/** * @Route("/committee/users", name="crud_committee_user_list") * @Template() */ public function listCommitteeUserAction() { $output = array(); $request = $this->getRequest(); $session = $request->getSession(); $translator = $this->get('translator'); $em = $this->getDoctrine()->getManager(); $util = new Util($this->container, $this->getDoctrine()); $user_repository = $em->getRepository('Proethos2ModelBundle:User'); $role_repository = $em->getRepository('Proethos2ModelBundle:Role'); $country_repository = $em->getRepository('Proethos2ModelBundle:Country'); $users = $user_repository->findAll(); // serach parameter $search_query = $request->query->get('q'); if ($search_query) { $users = $user_repository->createQueryBuilder('m')->where('m.name LIKE :query')->setParameter('query', "%" . $search_query . "%")->getQuery()->getResult(); } $output['users'] = $users; $roles = $role_repository->findAll(); $output['roles'] = $roles; $countries = $country_repository->findBy(array(), array('name' => 'asc')); $output['countries'] = $countries; // checking if was a post request if ($this->getRequest()->isMethod('POST')) { // getting post data $post_data = $request->request->all(); // checking required fields foreach (array('name', 'username', 'email', 'country') as $field) { if (!isset($post_data[$field]) or empty($post_data[$field])) { $session->getFlashBag()->add('error', $translator->trans("Field '%field%' is required.", array("%field%" => $field))); return $output; } } $country = $country_repository->find($post_data['country']); $user = new User(); $user->setCountry($country); $user->setName($post_data['name']); $user->setUsername($post_data['username']); $user->setEmail($post_data['email']); $user->setInstitution($post_data['institution']); $user->setFirstAccess(false); if (isset($post_data['status'])) { $user->setIsActive(true); } // adding user role $user->addProethos2Role($role_repository->findOneBy(array('slug' => 'investigator'))); $encoderFactory = $this->get('security.encoder_factory'); $encoder = $encoderFactory->getEncoder($user); $salt = $user->getSalt(); // this should be different for every user $password = $encoder->encodePassword(md5(date("YmdHis")), $salt); $user->setPassword($password); // Send email to created user with the link to change the first password $baseurl = $request->getScheme() . '://' . $request->getHttpHost() . $request->getBasePath(); $hashcode = $user->generateHashcode(); $em->persist($user); $em->flush(); // TODO need to get the relative path $url = $baseurl . "/public/account/reset_my_password?hashcode=" . $hashcode; $message = \Swift_Message::newInstance()->setSubject("[proethos2] " . $translator->trans("Set your password"))->setFrom($util->getConfiguration('committee.email'))->setTo($post_data['email'])->setBody($translator->trans("Hello! You have been registered in the ProEthos2 Platform. Please set your password:"******"<br>" . "<br>" . $translator->trans("Access the link below") . ":" . "<br>" . "<br>{$url}" . "<br>" . "<br>" . $translator->trans("Regards") . "," . "<br>" . $translator->trans("Proethos2 Team"), 'text/html'); $send = $this->get('mailer')->send($message); $em->persist($user); $em->flush(); $session->getFlashBag()->add('success', $translator->trans("User created with success.")); return $this->redirectToRoute('crud_committee_user_list', array(), 301); } return $output; }
/** * @Route("/public/account/new", name="security_new_user") * @Template() */ public function newUserAction() { $output = array(); $request = $this->getRequest(); $session = $request->getSession(); $translator = $this->get('translator'); $em = $this->getDoctrine()->getManager(); $util = new Util($this->container, $this->getDoctrine()); // getting post data $post_data = $request->request->all(); $user_repository = $em->getRepository('Proethos2ModelBundle:User'); $country_repository = $em->getRepository('Proethos2ModelBundle:Country'); $countries = $country_repository->findBy(array(), array('name' => 'asc')); $output['countries'] = $countries; $output['content'] = array(); $output['recaptcha_secret'] = $util->getConfiguration('recaptcha.secret'); // checking if was a post request if ($this->getRequest()->isMethod('POST')) { // getting post data $post_data = $request->request->all(); $output['content'] = $post_data; // checking required fields foreach (array('name', 'username', 'email', 'country', 'password', 'confirm-password') as $field) { if (!isset($post_data[$field]) or empty($post_data[$field])) { $session->getFlashBag()->add('error', $translator->trans("Field '%field%' is required.", array("%field%" => $field))); return $output; } } // only check captcha if not in dev $secret = $output['recaptcha_secret']; if (!empty($secret) and strpos($_SERVER['HTTP_HOST'], 'localhost') < 0) { // RECAPTCHA // params to send to recapctha api $data = array("secret" => $secret, "response" => $post_data['g-recaptcha-response'], "remoteip" => $_SERVER['REMOTE_ADDR']); // options from file_Get_contents $options = array('http' => array('header' => "Content-type: application/x-www-form-urlencoded\r\n", 'method' => 'POST', 'content' => http_build_query($data))); // making the POST request to API $context = stream_context_create($options); $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify", false, $context); $response = json_decode($response); // if has problems, stop if (!$response->success) { $session->getFlashBag()->add('error', $translator->trans("Have an error with captcha. Please try again.")); return $output; } } if ($post_data['password'] != $post_data['confirm-password']) { $session->getFlashBag()->add('error', $translator->trans("Passwords don't match.")); return $output; } $country = $country_repository->find($post_data['country']); $user = new User(); $user->setCountry($country); $user->setName($post_data['name']); $user->setUsername($post_data['username']); $user->setEmail($post_data['email']); $user->setInstitution($post_data['institution']); $user->setFirstAccess(false); $user->setIsActive(false); $encoderFactory = $this->get('security.encoder_factory'); $encoder = $encoderFactory->getEncoder($user); $salt = $user->getSalt(); // this should be different for every user $password = $encoder->encodePassword($post_data['password'], $salt); $user->setPassword($password); $user->cleanHashcode(); $baseurl = $request->getScheme() . '://' . $request->getHttpHost() . $request->getBasePath(); // send email to the user $message = \Swift_Message::newInstance()->setSubject("[proethos2] " . $translator->trans("Welcome to the Proethos2 platform!"))->setFrom($util->getConfiguration('committee.email'))->setTo($post_data['email'])->setBody($translator->trans("Hello! You have been registered in the Proethos2 platform.") . "<br>" . "<br>" . $translator->trans("Please wait until your access has been validated. We will send you an email.") . "<br>" . "<br>" . $translator->trans("Regards") . "," . "<br>" . $translator->trans("Proethos2 Team"), 'text/html'); $send = $this->get('mailer')->send($message); // send email to the secreataries $secretaries_emails = array(); foreach ($user_repository->findAll() as $secretary) { if (in_array('secretary', $secretary->getRolesSlug())) { $secretaries_emails[] = $secretary->getEmail(); } } $message = \Swift_Message::newInstance()->setSubject("[proethos2] " . $translator->trans("New user on Proethos2 platform"))->setFrom($util->getConfiguration('committee.email'))->setTo($secretaries_emails)->setBody($translator->trans("Hello! There is a new user registered in the Proethos2 platform.") . "<br>" . "<br>" . $translator->trans("Please check and authorize this access.") . "<br>" . "<br>" . $baseurl . "<br>" . "<br>" . $translator->trans("Regards") . "," . "<br>" . $translator->trans("Proethos2 Team"), 'text/html'); $send = $this->get('mailer')->send($message); $em->persist($user); $em->flush(); $session->getFlashBag()->add('success', $translator->trans("User created with success. Wait for approval.")); return $this->redirectToRoute('home', array(), 301); } return $output; }