public static function updateUser()
{
// Process updating of user information
$users = UsersDB::getUsersBy('userId', $_SESSION['arguments']);
if (empty($users)) {
HomeView::show();
header('Location: /' . $_SESSION['base']);
} elseif ($_SERVER["REQUEST_METHOD"] == "GET") {
$_SESSION['users'] = $users;
UserView::showUpdate();
} else {
$parms = $users[0]->getParameters();
$parms['userName'] = array_key_exists('userName', $_POST) ? $_POST['userName'] : "";
$parms['password'] = array_key_exists('password', $_POST) ? $_POST['password'] : "";
$newUser = new User($parms);
$newUser->setUserId($users[0]->getUserId());
$user = UsersDB::updateUser($newUser);
if ($user->getErrorCount() != 0) {
$_SESSION['users'] = array($newUser);
return;
UserView::showUpdate();
} else {
HomeView::show();
header('Location: /' . $_SESSION['base']);
}
}
}
static function logView(Doctrine_Record $record)
{
$user = sfContext::getInstance()->getUser();
if (!sfConfig::get('app_logging_views') || !$user->isAuthenticated()) {
return;
}
if (!$record->exists()) {
throw new Exception("Can't log user view for new record");
}
$view = new UserView();
$view->setObject($record);
$view->User = $user->getGuardUser();
$view->save();
}
public static function show()
{
$_SESSION['headertitle'] = "User details";
MasterView::showHeader();
UserView::showDetails();
MasterView::showFooter();
}
private function updateUser($userId)
{
$users = UsersDB::getUsersBy('user_id', $userId);
if (empty($users)) {
HomeView::show();
header('Location: /' . $_SESSION['base']);
} else {
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
$_SESSION['user'] = $users[0];
UserView::showUpdate();
} else {
$params = $users[0]->getParameters();
$params['username'] = array_key_exists('username', $_POST) ? $_POST['username'] : "";
$params['password'] = array_key_exists('password', $_POST) ? $_POST['password'] : "";
$updatedUser = new User($params);
$updatedUser->setUserId($users[0]->getUserId());
$plaintextPassword = $updatedUser->getPassword();
$hashedPassword = password_hash($plaintextPassword, PASSWORD_DEFAULT);
$updatedUser->setPassword($hashedPassword);
$returnedUser = UsersDB::updateUser($updatedUser);
if ($returnedUser->getErrorCount() == 0) {
// TODO: Log out the current user before diplaying the HomeView; LogoutController::LogoutCurrentUser()
HomeView::show();
header('Location: /' . $_SESSION['base']);
} else {
$_SESSION['user'] = $updatedUser;
UserView::showUpdate();
}
}
}
}
public static function updateUser()
{
$users = UsersDB::getUsersBy('userID', $_SESSION['arguments']);
if (empty($users)) {
HomeView::show();
header('Location: /' . $_SESSION['base']);
} elseif ($_SERVER["REQUEST_METHOD"] == "GET") {
$_SESSION['users'] = $users;
UserView::showUpdate();
} else {
$parms = $users[0]->getParameters();
$parms['userName'] = array_key_exists('userName', $_POST) ? $_POST['userName'] : $users[0]->getUsername();
$parms['rank'] = array_key_exists('rank', $_POST) ? $_POST['rank'] : $users[0]->getRank();
$newUser = new User($parms);
$newUser->setUserID($users[0]->getUserID());
$user = UsersDB::updateUser($newUser);
if ($user->getErrorCount() != 0) {
$_SESSION['user'] = $newUser;
UserView::showUpdate();
} else {
HomeView::show();
header('Location: /' . $_SESSION['base']);
}
}
}
public function testShowUserViewWithNullUser()
{
ob_start();
$return = UserView::show(null);
$output = ob_get_clean();
$this->assertFalse(empty($output), "It should show a User view when passed a null user");
}
public static function show()
{
$_SESSION['headertitle'] = "Fireside Heroes Profile";
MasterView::showHeader();
MasterView::showNavbar();
UserView::showDetails();
$_SESSION['footertitle'] = "<h3>The footer goes here</h3>";
MasterView::showFooter();
}
public static function show()
{
$_SESSION['headertitle'] = "User details";
$_SESSION['styles'] = array('site.css');
MasterView::showHeader();
MasterView::showNavBar();
UserView::showDetails();
MasterView::showFooter();
MasterView::showPageEnd();
}
public static function show()
{
$_SESSION['headertitle'] = "Fireside Heroes Profile";
$_SESSION['styles'] = array('jumbotron.css');
MasterView::showHeader();
MasterView::showNavbar();
UserView::showDetails();
$_SESSION['footertitle'] = "<h3>User footer</h3>";
MasterView::showFooter();
}
public static function show()
{
$_SESSION['headertitle'] = "Fireside Heroes Profile";
$_SESSION['styles'] = array('jumbotron.css');
MasterView::showHeader();
MasterView::showNavbar();
UserView::showDetails();
$base = array_key_exists('base', $_SESSION) ? $_SESSION['base'] : "";
$_SESSION['footertitle'] = '<a href="/' . $base . '/index.php">FireSide</a></li>';
MasterView::showFooter();
}
public function testUpdateUser()
{
// Test show the update
ob_start();
$user = new User(array("userName" => "Kay", "password" => "xxx"));
$user->setUserId(1);
$_SESSION = array('users' => array($user), 'base' => "mvcdbcrud");
UserView::showUpdate();
$output = ob_get_clean();
$this->assertFalse(empty($output), "It should show the user update form");
}
public static function run()
{
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$user = new User($_POST);
// What if already logged in?
if ($user->getErrorCount() == 0) {
UserView::show($user);
} else {
LoginView::show($user);
}
} else {
// Initial link
LoginView::show(null);
}
}
public static function showAll()
{
// Show a table of users with links
$_SESSION['headertitle'] = "Leaderboard";
$_SESSION['styles'] = array('jumbotron.css', 'leaderboard.css');
MasterView::showHeader();
MasterView::showNav();
//if (array_key_exists('headertitle', $_SESSION)) {
// MasterView::showHeader();
// MasterView::showNav();
//}
UserView::showLeaderboard();
if (array_key_exists('footertitle', $_SESSION)) {
MasterView::showFooter();
}
MasterView::showPageEnd();
}
function displaySignupForm($error = null)
{
?>
<div id="content">
<h1>Sign up</h1>
<p>
Sign up for all Freemap services:
<a href='http://www.free-map.org.uk'>Freemap</a>,
<a href='http://www.fixmypaths.org'>FixMyPaths</a> and
<a href='http://www.opentrailview.org'>OpenTrailView</a>.
</p>
<p><strong>IMPORTANT!</strong> Please do NOT use the same password
as you use for security-critical services such as online banking,
social networks, email etc. Freemap does not currently use an SSL
server which means the security of your password cannot be
guaranteed. Therefore please use a UNIQUE password for Freemap.</p>
<p>Your email is used to send a confirmation message to you, once you
have signed up. This message will consist of a link,
to activate your account, which you should follow.
Your email is NOT used for marketing or other similar activities!</p>
<?php
UserView::showSignupError($error);
?>
<div>
<form method="post" action=
"<?php
echo $this->ctrlScript;
?>
?action=signup">
<label for="username">Enter a username</label><br/>
<input name="username" id="username" /> <br/>
<label for="password">Enter a password</label> <br/>
<input name="password" id="password" type="password" /> <br/>
<label for="email">Enter your email</label> <br/>
<input name="email" id="email" /> <br/>
<input type='submit' value='go'/>
</form>
</div>
</div>
<?php
}
public static function run()
{
// Perform actions related to a user
$action = array_key_exists('action', $_SESSION) ? $_SESSION['action'] : "";
$arguments = $_SESSION['arguments'];
switch ($action) {
case "leaderboard":
$_SESSION['users'] = HockUserDB::getAllUsers();
$_SESSION['headertitle'] = "Hock League Leaderboard";
UserView::showall();
break;
default:
//Find the specified user
$webuser = null;
$hockusers = HockUserDB::getUsersBy('name', $action);
if (empty($hockusers)) {
$hockusers = HockUserDB::getUsersBy('alias', $action);
if (empty($hockusers)) {
$hockuser = null;
} else {
$hockuser = $hockusers[0];
}
} else {
$hockuser = $hockusers[0];
}
if (!is_null($hockuser)) {
//Find webuser associated with hockuser?
$webusers = WebUserDB::getUsersBy('hockName', $hockuser->getUserName());
if (!empty($webusers)) {
$webuser = $webusers[0];
}
}
$_SESSION['hockuser'] = $hockuser;
$_SESSION['webuser'] = $webuser;
UserController::show();
}
}
/**
* Processing registration
*
* This is a POST callback function
*
* Sets following errors in POST-vars:
* username - general username fault
* uinuse - username already in use
* email - general email fault, email format error
* einuse - email in use
* pw - general password fault
* pwmismatch - password mismatch
* inserror - error performing db insertion
*
* @param void
*/
public function registerProcess()
{
$c = PFunctions::hex2base64(sha1(__METHOD__));
if (PPostHandler::isHandling()) {
$vars =& PPostHandler::getVars();
$errors = array();
// check username
if (!isset($vars['u']) || !preg_match(User::HANDLE_PREGEXP, $vars['u']) || strpos($vars['u'], 'xn--') !== false) {
$errors[] = 'username';
} elseif ($this->handleInUse($vars['u'])) {
$errors[] = 'uinuse';
}
// email
if (!isset($vars['e']) || !PFunctions::isEmailAddress($vars['e'])) {
$errors[] = 'email';
} elseif ($this->emailInUse($vars['e'])) {
$errors[] = 'einuse';
}
// password
if (!isset($vars['p']) || !isset($vars['pc']) || !$vars['p'] || !$vars['pc'] || strlen($vars['p']) < 8) {
$errors[] = 'pw';
} elseif ($vars['p'] != $vars['pc']) {
$errors[] = 'pwmismatch';
} else {
if (substr_count($vars['p'], '*') != strlen($vars['p'])) {
// set encoded pw
$vars['pwenc'] = MOD_user::passwordEncrypt($vars['p']);
$shadow = str_repeat('*', strlen($vars['p']));
$vars['p'] = $shadow;
$vars['pc'] = $shadow;
}
}
if (count($errors) > 0) {
$vars['errors'] = $errors;
return false;
}
$Auth = new MOD_user_Auth();
$authId = $Auth->checkAuth('defaultUser');
$query = '
INSERT INTO `user`
(`id`, `auth_id`, `handle`, `email`, `pw`, `active`)
VALUES
(
' . $this->dao->nextId('user') . ',
' . (int) $authId . ',
\'' . $this->dao->escape($vars['u']) . '\',
\'' . $this->dao->escape($vars['e']) . '\',
\'' . $this->dao->escape($vars['pwenc']) . '\',
0
)';
$s = $this->dao->query($query);
if (!$s->insertId()) {
$vars['errors'] = array('inserror');
return false;
}
$userId = $s->insertId();
$key = PFunctions::randomString(16);
// save register key
if (!APP_User::addSetting($userId, 'regkey', $key)) {
$vars['errors'] = array('inserror');
return false;
}
// save lang
if (!APP_User::addSetting($userId, 'lang', PVars::get()->lang)) {
$vars['errors'] = array('inserror');
return false;
}
$View = new UserView($this);
$View->registerMail($userId);
PPostHandler::clearVars();
return PVars::getObj('env')->baseuri . 'user/register/finish';
} else {
PPostHandler::setCallback($c, __CLASS__, __FUNCTION__);
return $c;
}
}
<!DOCTYPE html>
<html>
<head>
<meta charset="ISO-8859-1">
<title>Basic tests for User View</title>
</head>
<body>
<h1>User view tests</h1>
<?php
include_once "../models/Messages.class.php";
include_once "../models/User.class.php";
include_once "../views/UserView.class.php";
include_once "../views/MasterView.class.php";
?>
<h2>It should show successfully when user is passed to show</h2>
<?php
$validTest = array("userName" => "krobbins");
$s1 = new User($validTest);
UserView::show($s1);
?>
</body>
</html>
<!DOCTYPE html>
<?php
include_once "php/UserView.php";
include_once "php/LoginManager.php";
if (isset($_GET['id'])) {
$id = filter_input(INPUT_GET, 'id');
$view = new UserView($id);
$login = new LoginManager("profile.php?id={$id}");
$return = "../profile.php?id={$id}";
} else {
header("Location: index.php");
exit;
}
?>
<html>
<head>
<meta charset="UTF-8">
<title><?php
echo $view->getUsername() . " on tbmd.com";
?>
</title>
<link rel="stylesheet" href="style/main.css">
<link rel="stylesheet" href="style/overlay.css">
<link rel="shortcut icon" type="image/x-icon" href="images/favicon.ico">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/notify/0.4.0/notify.min.js"></script>
<script src="script/notifications.js"></script>
<script src="script/overlay.js"></script>
<script src="script/search.js"></script>
public static function show($user)
{
MasterView::showHeader("ClassBash User Page");
UserView::showDetails($user);
MasterView::showFooter("<h3>The footer goes here</h3>");
}
Include Agis
*/
// include ('../lib/session.php');
// include('../lib/functions.php');
require_once '../inc/main.php';
$html_table = 'table ' . 'border=1 ' . 'width=100% ' . 'class=loginFFFFFFdroit ';
/*
Fin de préparation Agis
*/
$globalConfig = new GlobalConfig();
$idUser = $globalConfig->getAuthenticatedUser()->getKeyValue();
$pass = $globalConfig->getAuthenticatedUser()->getDataField(UserModel::FIELDNAME_PASSWORD)->getFieldValue();
$id_type = $globalConfig->getAuthenticatedUser()->getDataField(UserModel::FIELDNAME_ID_TYPE)->getFieldValue();
$modifier = Lib::getParameterFromRequest('modifier');
$userModel = new UserModel($idUser);
$userView = new UserView($userModel);
$userView->setIsEditable(TRUE);
identification1('salaries', $idUser, $pass, FALSE);
// include('functions.php');
// include('functions.js');
//if ($erreur == 'oui') {
// echo ('<script language=\'JavaScript\'>\n');
// echo ('alert(\'Ce salarié existe déjà\')');
// echo ('</script>\n');
//}
//if ($erreur == 'pass') {
// echo ('<script language=\'JavaScript\'>\n');
// echo ('alert(\'Erreur de mot de passe\')');
// echo ('</script>\n');
//}
/*
function __construct($title, $css)
{
parent::__construct($title, $css);
}
public static function updateUser()
{
// Process updating of user information
$authenticatedUser = array_key_exists('authenticatedUser', $_SESSION) ? $_SESSION['authenticatedUser'] : null;
$users = WebUserDB::getUsersBy('hockName', $_SESSION['arguments']);
if (empty($users)) {
UserController::showHome();
} elseif ($_SERVER["REQUEST_METHOD"] == "GET") {
$_SESSION['webuser'] = $users[0];
$user = $users[0];
if (!is_null($authenticatedUser)) {
if (strcmp($user->getUserName(), $authenticatedUser->getUserName()) == 0) {
UserView::showUpdate();
} else {
UserController::showHome();
}
} else {
UserController::showHome();
}
} else {
$user = $_SESSION['webuser'];
if (!is_null($authenticatedUser)) {
if (strcmp($user->getUserName(), $authenticatedUser->getUserName()) == 0) {
//$oldpw = (array_key_exists('oldPassword', $_POST))?$_POST['oldPassword']:null;
$parms = $users[0]->getParameters();
//if(is_null($oldpw) || strcmp($oldpw, $parms['password'])
//This is set up so that any empty parameters in update will be ignored.
//Only things entered will actually be updated
//username
$parms['userName'] = array_key_exists('userName', $_POST) ? empty($_POST['userName']) ? $authenticatedUser->getUserName() : $_POST['userName'] : $authenticatedUser->getUserName();
//password
$parms['password'] = array_key_exists('password', $_POST) ? empty($_POST['password']) ? $authenticatedUser->getPassword() : $_POST['password'] : $authenticatedUser->getPassword();
//confirmedpw
$parms['confirmedpw'] = array_key_exists('confirmedpw', $_POST) ? empty($_POST['confirmedpw']) ? $authenticatedUser->getConfirmedPW() : $_POST['confirmedpw'] : $authenticatedUser->getConfirmedPW();
//email
$parms['email'] = array_key_exists('email', $_POST) ? empty($_POST['email']) ? $authenticatedUser->getEmail() : $_POST['email'] : $authenticatedUser->getEmail();
//url
$parms['url'] = array_key_exists('url', $_POST) ? empty($_POST['url']) ? $authenticatedUser->getURL() : $_POST['url'] : $authenticatedUser->getURL();
$user = new WebUser($parms);
$user->setUserId($users[0]->getUserId());
$user = WebUserDB::updateUser($user);
if ($user->getErrorCount() != 0) {
$_SESSION['webuser'] = $user;
UserView::showUpdate();
} else {
$_SESSION['authenticatedUser'] = $user;
UserController::showHome();
}
} else {
UserController::showHome();
}
} else {
UserController::showHome();
}
}
}
// require('../lib/session.php');
// include('functions.php');
// include('../lib/functions.php');
require_once '../inc/main.php';
$html_table = 'table ' . 'border=1 ' . 'width=100% ' . 'class=loginFFFFFFdroit ';
/*
Fin de préparation Agis
*/
$globalConfig = new GlobalConfig();
$login = $globalConfig->getAuthenticatedUser()->getKeyValue();
$pass = $globalConfig->getAuthenticatedUser()->getDataField(UserModel::FIELDNAME_PASSWORD)->getFieldValue();
$id_type = $globalConfig->getAuthenticatedUser()->getDataField(UserModel::FIELDNAME_ID_TYPE)->getFieldValue();
$paramIdUser = Lib::getParameterFromRequest('sal_user');
$paramRech = Lib::getParameterFromRequest('rech');
$userModel = new UserModel($paramIdUser);
$userView = new UserView($userModel);
$userView->setIsEditable(TRUE);
identification1('salaries', $login, $pass, FALSE);
if ($paramRech == '1') {
/* Recherche des infos sur le salarie */
$arrayUserDetail = DatabaseOperation::convertSqlStatementWithoutKeyToArray('SELECT ' . UserModel::FIELDNAME_NOM . ',' . UserModel::FIELDNAME_PRENOM . ',' . UserModel::FIELDNAME_ID_CATSOPRO . ',' . UserModel::FIELDNAME_LIEU_GEO . ',' . UserModel::FIELDNAME_LOGIN . ',' . UserModel::FIELDNAME_PASSWORD . ',' . UserModel::FIELDNAME_MAIL . ',' . UserModel::FIELDNAME_DATE_CREATION_SALARIES . ' FROM ' . UserModel::TABLENAME . ' WHERE ' . UserModel::KEYNAME . '=' . $paramIdUser);
if (!$arrayUserDetail) {
$titre = "Utilisateur inexistant";
$message = "La requete de recherche de l'ID salarie a echoue";
Lib::showMessage($titre, $message);
} else {
foreach ($arrayUserDetail as $rowsUserDetail) {
$userNom = $rowsUserDetail[UserModel::FIELDNAME_NOM];
$userPrenom = $rowsUserDetail[UserModel::FIELDNAME_PRENOM];
$userCatsopro = $rowsUserDetail[UserModel::FIELDNAME_ID_CATSOPRO];
$userLieuGeo = $rowsUserDetail[UserModel::FIELDNAME_LIEU_GEO];
function displaySignupForm($error = null)
{
?>
<div id="content">
<h1>Sign up</h1>
<p><strong>IMPORTANT!</strong> Please do NOT use the same password
as you use for security-critical services such as online banking,
social networks, email etc. The site does not currently use an SSL
server which means the security of your password cannot be
guaranteed. Therefore please use a UNIQUE password.</p>
<?php
UserView::showSignupError($error);
?>
<div>
<form method="post" action=
"<?php
echo $this->ctrlScript;
?>
?action=signup">
<label for="username">Enter a username</label><br/>
<input name="username" id="username" /> <br/>
<label for="password">Enter a password</label> <br/>
<input name="password" id="password" type="password" /> <br/>
<input type='submit' value='go'/>
</form>
</div>
</div>
<?php
}
<?php
try {
global $params;
if (!isset($params[2]) || strlen($params[2]) == 0) {
$mode = "bookcontrol";
} else {
$mode = $params[2];
}
$model = new UserModel($mode, $params);
$model->execute();
$view = new UserView($model);
$view->execute();
} catch (PDOException $e) {
Logger::error("PDOException : " . $e->getMessage());
error();
} catch (CurlException $e) {
Logger::error("CurlException : " . $e->getMessage());
error();
} catch (Exception $e) {
Logger::error("Exception : " . $e->getMessage());
error();
}
$validTest = array("userName" => "krobbins", "password" => "xxx");
$_SESSION = array('user' => new User($validTest), 'base' => 'mvcdbcrud');
$validSubmission = array("submitterName" => "krobbins", "assignmentNumber" => "1", "submissionFile" => "myText.apl");
$_SESSION['userSubmissions'] = array(new Submission($validSubmission));
$input = array("reviewerName" => "krobbins", "submissionID" => 2, "score" => "5", "review" => "This was a great presentation");
$_SESSION['userReviews'] = array(new Review($input));
UserView::show();
?>
<h2>It should show all users when the session variable is set</h2>
<?php
$s1 = new User(array("userName" => "Kay", "password" => "xxx"));
$s1->setUserId(1);
$s2 = new User(array("userName" => "John", "password" => "yyy"));
$s2->setUserId(2);
$_SESSION = array('users' => array($s1, $s2), 'base' => 'mvcdbdcrud', 'arguments' => null);
UserView::showall();
?>
<h2>It should allow updating when a valid user is passed</h2>
<?php
$validTest = array("userName" => "Kay", "password" => "xxx");
$user = new User($validTest);
$user->setUserId(1);
echo $user;
$_SESSION = array('users' => array($user), 'base' => "mvcdbcrud");
UserView::showUpdate();
?>
</body>
</html>
public function user()
{
$infosUser = new UserDAO();
$infos = $infosUser->getInfoUser($_SESSION['idUser']);
if ($infos['type'] == 'Admin') {
$userView = new UserView();
$managerUser = new UserDAO();
if (isset($_GET['tri'])) {
if ($_GET['tri'] == 'Admin') {
$mesUtilisateurs = $managerUser->getUsersByType($_GET['tri']);
} else {
if ($_GET['tri'] == 'Professeur') {
$mesUtilisateurs = $managerUser->getUsersByType($_GET['tri']);
} else {
if ($_GET['tri'] == 'Etudiant') {
$mesUtilisateurs = $managerUser->getUsersByType($_GET['tri']);
} else {
$mesUtilisateurs = $managerUser->getUsers();
}
}
}
} else {
$mesUtilisateurs = $managerUser->getUsers();
}
echo $userView->getView($mesUtilisateurs);
} else {
$_SESSION['error'] = 'Vous n\'avez pas les droits requis pour accéder à cette page';
$_SESSION['display_msg_error'] = true;
$this->profile();
}
}
