParam['iMoney'] == 0) {
return 1;
}
if (is_array($aUser)) {
$iUserID = $aUser['iUserID'];
} else {
$iUserID = (int) $aUser;
}
$aUser = Model_User::getDetail($iUserID);
// 增加之前余额判断
$iRet = Model_User::query('UPDATE t_user SET iMoney=iMoney+' . $aParam['iMoney'] . ' WHERE iUserID=' . $iUserID . ' AND iMoney=' . $aUser['iMoney']);
if ($iRet != 1) {
Model_Base::rollback();
throw new Exception('处理钱一定要用事务处理!');
return false;
}
if ($iPayID == 0) {
$aRow = array('iUserID' => $iUserID, 'iPayment' => $aParam['iPayment'], 'iSource' => $aParam['iSource'], 'sReaName' => isset($aParam['sReaName']) ? $aParam['sReaName'] : '', 'iPayType' => isset($aParam['iPayType']) ? $aParam['iPayType'] : 0, 'iPayMoney' => $aParam['iMoney'], 'iUserMoney' => $aUser['iMoney'] + $aParam['iMoney'], 'sOpenName' => isset($aParam['sOpenName']) ? $aParam['sOpenName'] : '', 'sBankName' => isset($aParam['sBankName']) ? $aParam['sBankName'] : '', 'sPayAccount' => isset($aParam['sPayAccount']) ? $aParam['sPayAccount'] : '', 'iPayStatus' => isset($aParam['iPayStatus']) ? $aParam['iPayStatus'] : 1, 'sPayOrder' => isset($aParam['sPayOrder']) ? $aParam['sPayOrder'] : '', 'sMyOrder' => isset($aParam['sMyOrder']) ? $aParam['sMyOrder'] : '', 'sRemark' => isset($aParam['sRemark']) ? $aParam['sRemark'] : '');
$iPayID = self::addData($aRow);
} else {
$aRow = array('iAutoID' => $iPayID, 'iUserMoney' => $aUser['iMoney'] + $aParam['iMoney'], 'iPayStatus' => isset($aParam['iPayStatus']) ? $aParam['iPayStatus'] : 1, 'sPayOrder' => isset($aParam['sPayOrder']) ? $aParam['sPayOrder'] : '', 'sMyOrder' => isset($aParam['sMyOrder']) ? $aParam['sMyOrder'] : '', 'sRemark' => isset($aParam['sRemark']) ? $aParam['sRemark'] : '');
self::updData($aRow);
}
return $iPayID;
}
