/**
* Returns the group of the user and put the user's data in the session
* @param $login
* @return string
*/
private function getGroupName($login)
{
if (!isset($this->userNamespace->user)) {
$users = new Users();
$select = $users->select()->setIntegrityCheck(false)->from($users, array('users_id' => 'users.id', 'login' => 'users.login', 'usersgroups_name' => 'usersgroups.name', 'usersgroups_id' => 'usersgroups.id', 'fname' => 'users.fname', 'lname' => 'users.lname', 'email' => 'users.email', 'usersgroups_id' => 'users.usersgroups_id'))->where(' users.login LIKE ?', $login)->join('usersgroups', 'users.usersgroups_id = usersgroups.id');
$rows = $users->fetchAll($select);
$row = $rows->current();
// save the last login time
$usrDB = new Users();
$urow = $usrDB->fetchRow("id = '" . $row->users_id . "'");
$urow->lastlogindate = Sydney_Tools::getMySQLFormatedDate();
$urow->save();
$this->userNamespace->user = $row->toArray();
// define all the groups this user is part of
$groupsDB = new Usersgroups();
$this->userNamespace->user['member_of_groups'] = $groupsDB->getParentsIds($this->userNamespace->user['usersgroups_id']);
$this->userNamespace->lock();
return $row->usersgroups_name;
} else {
return $this->userNamespace->user['usersgroups_name'];
}
}
/**
*
* @return void
*/
public function lostpasswordAction()
{
$form = $this->getLostpassForm();
$request = $this->getRequest();
$this->view->showform = true;
// Check if we have a POST request
if ($request->isPost() && !$form->isValid($request->getPost())) {
// Invalid entries
$this->view->form = $form;
}
if ($request->isPost() && $form->isValid($request->getPost())) {
$this->view->showform = false;
$usrDB = new Users();
$user = $usrDB->fetchRow("login LIKE '" . addslashes($request->username) . "' AND safinstances_id = '" . $this->safinstancesId . "' ");
if ($user) {
$strl = 'qwertyuiopasdfghjklzxcvbnm12345678902@#$!';
$strll = strlen($strl);
$npwd = '';
for ($i = 0; $i <= 8; $i++) {
$rdd = rand(0, $strll - 1);
$npwd .= $strl[$rdd];
}
$user->password = md5($npwd);
$user->lastpwdchanges = Sydney_Tools::getMySQLFormatedDate();
$user->save();
// send the email
$tmsg = "Dear user,\n\nYour password has been modified as requested.\nYou will now be able to use the following credentials:\n\nlogin: "******"\npassword: "******"\n\nWe suggest you change your password as soon as possible for security reason.\nIf you did not request a password change, please contact our support.\n\nRegards,\n" . $this->_config->general->siteTitle . " team.\n\n";
$mail = new Zend_Mail();
$mail->setBodyText($tmsg);
$mail->setFrom($this->_config->general->siteEmail, $this->_config->general->siteTitle);
$mail->addTo($user->login, $user->login);
$mail->setSubject($this->_config->general->siteTitle . ' new password.');
$mail->send();
$this->view->mmsg = 'Thank you! Your new password has been sent to your email. Please check your email and use this new password for authentication.';
} else {
$this->view->mmsg = 'We could not find this user in our database for this website... Are you sure you are registered?';
}
}
$this->view->form = $form;
}
private function saveRow($data, $modeEdit, $isPublicModule)
{
try {
$usersDb = new Users();
if ($modeEdit) {
$rows = $usersDb->fetchAll(" id = '" . $data['id'] . "' AND login = '******'login']) . "' ");
$row = $rows[0];
} else {
$row = $usersDb->createRow();
}
// Store row
$this->set($row);
foreach ($data as $k => $v) {
if (isset($data[$k]) && isset($row->{$k})) {
switch ($k) {
case 'password':
if (!empty($data[$k])) {
if (!$this->isValidPassword($data[$k], $data['id'])) {
Sydney_Messages::getInstance()->addMessage(Sydney_Tools::_('Please use another password!'));
return false;
}
$row->lastpwdhistory = $this->getUpdatedHistoryForDb($row->lastpwdhistory, $data[$k]);
$row->{$k} = md5($data[$k]);
$row->lastpwdchanges = Sydney_Tools::getMySQLFormatedDate();
$row->timeValidityPassword = 0;
}
break;
case 'valid':
if ($row->{$k} != $data[$k]) {
$row->laststatuschange = Sydney_Tools::getMySQLFormatedDate();
if ($row->{$k} == 1) {
$row->unsubscribedate = Sydney_Tools::getMySQLFormatedDate();
}
}
$row->{$k} = $data[$k];
break;
case 'active':
if ($row->{$k} != $data[$k]) {
$row->laststatuschange = Sydney_Tools::getMySQLFormatedDate();
if ($row->{$k} == 1) {
$row->unsubscribedate = Sydney_Tools::getMySQLFormatedDate();
}
}
$row->{$k} = $data[$k];
break;
default:
$row->{$k} = $data[$k];
break;
}
}
}
$creation = !($row->id > 0);
// Store row
$this->set($row);
if (!$creation) {
// in case we are editing
$row->modifieddate = Sydney_Tools::getMySQLFormatedDate();
} else {
// fixed values if public creation
if ($isPublicModule) {
$row->usersgroups_id = 2;
// User is added to group 'auth'
$row->active = 0;
// User is not active
}
// in case we are creating
$usersData = Sydney_Tools::getUserdata();
$row->subscribedate = Sydney_Tools::getMySQLFormatedDate();
$row->modifieddate = Sydney_Tools::getMySQLFormatedDate();
$row->safinstances_id = Sydney_Tools::getSafinstancesId();
$row->creatoridentity = $usersData ? $usersData['users_id'] : 0;
$row->ip = $_SERVER['REMOTE_ADDR'];
}
if ($newId = $row->save()) {
Sydney_Messages::getInstance()->addMessage('Success! The data is valid.');
$row->id = $newId;
// Store row
$this->set($row);
if ($creation) {
// create the link to cor table
$corDb = new SafinstancesUsers();
$corRow = $corDb->createRow();
$corRow->safinstances_id = Sydney_Tools::getSafinstancesId();
$corRow->users_id = $row->id;
$corRow->save();
}
return $row;
} else {
Sydney_Messages::getInstance()->addMessage('Error...');
return false;
}
} catch (Exception $e) {
Sydney_Messages::getInstance()->addMessage('UsersOp::save::Exception! ' . $e->getMessage());
return false;
}
}
