public static function login($user)
{
$ticket = self::getTicketString();
if (!isset($ticket)) {
$ticket = self::createTicket($user);
}
$_SESSION[SYS_SESSION_KEY]['user'] = $user;
self::updateTicket($ticket, $user);
expPermissions::load($user);
}
public function update()
{
global $user, $db;
// get the id of user we are editing, if there is one
$id = empty($this->params['id']) ? null : $this->params['id'];
if (($user->id == $id || $user->isAdmin()) && $this->params['userkey'] != expSession::get("userkey")) {
expHistory::back();
}
// make sure this user should be updating user accounts
if (!$user->isLoggedIn() && SITE_ALLOW_REGISTRATION == 0) {
flash('error', gt('This site does not allow user registrations'));
expHistory::back();
} elseif (!$user->isAdmin() && ($user->isLoggedIn() && $user->id != $id)) {
flash('error', gt('You do not have permission to edit this user account'));
expHistory::back();
}
// if this is a new user account we need to check the password.
// the password fields wont come thru on an edit. Otherwise we will
// just update the existing account.
if (!empty($id)) {
$u = new user($id);
$u->update($this->params);
if ($user->isAdmin()) {
flash('message', gt('Account information for') . ' ' . $u->username . ' ' . gt('has been updated.'));
} else {
flash('message', gt('Thank you') . ' ' . $u->firstname . '. ' . gt('Your account information has been updated.'));
}
} else {
$u = new user($this->params);
$ret = $u->setPassword($this->params['pass1'], $this->params['pass2']);
if ($ret != true) {
expValidator::failAndReturnToForm($ret, $this->params);
}
$u->save();
if ($user->isAdmin()) {
flash('message', gt('Created new user account for') . ' ' . $u->username);
} else {
user::login($u->username, $this->params['pass1']);
flash('message', gt('Thank you') . ' ' . $u->firstname . '. ' . gt('Your new account has been created.'));
}
}
// update the user profiles
if (!empty($u->id)) {
$this->params['user_id'] = $u->id;
// get the active profile extensions and save them out
$active_extensions = $db->selectObjects('profileextension', 'active=1');
foreach ($active_extensions as $pe) {
if (is_file(BASE . $pe->classfile)) {
include_once BASE . $pe->classfile;
$ext = new $pe->classname();
$db->delete($ext->tablename, 'user_id=' . $u->id);
$ext->update($this->params);
}
}
}
// if this is a new account then we will check to see if we need to send
// a welcome message or admin notification of new accounts.
if (empty($id)) {
// Calculate Group Memeberships for newly created users. Any groups that
// are marked as 'inclusive' automatically pick up new users. This is the part
// of the code that goes out, finds those groups, and makes the new user a member
// of them.
$memb = null;
$memb->member_id = $u->id;
// Also need to process the groupcodes, for promotional signup
$code_where = '';
if (isset($this->params['groupcode']) && $this->params['groupcode'] != '') {
$code_where = " OR code='" . $this->params['groupcode'] . "'";
}
foreach ($db->selectObjects('group', 'inclusive=1' . $code_where) as $g) {
$memb->group_id = $g->id;
$db->insertObject($memb, 'groupmembership');
}
// if we added the user to any group than we need to reload their permissions
expPermissions::load($u);
//signup email stuff
if (USER_REGISTRATION_SEND_WELCOME) {
$msg = $u->firstname . ", \n\n";
$msg .= sprintf(USER_REGISTRATION_WELCOME_MSG, $u->firstname, $u->lastname, $u->username);
$mail = new expMail();
$mail->quickSend(array('text_message' => $msg, 'to' => trim($u->email), 'from' => SMTP_FROMADDRESS, 'subject' => USER_REGISTRATION_WELCOME_SUBJECT));
flash('message', gt('A welcome email has been sent to') . ' ' . $u->email);
}
// send and email notification to the admin of the site.
if (USER_REGISTRATION_SEND_NOTIF && !$user->isAdmin()) {
$msg = "When: " . date("F j, Y, g:i a") . "\n\n";
$msg .= "Their name is: " . $u->firstname . " " . $u->lastname . "\n\n";
$mail = new expMail();
$mail->quickSend(array('text_message' => $msg, 'to' => trim(USER_REGISTRATION_ADMIN_EMAIL), 'from' => SMTP_FROMADDRESS, 'subject' => USER_REGISTRATION_NOTIF_SUBJECT));
}
}
expHistory::back();
}
