public function registerAction()
{
$exists = App_Model_User::getCount(['email' => $this->getParam('email')]);
if ($exists) {
throw new App_Exception_UserAlreadyExists();
}
$user = new App_Model_User(['email' => $this->getParam('email'), 'password' => $this->getParam('password'), 'registered' => time()]);
$user->addToken();
$user->save();
}
/**
* Action called to post values of a new user.
*/
public function postnewAction()
{
// TODO prevent CSRF
$this->secure('admin');
$user = new App_Model_User();
$user->setUsername($_POST['username']);
$user->setPassword($_POST['password']);
$user->setFirstname($_POST['firstname']);
$user->setLastname($_POST['lastname']);
$user->setIsAdmin($_POST['is_admin'] == 'on');
$user->setEmail($_POST['email']);
if (0 === count($user->isValid())) {
$user->save();
return redirect_to('/admin/users');
} else {
$errors = '';
foreach ($user->isValid() as $error) {
$errors .= $error . "<br />";
}
flash_now('error', $errors);
return $this->createAction();
}
}
/**
* @before _secured, _admin
*/
public function add()
{
$view = $this->getActionView();
$view->set('submstoken', $this->mutliSubmissionProtectionToken());
if (RequestMethods::post('submitAddUser')) {
if ($this->checkCSRFToken() !== true && $this->checkMutliSubmissionProtectionToken(RequestMethods::post('submstoken')) !== true) {
self::redirect('/admin/user/');
}
$errors = array();
if (RequestMethods::post('password') !== RequestMethods::post('password2')) {
$errors['password2'] = array('Hesla se neshodují');
}
$email = App_Model_User::first(array('email = ?' => RequestMethods::post('email')), array('email'));
if ($email) {
$errors['email'] = array('Tento email se již používá');
}
$salt = PasswordManager::createSalt();
$hash = PasswordManager::hashPassword(RequestMethods::post('password'), $salt);
$cfg = Registry::get('configuration');
$fileManager = new FileManager(array('thumbWidth' => $cfg->thumb_width, 'thumbHeight' => $cfg->thumb_height, 'thumbResizeBy' => $cfg->thumb_resizeby, 'maxImageWidth' => $cfg->photo_maxwidth, 'maxImageHeight' => $cfg->photo_maxheight));
$photoNameRaw = RequestMethods::post('firstname') . '-' . RequestMethods::post('lastname');
$photoName = $this->_createUrlKey($photoNameRaw);
$fileErrors = $fileManager->uploadBase64Image(RequestMethods::post('croppedimage'), $photoName, 'members', time() . '_')->getUploadErrors();
$files = $fileManager->getUploadedFiles();
if (!empty($fileErrors)) {
$errors['croppedimage'] = $fileErrors;
}
if (!empty($files)) {
foreach ($files as $i => $file) {
if ($file instanceof \THCFrame\Filesystem\Image) {
$user = new App_Model_User(array('firstname' => RequestMethods::post('firstname'), 'lastname' => RequestMethods::post('lastname'), 'email' => RequestMethods::post('email'), 'password' => $hash, 'salt' => $salt, 'role' => RequestMethods::post('role', 'role_member'), 'imgMain' => trim($file->getFilename(), '.'), 'imgThumb' => trim($file->getThumbname(), '.')));
break;
}
}
}
if (empty($errors) && $user->validate()) {
$userId = $user->save();
Event::fire('admin.log', array('success', 'User id: ' . $userId));
$view->successMessage('Uživatel' . self::SUCCESS_MESSAGE_1);
self::redirect('/admin/user/');
} else {
Event::fire('admin.log', array('fail'));
$view->set('errors', $errors + $user->getErrors())->set('submstoken', $this->revalidateMutliSubmissionProtectionToken())->set('user', $user);
}
}
}
