public function emailSubmit()
{
$f3 = \Base::instance();
$email = $this->input->get('new_email', null, 'string');
$data = array('change_email' => array('email' => $email, 'token' => (string) new \MongoId(), 'created' => \Dsc\Mongo\Metastamp::getDate('now')));
// TODO Validate that it is an email
if (empty($email)) {
\Dsc\System::addMessage('Invalid Email.', 'error');
$f3->reroute('/user/change-email');
return;
}
// Verify whether or not the email address is already registered
if (\Users\Models\Users::emailExists($email)) {
\Dsc\System::addMessage('Email address already registered.', 'error');
$f3->reroute('/user/change-email');
return;
}
$user = $this->getIdentity();
$user->bind($data);
try {
$user->save()->sendEmailChangeEmailConfirmation();
} catch (\Exception $e) {
\Dsc\System::addMessage('Email submission failed.', 'error');
\Dsc\System::addMessage($e->getMessage(), 'error');
$f3->reroute('/user/change-email');
return;
}
\Dsc\System::addMessage('Email change request submitted. Please check your inbox for a verification email from us.');
$f3->reroute('/user/change-email/verify');
}
/**
* Finds user by [[username]]
*
* @param bool $active
* @return null|Users
*/
public function getUser($active = true)
{
if ($this->_user === false) {
$this->_user = Users::findByUsername($this->username, $active);
}
return $this->_user;
}
/**
* This method returns update clause which will be later on passed to collection
*
* @param $data Data from request
* @param $params Arrays with possible additional params (for different modes of updater
*
* @return Based on mode of updater, either update clause or updated document
*/
public function getUpdateClause($data, $params = array())
{
// check required parameters
if (!$this->checkParams($params)) {
return null;
}
$dataset = $params['dataset'];
$data = $this->inputFilter()->clean($data, "alnum");
$act_user = \Users\Models\Users::collection()->find(array("_id" => new \MongoId((string) $data)))->skip(0)->limit(1);
if (!$act_user->hasNext()) {
return null;
}
$act_user = $act_user->getNext();
$res_updates = array($this->attribute->getAttributeCollection() . '.id' => new \MongoId((string) $data), $this->attribute->getAttributeCollection() . '.name' => $act_user['username']);
switch ($this->attribute->getUpdaterMode()) {
case 0:
return array('$set', $res_updates);
case 1:
$doc = $params['document'];
foreach ($res_updates as $key => $value) {
$doc[$key] = $value;
}
return $doc;
}
}
public function assign($role, $userId)
{
if (!Users::findOne([Users::primaryKey()[0] => $userId])) {
throw new Exception("Пользователь не найден");
}
return parent::assign($role, $userId);
}
protected function fetchConditions()
{
parent::fetchConditions();
$filter_active_after = $this->getState('filter.active_after');
if (strlen($filter_active_after)) {
$this->setCondition('$and', array('last_activity' => array('$gt' => $filter_active_after)), 'append');
}
return $this;
}
/**
* Signs user up.
*
* @return Users|null the saved model or null if saving fails
*/
public function register()
{
if ($this->validate()) {
/** @var Users $user */
$user = Yii::createObject(Users::className());
$user->setScenario('register');
$user->setAttributes($this->attributes);
return $user->register();
}
return false;
}
/**
* Sends recovery message.
*
* @return bool
*/
public function sendRecoveryMessage()
{
/** @var Users $user */
if ($this->validate() && ($user = Users::findOne(['username' => $this->username]))) {
$name = Yii::$app->name;
$user->recovery_token = Yii::$app->security->generateRandomString();
$user->recovery_sent_at = time();
$user->save(false);
return $this->mail->compose('@users/views/mail/recovery', ['user' => $user])->setTo($user->email)->setFrom(Yii::$app->params['adminEmail'])->setSubject("Смена пароля на сайте '{$name}'")->send();
}
return false;
}
public static function fetchForEmail($email)
{
$actor = new static();
$user = \Users\Models\Users::emailExists($email);
if (!empty($user->id)) {
$actor->load(array('user_id' => $user->id));
$actor->user_id = $user->id;
$actor->name = $user->email;
} else {
$actor->load(array('name' => $email));
$actor->name = $email;
}
if (empty($actor->id)) {
$actor->is_excluded = false;
$actor->is_excluded_last_checked = date('Y-m-d', strtotime('today'));
$actor->is_bot = false;
$actor->is_bot_last_checked = date('Y-m-d', strtotime('today'));
$actor->save();
}
if ($actor->is_bot_last_checked < date('Y-m-d', strtotime('today')) || $actor->is_excluded_last_checked < date('Y-m-d', strtotime('today'))) {
$actor->is_excluded_last_checked = date('Y-m-d', strtotime('today'));
$actor->is_bot_last_checked = date('Y-m-d', strtotime('today'));
$actor->store();
}
return $actor;
}
<div class="row">
<div class="col-md-2">
<h4>Admin Tags</h4>
</div>
<div class="col-md-10">
<div class="form-group">
<select name="filter[admin_tags]" class="form-control ui-select2" multiple>
<option value="--" <?php
if (in_array('--', (array) $state->get('filter.admin_tags'))) {
echo 'selected';
}
?>
>Untagged</option>
<?php
foreach (\Users\Models\Users::distinctAdminTags() as $tag) {
?>
<option <?php
if (in_array($tag, (array) $state->get('filter.admin_tags'))) {
echo 'selected';
}
?>
value="<?php
echo $tag;
?>
"><?php
echo $tag;
?>
</option>
<?php
}
/**
* @throws \Exception
*/
public function updateAuthKey()
{
$this->auth_key = Yii::$app->security->generateRandomString();
$transaction = Users::getDb()->beginTransaction();
try {
if ($this->update('auth_key')) {
\Yii::getLogger()->log("User '{$this->username}' auth_key updated", Logger::LEVEL_INFO);
$transaction->commit();
}
\Yii::getLogger()->log("An error occurred while auth_key user '{$this->username}' updated", Logger::LEVEL_ERROR);
} catch (\Exception $e) {
$transaction->rollBack();
throw $e;
}
}
public function register()
{
$f3 = \Base::instance();
$checkout_method = strtolower($this->input->get('checkout_method', null, 'alnum'));
switch ($checkout_method) {
// if $checkout_method == guest
// store email in cart object and then continue
// create a guest mongoid
case "guest":
$real_email = trim(strtolower($this->input->get('email_address', null, 'string')));
if (\Users\Models\Users::emailExists($real_email)) {
\Dsc\System::addMessage('This email is already registered. Please login to continue. <a href="./user/forgot-password">If necessary, you can recover your password here.</a>', 'error');
$this->app->reroute('/shop/checkout');
return;
}
$mongo_id = (string) new \MongoId();
$email = 'guest-' . $mongo_id . '@' . $mongo_id . '.' . $mongo_id;
$password = \Users\Models\Users::generateRandomString();
$data = array('first_name' => 'Guest', 'last_name' => 'User', 'email' => $email, 'guest_email' => $real_email, 'new_password' => $password, 'confirm_new_password' => $password);
$user = (new \Users\Models\Users())->bind($data);
try {
// this will handle other validations, such as username uniqueness, etc
$user->guest = true;
$user->active = false;
$user->save();
} catch (\Exception $e) {
\Dsc\System::addMessage('Could not create guest account', 'error');
\Dsc\System::addMessage($e->getMessage(), 'error');
\Dsc\System::instance()->setUserState('shop.checkout.register.flash_filled', true);
$flash = \Dsc\Flash::instance();
$flash->store(array());
$this->app->reroute('/shop/checkout');
return;
}
// if we have reached here, then all is right with the form
$flash = \Dsc\Flash::instance();
$flash->store(array());
// login the user, trigger Listeners
\Dsc\System::instance()->get('auth')->login($user);
$this->app->reroute('/shop/checkout');
break;
// if $checkout_method == register
// validate data
// create user
// redirect back to checkout
// if $checkout_method == register
// validate data
// create user
// redirect back to checkout
case "register":
$email = trim(strtolower($this->input->get('email_address', null, 'string')));
$data = array('first_name' => $this->input->get('first_name', null, 'string'), 'last_name' => $this->input->get('last_name', null, 'string'), 'email' => $email, 'new_password' => $this->input->get('new_password', null, 'string'), 'confirm_new_password' => $this->input->get('confirm_new_password', null, 'string'));
$user = (new \Users\Models\Users())->bind($data);
// Check if the email already exists and give a custom message if so
if (!empty($user->email) && ($existing = $user->emailExists($user->email))) {
if (empty($user->id) || $user->id != $existing->id) {
\Dsc\System::addMessage('This email is already registered.', 'error');
\Dsc\System::instance()->setUserState('shop.checkout.register.flash_filled', true);
$flash = \Dsc\Flash::instance();
$flash->store($user->cast());
$this->app->reroute('/shop/checkout');
return;
}
}
try {
// this will handle other validations, such as username uniqueness, etc
$settings = \Users\Models\Settings::fetch();
$registration_action = $settings->{'general.registration.action'};
switch ($registration_action) {
case "auto_login":
$user->active = true;
$user->save();
break;
case "auto_login_with_validation":
$user->active = false;
$user->save();
$user->sendEmailValidatingEmailAddress();
break;
default:
$user->active = false;
$user->save();
$user->sendEmailValidatingEmailAddress();
break;
}
} catch (\Exception $e) {
\Dsc\System::addMessage('Could not create account.', 'error');
\Dsc\System::addMessage($e->getMessage(), 'error');
\Dsc\System::instance()->setUserState('shop.checkout.register.flash_filled', true);
$flash = \Dsc\Flash::instance();
$flash->store($user->cast());
$f3->reroute('/shop/checkout');
return;
}
// if we have reached here, then all is right with the form
$flash = \Dsc\Flash::instance();
$flash->store(array());
// login the user, trigger Listeners
\Dsc\System::instance()->get('auth')->login($user);
$this->app->reroute('/shop/checkout');
break;
// if $checkout_method something else,
// add message?
// redirect back to checkout
// if $checkout_method something else,
// add message?
// redirect back to checkout
default:
\Dsc\System::addMessage('Invalid Checkout Method', 'error');
$this->app->reroute('/shop/checkout');
break;
}
}
protected function beforeSave()
{
$this->on_hold = boolval($this->on_hold);
return parent::beforeSave();
}
/**
* @return \yii\db\ActiveQuery
*/
public function getUser()
{
return $this->hasOne(Users::className(), ['id' => 'user_id']);
}
/**
* Validates a token, usually from clicking on a link in an email
*
* @throws \Exception
*/
public function validateToken()
{
$f3 = \Base::instance();
$token = $this->inputfilter->clean($f3->get('PARAMS.token'), 'alnum');
try {
$user = \Users\Models\Users::validateLoginToken($token);
\Dsc\System::addMessage('Thank you for validating your email address. You may now login.');
if (!empty($this->getIdentity()->id)) {
\Dsc\System::instance()->get('auth')->logout();
}
$f3->reroute('/login');
} catch (\Exception $e) {
\Dsc\System::addMessage('Email validation failed. Please confirm the token and try again.', 'error');
\Dsc\System::addMessage($e->getMessage(), 'error');
if (!empty($this->getIdentity()->id)) {
\Dsc\System::instance()->get('auth')->logout();
}
$f3->reroute('/login/validate');
}
}
/**
* Displays page where user can reset password.
*
* @param $id
* @param $token
* @return string
* @throws \yii\web\NotFoundHttpException
*/
public function actionReset($id, $token)
{
/* @var $user \users\models\Users */
$model = new RecoveryForm(['scenario' => 'reset']);
$user = Users::find()->where(['id' => $id, 'recovery_token' => $token])->one();
if ($user === null || $user->getIsAttributePeriodExpired('recovery_sent_at')) {
return $this->render('invalidToken');
}
if ($model->load(\Yii::$app->getRequest()->post())) {
if ($user->resetPassword($model->password)) {
\Yii::$app->session->setFlash('success', Elements::header(Elements::icon('thumbs up') . 'Поздравляем! Пароль успешно сброшен.'));
return $this->render('resetFinish');
} else {
\Yii::$app->session->setFlash('error', Elements::header(Elements::icon('warning sign') . 'Не удалось сбросить пароль!'));
}
}
return $this->render('resetPassword', ['model' => $model]);
}
<div class="row">
<div class="col-md-2">
<h3>Admin Tags</h3>
<p class="help-block">Tags applied to the user for administrative use only</p>
</div>
<!-- /.col-md-2 -->
<div class="col-md-10">
<div class="form-group">
<label>Separate tags by hitting Enter or with a comma.</label>
<input name="admin_tags" data-tags='<?php
echo json_encode(\Users\Models\Users::distinctAdminTags());
?>
' value="<?php
echo implode(",", (array) $flash->old('admin_tags'));
?>
" type="text" class="form-control ui-select2-tags" />
</div>
<!-- /.form-group -->
</div>
<!-- /.col-md-10 -->
</div>
<!-- /.row -->
/**
* Checks if the user is banned/inactive/suspended
*
* @param Users\Models\Users $user
*/
public function checkUserFlags(\Users\Models\Users $user)
{
if (empty($user->active)) {
$user->sendEmailValidatingEmailAddress();
$this->remove();
throw new \Exception("You haven't verified your email address yet. Please check your email for further instructions.");
}
if (!empty($user->banned)) {
$this->remove();
throw new \Exception('The user is banned');
}
if (!empty($user->suspended)) {
$this->remove();
throw new \Exception('The user is suspended');
}
}
