/** * Start a new conversation. * * @since 2.0.0 * @access public * * @param string $Recipient Username of the recipient. */ public function add($Recipient = '') { $this->permission('Conversations.Conversations.Add'); $this->Form->setModel($this->ConversationModel); // Set recipient limit if (!checkPermission('Garden.Moderation.Manage') && c('Conversations.MaxRecipients')) { $this->addDefinition('MaxRecipients', c('Conversations.MaxRecipients')); $this->setData('MaxRecipients', c('Conversations.MaxRecipients')); } if ($this->Form->authenticatedPostBack()) { $RecipientUserIDs = array(); $To = explode(',', $this->Form->getFormValue('To', '')); $UserModel = new UserModel(); foreach ($To as $Name) { if (trim($Name) != '') { $User = $UserModel->getByUsername(trim($Name)); if (is_object($User)) { $RecipientUserIDs[] = $User->UserID; } } } // Enforce MaxRecipients if (!$this->ConversationModel->addUserAllowed(0, count($RecipientUserIDs))) { // Reuse the Info message now as an error. $this->Form->addError(sprintf(plural($this->data('MaxRecipients'), "You are limited to %s recipient.", "You are limited to %s recipients."), c('Conversations.MaxRecipients'))); } $this->EventArguments['Recipients'] = $RecipientUserIDs; $this->fireEvent('BeforeAddConversation'); $this->Form->setFormValue('RecipientUserID', $RecipientUserIDs); $ConversationID = $this->Form->save($this->ConversationMessageModel); if ($ConversationID !== false) { $Target = $this->Form->getFormValue('Target', 'messages/' . $ConversationID); $this->RedirectUrl = url($Target); $Conversation = $this->ConversationModel->getID($ConversationID, Gdn::session()->UserID); $NewMessageID = val('FirstMessageID', $Conversation); $this->EventArguments['MessageID'] = $NewMessageID; $this->fireEvent('AfterConversationSave'); } } else { if ($Recipient != '') { $this->Form->setValue('To', $Recipient); } } if ($Target = Gdn::request()->get('Target')) { $this->Form->addHidden('Target', $Target); } Gdn_Theme::section('PostConversation'); $this->title(t('New Conversation')); $this->setData('Breadcrumbs', array(array('Name' => t('Inbox'), 'Url' => '/messages/inbox'), array('Name' => $this->data('Title'), 'Url' => 'messages/add'))); $this->CssClass = 'NoPanel'; $this->render(); }
/** * 验证用户名,密码是否正确并存入SESSION中 */ function check() { //得到用户名,密码,验证码 $username = trim($_POST['username']); $password = trim($_POST['password']); $verify = trim($_POST['verify']); if ($_SESSION['verify'] != strtoupper($verify)) { $this->error('验证码出错'); } //实例化用户模型 $user = new UserModel(); $userinfo = $user->getByUsername($username); if (count($userinfo) > 0) { if ($userinfo['password'] != md5($password)) { $this->error('密码错误,请重试'); } else { if ($userinfo['active'] != 1) { $this->error('账户未激活,请联系管理员'); } else { //得到当前时间 $current_time = date('Y-m-d H:i:s', time()); //判断用户写入 $where['username'] = $username; //如果用户登录进来了,把登录时间写进数据库login_record中。 $log_record = new LoginRecordModel(); $log['login_date'] = $current_time; $log['email'] = $userinfo['email']; $log['username'] = $userinfo['username']; $return_id = $log_record->where($where)->add($log); //将插入返回的主键ID 保存在SESSION中,以便在用户退出的时候更新退出时间 $_SESSION['record_id'] = $return_id; //将用户放进SESSION里面,并且更新用户最后登陆时间 $_SESSION['username'] = trim($username); $data['last_login_date'] = $current_time; $user->where($where)->save($data); $this->redirect('Manage/index'); } } } else { $this->error('您输入的用户名不存在'); } }
/** * Handle discussion option menu Change Author action. */ public function discussionController_author_create($Sender) { $DiscussionID = $Sender->Request->get('discussionid'); $Discussion = $Sender->DiscussionModel->getID($DiscussionID); if (!$Discussion) { throw NotFoundException('Discussion'); } // Check edit permission $Sender->permission('Vanilla.Discussions.Edit', true, 'Category', $Discussion->PermissionCategoryID); if ($Sender->Form->authenticatedPostBack()) { // Change the author $Name = $Sender->Form->getFormValue('Author', ''); $UserModel = new UserModel(); if (trim($Name) != '') { $User = $UserModel->getByUsername(trim($Name)); if (is_object($User)) { if ($Discussion->InsertUserID == $User->UserID) { $Sender->Form->addError('That user is already the discussion author.'); } else { // Change discussion InsertUserID $Sender->DiscussionModel->setField($DiscussionID, 'InsertUserID', $User->UserID); // Update users' discussion counts $Sender->DiscussionModel->updateUserDiscussionCount($Discussion->InsertUserID); $Sender->DiscussionModel->updateUserDiscussionCount($User->UserID, true); // Increment // Go to the updated discussion redirect(discussionUrl($Discussion)); } } else { $Sender->Form->addError('No user with that name was found.'); } } } else { // Form to change the author $Sender->setData('Title', $Discussion->Name); } $Sender->render('changeauthor', '', 'plugins/AuthorSelector'); }
public function authenticate() { if (!$this->Request->isPostBack()) { throw forbiddenException($this->Request->requestMethod()); } $Args = array_change_key_case($this->Form->formValues()); $UserModel = new UserModel(); // Look up the user. $User = null; if ($Email = val('email', $Args)) { $User = $UserModel->getByEmail($Email); } elseif ($Name = val('name', $Args)) { $User = $UserModel->getByUsername($Name); } else { throw new Gdn_UserException("One of the following parameters required: Email, Name.", 400); } if (!$User) { throw notFoundException('User'); } // Check the password. $PasswordHash = new Gdn_PasswordHash(); $Password = val('password', $Args); try { $PasswordChecked = $PasswordHash->CheckPassword($Password, val('Password', $User), val('HashMethod', $User)); // Rate limiting Gdn::userModel()->RateLimit($User, $PasswordChecked); if ($PasswordChecked) { $this->setData('User', arrayTranslate((array) $User, array('UserID', 'Name', 'Email', 'PhotoUrl'))); if (val('session', $Args)) { Gdn::session()->start($this->data('User.UserID')); $this->setData('Cookie', array(c('Garden.Cookie.Name') => $_COOKIE[C('Garden.Cookie.Name')])); } } else { throw new Exception(t('Invalid password.'), 401); // Can't be a user exception. } } catch (Gdn_UserException $Ex) { $this->Form->addError($Ex); } $this->render(); }
/** * 更新 个人资料 */ function update_profile() { $user = new UserModel(); $username = $_SESSION['username']; $userinfo = $user->getByUsername($username); //如果旧密码正确 if (md5($_POST['old_password']) == $userinfo['password']) { if (!!($data = $user->create())) { if ($user->save() !== false) { $this->assign('jumpUrl', __APP__ . '/Manage/index'); $this->success('修改个人资料成功'); } else { $this->assign('jumpUrl', __URL__ . '/profile'); $this->error('更新失败' . $user->getDbError()); } } else { $this->assign('jumpUrl', __URL__ . '/profile'); $this->error('更新失败' . $user->getError()); } } else { $this->assign('jumpUrl', __URL__ . '/profile'); $this->error('您输入的旧密码不正确'); } }
/** * Get a user ID using either a username or an email * * Note: If both a username and an email are specified, only the username * will be used. This is to prevent abusing of the function by passing two * parameters at a time and hoping to get a User ID. * * Based on initial work by Diego Zanella * @link http://careers.stackoverflow.com/diegozanella * * @since 0.1.0 * @access public * @param bool|string $username Username of the user whose ID we wish to get * @param bool|string $email Email of the user whose ID we wish to get * @return bool|int User ID if a username or an email has been * specified, otherwise false * @static */ public static function getUserID($username, $email) { $userModel = new UserModel(); // Look up the user ID using a username if one has been specified if ($username) { return $userModel->getByUsername($username)->UserID; } // Look up the user ID using an email if one has been specified if ($email) { return $userModel->getByEmail($email)->UserID; } return false; }