/**
* @return string
* @permissions edit
*/
protected function actionSendPasswordFinal()
{
$strReturn = "";
$objUser = new class_module_user_user($this->getSystemid());
//add a one-time token and reset the password
$strToken = generateSystemid();
$objUser->setStrAuthcode($strToken);
$objUser->updateObjectToDb();
$strActivationLink = class_link::getLinkAdminHref("login", "pwdReset", "&systemid=" . $objUser->getSystemid() . "&authcode=" . $strToken, false);
class_carrier::getInstance()->getObjLang()->setStrTextLanguage($objUser->getStrAdminlanguage());
$objMail = new class_mail();
$objMail->addTo($objUser->getStrEmail());
$objMail->setSubject($this->getLang("user_password_resend_subj"));
$objMail->setText($this->getLang("user_password_resend_body", array($strActivationLink)));
if ($this->getParam("form_user_sendusername") != "") {
$objMail->setText($this->getLang("user_password_resend_body_username", array($objUser->getStrUsername(), $strActivationLink)));
}
$objMail->sendMail();
$this->adminReload(class_link::getLinkAdminHref($this->getArrModule("modul")));
return $strReturn;
}
/**
* Creates a form in order to change the password - if the authcode is valid
*
* @return string
*/
protected function actionPwdReset()
{
$strReturn = "";
if (!validateSystemid($this->getParam("systemid"))) {
return $this->getLang("login_change_error", "user");
}
$objUser = new class_module_user_user($this->getParam("systemid"));
if ($objUser->getStrAuthcode() != "" && $this->getParam("authcode") == $objUser->getStrAuthcode() && $objUser->getStrUsername() != "") {
if ($this->getParam("reset") == "") {
//Loading a small form to change the password
$strTemplateID = $this->objTemplate->readTemplate("/elements.tpl", "login_form");
$arrTemplate = array();
$strForm = "";
$strForm .= $this->objToolkit->getTextRow($this->getLang("login_password_form_intro", "user"));
$strForm .= $this->objToolkit->formHeader(class_link::getLinkAdminHref($this->getArrModule("modul"), "pwdReset"));
$strForm .= $this->objToolkit->formInputText("username", $this->getLang("login_loginUser", "user"), "", "inputTextShort");
$strForm .= $this->objToolkit->formInputPassword("password1", $this->getLang("login_loginPass", "user"), "", "inputTextShort");
$strForm .= $this->objToolkit->formInputPassword("password2", $this->getLang("login_loginPass2", "user"), "", "inputTextShort");
$strForm .= $this->objToolkit->formInputSubmit($this->getLang("login_changeButton", "user"), "", "", "inputSubmitShort");
$strForm .= $this->objToolkit->formInputHidden("reset", "reset");
$strForm .= $this->objToolkit->formInputHidden("authcode", $this->getParam("authcode"));
$strForm .= $this->objToolkit->formInputHidden("systemid", $this->getParam("systemid"));
$strForm .= $this->objToolkit->formClose();
$arrTemplate["form"] = $strForm;
$arrTemplate["loginTitle"] = $this->getLang("login_loginTitle", "user");
$arrTemplate["loginJsInfo"] = $this->getLang("login_loginJsInfo", "user");
$arrTemplate["loginCookiesInfo"] = $this->getLang("login_loginCookiesInfo", "user");
//An error occurred?
if ($this->getParam("loginerror") == 1) {
$arrTemplate["error"] = $this->getLang("login_loginError", "user");
}
$strReturn = $this->objTemplate->fillTemplate($arrTemplate, $strTemplateID);
} else {
//check the submitted passwords.
$strPass1 = trim($this->getParam("password1"));
$strPass2 = trim($this->getParam("password2"));
if ($strPass1 == $strPass2 && checkText($strPass1, 3, 200) && $objUser->getStrUsername() == $this->getParam("username")) {
if ($objUser->getObjSourceUser()->isPasswordResettable() && method_exists($objUser->getObjSourceUser(), "setStrPass")) {
$objUser->getObjSourceUser()->setStrPass($strPass1);
$objUser->getObjSourceUser()->updateObjectToDb();
}
$objUser->setStrAuthcode("");
$objUser->updateObjectToDb();
class_logger::getInstance()->addLogRow("changed password of user " . $objUser->getStrUsername(), class_logger::$levelInfo);
$strReturn .= $this->getLang("login_change_success", "user");
} else {
$strReturn .= $this->getLang("login_change_error", "user");
}
}
} else {
$strReturn .= $this->getLang("login_change_error", "user");
}
return $strReturn;
}
/**
* Creates a form to enter the new password of the account to reset.
*
* @return string
*/
private function newPwdForm()
{
$strReturn = "";
if ($this->getParam("reset") != "" && getPost("reset") != "") {
//try to load the user
$objUser = new class_module_user_user($this->getParam("systemid"));
if ($objUser->getStrAuthcode() != "" && $objUser->getStrAuthcode() == $this->getParam("authcode") && $objUser->getStrUsername() != "") {
//check the submitted passwords.
$strPass1 = trim($this->getParam("portallogin_password1"));
$strPass2 = trim($this->getParam("portallogin_password2"));
$objValidator = new class_text_validator();
if ($strPass1 == $strPass2 && $objValidator->validate($strPass1)) {
if ($objUser->getObjSourceUser()->isPasswordResettable() && method_exists($objUser->getObjSourceUser(), "setStrPass")) {
$objUser->getObjSourceUser()->setStrPass($strPass1);
$objUser->getObjSourceUser()->updateObjectToDb();
}
$objUser->setStrAuthcode("");
$objUser->updateObjectToDb();
class_logger::getInstance(class_logger::USERSOURCES)->addLogRow("changed password of user " . $objUser->getStrUsername(), class_logger::$levelInfo);
$strReturn .= $this->getLang("resetSuccess");
} else {
$strReturn .= $this->getLang("resetError");
}
} else {
$strReturn .= $this->getLang("resetError");
}
} else {
$strTemplateID = $this->objTemplate->readTemplate("/element_portallogin/" . $this->arrElementData["portallogin_template"], "portallogin_newpwdform");
$arrTemplate = array();
//check sysid & authcode
$objUser = new class_module_user_user($this->getParam("systemid"));
if ($objUser->getStrAuthcode() != "" && $objUser->getStrAuthcode() == $this->getParam("authcode")) {
$arrTemplate["portallogin_action"] = "portalResetPwd";
$arrTemplate["portallogin_systemid"] = $this->getParam("systemid");
$arrTemplate["portallogin_authcode"] = $this->getParam("authcode");
$arrTemplate["portallogin_resetHint"] = "portalLoginReset";
$arrTemplate["portallogin_elsystemid"] = $this->arrElementData["content_id"];
$arrTemplate["action"] = class_link::getLinkPortalHref($this->getPagename());
$strReturn .= $this->fillTemplate($arrTemplate, $strTemplateID);
} else {
$strReturn .= "Permission Error";
}
}
return $strReturn;
}
/**
* Creates a form to collect a users data
*
* @return string
*/
private function editUserData()
{
$arrErrors = array();
$bitForm = true;
//what to do?
if ($this->getParam("submitUserForm") != "") {
$objTextValidator = new class_text_validator();
$objEmailValidator = new class_email_validator();
if ($this->getParam("password") == "" || $this->getParam("password") != $this->getParam("password2")) {
$arrErrors[] = $this->getLang("pr_passwordsUnequal");
}
if (!$objTextValidator->validate($this->getParam("username"))) {
$arrErrors[] = $this->getLang("pr_noUsername");
}
//username already existing?
if ($objTextValidator->validate($this->getParam("username")) && count(class_module_user_user::getAllUsersByName($this->getParam("username"))) > 0) {
$arrErrors[] = $this->getLang("pr_usernameGiven");
}
if (!$objEmailValidator->validate($this->getParam("email"))) {
$arrErrors[] = $this->getLang("pr_invalidEmailadress");
}
//Check captachcode
if ($this->getParam("form_captcha") == "" || $this->getParam("form_captcha") != $this->objSession->getCaptchaCode()) {
$arrErrors[] = $this->getLang("pr_captcha");
}
if (count($arrErrors) == 0) {
$bitForm = false;
}
}
if ($bitForm) {
$strTemplateID = $this->objTemplate->readTemplate("/element_portalregistration/" . $this->arrElementData["portalregistration_template"], "portalregistration_userdataform");
$arrTemplate = array();
$arrTemplate["username"] = $this->getParam("username");
$arrTemplate["email"] = $this->getParam("email");
$arrTemplate["forename"] = $this->getParam("forename");
$arrTemplate["name"] = $this->getParam("name");
$arrTemplate["formaction"] = class_link::getLinkPortalHref($this->getPagename(), "", "portalCreateAccount");
$arrTemplate["formErrors"] = "";
if (count($arrErrors) > 0) {
foreach ($arrErrors as $strOneError) {
$strErrTemplate = $this->objTemplate->readTemplate("/element_portalregistration/" . $this->arrElementData["portalregistration_template"], "errorRow");
$arrTemplate["formErrors"] .= "" . $this->fillTemplate(array("error" => $strOneError), $strErrTemplate);
}
}
return $this->fillTemplate($arrTemplate, $strTemplateID);
} else {
//create new user, inactive
$objUser = new class_module_user_user();
$objUser->setStrUsername($this->getParam("username"));
$objUser->setIntActive(0);
$objUser->setIntAdmin(0);
$objUser->setIntPortal(1);
$objUser->setStrSubsystem("kajona");
$strAuthcode = generateSystemid();
$objUser->setStrAuthcode($strAuthcode);
if ($objUser->updateObjectToDb()) {
$objSourceuser = $objUser->getObjSourceUser();
$objSourceuser->setStrEmail($this->getParam("email"));
$objSourceuser->setStrForename($this->getParam("forename"));
$objSourceuser->setStrName($this->getParam("name"));
$objSourceuser->setStrPass($this->getParam("password"));
$objSourceuser->updateObjectToDb();
//group assignments
$objGroup = new class_module_user_group($this->arrElementData["portalregistration_group"]);
$objGroup->getObjSourceGroup()->addMember($objUser->getObjSourceUser());
//and to the guests to avoid conflicts
$objGroup = new class_module_user_group(class_module_system_setting::getConfigValue("_guests_group_id_"));
$objGroup->getObjSourceGroup()->addMember($objUser->getObjSourceUser());
//create a mail to allow the user to activate itself
$strMailContent = $this->getLang("pr_email_body");
$strTemp = getLinkPortalHref($this->getPagename(), "", "portalCompleteRegistration", "&authcode=" . $strAuthcode, $objUser->getSystemid());
$strMailContent .= html_entity_decode("<a href=\"" . $strTemp . "\">" . $strTemp . "</a>");
$strMailContent .= $this->getLang("pr_email_footer");
$objScriptlets = new class_scriptlet_helper();
$strMailContent = $objScriptlets->processString($strMailContent);
$objMail = new class_mail();
$objMail->setSubject($this->getLang("pr_email_subject"));
$objMail->setHtml($strMailContent);
$objMail->addTo($this->getParam("email"));
$objMail->sendMail();
}
return $this->getLang("pr_register_suc");
}
}