Пример #1
0
 /**
  * Save an entry and return to main listing
  *
  * @return  void
  */
 public function saveTask()
 {
     // Check for request forgeries
     Request::checkToken();
     if (!User::authorise('core.manage', $this->_option) && !User::authorise('core.admin', $this->_option) && !User::authorise('core.create', $this->_option) && !User::authorise('core.edit', $this->_option)) {
         App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
     }
     // Incoming profile edits
     $fields = Request::getVar('fields', array(), 'post', 'none', 2);
     // Load the profile
     $user = Member::oneOrNew($fields['id']);
     // Get the user before changes so we can
     // compare how data changed later on
     $prev = clone $user;
     // Set the incoming data
     $user->set($fields);
     if ($user->isNew()) {
         $newUsertype = $this->config->get('new_usertype');
         if (!$newUsertype) {
             $newUsertype = Accessgroup::oneByTitle('Registered')->get('id');
         }
         $user->set('accessgroups', array($newUsertype));
         // Check that username is filled
         if (!Validate::username($user->get('username'))) {
             Notify::error(Lang::txt('COM_MEMBERS_MEMBER_USERNAME_INVALID'));
             return $this->editTask($user);
         }
         // Check email is valid
         if (!Validate::email($user->get('email'))) {
             Notify::error(Lang::txt('COM_MEMBERS_MEMBER_EMAIL_INVALID'));
             return $this->editTask($user);
         }
         // Set home directory
         $hubHomeDir = rtrim($this->config->get('homedir'), '/');
         if (!$hubHomeDir) {
             // try to deduce a viable home directory based on sitename or live_site
             $sitename = strtolower(Config::get('sitename'));
             $sitename = preg_replace('/^http[s]{0,1}:\\/\\//', '', $sitename, 1);
             $sitename = trim($sitename, '/ ');
             $sitename_e = explode('.', $sitename, 2);
             if (isset($sitename_e[1])) {
                 $sitename = $sitename_e[0];
             }
             if (!preg_match("/^[a-zA-Z]+[\\-_0-9a-zA-Z\\.]+\$/i", $sitename)) {
                 $sitename = '';
             }
             if (empty($sitename)) {
                 $sitename = strtolower(Request::base());
                 $sitename = preg_replace('/^http[s]{0,1}:\\/\\//', '', $sitename, 1);
                 $sitename = trim($sitename, '/ ');
                 $sitename_e = explode('.', $sitename, 2);
                 if (isset($sitename_e[1])) {
                     $sitename = $sitename_e[0];
                 }
                 if (!preg_match("/^[a-zA-Z]+[\\-_0-9a-zA-Z\\.]+\$/i", $sitename)) {
                     $sitename = '';
                 }
             }
             $hubHomeDir = DS . 'home';
             if (!empty($sitename)) {
                 $hubHomeDir .= DS . $sitename;
             }
         }
         $user->set('homeDirectory', $hubHomeDir . DS . $user->get('username'));
         $user->set('loginShell', '/bin/bash');
         $user->set('ftpShell', '/usr/lib/sftp-server');
         $user->set('registerDate', Date::toSql());
     }
     // Set the new info
     $user->set('givenName', preg_replace('/\\s+/', ' ', trim($fields['givenName'])));
     $user->set('middleName', preg_replace('/\\s+/', ' ', trim($fields['middleName'])));
     $user->set('surname', preg_replace('/\\s+/', ' ', trim($fields['surname'])));
     $name = array($user->get('givenName'), $user->get('middleName'), $user->get('surname'));
     $name = implode(' ', $name);
     $name = preg_replace('/\\s+/', ' ', $name);
     $user->set('name', $name);
     $user->set('modifiedDate', Date::toSql());
     if ($ec = Request::getInt('activation', 0, 'post')) {
         $user->set('activation', $ec);
     } else {
         $user->set('activation', Helpers\Utility::genemailconfirm());
     }
     // Can't block yourself
     if ($user->get('block') && $user->get('id') == User::get('id') && !User::get('block')) {
         Notify::error(Lang::txt('COM_USERS_USERS_ERROR_CANNOT_BLOCK_SELF'));
         return $this->editTask($user);
     }
     // Make sure that we are not removing ourself from Super Admin group
     $iAmSuperAdmin = User::authorise('core.admin');
     if ($iAmSuperAdmin && User::get('id') == $user->get('id')) {
         // Check that at least one of our new groups is Super Admin
         $stillSuperAdmin = false;
         foreach ($fields['accessgroups'] as $group) {
             $stillSuperAdmin = $stillSuperAdmin ? $stillSuperAdmin : \JAccess::checkGroup($group, 'core.admin');
         }
         if (!$stillSuperAdmin) {
             Notify::error(Lang::txt('COM_USERS_USERS_ERROR_CANNOT_DEMOTE_SELF'));
             return $this->editTask($user);
         }
     }
     // Save the changes
     if (!$user->save()) {
         Notify::error($user->getError());
         return $this->editTask($user);
     }
     // Save profile data
     $profile = Request::getVar('profile', array(), 'post', 'none', 2);
     $access = Request::getVar('profileaccess', array(), 'post', 'none', 2);
     foreach ($profile as $key => $data) {
         if (isset($profile[$key]) && is_array($profile[$key])) {
             $profile[$key] = array_filter($profile[$key]);
         }
         if (isset($profile[$key . '_other']) && trim($profile[$key . '_other'])) {
             if (is_array($profile[$key])) {
                 $profile[$key][] = $profile[$key . '_other'];
             } else {
                 $profile[$key] = $profile[$key . '_other'];
             }
             unset($profile[$key . '_other']);
         }
     }
     if (!$user->saveProfile($profile, $access)) {
         Notify::error($user->getError());
         return $this->editTask($user);
     }
     // Do we have a new pass?
     $newpass = trim(Request::getVar('newpass', '', 'post'));
     if ($newpass) {
         // Get password rules and validate
         $password_rules = \Hubzero\Password\Rule::all()->whereEquals('enabled', 1)->rows();
         $validated = \Hubzero\Password\Rule::verify($newpass, $password_rules, $user->get('id'));
         if (!empty($validated)) {
             // Set error
             Notify::error(Lang::txt('COM_MEMBERS_PASSWORD_DOES_NOT_MEET_REQUIREMENTS'));
             $this->validated = $validated;
             $this->_task = 'apply';
         } else {
             // Save password
             \Hubzero\User\Password::changePassword($user->get('username'), $newpass);
         }
     }
     $passinfo = \Hubzero\User\Password::getInstance($user->get('id'));
     if (is_object($passinfo)) {
         // Do we have shadow info to change?
         $shadowMax = Request::getInt('shadowMax', false, 'post');
         $shadowWarning = Request::getInt('shadowWarning', false, 'post');
         $shadowExpire = Request::getVar('shadowExpire', '', 'post');
         if ($shadowMax || $shadowWarning || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) {
             if ($shadowMax) {
                 $passinfo->set('shadowMax', $shadowMax);
             }
             if ($shadowExpire || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) {
                 if (preg_match("/[0-9]{4}-[0-9]{2}-[0-9]{2}/", $shadowExpire)) {
                     $shadowExpire = strtotime($shadowExpire) / 86400;
                     $passinfo->set('shadowExpire', $shadowExpire);
                 } elseif (preg_match("/[0-9]+/", $shadowExpire)) {
                     $passinfo->set('shadowExpire', $shadowExpire);
                 } elseif (empty($shadowExpire)) {
                     $passinfo->set('shadowExpire', NULL);
                 }
             }
             if ($shadowWarning) {
                 $passinfo->set('shadowWarning', $shadowWarning);
             }
             $passinfo->update();
         }
     }
     // Check for spam count
     $reputation = Request::getVar('spam_count', null, 'post');
     if (!is_null($reputation)) {
         $user->reputation->set('spam_count', $reputation);
         $user->reputation->save();
     }
     // Email the user that their account has been approved
     if (!$prev->get('approved') && $this->config->get('useractivation_email')) {
         if (!$this->emailApprovedUser($user)) {
             Notify::error(Lang::txt('COM_MEMBERS_ERROR_EMAIL_FAILED'));
         }
     }
     // Set success message
     Notify::success(Lang::txt('COM_MEMBERS_MEMBER_SAVED'));
     // Drop through to edit form?
     if ($this->getTask() == 'apply') {
         return $this->editTask($user);
     }
     // Redirect
     $this->cancelTask();
 }
Пример #2
0
 /**
  * Get information about the password expiration
  *
  * @return array - password expiration information
  */
 private function getPassInfo()
 {
     $hzup = \Hubzero\User\Password::getInstance($this->member->get('uidNumber'));
     // Check to see if password expiration is even enforced
     if (empty($hzup->passhash) || $hzup->shadowMax === NULL) {
         return false;
     }
     $chgtime = time();
     $chgtime = intval($chgtime / 86400);
     $diff = $hzup->shadowLastChange + $hzup->shadowMax - $chgtime;
     if ($diff > $hzup->shadowWarning) {
         $message_style = 'info';
     } else {
         if ($diff <= $hzup->shadowWarning && $diff > 0) {
             $message_style = 'warning';
         } else {
             $message_style = 'error';
         }
     }
     return array('diff' => $diff, 'warning' => $hzup->shadowWarning, 'max' => $hzup->shadowMax, 'message_style' => $message_style);
 }
Пример #3
0
 /**
  * Save an entry and return to main listing
  *
  * @param      integer $redirect Redirect to main listing?
  * @return     void
  */
 public function saveTask($redirect = 1)
 {
     // Check for request forgeries
     Request::checkToken();
     // Incoming user ID
     $id = Request::getInt('id', 0, 'post');
     // Do we have an ID?
     if (!$id) {
         App::abort(500, Lang::txt('COM_MEMBERS_NO_ID'));
         return;
     }
     // Incoming profile edits
     $p = Request::getVar('profile', array(), 'post', 'none', 2);
     // Load the profile
     $profile = new Profile();
     $profile->load($id);
     // Set the new info
     $profile->set('givenName', preg_replace('/\\s+/', ' ', trim($p['givenName'])));
     $profile->set('middleName', preg_replace('/\\s+/', ' ', trim($p['middleName'])));
     $profile->set('surname', preg_replace('/\\s+/', ' ', trim($p['surname'])));
     $name = trim($p['givenName']) . ' ';
     $name .= trim($p['middleName']) != '' ? trim($p['middleName']) . ' ' : '';
     $name .= trim($p['surname']);
     $name = preg_replace('/\\s+/', ' ', $name);
     $profile->set('name', $name);
     if (isset($p['vip'])) {
         $profile->set('vip', $p['vip']);
     } else {
         $profile->set('vip', 0);
     }
     $profile->set('orcid', trim($p['orcid']));
     $profile->set('url', trim($p['url']));
     $profile->set('phone', trim($p['phone']));
     $profile->set('orgtype', trim($p['orgtype']));
     $profile->set('organization', trim($p['organization']));
     $profile->set('bio', trim($p['bio']));
     if (isset($p['public'])) {
         $profile->set('public', $p['public']);
     } else {
         $profile->set('public', 0);
     }
     $profile->set('modifiedDate', Date::toSql());
     $profile->set('homeDirectory', trim($p['homeDirectory']));
     $profile->set('loginShell', trim($p['loginShell']));
     $ec = Request::getInt('emailConfirmed', 0, 'post');
     if ($ec) {
         $profile->set('emailConfirmed', $ec);
     } else {
         $confirm = Helpers\Utility::genemailconfirm();
         $profile->set('emailConfirmed', $confirm);
     }
     if (isset($p['email'])) {
         $profile->set('email', trim($p['email']));
     }
     if (isset($p['mailPreferenceOption'])) {
         $profile->set('mailPreferenceOption', trim($p['mailPreferenceOption']));
     } else {
         $profile->set('mailPreferenceOption', -1);
     }
     if (!empty($p['gender'])) {
         $profile->set('gender', trim($p['gender']));
     }
     if (!empty($p['disability'])) {
         if ($p['disability'] == 'yes') {
             if (!is_array($p['disabilities'])) {
                 $p['disabilities'] = array();
             }
             if (count($p['disabilities']) == 1 && isset($p['disabilities']['other']) && empty($p['disabilities']['other'])) {
                 $profile->set('disability', array('no'));
             } else {
                 $profile->set('disability', $p['disabilities']);
             }
         } else {
             $profile->set('disability', array($p['disability']));
         }
     }
     if (!empty($p['hispanic'])) {
         if ($p['hispanic'] == 'yes') {
             if (!is_array($p['hispanics'])) {
                 $p['hispanics'] = array();
             }
             if (count($p['hispanics']) == 1 && isset($p['hispanics']['other']) && empty($p['hispanics']['other'])) {
                 $profile->set('hispanic', array('no'));
             } else {
                 $profile->set('hispanic', $p['hispanics']);
             }
         } else {
             $profile->set('hispanic', array($p['hispanic']));
         }
     }
     if (isset($p['race']) && is_array($p['race'])) {
         $profile->set('race', $p['race']);
     }
     // Save the changes
     if (!$profile->update()) {
         App::abort(500, $profile->getError());
         return false;
     }
     // Do we have a new pass?
     $newpass = trim(Request::getVar('newpass', '', 'post'));
     if ($newpass != '') {
         // Get password rules and validate
         $password_rules = \Hubzero\Password\Rule::getRules();
         $validated = \Hubzero\Password\Rule::validate($newpass, $password_rules, $profile->get('uidNumber'));
         if (!empty($validated)) {
             // Set error
             $this->setError(Lang::txt('COM_MEMBERS_PASSWORD_DOES_NOT_MEET_REQUIREMENTS'));
             $this->validated = $validated;
             $redirect = false;
         } else {
             // Save password
             \Hubzero\User\Password::changePassword($profile->get('username'), $newpass);
         }
     }
     $passinfo = \Hubzero\User\Password::getInstance($id);
     if (is_object($passinfo)) {
         // Do we have shadow info to change?
         $shadowMax = Request::getInt('shadowMax', false, 'post');
         $shadowWarning = Request::getInt('shadowWarning', false, 'post');
         $shadowExpire = Request::getVar('shadowExpire', '', 'post');
         if ($shadowMax || $shadowWarning || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) {
             if ($shadowMax) {
                 $passinfo->set('shadowMax', $shadowMax);
             }
             if ($shadowExpire || !is_null($passinfo->get('shadowExpire')) && empty($shadowExpire)) {
                 if (preg_match("/[0-9]{4}-[0-9]{2}-[0-9]{2}/", $shadowExpire)) {
                     $shadowExpire = strtotime($shadowExpire) / 86400;
                     $passinfo->set('shadowExpire', $shadowExpire);
                 } elseif (preg_match("/[0-9]+/", $shadowExpire)) {
                     $passinfo->set('shadowExpire', $shadowExpire);
                 } elseif (empty($shadowExpire)) {
                     $passinfo->set('shadowExpire', NULL);
                 }
             }
             if ($shadowWarning) {
                 $passinfo->set('shadowWarning', $shadowWarning);
             }
             $passinfo->update();
         }
     }
     // Get the user's interests (tags)
     $tags = trim(Request::getVar('tags', ''));
     // Process tags
     include_once dirname(dirname(__DIR__)) . DS . 'models' . DS . 'tags.php';
     $mt = new \Components\Members\Models\Tags($id);
     $mt->setTags($tags, $id);
     // Make sure certain changes make it back to the user table
     $user = User::getInstance($id);
     $user->set('name', $name);
     $user->set('email', $profile->get('email'));
     if (!$user->save()) {
         App::abort('', Lang::txt($user->getError()));
         return false;
     }
     if ($redirect) {
         // Redirect
         App::redirect(Route::url('index.php?option=' . $this->_option), Lang::txt('COM_MEMBERS_MEMBER_SAVED'));
     } else {
         $this->editTask($id);
     }
 }