static function renderUpdateForm(SiteUser $user = null, $exclude_fields = array())
{
$settings = Vars::getSettings();
$profile = $user ? $user->getProfile() : null;
// get vars from form submission
$nickname = isset($_POST['nickname']) ? strip_tags($_POST['nickname']) : (isset($profile) ? $profile->getNickname() : '');
$mandatory_label = ' <span style="color: rgb(185,2,0); font-weight: bold;">*</span>';
$avatar_field = '
<div class="form-group" id="form-field-avatar" >
<label for="avatar">' . i18n(array('en' => 'Avatar', 'zh' => '头像')) . ' <small style="font-weight: normal;"><i>(' . i18n(array('en' => 'optional', 'zh' => '可选')) . ')</i></small></label>
' . ($profile ? "<div><img src='" . $profile->getThumbnailUrl() . "' alt='" . $user->getUsername() . "' style='cursor: pointer;' /></div>" : '') . '
<input type="file" id="avatar" name="avatar"' . ($profile ? ' style="display: none;"' : '') . ' />
<small>' . i18n(array('en' => 'Max image file size: ' . round($settings['profile']['avatar_max_size'] / 1000000, 1) . 'MB', 'zh' => '最大图片上传尺寸: ' . round($settings['profile']['avatar_max_size'] / 1000000, 1) . 'MB')) . '</small>
</div>
';
$rtn = '
<div class="form-group" id="form-field-nickname">
<label for="nickname">' . i18n(array('en' => 'Nick name', 'zh' => '昵称')) . $mandatory_label . ' <small style="font-weight: normal;"><i>(' . i18n(array('en' => 'what others see you as', 'zh' => '其他用户看到的您的称呼')) . ')</i></small></label>
<input type="text" class="form-control" id="nickname" name="nickname" value="' . $nickname . '" required placeholder="" />
</div>' . (in_array('avatar', $exclude_fields) ? '' : $avatar_field) . '
<script type="text/javascript">
$("#form-field-avatar img").click(function(){
$("#avatar").trigger("click");
});
$("#avatar").change(function(){
//$("#form-field-avatar img").fadeOut();
$(this).fadeIn();
});
</script>
';
return $rtn;
}
static function renderSignupForm(SiteUser $user = null, $action = '', $exclude_fields = array())
{
// set default action value
if ($action != '') {
$action = uri($action);
}
// get vars from form submission
$username = isset($_POST['username']) ? strip_tags($_POST['username']) : (isset($user) ? $user->getUsername() : '');
$email = isset($_POST['email']) ? strip_tags($_POST['email']) : (isset($user) ? $user->getEmail() : '');
$password = '';
$password_confirm = '';
$active = isset($_POST['active']) ? strip_tags($_POST['active']) : (isset($user) ? $user->getActive() : false);
$mandatory_label = ' <span style="color: rgb(185,2,0); font-weight: bold;">*</span>';
$active_field = '
<div class="checkbox" id="form-field-active">
<label>
<input type="checkbox" id="active" name="active" value="1" ' . ($active == false ? '' : 'checked="checked"') . '> ' . i18n(array('en' => 'Active?', 'zh' => '有效用户')) . '
</label>
</div>
';
$rtn = Message::renderMessages() . '
<form action="' . $action . '" method="POST" id="signup" enctype="multipart/form-data">
<div class="form-group" id="form-field-username">
<label for="username">' . i18n(array('en' => 'Username', 'zh' => '用户名')) . $mandatory_label . ' <small style="font-weight: normal;"><i>(' . i18n(array('en' => 'alphabetical letters, number or underscore', 'zh' => '英文字母,数字或下划线')) . ')</i></small></label>
<input type="text" class="form-control" id="username" name="username" value="' . $username . '" required placeholder="" />
</div>
<div class="form-group" id="form-field-email" >
<label for="email">' . i18n(array('en' => 'Email', 'zh' => '电子邮箱')) . $mandatory_label . '</label>
<input type="email" class="form-control" id="email" name="email" value="' . $email . '" required />
</div>
<div class="form-group" id="form-field-password">
<label for="password">' . i18n(array('en' => 'Password', 'zh' => '密码')) . $mandatory_label . ' <small style="font-weight: normal;"><i>(' . i18n(array('en' => 'at least 6 letters', 'zh' => '至少6位')) . ')</i></small></label>
<input type="password" class="form-control" id="password" name="password" value="' . $password . '" required />
</div>
<div class="form-group" id="form-field-password_confirm">
<label for="password_confirm">' . i18n(array('en' => 'Password again', 'zh' => '再次确认密码')) . $mandatory_label . '</label>
<input type="password" class="form-control" id="password_confirm" name="password_confirm" value="' . $password_confirm . '" required />
</div>
' . (class_exists('SiteProfile') ? SiteProfile::renderUpdateForm($user, $exclude_fields) : '') . (in_array('active', $exclude_fields) ? '' : $active_field) . '
<div class="form-group" id="form-field-notice"><small><i>
' . $mandatory_label . i18n(array('en' => ' indicates mandatory fields', 'zh' => ' 标记为必填项')) . '
</i></small></div>
<input type="submit" name="submit" class="btn btn-primary btn-block disabled" value="' . i18n(array('en' => 'Signup', 'zh' => '注册')) . '" />
' . (module_enabled('form') ? Form::loadSpamToken('#signup', SITEUSER_FORM_SPAM_TOKEN) : '') . '
</form>
';
return $rtn;
}
static function createReadTableIfNotExist($table_name_prefix)
{
global $mysqli;
if (!parent::tableExistByName($table_name_prefix . '_read')) {
return $mysqli->query("\r\nCREATE TABLE IF NOT EXISTS `" . $table_name_prefix . "_read` (\r\n `id` INT NOT NULL AUTO_INCREMENT ,\r\n `article_id` INT ,\r\n `user_wechat_account_id` INT ,\r\n PRIMARY KEY (`id`)\r\n ,\r\nINDEX `fk-" . $table_name_prefix . "_read-article_id-idx` (`article_id` ASC),\r\nCONSTRAINT `fk-" . $table_name_prefix . "_read-article_id`\r\n FOREIGN KEY (`article_id`)\r\n REFERENCES `wechat_article` (`id`)\r\n ON DELETE CASCADE\r\n ON UPDATE CASCADE ,\r\nINDEX `fk-" . $table_name_prefix . "_read-user_wechat_account_id-idx` (`user_wechat_account_id` ASC),\r\nCONSTRAINT `fk-" . $table_name_prefix . "_read-user_wechat_account_id`\r\n FOREIGN KEY (`user_wechat_account_id`)\r\n REFERENCES `" . $table_name_prefix . "_account` (`id`)\r\n ON DELETE CASCADE\r\n ON UPDATE CASCADE)\r\nENGINE = InnoDB\r\nDEFAULT CHARACTER SET = utf8\r\nCOLLATE = utf8_general_ci;\r\n");
}
}
/**
* Returns logged person User object from database
*
* @return User
*/
public function getRaykuUser()
{
if (is_null(self::$raykuUser)) {
self::$raykuUser = UserPeer::retrieveByPK($this->getRaykuUserId());
}
return self::$raykuUser;
}
$messages[] = new Message(Message::DANGER, i18n(array('en' => 'Please enter the e-mail address you registered with us', 'zh' => '请填写您注册是使用的电子邮箱')));
} else {
$user = SiteUser::findByEmail($email);
if (is_null($user)) {
$messages[] = new Message(Message::DANGER, i18n(array('en' => 'No record found registered with this e-mail', 'zh' => '未找到使用该邮箱注册的记录')));
}
}
// if succeed, send email
if (sizeof($messages) == 0) {
if ($user = SiteUser::findByEmail($email)) {
$user->sendPasswordResetEmail();
}
Message::register(new Message(Message::SUCCESS, i18n(array('en' => 'We\'ve sent an email to your mail box to reset your password. Please check your mail box.', 'zh' => '我们已向您注册的邮箱发送密码重置链接,请查看您的邮箱并点击链接重置您的密码'))));
} else {
Message::register($messages);
}
HTML::forwardBackToReferer();
}
// override this call if "site" module has the override controller
$override_controller = MODULESROOT . '/site/controllers/siteuser/forget_password.php';
if (is_file($override_controller)) {
require $override_controller;
exit;
}
$html = new HTML();
$html->renderOut('core/backend/html_header', array('title' => i18n(array('en' => 'Password reset', 'zh' => '重置密码'))));
$html->renderOut('core/backend/single_form_header', array('title' => i18n(array('en' => 'Password reset', 'zh' => '重置密码'))));
echo SiteUser::renderForgetPasswordForm();
$html->renderOut('core/backend/single_form_footer', array('extra' => '<div class="login" style="text-align: center;"><small><a href="' . uri('users') . '">' . i18n(array('en' => 'go back to login page', 'zh' => '返回登录页面')) . '</a></small></div>'));
$html->renderOut('core/backend/html_footer');
exit;
<?php
/*
SEND_INVITE_RESPONSE PHP FILE
BY EVAN PAUL, NOVEMBER 13, 2013
*/
include_once "inc/constants.inc.php";
include_once 'inc/class.pool.inc.php';
include_once 'inc/class.users.inc.php';
if (isset($_POST['response'])) {
$user = new SiteUser();
$pool = new Pool();
if ($_POST['response'] == "a") {
//if invite was accepted:
//add user to given pool's membership list:
$pool->AddUserToPoolMembership($_POST['user_id'], $_POST['pool_id']);
//remove given pool id from user's invite list:
$user->RemoveInvite($_POST['user_id'], $_POST['pool_id']);
}
if ($_POST['response'] == "r") {
//if invite was accepted:
//remove given pool id from user's invite list:
$user->RemoveInvite($_POST['user_id'], $_POST['pool_id']);
}
}
<?php
//-- SiteUser:Clear cache
if ($command == "cc") {
if ($arg1 == "all" || $arg1 == "siteuser") {
echo " - Drop table 'site_user' ";
echo SiteUser::dropTable() ? "success\n" : "fail\n";
}
}
//-- SiteUser:Import DB
if ($command == "import" && $arg1 == "db" && (is_null($arg2) || $arg2 == "site_user")) {
//- create tables if not exits
echo " - Create table 'site_user' ";
echo SiteUser::createTableIfNotExist() ? "success\n" : "fail\n";
}
//-- SitePermission:Clear cache
if ($command == "cc") {
if ($arg1 == "all" || $arg1 == "siteuser") {
echo " - Drop table 'site_permission' ";
echo SitePermission::dropTable() ? "success\n" : "fail\n";
}
}
//-- SitePermission:Import DB
if ($command == "import" && $arg1 == "db" && (is_null($arg2) || $arg2 == "site_permission")) {
//- create tables if not exits
echo " - Create table 'site_permission' ";
echo SitePermission::createTableIfNotExist() ? "success\n" : "fail\n";
}
//-- SiteRole:Clear cache
if ($command == "cc") {
if ($arg1 == "all" || $arg1 == "siteuser") {
$messages[] = new Message(Message::DANGER, i18n(array('en' => 'Your password and confirmed password don\'t match. Please try again', 'zh' => '确认密码和原密码不匹配,请重新输入')));
}
}
}
// profile
if (module_enabled('siteuser_profile')) {
require MODULESROOT . '/siteuser_profile/controllers/fields_validation.php';
}
// eorror handling
if (sizeof($messages) > 0) {
foreach ($messages as $message) {
Message::register($message);
}
// if success
} else {
$user = empty($uid) ? new SiteUser() : SiteUser::findById($uid);
if (isset($username)) {
$user->setUsername($username);
}
$user->setEmail($email);
$user->putPassword($password);
// if the updated user is current user, we need to update user session, so that he won't be kicked out
if ($_SESSION['siteuser_id'] == $user->getId()) {
$_SESSION['siteuser_password'] = $user->getPassword();
}
if (isset($company_id) && $company_id) {
$user->setCompanyId($company_id);
}
if ($active !== false) {
$user->setActive($active == "1" ? 1 : 0);
$user->setEmailActivated(1);
<?php
$title = "Create new adventure";
require_once "site_body.php";
require_once "models/siteuser.class.php";
$siteUser = new SiteUser($mysql);
?>
<style>
/* upload file button styles */
.btn-file {
position: relative;
overflow: hidden;
}
.btn-file input[type=file] {
position: absolute;
top: 0;
right: 0;
min-width: 100%;
min-height: 100%;
font-size: 100px;
text-align: right;
filter: alpha(opacity=0);
opacity: 0;
outline: none;
background: white;
cursor: inherit;
display: block;
}
</style>
<?php
<?php
include_once "inc/constants.inc.php";
$pageTitle = "Forgot Password?";
include_once "inc/header.php";
if (!empty($_POST['username'])) {
$entryValue = $_POST['username'];
//check to make sure email address is valid
if (preg_match("/^.+@.+\\..+\$/", $entryValue)) {
//if email is valid:
include_once "inc/class.users.inc.php";
$user = new SiteUser();
$user_id = $user->GetUserIDFromEmail($entryValue);
if (isset($user_id)) {
//if an account for the given email exists:
$reset_password_result = $user->ResetPassword($user_id, $entryValue);
echo "<h4 style='color:#5cb85c; margin-left:20px;'>We have sent a link to reset your password to your email address.</h4>";
exit;
} else {
//if no account exists for this email:
echo "<p style='color:red; margin-left:20px;'>No account exists for that email address. Please try again.</p>";
}
} else {
//if email is not valid:
echo "<p style='color:red; margin-left:20px;'>Please enter a valid email address</p>";
}
}
//if page loads and form is blank:
?>
/*
TO DO AS OF 7:30 PM ON 11/22/13:
-WE DO NOT CURRENTLY HAVE A WAY TO CHECK TO SEE WHETHER THE INVITE IS A DUPLICATE FOR THE GIVEN USER - PROB SHOULD IMPLEMENT THIS IN USER CLASS FILE FOR InviteReceive FUNCTION
-OR WE CAN ADD A FIELD TO THE POOL MEMBERSHIP TABLE FOR "INVITE ACCEPTED" - FIELD STARTS AS 0 WHEN INVITE IS SENT, THEN WE MAKE THIS FIELD 1 ONLY WHEN USER ACCEPTS THE INVITE
*/
if ($_POST['invite'] == 1) {
//if this file is being run thru the invite ajax function:
$invitee_array = $_POST['invitees_array'];
//get array of invitee emails
$pool_id = $_POST['pool_id'];
//get pool ID that we are inviting people for
$inviter = $_POST['inviter'];
//get email/username of inviter
include_once 'inc/class.users.inc.php';
$user = new SiteUser();
foreach ($invitee_array as $invitee_index => $invitee_email) {
//foreach invitee email...
$invite_receive_result = $user->InviteReceive($invitee_email, $pool_id, $inviter);
//add pool id to user's "Pool Invites" field in DB
echo $invite_receive_result;
}
exit;
} else {
//if this file is being accessed by user navigation and not thru ajax:
if (!isset($current_user)) {
/*We send the user back to home page if $current_user is not set
This would indicate that the user is trying to access invite_people.php by itself and not via the pool.php page
*/
header("Location: home.php");
} else {
if (isset($_GET['v']) && isset($_GET['e'])) {
//store variables from URL:
$verification_value = $_GET['v'];
$user_id = $_GET['e'];
include_once "inc/class.users.inc.php";
$user = new SiteUser();
$verify_account_result = $user->verifyAccount($verification_value, $user_id);
if ($verify_account_result[0] > 3) {
//if verifyAccount result is greater than 3 and we don't want the user to enter a new password:
echo $verify_account_result[1];
}
}
//if form is submitted and the input passwords are correct length and match each other:
if (isset($_POST['form_sent']) && strlen($_POST['p']) > 7 && $_POST['p'] === $_POST['r']) {
include_once "inc/class.users.inc.php";
$user = new SiteUser();
//$username_entry = $_POST['username'];
$password_entry1 = $_POST['p'];
$password_entry2 = $_POST['r'];
$user_id = $_POST['form_sent'];
//store user ID from hidden field in form as $user_id variable (hidden field value comes from URL)
//store entered password in database:
$updatePassword_result = $user->updatePassword($password_entry1, $password_entry2, $user_id);
//$user->updateUsername($email, $username_entry);
echo $updatePassword_result;
echo "<h4><a href='login.php'>Click here to go to the home page</a></h4>";
exit;
}
//if the plain URL for this page is entered in with out the e variable:
//we should probably direct the user back to the home page in this case
if ((!isset($_GET['e']) or !isset($_GET['v'])) && !isset($_POST['form_sent'])) {
static function renderUpdateFormFrontend(SiteUser $user = null, $action = '')
{
// set default action value
if ($action != '') {
$action = uri($action);
}
// get vars from form submission
$username = isset($_POST['username']) ? strip_tags($_POST['username']) : (isset($user) ? $user->getUsername() : '');
$email = isset($_POST['email']) ? strip_tags($_POST['email']) : (isset($user) ? $user->getEmail() : '');
$password = '';
$password_confirm = '';
if ($user && $user->getId() == MySiteUser::getCurrentUser()->getId()) {
// when updating self profile, we don't include 'active'
$active_field = '';
} else {
$active = isset($_POST['active']) ? strip_tags($_POST['active']) : (isset($user) ? $user->getActive() . "" : false);
$active_field = '
<div class="form-group" id="form-field-active">
<label class="col-sm-2 control-label" for="active">' . i18n(array('en' => 'Active', 'zh' => '是否在职')) . '</label>
<div class="col-sm-10">
<select class="form-control" name="active" id="active">
<option value="1" ' . ($active == "1" ? 'selected=selected' : '') . '>在职</option>
<option value="0" ' . ($active == "0" ? 'selected=selected' : '') . '>离职</option>
</select>
</div>
</div>
<div class="hr-line-dashed"></div>';
}
$mandatory_label = ' <span style="color: rgb(185,2,0); font-weight: bold;">*</span>';
$roles_form_markup = '<div id="form-field-roles"><label class="col-sm-2 control-label">Roles</label><div class="col-sm-10"><ul class="checkbox">';
foreach (SiteRole::findAll() as $role) {
$roles_form_markup .= '<li><label><input type="checkbox" name="roles[' . $role->getid() . ']" value=1 ' . (isset($_POST['roles']) ? isset($_POST['roles'][$role->getId()]) ? 'checked="checked"' : '' : ($user && $user->hasRole($role->getName()) ? 'checked="checked"' : '')) . ' />' . $role->getName() . '</label></li>';
}
$roles_form_markup .= '</ul></div></div>';
$rtn = '
<form class="form-horizontal" action="' . $action . '" method="POST" enctype="multipart/form-data">
<div class="form-group" id="form-field-email" >
<label class="col-sm-2 control-label" for="email">' . i18n(array('en' => 'Email', 'zh' => '电子邮箱')) . $mandatory_label . '</label>
<div class="col-sm-10">
<input type="email" class="form-control" id="email" name="email" value="' . $email . '" required />
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group" id="form-field-password">
<label class="col-sm-2 control-label" for="password">' . i18n(array('en' => 'Password', 'zh' => '密码')) . $mandatory_label . ' </label>
<div class="col-sm-10">
<input type="password" class="form-control" id="password" name="password" value="' . $password . '" required />
<span class="help-block m-b-none"><small>(' . i18n(array('en' => 'at least 6 letters', 'zh' => '至少6位')) . ')</small></span>
</div>
</div>
<div class="form-group" id="form-field-password_confirm">
<label class="col-sm-2 control-label" for="password_confirm">' . i18n(array('en' => 'Password again', 'zh' => '再次确认密码')) . $mandatory_label . '</label>
<div class="col-sm-10">
<input type="password" class="form-control" id="password_confirm" name="password_confirm" value="' . $password_confirm . '" required />
</div>
</div>
<div class="hr-line-dashed"></div>
' . (class_exists('SiteProfile') ? SiteProfile::renderUpdateForm($user) : '') . '
<div class="hr-line-dashed"></div>
' . $active_field . '
<input type="hidden" value=1 name="noemailnotification" />
' . (is_backend() ? $roles_form_markup : '') . '
<div class="form-group" id="form-field-notice">
<div class="col-sm-10 col-sm-push-2">
<small><i>
' . $mandatory_label . i18n(array('en' => ' indicates mandatory fields', 'zh' => ' 标记为必填项')) . '
</i></small>
</div>
</div>
<div class="col-sm-10 col-sm-push-2">
<button type="submit" name="submit" class="btn btn-primary">' . (is_null($user) ? i18n(array('en' => 'Add new user', 'zh' => '添加新用户')) : i18n(array('en' => 'Update user', 'zh' => '更新用户'))) . '</button>
</div>
</form>
';
return $rtn;
}
function is_login()
{
$user = SiteUser::getCurrentUser();
return $user->getId() != -1;
}
<?php
//include_once "constants.inc.php";
session_start();
if (isset($_SESSION['LoggedIn']) && isset($_SESSION['Username']) && $_SESSION['LoggedIn'] == 999) {
//if user is logged in:
include_once 'inc/class.users.inc.php';
$user = new SiteUser();
include_once 'inc/class.pool.inc.php';
$pool = new Pool();
$current_user = $_SESSION['Username'];
$current_user_id = $user->GetUserIDFromEmail($current_user);
$pool_invites_result_pre = $user->CheckPoolInvites($current_user);
//get initial pool invites for a user if they exist - these may include pools which are live that we don't want the user to join, so we do a check for live pool invites below and remove the invite if the pool is live
$admin = $user->CheckAdmin($current_user_id);
//$ADMIN variable is a 1 if user is an admin and 0 if not
} elseif ($on_login_page !== 1) {
//if user is not logged in, redirect to login page:
header("Location: login.php");
}
public function GetPoolWinners()
{
$number_to_return = 5;
//SET THE NUMBER OF WINNERS TO BE RETURNED BY THIS FUNCTION HERE
//GET RECENT WINNERS FROM POOL TABLE
include_once 'inc/class.users.inc.php';
//we only use this in case we need to get the given winner's email address if they didnt specify a pool nickname
$user = new SiteUser();
//new user instance
$query = new DB_Queries();
//new instance of the DB_Queries object
$recent_winners_query = "SELECT * FROM `Pool` WHERE `Pool Winner` IS NOT NULL ORDER BY `Pool ID` DESC LIMIT 0,{$number_to_return};";
$result1 = mysqli_query($this->cxn, $recent_winners_query);
//$recent_pools_array = mysqli_fetch_assoc($result1);
$pool_winner_array = array();
while ($row = mysqli_fetch_assoc($result1)) {
$pool_id = $row['Pool ID'];
$winner_user_id = $row['Pool Winner'];
$select_array = $this->CreateArrayFromDB_QueryInputs('Pool Nickname', 'TABLE:', 'Pool Membership', 'User ID', $winner_user_id, 'Pool ID', $pool_id);
$nickname_array = $query->SelectFromDB($select_array);
if (is_null($nickname_array['Pool Nickname'])) {
//if no pool nickname was set, return the winner's numeric user ID #:
$user_info = $user->GetUserInfo($winner_user_id);
$pool_winner_array[$pool_id] = $user_info['Email Address'];
} else {
//if a pool nickname was set, put in into the pool winner array
$pool_winner_array[$pool_id] = $nickname_array['Pool Nickname'];
}
}
return $pool_winner_array;
}
<?php
$uid = isset($vars[1]) ? $vars[1] : null;
$salt = isset($vars[2]) ? $vars[2] : null;
$salt = is_null($salt) ? $salt : decrypt($salt);
// validation
if (is_null($uid) || is_null($salt)) {
HTML::forward('core/404');
}
$user = SiteUser::findById($uid);
if (is_null($user) || $user->getSalt() != $salt) {
HTML::forward('core/404');
}
// do resend email
$user->sendAccountActivationEmail();
Message::register(new Message(Message::SUCCESS, i18n(array('en' => 'Account activation email resent successfully. Please check your mail box', 'zh' => '账号激活邮件发送成功,请查看您的邮箱'))));
HTML::forwardBackToReferer();
i18n_echo(array('en' => 'User', 'zh' => '用户'));
?>
</h1>
</div>
</div>
<div class="row">
<div class="col-xs-12">
<div class="panel panel-default">
<div class="panel-heading"><?php
i18n_echo(array('en' => 'Edit user', 'zh' => '编辑用户'));
?>
- <i>'<?php
echo $user->getUsername();
?>
'</i></div>
<div class="panel-body">
<?php
echo Message::renderMessages();
?>
<?php
echo SiteUser::renderUpdateFormBackend($user);
?>
</div>
</div>
</div>
</div>
</div>
<?php
$page = isset($_GET['page']) ? $_GET['page'] : 1;
if (!preg_match('/^\\d+$/', $page)) {
dispatch('core/backend/404');
exit;
}
$html = new HTML();
$html->renderOut('core/backend/html_header', array('title' => i18n(array('en' => 'Manage user', 'zh' => '管理用户'))), true);
$html->output('<div id="wrapper">');
$html->renderOut('core/backend/header');
$total = SiteUser::countAll();
$per_page = 50;
$total_page = ceil($total / $per_page);
$html->renderOut('siteuser/backend/user/list', array('users' => SiteUser::findAllWithPage($page, $per_page), 'current_page' => $page, 'total_page' => $total_page, 'total' => $total, 'pager' => $html->render('core/components/pagination', array('total' => $total_page, 'page' => $page)), 'per_page' => $per_page), true);
$html->output('</div>');
$html->renderOut('core/backend/html_footer');
exit;
<?php
include_once "constants.inc.php";
$pageTitle = "TEST VERIFY";
include_once "header.php";
//if page loads and form is not blank:
if (!empty($_POST['email']) and !empty($_POST['verification'])) {
//JUST FOR TESTING PURPOSES: set entered verification code as $verification_value variable
$verification_value = $_POST['verification'];
$email_value = $_POST['email'];
include_once "class.users.inc.php";
$user = new SiteUser();
$user->verifyAccount($verification_value, $email_value);
//if page loads and form is blank:
} else {
?>
<h2>TEST PAGE: Please Verify your account</h2>
<form method="post" action="accountverify_test.php">
<div>
<!--Email input below is just for test purposes-->
<label for="p">Enter your email address here</label>
<input type="text" name="email" id="email" /><br />
<!--Verification code input below is just for test purposes-->
<label for="p">Enter your verification code here</label>
<input type="text" name="verification" id="verification" /><br />
<input type="hidden" name="form_sent" value="<?php
echo $_GET['form_sent'];
<?php
include_once "inc/loggedin_check.php";
include_once "inc/constants.inc.php";
$pageTitle = "New Pool";
include_once "inc/header.php";
$user = new SiteUser();
$current_user = $_SESSION['Username'];
$current_user_id = $user->GetUserIDFromEmail($current_user);
?>
<br>
<div style="text-align: center">
<h1>Create New Pool</h1>
<h4>You are presented with a choice...</h4>
</div>
<div id="container">
<div class="row" style="padding:5%;">
<div class="col-sm-6 col-md-6">
<div class="thumbnail">
<div class="caption">
<h3>Create pool from existing template</h3>
<p>Choose one of our many pool templates. We create all of the categories and mark answers correct so that you don't have to.</p>
<br>
<p><a href="browse_templates.php" class="btn btn-lg btn-primary center-block" role="button">Browse Templates</a> </p>
</div>
</div>
</div>
<div class="col-sm-6 col-md-6">
<div class="thumbnail">
<div class="caption">
<?php
include_once "inc/constants.inc.php";
$pageTitle = "Reset Password";
if (isset($_GET['v']) && isset($_GET['user_id'])) {
//if the user arrives here with the v and user_id variables properly set, we want to set their 'Account Activated' field in the user table to 1, so we run the verifyAccount method:
//NOTE: the below code gets called before the user enters their new password:
include_once "inc/class.users.inc.php";
$user = new SiteUser();
$ret = $user->verifyAccount($_GET['v'], $_GET['user_id']);
} else {
//redirect to home page if "v" and "user id" variables are not properly set in URL
header("Location: home.php");
exit;
}
include_once "inc/header.php";
?>
<br>
<div style="margin-left:20px;">
<h2>Reset Your Password</h2>
<form method="post" action="accountverify.php?e=<?php
echo $_GET['user_id'];
?>
">
<div>
<label for="p">Choose a New Password:</label>
<input type="password" name="p" id="p" /><br />
<label for="r">Re-Type Password:</label>
<input type="password" name="r" id="r" /><br />
<input type="hidden" name="v" value="<?php
<?php
/*
Pool Members page
This page is included when user navigates to the "pool members" tab on the pool.php page
All of the necessary php variables are defined on the pool.php page
*/
$pool_members_id_array = $pool->GetPoolMembers($pool_id);
//store all of the user_id's of the pool member's in pool_member_id_array
include_once 'inc/class.users.inc.php';
$user = new SiteUser();
$pool_members_array = array();
if ($pool_fetch_result['Pool ended?'] == 1) {
//if pool has ended:
$pool_members_array_for_table = $pool_rankings_array;
//generate the pool members table using final rankings array (GetFinalPoolRankings method in pool class)
$pool_member_table_rank_style = "text-decoration:underline; width:8%";
//show rank column in table
$pool_member_table_score_style = "text-decoration:underline; width:7%;";
//adjust score column to share width with rank column
} else {
//if pool has not ended:
$pool_members_array_for_table = $pool_members_id_array;
$pool_member_table_rank_style = "text-decoration:underline; width:8%";
//show rank column in table
$pool_member_table_score_style = "text-decoration:underline; width:15%;";
//give score column in table full 15% width since it doesn't share with rank column
}
?>
<hr>
<div class="pool_members_container">
<?php
include_once "inc/constants.inc.php";
$on_login_page = 1;
include_once "inc/loggedin_check.php";
$pageTitle = "Home";
//check to see if the LoggedIn and Username $_SESSION variables are set (if so, then the user is already logged in and they dont need to see this page)
if (!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username'])) {
//if so, redirect user to their home page:
header("Location: home.php");
//otherwise, if session variables are not set, check to see if the login form was submitted:
} elseif (!empty($_POST['username']) && !empty($_POST['password'])) {
//if so, create a new instance of the user class and run the accountLogin method
include_once 'inc/class.users.inc.php';
$user = new SiteUser();
$email_entry = $_POST['username'];
$password_entry = md5($_POST['password']);
//encrypt password input
$timezone = $_POST['time'];
//get timezone from ajax call
$user->accountLogin($email_entry, $password_entry, $timezone);
//run accountLogin method in user class. This will log the user in and set the session variables if the user is authenticated successfully
exit;
} else {
include_once "inc/header.php";
if (isset($_GET['login'])) {
//if the user was not logged in and the "login" variable was set (indicating that we came from the AJAX login function):
?>
<h2>Login Failed—Try Again?</h2>
<form method="post" action="javascript:login_function()" name="loginform" id="loginform">
<div>
<?php
include_once "inc/constants.inc.php";
$pageTitle = "Register";
include_once "inc/header.php";
if (!empty($_POST['username'])) {
$entryValue = $_POST['username'];
//check to make sure email address is valid
//PROBABLY SHOULD ADD A DNS CHECK HERE TOO. SEE http://www.soaptray.com/blog/2008/04/validate-email-addresses-using-php/
if (preg_match("/^.+@.+\\..+\$/", $entryValue)) {
//if email is valid:
include_once "inc/class.users.inc.php";
$user = new SiteUser();
$addNewUser_result = $user->addNewUser($entryValue);
if ($addNewUser_result[0] == 2 or $addNewUser_result[0] == 4) {
//Send Email to new user:
include_once 'inc/send_mail.php';
//include email file
$verification_instruction = "<h4>A verification link has been sent to your email address. Please click the link to verify your account</h4>";
SendEmail($entryValue, "Welcome to " . BRAND_NAME, "Thank you for signing up. \n Please click the following link to verify your account: " . $addNewUser_result[2] . "\n\n If clicking the link does not work, please copy and paste it into your browser.");
}
echo "<div id='signup_page_message_div' style='padding-left:20px;'>";
echo $addNewUser_result[1];
echo $verification_instruction;
echo "</div>";
if ($addNewUser_result[0] == 2) {
//if email was stored successfully, don't show the signup HTML
exit;
}
} else {
//if email is not valid:
<?php
$user = SiteUser::getCurrentUser();
$user->logout();
HTML::forward('');
if (!isset($pool_fetch_result['Pool Winner'])) {
//if pool has NOT yet been scored:
if ($pool_fetch_result['Multiple Choice?'] == 0) {
//if pool is NOT multiple choice:
echo "<h3>Pool has ended. Waiting on pool leader to tally the score</h3>";
if ($user_is_leader == 1) {
echo "<br><h4><a href='score_pool_manual.php?pool_id=" . $pool_id . "'>Click here to tally the pool's score</a></h4>";
}
} else {
//if pool was multiple choice:
if (isset($pool_fetch_result['Template ID'])) {
//if pool was a pre-canned template:
echo "<h4>Pool results are being calculated. Please check back again soon.</h4>";
//**BEGIN ADMIN TEMPLATE SCORE LINK (ONLY FOR USER_ID=1**)
include_once 'inc/class.users.inc.php';
$user = new SiteUser();
$current_user_id = $user->GetUserIDFromEmail($_SESSION['Username']);
if ($current_user_id == 1) {
echo "<h4><a href='score_pool_manual.php?pool_id=" . $pool_id . "'>Click here to mark the correct answers (INTERNAL)</a></h4>";
}
//**END OF ADMIN TEMPLATE SCORE LINK**
} else {
//if pool was NOT a pre-canned template, the leader needs to mark the correct picks manually:
echo "<h3>Pool has ended. Waiting on pool leader to tally the score</h3>";
if ($user_is_leader == 1) {
echo "<br><h4><a href='score_pool_manual.php?pool_id=" . $pool_id . "'>Click here to mark the correct answers</a></h4>";
}
}
}
} else {
//if pool HAS been scored:
<?php
// check if already login, if yes, redirect to homepage
if (is_login()) {
HTML::forward('');
}
// override this call if "site" module has the override controller
$override_controller = MODULESROOT . '/site/controllers/siteuser/user_login.php';
if (is_file($override_controller)) {
require $override_controller;
exit;
}
$html = new HTML();
$html->renderOut('core/backend/single_form_header', array('title' => i18n(array('en' => 'User login', 'zh' => '用户登录'))));
echo SiteUser::renderLoginForm();
$html->renderOut('core/backend/single_form_footer', array('extra' => '<div style="text-align: center;"><small class="signup"><a href="' . uri('users/signup') . '">' . i18n(array('en' => 'signup as new user', 'zh' => '申请注册为新用户')) . '</a></small></div>'));
exit;
if (isset($_POST['submit'])) {
$password = isset($_POST['password']) ? trim(strip_tags($_POST['password'])) : null;
$password_confirm = isset($_POST['password_confirm']) ? trim(strip_tags($_POST['password_confirm'])) : null;
// validation
if (is_null($password) || strlen($password) < 6) {
Message::register(new Message(Message::DANGER, i18n(array('en' => 'Password needs to be more than 6 characters. Please try again', 'zh' => '密码至少需要6位。请重试'))));
HTML::forwardBackToReferer();
} else {
if ($password != $password_confirm) {
Message::register(new Message(Message::DANGER, i18n(array('en' => 'Password and confirmed password don\'t match. Please try again', 'zh' => '密码和确认密码不符。 请重试'))));
HTML::forwardBackToReferer();
}
}
// success
$user->putPassword($password);
$user->save();
Message::register(new Message(Message::SUCCESS, i18n(array('en' => 'Your password has been successfully updated. You may sign in below', 'zh' => '您的密码已经成功更新了。您现在可以登录了'))));
HTML::forward('users');
}
// override this call if "site" module has the override controller
$override_controller = MODULESROOT . '/site/controllers/siteuser/forget_password_reset.php';
if (is_file($override_controller)) {
require $override_controller;
exit;
}
// default
$html = new HTML();
$html->renderOut('core/backend/single_form_header', array('title' => i18n(array('en' => 'Reset your password', 'zh' => '重置您的密码'))));
echo SiteUser::renderPasswordResetForm();
$html->renderOut('core/backend/single_form_footer', array('extra' => '<div style="text-align: center;"><small class="signup"><a href="' . uri('users') . '">' . i18n(array('en' => 'go back to login', 'zh' => '返回登录界面')) . '</a></small></div>'));
exit;
<?php
// check if already login, if yes, redirect to homepage
if (is_login()) {
HTML::forward('');
}
// handle submission
$submission_handler = MODULESROOT . '/siteuser/controllers/backend/user/add_edit_submission.php';
require $submission_handler;
// override this call if "site" module has the override controller
$override_controller = MODULESROOT . '/site/controllers/siteuser/user_signup.php';
if (is_file($override_controller)) {
require $override_controller;
exit;
}
$html = new HTML();
$html->renderOut('core/backend/single_form_header', array('title' => i18n(array('en' => 'New user signup', 'zh' => '新用户注册'))));
echo SiteUser::renderSignupForm(null, '', array('avatar', 'active'));
$html->renderOut('core/backend/single_form_footer', array('extra' => '<div style="text-align: center;"><small class="login"><a href="' . uri('users') . '">' . i18n(array('en' => 'login as exsiting user', 'zh' => '现有用户登录')) . '</a></small></div>'));
exit;
