function test_add() { $u = new User(array('id' => 1, 'email' => '*****@*****.**', 'password' => User::encrypt_pass('testing'), 'expires' => gmdate('Y-m-d H:i:s'), 'name' => 'Test User', 'type' => 'member', 'signed_up' => gmdate('Y-m-d H:i:s'), 'updated' => gmdate('Y-m-d H:i:s'), 'userdata' => json_encode(array()))); $this->assertTrue($u->put()); $this->assertEquals(1, $u->id); $this->assertEquals('member', $u->type); }
<?php /** * Encrypts the specified password in a compatible format * for storage in the Elefant user table. */ if (!$this->cli) { die('Must be run from the command line.'); } $page->layout = false; if (!isset($_SERVER['argv'][2])) { Cli::out('Usage: ./elefant encrypt-password <password>', 'info'); return; } echo User::encrypt_pass($_SERVER['argv'][2]) . "\n";
<?php /** * Form to reset your password, accessed through a link from an email. */ $verified = false; $u = User::query()->where('email', $_GET['email'])->single(); $data = $u->userdata; if ($data['recover'] == $_GET['recover'] && $data['recover_expires'] > time() + 60) { $f = new Form('post', 'user/newpass'); if ($f->submit()) { $u->password = User::encrypt_pass($_POST['password']); unset($data['recover']); unset($data['recover_expires']); $u->userdata = $data; $u->put(); $_POST['username'] = $u->email; User::require_login(); $page->title = i18n_get('Password updated'); echo '<p><a href="/user">' . i18n_get('Continue') . '</a></p>'; } else { $u = new StdClass(); $u = $f->merge_values($u); $u->failed = $f->failed; $page->title = i18n_get('Choose a new password'); echo $tpl->render('user/newpass', $u); } } else { $page->title = i18n_get('Invalid or expired recovery link'); echo '<p><a href="/">' . i18n_get('Continue') . '</a></p>'; }
* New user form for registering social login users. */ if (!$appconf['Custom Handlers']['user/signup']) { echo $this->error(404, __('Not found'), __('The page you requested could not be found.')); return; } // Check for a custom handler override $res = $this->override('user/login/newuser'); if ($res) { echo $res; return; } $f = new Form('post', 'user/login/newuser'); if ($f->submit()) { $date = gmdate('Y-m-d H:i:s'); $u = new User(array('name' => $_POST['name'], 'email' => $_POST['email'], 'password' => User::encrypt_pass($_POST['password']), 'expires' => $date, 'type' => Appconf::user('User', 'default_role'), 'signed_up' => $date, 'updated' => $date, 'userdata' => json_encode(array()), 'about' => '')); $u->put(); Versions::add($u); if (!$u->error) { $oid = new User_OpenID(array('token' => $_POST['token'], 'user_id' => $u->id)); $oid->put(); $_POST['username'] = $_POST['email']; User::require_login(); $this->redirect($_POST['redirect']); } // TODO: already have an account @error_log('Error creating profile: ' . $u->error); $page->title = 'An Error Occurred'; echo '<p>Please try again later.</p>'; echo '<p><a href="/">' . __('Back') . '</a></p>'; } else {
* Custom user sign up form that also creates an initial * customer and owner account. */ $conf = saasy\App::conf(); $www = $conf['App Settings']['include_www'] ? "www." : ""; // Sign up at base domain $customer = saasy\App::customer(); if ($customer) { $this->redirect($this->is_https() ? 'https://' . $www . saasy\App::base_domain() . '/user/signup' : 'http://' . $www . saasy\App::base_domain() . '/user/signup'); } $form = new Form('post', $this); $page->title = __('Sign Up'); echo $form->handle(function ($form) use($page, $tpl) { $date = gmdate('Y-m-d H:i:s'); $verifier = md5(uniqid(mt_rand(), 1)); $u = new User(array('name' => $_POST['name'], 'email' => $_POST['email'], 'password' => User::encrypt_pass($_POST['password']), 'expires' => $date, 'type' => 'member', 'signed_up' => $date, 'updated' => $date, 'userdata' => json_encode(array('verifier' => $verifier)))); $u->put(); Versions::add($u); if (!$u->error) { // Create customer and account $customer = new saasy\Customer(array('name' => $_POST['customer_name'], 'subdomain' => $_POST['subdomain'], 'level' => 1)); $customer->put(); $acct = new saasy\Account(array('user' => $u->id, 'customer' => $customer->id, 'type' => 'owner', 'enabled' => 1)); $acct->put(); try { Mailer::send(array('to' => array($_POST['email'], $_POST['name']), 'subject' => __('Please confirm your email address'), 'text' => $tpl->render('saasy/email/verification', array('verifier' => $verifier, 'email' => $_POST['email'], 'name' => $_POST['name'], 'domain' => $customer->domain())))); } catch (Exception $e) { @error_log('Email failed (saasy/signup): ' . $e->getMessage()); $u->userdata = array(); $u->put(); }
$form->data['account_level'] = isset($limits['name']) ? $limits['name'] : false; $form->view = 'saasy/account_owner'; $form->rules = parse_ini_file('apps/saasy/forms/account_owner.php', true); $page->add_style('/apps/saasy/css/account_members.css'); $page->add_script('/apps/saasy/js/bootstrap-filestyle-0.1.0.min.js'); $page->add_script('/apps/admin/js/handlebars-1.0.rc.1.js'); $page->add_script('/apps/saasy/js/account_members.js'); } else { $page->add_script('/apps/saasy/js/bootstrap-filestyle-0.1.0.min.js'); } echo $form->handle(function ($form) use($page, $customer, $acct) { // update user/acct \User::val('name', $_POST['name']); \User::val('email', $_POST['email']); if (!empty($_POST['new_pass'])) { \User::val('password', \User::encrypt_pass($_POST['new_pass'])); } \User::save(); if (is_uploaded_file($_FILES['photo']['tmp_name'])) { $acct->save_photo($_FILES['photo']); } if ($acct->type === 'owner') { // update customer too $customer->name = $_POST['customer_name']; if ($customer->subdomain !== $_POST['subdomain']) { $customer->subdomain = $_POST['subdomain']; $domain_has_changed = true; } else { $domain_has_changed = false; } if (!$customer->put()) {
/** * Initializes the `$i18n`, `$cache`, `$page`, and `$tpl` objects * for use with the controller in testing handlers. */ public static function setUpBeforeClass() { require_once 'lib/Functions.php'; require_once 'lib/DB.php'; error_reporting(E_ALL & ~E_NOTICE); if (!defined('ELEFANT_ENV')) { define('ELEFANT_ENV', 'config'); } $_SERVER['HTTP_ACCEPT_LANGUAGE'] = 'en'; $_SERVER['REQUEST_URI'] = '/'; global $conf, $i18n, $cache, $page, $tpl; // Set up the database connection to be in memory $conf = parse_ini_file('conf/config.php', TRUE); $conf['Database'] = array('master' => array('driver' => 'sqlite', 'file' => ':memory:')); // Initializes PDO connection automatically foreach (sql_split(file_get_contents('conf/install_sqlite.sql')) as $sql) { if (!DB::execute($sql)) { die('SQL failed: ' . $sql); } } // Create default admin and member users $date = gmdate('Y-m-d H:i:s'); DB::execute("insert into `user` (id, email, password, session_id, expires, name, type, signed_up, updated, userdata) values (1, ?, ?, null, ?, 'Admin User', 'admin', ?, ?, ?)", '*****@*****.**', User::encrypt_pass('testing'), $date, $date, $date, json_encode(array())); DB::execute("insert into `user` (id, email, password, session_id, expires, name, type, signed_up, updated, userdata) values (2, ?, ?, null, ?, 'Joe Member', 'member', ?, ?, ?)", '*****@*****.**', User::encrypt_pass('testing'), $date, $date, $date, json_encode(array())); $i18n = new I18n('lang', array('negotiation_method' => 'http')); $page = new Page(); self::$c = new Controller(); $tpl = new Template('utf-8', self::$c); $cache = Cache::init(array()); self::$c->template($tpl); self::$c->cache($cache); self::$c->page($page); self::$c->i18n($i18n); }
$sqldata = sql_split(file_get_contents('conf/install_' . $conf['Database']['master']['driver'] . '.sql')); DB::beginTransaction(); foreach ($sqldata as $sql) { if (trim($sql) === 'begin' || trim($sql) === 'commit') { continue; } if (!DB::execute($sql)) { Cli::out('** Error: ' . DB::error(), 'error'); DB::rollback(); return; } } // change the admin user's password $pass = generate_password(8); $date = gmdate('Y-m-d H:i:s'); if (!DB::execute("update `#prefix#user` set `email` = ?, `password` = ? where `id` = 1", $conf['General']['email_from'], User::encrypt_pass($pass))) { Cli::out('Error: ' . DB::error(), 'error'); DB::rollback(); return; } DB::commit(); // respond with the root password echo "Database created. Your initial admin account is:\n"; Cli::block('Username: <info>' . $conf['General']['email_from'] . "</info>\n"); Cli::block('Password: <info>' . $pass . "</info>\n"); // create versions entries for initial content $wp = new Webpage('index'); Versions::add($wp); $b = new Block('members'); Versions::add($b); // disable the installer