Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F1207680
in-portal
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sun, Nov 9, 1:35 AM
Size
89 KB
Mime Type
text/x-diff
Expires
Tue, Nov 11, 1:35 AM (16 m, 2 s)
Engine
blob
Format
Raw Data
Handle
788881
Attached To
rINP In-Portal
in-portal
View Options
Index: trunk/kernel/units/users/users_event_handler.php
===================================================================
--- trunk/kernel/units/users/users_event_handler.php (revision 2479)
+++ trunk/kernel/units/users/users_event_handler.php (revision 2480)
@@ -1,718 +1,728 @@
<?php
class UsersEventHandler extends InpDBEventHandler
{
function OnSessionExpire()
{
if( $this->Application->IsAdmin() )
{
$location = $this->Application->BaseURL().ADMIN_DIR.'/index.php?expired=1';
header('Location: '.$location);
exit;
}
else
{
$t = $this->Application->GetVar('t');
$this->Application->Redirect($t ? $t : 'index', $_GET);
}
}
/**
* Checks user data and logs it in if allowed
*
* @param kEvent $event
*/
function OnLogin(&$event)
{
$this->Application->setUnitOption($event->Prefix, 'AutoLoad', false);
$object =& $this->Application->recallObject('u');
$password = $this->Application->GetVar('password');
if(!$password)
{
$object->SetError('ValidateLogin', 'blank_password', 'lu_blank_password');
$event->status = erFAIL;
return false;
}
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$login_value = $this->Application->GetVar($submit_field);
/*$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (%s = %s) AND (Password = MD5(%s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $login_field, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );*/
$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (Email = %1$s OR Login = %1$s) AND (Password = MD5(%2$s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );
if($user_id)
{
$object->Load($user_id);
if( $object->GetDBField('Status') == STATUS_ACTIVE )
{
$groups = $object->getMembershipGroups(true);
if(!$groups) $groups = Array();
if (!defined('ADMIN')) array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup') );
$this->Application->StoreVar( 'UserGroups', implode(',', $groups) );
if( $this->Application->CheckPermission('LOGIN',0) )
{
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', $user_id);
$this->Application->SetVar('u_id', $user_id);
$this->Application->StoreVar('user_id', $user_id);
$this->Application->setVisitField('PortalUserId', $user_id);
}
else
{
$object->Load(-2);
$object->SetError('ValidateLogin', 'no_permission', 'lu_no_permissions');
$event->status = erFAIL;
}
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
}
else
{
$event->redirect = $this->Application->GetVar('pending_disabled_template');
}
}
else
{
$object->SetError('ValidateLogin', 'invalid_password', 'lu_invalid_password');
$event->status = erFAIL;
}
}
+ /**
+ * Called when user logs in using old in-portal
+ *
+ * @param kEvent $event
+ */
+ function OnInpLogin(&$event)
+ {
+
+ }
+
function OnLogout(&$event)
{
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', -2);
$this->Application->SetVar('u_id', -2);
$this->Application->StoreVar('user_id', -2);
$object =& $this->Application->recallObject('u');
$object->Load(-2);
$this->Application->DestroySession();
$group_list = $this->Application->ConfigValue('User_GuestGroup').','.$this->Application->ConfigValue('User_LoggedInGroup');
$session->SetField('GroupList', $group_list);
$this->Application->StoreVar('UserGroups', $group_list);
}
/**
* Prefill states dropdown with correct values
*
* @param kEvent $event
* @access public
*/
function OnPrepareStates(&$event)
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->PopulateStates($event, 'State', 'Country');
$object =& $event->getObject();
if( $cs_helper->CountryHasStates( $object->GetDBField('Country') ) ) $object->Fields['State']['required'] = true;
if( $this->Application->ConfigValue('Email_As_Login') )
{
$object->SetDBField('Login', $object->GetDBField('Email') );
}
}
/**
* Redirects user after succesfull registration to confirmation template (on Front only)
*
* @param kEvent $event
*/
function OnAfterItemCreate(&$event)
{
$is_subscriber = $this->Application->GetVar('IsSubscriber');
if (!$is_subscriber){
$object =& $event->getObject();
$group_id = $this->Application->ConfigValue('User_NewGroup');
$sql = 'INSERT INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,1)';
$this->Conn->Query( sprintf($sql, $object->GetID(), $group_id) );
}
}
/**
* Login user if possible, if not then redirect to corresponding template
*
* @param kEvent $event
*/
function autoLoginUser(&$event)
{
$object =& $event->getObject();
$this->Application->SetVar('u_id', $object->GetID() );
if($object->GetDBField('Status') == STATUS_ACTIVE)
{
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$this->Application->SetVar($submit_field, $object->GetDBField($login_field) );
$this->Application->SetVar('password', $object->GetDBField('Password_plain') );
$event->CallSubEvent('OnLogin');
}
}
/**
* Creates new user
*
* @param kEvent $event
*/
function OnCreate(&$event)
{
if( !$this->Application->IsAdmin() ) $this->setUserStatus($event);
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->CheckStateField($event, 'State', 'Country');
parent::OnCreate($event);
$object =& $event->getObject();
$this->Application->SetVar('u_id', $object->getID() );
$this->Application->setUnitOption('u', 'AutoLoad', true);
switch ($object->GetDBField('Status')){
case 1:
$this->Application->EmailEventAdmin('USER.ADD', $object->GetID());
$this->Application->EmailEventUser('USER.ADD', $object->GetID());
break;
case 2:
$this->Application->EmailEventAdmin('USER.ADD.PENDING', $object->GetID());
$this->Application->EmailEventUser('USER.ADD.PENDING', $object->GetID());
break;
}
$this->setNextTemplate($event);
if( !$this->Application->IsAdmin() && ($event->status == erSUCCESS) && $event->redirect)
{
$this->autoLoginUser($event);
/*$object =& $event->getObject();
if( $object->GetDBField('Status') != STATUS_ACTIVE )
{
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
}*/
}
}
/**
* Set's new user status based on config options
*
* @param kEvent $event
*/
function setUserStatus(&$event)
{
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object =& $event->getObject();
$new_users_allowed = $this->Application->ConfigValue('User_Allow_New');
// 1 - Instant, 2 - Not Allowed, 3 - Pending
switch ($new_users_allowed)
{
case 1: // Instant
$object->SetDBField('Status', 1);
$next_template = $this->Application->GetVar('registration_confirm_template');
if($next_template) $event->redirect = $next_template;
break;
case 3: // Pending
$next_template = $this->Application->GetVar('registration_confirm_pending_template');
if($next_template) $event->redirect = $next_template;
$object->SetDBField('Status', 2);
break;
case 2: // Not Allowed
$object->SetDBField('Status', 0);
break;
}
}
/**
* Set's new unique resource id to user
*
* @param kEvent $event
*/
function OnBeforeItemCreate(&$event)
{
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
$object =& $event->getObject();
if ($email_as_login) {
$object->Fields['Email']['error_msgs']['unique'] =$this->Application->Phrase('lu_user_and_email_already_exist');
}
}
/**
* Set's new unique resource id to user
*
* @param kEvent $event
*/
function OnAfterItemValidate(&$event)
{
$object =& $event->getObject();
$object->SetDBField('ResourceId', $this->Application->NextResourceId() );
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnRecommend(&$event){
$friend_email = $this->Application->GetVar('friend_email');
$friend_name = $this->Application->GetVar('friend_email');
if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $friend_email))
{
$send_params = array();
$send_params['to_email']=$friend_email;
$send_params['to_name']=$friend_name;
$user_id = $this->Application->GetVar('u_id');
$email_event = &$this->Application->EmailEventUser('SITE.SUGGEST', $user_id, $send_params);
if ($email_event->status == erSUCCESS){
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
else {
// $event->redirect_params = array('opener' => 's', 'pass' => 'all');
// $event->redirect = $this->Application->GetVar('template_fail');
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['send_error'] = $this->Application->Phrase('lu_email_send_error');
$object->FieldErrors['Email']['pseudo'] = 'send_error';
$event->status = erFAIL;
}
}
else {
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail');
$object->FieldErrors['Email']['pseudo'] = 'invalid_email';
$event->status = erFAIL;
}
}
/**
* Saves address changes and mades no redirect
*
* @param kEvent $event
*/
function OnUpdateAddress(&$event)
{
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object =& $event->getObject();
$items_info = $this->Application->GetVar( $event->getPrefixSpecial(true) );
if($items_info)
{
list($id,$field_values) = each($items_info);
if($id > 0) $object->Load($id);
$object->SetFieldsFromHash($field_values);
$object->setID($id);
$object->Validate();
}
$event->redirect = false;
}
function OnSubscribeQuery(&$event){
$user_email = $this->Application->GetVar('subscriber_email');
if ( preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email) ){
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object = &$this->Application->recallObject($this->Prefix.'.subscriber');
$this->Application->StoreVar('SubscriberEmail', $user_email);
if( $object->Load(array('Email'=>$user_email)) ){
$group_info = $this->GetGroupInfo($object->GetID());
if($group_info){
$event->redirect = $this->Application->GetVar('unsubscribe_template');
}
else {
$event->redirect = $this->Application->GetVar('subscribe_template');
}
}
else {
$event->redirect = $this->Application->GetVar('subscribe_template');
$this->Application->StoreVar('SubscriberEmail', $user_email);
}
}
else {
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail');
$object->FieldErrors['SubscribeEmail']['pseudo'] = 'invalid_email';
$event->status = erFAIL;
}
//subscribe_query_ok_template
}
function OnSubscribeUser(&$event){
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object = &$this->Application->recallObject($this->Prefix.'.subscriber');
$user_email = $this->Application->RecallVar('SubscriberEmail');
if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email)){
if($object->Load(array('Email'=>$user_email))){
$group_info = $this->GetGroupInfo($object->GetID());
if ($group_info){
if ($event->getEventParam('no_unsubscribe')) return;
if ($group_info['PrimaryGroup']){
// delete user
$object->Delete();
}
else {
$this->RemoveSubscriberGroup($object->GetID());
}
$event->redirect = $this->Application->GetVar('unsubscribe_ok_template');
}
else {
$this->AddSubscriberGroup($object->GetID(), 0);
$event->redirect = $this->Application->GetVar('subscribe_ok_template');
}
}
else {
$object->SetField('Email', $user_email);
$object->SetField('Login', $user_email);
$object->SetDBField('dob', 1);
$object->SetDBField('dob_date', 1);
$object->SetDBField('dob_time', 1);
$ip = getenv('HTTP_X_FORWARDED_FOR')?getenv('HTTP_X_FORWARDED_FOR'):getenv('REMOTE_ADDR');
$object->SetDBField('ip', $ip);
$this->Application->SetVar('IsSubscriber', 1);
if ($object->Create()) {
$this->AddSubscriberGroup($object->GetID(), 1);
$event->redirect = $this->Application->GetVar('subscribe_ok_template');
}
$this->Application->SetVar('IsSubscriber', 0);
}
}
else {
// error handling here
$event->redirect = $this->Application->GetVar('subscribe_fail_template');
}
}
function AddSubscriberGroup($user_id, $is_primary){
$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'INSERT INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,'.$is_primary.')';
$this->Conn->Query( sprintf($sql, $user_id, $group_id) );
$this->Application->EmailEventAdmin('USER.SUBSCRIBE', $user_id);
$this->Application->EmailEventUser('USER.SUBSCRIBE', $user_id);
}
function RemoveSubscriberGroup($user_id){
$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup WHERE PortalUserId='.$user_id.' AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup');
$this->Conn->Query($sql);
$this->Application->EmailEventAdmin('USER.UNSUBSCRIBE', $user_id);
$this->Application->EmailEventUser('USER.UNSUBSCRIBE', $user_id);
}
function GetGroupInfo($user_id){
$group_info = $this->Conn->GetRow('SELECT * FROM '.TABLE_PREFIX.'UserGroup
WHERE PortalUserId='.$user_id.'
AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup'));
return $group_info;
}
function OnForgotPassword(&$event){
$this->Application->setUnitOption('u', 'AutoLoad', false);
$user_object = &$this->Application->recallObject('u.forgot');
$user_current_object = &$this->Application->recallObject('u');
$username = $this->Application->GetVar('username');
$email = $this->Application->GetVar('email');
$found = false;
$allow_reset = true;
if( strlen($username) )
{
if( $user_object->Load(array('Login'=>$username)) )
$found = ($user_object->GetDBField("Login")==$username && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password"));
}
else if( strlen($email) )
{
if( $user_object->Load(array('Email'=>$email)) )
$found = ($user_object->GetDBField("Email")==$email && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password"));
}
if( $user_object->isLoaded() )
{
$PwResetConfirm = $user_object->GetDBField('PwResetConfirm');
$PwRequestTime = $user_object->GetDBField('PwRequestTime');
$PassResetTime = $user_object->GetDBField('PassResetTime');
//$MinPwResetDelay = $user_object->GetDBField('MinPwResetDelay');
$MinPwResetDelay = $this->Application->ConfigValue('Users_AllowReset');
$allow_reset = (strlen($PwResetConfirm) ?
mktime() > $PwRequestTime + $MinPwResetDelay :
mktime() > $PassResetTime + $MinPwResetDelay);
}
if($found && $allow_reset)
{
$this->Application->StoreVar('tmp_user_id', $user_object->GetDBField("PortalUserId"));
$this->Application->StoreVar('tmp_email', $user_object->GetDBField("Email"));
$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
$event->redirect = $this->Application->GetVar('template_success');
}
else
{
if(!strlen($username) && !strlen($email))
{
$user_current_object->ErrorMsgs['forgotpw_nodata'] = $this->Application->Phrase('lu_ferror_forgotpw_nodata');
$user_current_object->FieldErrors['Login']['pseudo'] = 'lu_ferror_forgotpw_nodata';
}
else
{
if($allow_reset)
{
if( strlen($username) ){
$user_current_object->ErrorMsgs['unknown_username'] = $this->Application->Phrase('lu_ferror_unknown_username');
$user_current_object->FieldErrors['Login']['pseudo']='unknown_username';
}
if( strlen($email) ){
$user_current_object->ErrorMsgs['unknown_email'] = $this->Application->Phrase('lu_ferror_unknown_email');
$user_current_object->FieldErrors['Email']['pseudo']='unknown_email';
}
}
else
{
$user_current_object->ErrorMsgs['reset_denied'] = $this->Application->Phrase('lu_ferror_reset_denied');
if( strlen($username) ){
$user_current_object->FieldErrors['Login']['pseudo']='reset_denied';
}
if( strlen($email) ){
$user_current_object->FieldErrors['Email']['pseudo']='reset_denied';
}
}
}
if($user_current_object->FieldErrors){
$event->redirect = false;
}
}
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnResetPassword(&$event){
$user_object = &$this->Application->recallObject('u.forgot');
if($user_object->Load($this->Application->RecallVar('tmp_user_id'))){
$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
$event->redirect = $this->Application->GetVar('template_success');
$mod_object =& $this->Application->recallObject('mod.'.'In-Commerce');
$m_cat_id = $mod_object->GetDBField('RootCat');
$event->SetRedirectParam('pass', 'm');
//$event->SetRedirectParam('m_cat_id', $m_cat_id);
$this->Application->SetVar('m_cat_id', $m_cat_id);
}
}
function OnResetPasswordConfirmed(&$event){
$passed_key = $this->Application->GetVar('user_key');
$user_object = &$this->Application->recallObject('u.forgot');
$user_current_object = &$this->Application->recallObject('u');
if (strlen(trim($passed_key)) == 0) {
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = false;
$user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid';
}
if($user_object->Load(array('PwResetConfirm'=>$passed_key)))
{
$exp_time = $user_object->GetDBField('PwRequestTime') + 3600;
$user_object->SetDBField("PwResetConfirm", '');
$user_object->SetDBField("PwRequestTime", 0);
if ($exp_time > mktime())
{
//$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text';
$newpw = makepassword4();
$this->Application->StoreVar('password', $newpw);
$user_object->SetDBField("Password",$newpw);
$user_object->SetDBField("PassResetTime", time());
$user_object->SetDBField("PwResetConfirm", '');
$user_object->SetDBField("PwRequestTime", 0);
$user_object->Update();
$this->Application->SetVar('ForgottenPassword', $newpw);
$email_event_user = &$this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId'));
$email_event_admin = &$this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD');
$this->Application->DeleteVar('ForgottenPassword');
if ($email_event_user->status == erSUCCESS){
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
$user_object->SetDBField("Password",md5($newpw));
$user_object->Update();
} else {
$user_current_object->ErrorMsgs['code_expired'] = $this->Application->Phrase('lu_code_expired');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_expired';
$event->redirect = false;
}
} else {
$user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid';
$event->redirect = false;
}
}
function OnUpdate(&$event)
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->CheckStateField($event, 'State', 'Country');
parent::OnUpdate($event);
$this->setNextTemplate($event);
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function setNextTemplate(&$event)
{
if( !$this->Application->IsAdmin() )
{
$event->redirect_params['opener'] = 's';
$object =& $event->getObject();
if($object->GetDBField('Status') == STATUS_ACTIVE)
{
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
}
}
}
function OnCheckExpiredMembership(&$event)
{
$sql = 'SELECT PortalUserId FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.mktime();
$user_ids = $this->Conn->GetCol($sql);
if(is_array($user_ids) && count($user_ids) > 0)
{
foreach($user_ids as $id)
{
$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRED', $id);
$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRED');
}
}
$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.mktime();
$this->Conn->Query($sql);
$pre_expiration = mktime() + $this->Application->ConfigValue('User_MembershipExpirationReminder') * 3600 * 24;
$sql = 'SELECT PortalUserId, GroupId FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.$pre_expiration.'
AND ExpirationReminderSent = 0';
$res = $this->Conn->Query($sql);
if(is_array($res) && count($res) > 0)
{
$conditions = Array();
foreach($res as $record)
{
$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRATION_NOTICE', $record['PortalUserId']);
$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRATION_NOTICE');
$conditions[] = '(PortalUserId = '.$record['PortalUserId'].' AND GroupId = '.$record['GroupId'].')';
}
$sql = 'UPDATE '.TABLE_PREFIX.'UserGroup
SET ExpirationReminderSent = 1
WHERE '.implode(' OR ', $conditions);
$this->Conn->Query($sql);
}
}
}
?>
\ No newline at end of file
Property changes on: trunk/kernel/units/users/users_event_handler.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.24
\ No newline at end of property
+1.25
\ No newline at end of property
Index: trunk/kernel/frontaction.php
===================================================================
--- trunk/kernel/frontaction.php (revision 2479)
+++ trunk/kernel/frontaction.php (revision 2480)
@@ -1,1088 +1,1096 @@
<?php
switch($Action)
{
case "m_login":
// if($objSession->ValidSession()) $objSession->Logout();
//echo $objSession->GetSessionKey()."<br>\n";
if ($objConfig->Get("CookieSessions") == 1 && $_COOKIE["CookiesTest"] != "1") {
$FormError["login"]["login_user"] = language("lu_cookies_error");
}
else
{
$MissingCount = SetMissingDataErrors("login");
if($MissingCount==2)
{
$FormError["login"]["login_user"]= language("lu_ferror_loginboth");
unset($FormError["login"]["login_password"]);
}
if($MissingCount==0)
{
if($_POST["login_user"]=="root")
{
$FormError["login"]["login_user"]= language("lu_access_denied");
}
else
{
$LoginCheck = $objSession->Login( $_POST["login_user"], md5($_POST["login_password"]) );
if($LoginCheck === true)
{
if( !headers_sent() && GetVar('usercookie') == 1 )
{
$c = $_POST["login_user"]."|";
$pw = $_POST["login_password"];
if(strlen($pw) < 31) $pw = md5($pw);
$c .= $pw;
setcookie("login",$c,time()+2592000);
}
// set new destination template if passed
$dest = GetVar('dest', true);
if(!$dest) $dest = GetVar('DestTemplate', true);
if($dest) $var_list['t'] = $dest;
$next_template = $objSession->GetVariable('next_template');
if($next_template)
{
$objSession->SetVariable('next_template','');
$var_list_update["t"] = $next_template;
$url = GetIndexURL(2)."?env=".BuildEnv();
header('Location: '.$url);
exit;
$var_list['t'] = $next_template.'.tpl';
}
elseif($var_list['t'] == 'login')
{
$var_list['t'] = 'index';
}
+
+ if( class_exists('kApplication') )
+ {
+ $application =& kApplication::Instance();
+ $application->HandleEvent( new kEvent('u:OnInpLogin') );
+
+ }
+
}
else
{
switch($LoginCheck)
{
case -1: // user or/and pass wrong
$FormError["login"]["login_password"] = language("lu_incorrect_login");
break;
case -2: // user ok, but has no permission
$FormError["login"]["login_password"] = language("la_text_nopermissions");
break;
}
}
}
}
}
break;
case "m_resetpw":
$passed_key = $_GET['user_key'];
$u = $objUsers->GetItemByField("PwResetConfirm", $passed_key);
$found = is_object($u);
if($found)
{
$exp_time = $u->Get('PwRequestTime') + 3600;
$u->Set("PwResetConfirm", '');
$u->Set("PwRequestTime", 0);
if ($exp_time > mktime())
{
$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text';
$newpw = makepassword();
$objSession->Set('password', $newpw);
$u->Set("Password",$newpw);
$u->Set("PassResetTime", time());
$u->Set("PwResetConfirm", '');
$u->Set("PwRequestTime", 0);
$u->Update();
$u->SendUserEventMail("USER.PSWD",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.PSWD");
$u->Set("Password",md5($newpw));
$u->Update();
$u->Clean();
} else {
$m_var_list_update['codevalidationresult'] = 'lu_code_expired';
}
} else {
$m_var_list_update['codevalidationresult'] = 'lu_code_is_not_valid';
}
break;
case "m_forgotpw":
$MissingCount = SetMissingDataErrors("forgotpw");
// $pass_reset_add = $objConfig->Get("Users_AllowReset");
if($MissingCount==0)
{
$username = $_POST["username"];
$email = $_POST["email"];
$found = false;
$allow_reset = true;
if(strlen($username))
{
$u = $objUsers->GetItemByField("Login",$username);
if(is_object($u))
$found = ($u->Get("Login")==$username && $u->Get("Status")==1) && strlen($u->Get("Password"));
}
else if(strlen($email))
{
$u = $objUsers->GetItemByField("Email",$email);
if(is_object($u))
$found = ($u->Get("Email")==$email && $u->Get("Status")==1) && strlen($u->Get("Password"));
}
if(is_object($u))
{
$PwResetConfirm = $u->Get('PwResetConfirm');
$PwRequestTime = $u->Get('PwRequestTime');
$PassResetTime = $u->Get('PassResetTime');
$MinPwResetDelay = $u->Get('MinPwResetDelay');
$allow_reset = (strlen($PwResetConfirm) ?
mktime() > $PwRequestTime + $MinPwResetDelay :
mktime() > $PassResetTime + $MinPwResetDelay);
}
if($found && $allow_reset)
{
//$newpw = makepassword();
//$objSession->Set('password', $newpw);
$objSession->Set('tmp_user_id', $u->Get("PortalUserId"));
$objSession->Set('tmp_email', $u->Get("Email"));
//$u->Set("Password",$newpw);
//$u->Update();
$u->SendUserEventMail("USER.PSWDC",$u->Get("PortalUserId"));
//$u->SendAdminEventMail("USER.PSWDC");
//$u->Set("Password",md5($newpw));
//$u->Update();
$u->Clean();
}
else
{
if(!strlen($username) && !strlen($email))
{
$FormError["forgotpw"]["username"] = language("lu_ferror_forgotpw_nodata");
$MissingCount++;
}
else
{
$error_phrases=Array();
if($allow_reset)
{
$error_phrases['username']='lu_ferror_unknown_username';
$error_phrases['email']='lu_ferror_unknown_email';
}
else
{
$error_phrases['username']='lu_ferror_reset_denied';
$error_phrases['email']='lu_ferror_reset_denied';
}
foreach ($error_phrases as $field_name => $phrase_name) {
if(GetVar($field_name))
{
$FormError["forgotpw"][$field_name] = language($phrase_name);
break;
}
}
$MissingCount++;
}
if(strlen($_GET["error"]))
$var_list["t"] = $_GET["error"];
}
}
else
if(strlen($_GET["error"]))
$var_list["t"] = $_GET["error"];
break;
case "m_subscribe_confirm":
$t = "";
$SubscribeAddress = $_POST["subscribe_email"];
if(!ValidEmail($SubscribeAddress)&& strlen($SubscribeAddress))
{
$t = $_GET["Error"];
$SubscribeError = "lu_invalid_emailaddress";
}
else
{
if((int)$objConfig->Get("User_SubscriberGroup")>0)
{
$g = $objGroups->GetItem($objConfig->Get("User_SubscriberGroup"));
if(is_object($g))
{
$email = $_POST["subscribe_email"];
if(strlen($email)>0)
{
$u = $objUsers->GetItemByField("Email",$email);
if(is_object($u))
{
if($u->CheckBanned())
{
$t = $_GET["Error"];
$SubscribeError ="lu_subscribe_banned";
}
else
{
if($u->IsInGroup($g->Get("GroupId")))
{
$t = $_GET["Unsubscribe"];
}
else
$t = $_GET["Subscribe"];
}
}
else
$t = $_GET["Subscribe"];
}
else
{
$t = $_GET["Error"];
$SubscribeError ="lu_subscribe_no_address";
}
}
else
{
$t = $_GET["Error"];
$SubscribeError ="lu_subscribe_unknown_error";
}
}
}
if(strlen($t))
{
$var_list["t"] = $t;
$var_list_update["t"] = $t;
}
break;
case "m_subscribe":
//phpinfo(INFO_VARIABLES);
if($_POST["buttons"][0]==language("lu_button_yes"))
{
$SubscribeAddress = $_POST["subscribe_email"];
if(strlen($SubscribeAddress)>0)
{
if(ValidEmail($SubscribeAddress))
{
$GroupId = (int)$objConfig->Get("User_SubscriberGroup");
if ($GroupId)
{
$g = $objGroups->GetItem($GroupId);
$u = $objUsers->GetItemByField("Email",$SubscribeAddress);
if(is_object($u))
{
if(strtolower($u->Get("Email"))==strtolower($SubscribeAddress))
{
$bExists = TRUE;
}
else
$bExists = FALSE;
}
if($bExists)
{
$g->AddUser($u->Get("PortalUserId"),0,false);
}
else
{
$u = new clsPortalUser(NULL);
$u->Set("Email",$SubscribeAddress);
$u->Set("ip",$_SERVER['REMOTE_ADDR']);
$u->Set("CreatedOn",date("U"));
$u->Set("Status",1);
if(!$u->CheckBanned())
{
$u->Create();
$g->AddUser($u->Get("PortalUserId"),1,false);
}
else
$SubscribeResult = "lu_subscribe_banned";
}
$SubscribeResult = "lu_subscribe_success";
$u->SendUserEventMail("USER.SUBSCRIBE",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.SUBSCRIBE");
if(strlen($_GET["Subscribe"])>0)
$var_list["t"] = $_GET["Subscribe"];
}
}
else
{
$SubscribeResult = "lu_invalid_emailaddress";
}
}
else
$SubscribeResult = "lu_subscribe_missing_address";
}
if(!strlen($SubscribeResult))
$SubscribeResult = "lu_subscribe_success";
break;
case "m_unsubscribe":
if($_POST["buttons"][0]==language("lu_button_yes"))
{
$MissingCount = SetMissingDataErrors("m_unsubscribe");
if($MissingCount==0)
{
$email = $_POST["subscribe_email"];
$u = $objUsers->GetItemByField("Email",$email);
if(is_object($u))
{
if(strtolower($u->Get("Email"))==strtolower($email))
{
$GroupId = (int)$objConfig->Get("User_SubscriberGroup");
if($u->PrimaryGroup()==$GroupId)
{
$u_gorup_list = $u->GetGroupList();
if (count($u_gorup_list) > 1) {
$u->RemoveFromGroup($GroupId);
}
else {
$u->RemoveFromAllGroups();
$u->Delete();
}
}
else
{
$u->RemoveFromGroup($GroupId);
}
}
}
if(strlen($_GET["Subscribe"])>0)
$var_list["t"] = $_GET["Subscribe"];
}
}
break;
case "m_logout":
// $objSession->Logout();
//unset($objSession);
//$objSession = new clsUserSession();
// $var_list_update["t"] = "index";
// setcookie("login","",time()-3600);
break;
case "m_register":
$_POST=inp_escape($_POST);
$MissingCount = SetMissingDataErrors("m_register");
if(!$objConfig->Get("User_Password_Auto"))
{
if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
{
$MissingCount++;
$FormError["m_register"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
}
if(strlen($_POST["password"])>30)
{
// echo "VAR: ".$_POST["password"]; die();
$MissingCount++;
$FormError["m_register"]["password"] = language("lu_ferror_pswd_toolong");
}
if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
{
$MissingCount++;
$FormError["m_register"]["password"] = language("lu_ferror_pswd_tooshort");
}
}
if(($_POST["username"]=="root"))
{
$MissingCount++;
$FormError["m_register"]["username"] = language("lu_user_exists");
}
else
{
$u = $objUsers->GetItemByField("Login",$_POST["username"]);
if(is_object($u))
{
if($u->Get("Login")==$_POST["username"])
{
$MissingCount++;
$FormError["m_register"]["username"] = language("lu_user_exists");
}
}
}
if (strlen($_POST['username']) < $objConfig->Get("Min_UserName"))
{
$MissingCount++;
$FormError["m_register"]["username"] = language("lu_ferror_username_tooshort");
}
if(!$MissingCount)
{
$CreatedOn = adodb_date("U");
$GroupId = $objConfig->Get("User_NewGroup");
$Status=0;
/* determine the status of new users */
switch ($objConfig->Get("User_Allow_New"))
{
case "1":
$Status=1;
break;
case "3":
$Status=2;
break;
}
/* set Destination template */
$var_list["t"] = strlen($_GET["dest"])? $_GET["dest"] : "index";
if($Status>0)
{
if($objConfig->Get("User_Password_Auto"))
{
$password = makepassword();
$objSession->Set("password", $password);
}
else
$password = $_POST["password"];
$_POST["dob"] = $_POST["dob_month"]."/".$_POST["dob_day"]."/".$_POST["dob_year"];
$dob = DateTimestamp($_POST["dob"],GetDateFormat());
$ip = $_SERVER['REMOTE_ADDR'];
$u = &$objUsers->Add_User($_POST["username"], md5($password), $_POST["email"], $CreatedOn, $_POST["firstname"], $_POST["lastname"], $Status, $_POST["phone"], $_POST["street"], $_POST["city"], $_POST["state"], $_POST["zip"], $_POST["country"], $dob, $ip, TRUE);
if(!is_object($u))
{
$RuleId=$u;
$r = $objBanList->GetItem($RuleId);
$err = $r->Get("ErrorTag");
if(strlen($err))
{
$FormError["m_register"][$r->Get("ItemField")] = language($err);
$MissingCount++;
}
}
else
{
$u->Set("Password",$password);
$u->Clean();
if($GroupId>0)
{
$g = $objGroups->GetItem($GroupId);
$g->AddUser($u->Get("PortalUserId"),1,false);
}
$custom = $_POST["custom"];
if(is_array($custom))
{
for($x=0;$x<count($custom);$x++)
{
$u->SetCustomField($custom[$x],$_POST[$custom[$x]]);
}
$u->SaveCustomFields();
}
if($Status==1)
{
if($objConfig->Get("User_Password_Auto"))
{
$u->SendUserEventMail("USER.VALIDATE",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.VALIDATE");
}
else
{
$doLoginNow = true;
$u->SendUserEventMail("USER.ADD",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.ADD");
}
}
else
{
$u->SendUserEventMail("USER.ADD.PENDING",$u->Get("PortalUserId"));
$u->SendAdminEventMail("USER.ADD.PENDING");
}
if ($doLoginNow)
{
$login_ok = $objSession->Login($_POST["username"], md5($password));
if($login_ok)
{
$next_template = $objSession->GetVariable('next_template');
if($next_template)
{
$objSession->SetVariable('next_template','');
$var_list_update["t"] = $next_template;
$url = GetIndexURL(2)."?env=".BuildEnv();
header('Location: '.$url);
exit;
$var_list['t'] = $next_template.'.tpl';
}
}
}
}
}
}
break;
case "m_add_friend":
$id = $_GET["UserId"];
$userid = $objSession->Get("PortalUserId");
if($id!=$userid)
{
$u =& $objUsers->GetItem($id);
$u->AddFavorite($userid);
}
DeleteModuleTagCache('kernel');
break;
case "m_del_friend":
$id = $_GET["UserId"];
$userid = $objSession->Get("PortalUserId");
$u =& $objUsers->GetItem($id);
$u->DeleteFavorite();
DeleteModuleTagCache('kernel');
break;
case "m_acctinfo":
// phpinfo(INFO_VARIABLES);
$_POST=inp_escape($_POST);
$MissingCount = SetMissingDataErrors("m_acctinfo");
$UserId = $_GET["UserId"];
if($UserId != $objSession->Get("PortalUserId"))
{
$MissingCount++;
$FormError["m_acctinfo"]["UserId"] = language("lu_ferror_m_profile_userid");
}
if(strlen($_POST["password"])>0)
{
if(($_POST["password"] != $_POST["passwordverify"]) || !strlen($_POST["passwordverify"]))
{
$MissingCount++;
$FormError["m_acctinfo"]["passwordverify"] = language("lu_ferror_pswd_mismatch");
}
if(strlen($_POST["password"])>30)
{
// echo "VAR: ".$_POST["password"]; die();
$MissingCount++;
$FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_toolong");
}
if (strlen($_POST['password']) < $objConfig->Get("Min_Password"))
{
$MissingCount++;
$FormError["m_acctinfo"]["password"] = language("lu_ferror_pswd_tooshort");
}
}
$db =& GetADODBConnection();
$email = GetVar('email');
$test_id = $db->GetOne('SELECT PortalUserId FROM '.GetTablePrefix().'PortalUser WHERE Email = '.$db->qstr($email));
if($test_id && ($test_id != $objSession->Get('PortalUserId')) )
{
$MissingCount++;
$FormError["m_acctinfo"]["email"] = language("lu_ferror_email_duplicate");
}
if(!$MissingCount)
{
/* save profile */
$u =& $objUsers->GetItem($UserId);
$status = $u->Get("Status");
$_POST["dob"] = $_POST["dob_month"]."/".$_POST["dob_day"]."/".$_POST["dob_year"];
$dob = DateTimestamp($_POST["dob"], GetDateFormat());
if(strlen($_POST["password"])>0)
{
$password = md5($_POST["password"]);
}
else
$password = "";
$objUsers->Edit_User($UserId, $_POST["username"], $password, $_POST["email"], 0,
$_POST["firstname"], $_POST["lastname"], $status, $_POST["phone"],
$_POST["street"], $_POST["city"], $_POST["state"], $_POST["zip"],
$_POST["country"], $dob, $_POST['MinPwResetDelay']);
$ResourceId= $u->Get("ResourceId");
$objCustomDataList->LoadResource($ResourceId);
$objCustomFields = new clsCustomFieldList(6);
for($i=0;$i<$objCustomFields->NumItems(); $i++)
{
$field = & $objCustomFields->GetItemRefByIndex($i);
$fieldid= $field->Get("CustomFieldId");
$fname = $field->Get("FieldName");
if(isset($_POST[$fname]))
$objCustomDataList->SetFieldValue($fieldid,$ResourceId,$_POST[$fname]);
elseif(isset($_POST[strtolower($fname)]))
$objCustomDataList->SetFieldValue($fieldid,$ResourceId,$_POST[strtolower($fname)]);
}
$objCustomDataList->SaveData();
}
DeleteModuleTagCache('kernel');
break;
case "m_profile":
$userid = $objSession->Get("PortalUserId");
if($userid>0)
{
$u = $objUsers->GetItem($userid);
foreach($_POST as $field=>$value)
{
if(substr($field,0,3)=="pp_")
{
$objSession->SetPersistantVariable($field,$value);
}
}
}
break;
case "m_set_lang":
$lang = $_GET["lang"];
$LangId = 0;
if(strlen($lang))
{
$l = $objLanguages->GetItemByField("PackName",$lang);
if(is_object($l))
{
$LangId = $l->Get("LanguageId");
}
}
if($LangId)
{
if($objSession->Get("PortalUserId")>0)
{
$objSession->SetPersistantVariable("Language",$LangId);
}
$objSession->Set("Language",$LangId);
$objSession->Update();
$m_var_list_update["lang"] = $LangId;
$m_var_list["lang"] = $LangId;
}
break;
case "m_set_theme":
$id = $_POST["ThemeId"];
if(!is_numeric($id))
$id = $_GET["ThemeId"];
if($id)
{
$objSession->SetThemeName($id);
$m_var_list["t"] = "index";
$m_var_list_update["theme"] = $id;
$m_var_list["theme"] = $id;
unset($CurrentTheme);
}
break;
case "m_sort_cats":
$objSession->SetVariable("Category_Sortfield",$_POST["Category_Sortfield"]);
$objSession->SetVariable("Category_Sortorder",$_POST["Category_Sortorder"]);
$objSession->SetVariable("Perpage_Category",$_POST["Perpage_Category"]);
DeleteModuleTagCache('kernel');
break;
case "m_add_cat_confirm":
$perm = 0;
$CategoryId=$objCatList->CurrentCategoryID();
if ($objSession->HasCatPermission("CATEGORY.ADD.PENDING"))
$perm = 2;
if ($objSession->HasCatPermission("CATEGORY.ADD"))
$perm = 1;
if ($perm == 0)
{
$MissingCount++;
$FormError["m_addcat"]["name"] = language("lu_ferror_no_access");
}
else
{
$MissingCount = SetMissingDataErrors("m_addcat");
if(is_array($_FILES))
{
foreach($_FILES as $field => $file)
{
$allowed = TRUE;
if(strlen($_POST["imagetypes"][$field]))
{
$types = explode(",",strtolower($_POST["imagetypes"][$field]));
if(is_array($types))
{
if(count($types)>0)
{
$path_parts = pathinfo($file["name"]);
$ext = $path_parts["extension"];
$allowed = in_array($ext,$types);
if(!$allowed)
{
$MissingCount++;
$FormError["m_addcat"][$field] = language("lu_ferror_wrongtype");
}
}
}
}
$maxsize = (int)$_POST["maxsize"][$field];
if($maxsize>0 && $allowed && $file["size"]>$maxsize)
{
$allowed = FALSE;
$MissingCount++;
$FormError["m_addcat"][$field] = language("lu_ferror_toolarge");
}
}
}
if($MissingCount==0)
{
$CreatedOn = date("U");
$_POST=inp_striptags($_POST);
$name = $_POST["name"];
$desc = $_POST["description"];
$metadesc = $_POST["meta_description"];
$keywords = $_POST["meta_keywords"];
$parent = $objCatList->CurrentCategoryID();
$cat =& $objCatList->Add($parent, $name, $desc, $CreatedOn,
0, $perm, 2, 2, 2, 0, $keywords,$metadesc);
$CatResourceId= $cat->Get('ResourceId');
$objCustomFields = new clsCustomFieldList($cat->type);
$field_list = $objCustomFields->Query_CustomField('Type='.$cat->type);
for($i=0;$i<$objCustomFields->NumItems(); $i++)
{
$field = & $objCustomFields->GetItemRefByIndex($i);
$fieldid= $field->Get('CustomFieldId');
$fname = $field->Get('FieldName');
if(isset($_POST[$fname]))
{
$objCustomDataList->SetFieldValue($fieldid,$CatResourceId,$_POST[$fname]);
}
elseif(isset($_POST[strtolower($fname)]))
{
$objCustomDataList->SetFieldValue($fieldid,$CatResourceId,$_POST[strtolower($fname)]);
}
}
$objCustomDataList->SaveData();
$cat->UpdateCachedPath();
$cat->Update();
$cat->UpdateACL();
$objCatList->UpdateMissingCacheData();
if(strlen($_GET["Confirm"]))
{
$var_list["t"] = $_GET["Confirm"];
}
else
$var_list["t"] = $_GET["DestTemplate"];
}
}
DeleteModuleTagCache('kernel');
break;
case "m_front_review_add":
if($objSession->InSpamControl($_POST["ItemId"]))
{
$StatusMessage["review"] = language("la_Review_AlreadyReviewed");
}
else
{
$objReviews = new clsItemReviewList();
$Status = $objConfig->Get("Review_DefaultStatus");
$CreatedOn = adodb_date("U");
$html = (int)$objConfig->Get("Review_Html");
$ReviewText = inp_striptags($_POST["review_text"]);
$r = $objReviews->AddReview($CreatedOn,$ReviewText,$Status, $IPAddress,
0, $_POST["ItemId"], $_POST["ItemType"], $objSession->Get("PortalUserId"));
foreach($ItemTypes as $type=>$id)
{
if($id==$_POST["ItemType"])
{
$ValName = $type."_ReviewDelay_Value";
$IntName = $type."_ReviewDelay_Interval";
break;
}
}
if(strlen($ValName) && strlen($IntName))
{
$exp_secs = $objConfig->Get($ValName) * $objConfig->Get($IntName);
$objSession->AddToSpamControl($_POST["ItemId"],$exp_secs);
if(is_object($r))
{
if($Status)
{
$StatusMessage["review"] = language("la_Review_Added");
}
else
$StatusMessage["review"] = language("la_Review_Pending");
}
else
$StatusMessage["review"] = language("la_Review_Error");
}
else
$StatusMessage["error"] = language("la_ConfigError_Review");
}
DeleteModuleTagCache('kernel');
break;
case "m_suggest_email":
$cutoff = time()+(int)$objConfig->Get("Suggest_MinInterval");
$email = inp_striptags($_POST["suggest_email"]);
if (strlen($email))
{
if(ValidEmail($email))
{
$sql = "SELECT * FROM ".GetTablePrefix()."SuggestMail WHERE email='".$email."' and sent<".$cutoff;
$adodbConnection = &GetADODBConnection();
$rs = $adodbConnection->Execute($sql);
$rs = false;
if($rs && !$rs->EOF)
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$suggest_result = "$email ".language("lu_already_suggested ")." ".LangDate($rs->fields["sent"]);
}
else
{
$Event =& $objMessageList->GetEmailEventObject("USER.SUGGEST");
if(is_object($Event))
{
if($Event->Get("Enabled")=="1")
{
$Event->Item = null;
$Event->SendToAddress($email);
$sql = "INSERT INTO ".GetTablePrefix()."SuggestMail (email,sent) VALUES ('".$email."','".time()."')";
$rs = $adodbConnection->Execute($sql);
$suggest_result=language("lu_suggest_success")." ".$email;
}
}
$e =& $objMessageList->GetEmailEventObject("USER.SUGGEST",1);
if($e->Get("Enabled")==1)
$e->SendAdmin();
if(strlen($_GET["Confirm"])>0)
$var_list["t"] = $_GET["Confirm"];
}
}
else
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$suggest_result=language("lu_invalid_emailaddress");
}
}
else
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$suggest_result=language("lu_suggest_no_address");
}
break;
case "m_simple_search":
$keywords = trim($_POST["keywords"]);
$type = $objItemTypes->GetTypeByName("Category");
$objSearch = new clsSearchResults("Category","clsCategory");
$length = $objConfig->Get('Search_MinKeyword_Length');
if(strlen($keywords))
{
$performSearch = false;
$isExact = (substr($keywords, 0, 2) == '\"' && substr($keywords, strlen($keywords) - 2, 2) == '\"');
if ($isExact) {
$performSearch = (strlen(trim(str_replace('\"', '', $keywords))) >= $length);
}
else {
$key_arr = explode(' ', $keywords);
/*foreach($key_arr as $value) {
if (strlen(str_replace("+", "", $value)) < $length || strlen(str_replace("-", "", $value)) < $length) {
$keywords = str_replace($value, '', $keywords);
//$keywords = str_replace($value, '', $keywords);
}
}
//$keywords = str_replace(' ', ' ', $keywords);
//$keywords = str_replace('\"', '', $keywords);
*/
$tmp_keywords = str_replace("+", "", $keywords);
$tmp_keywords = str_replace("-", "", $tmp_keywords);
$performSearch = (strlen($tmp_keywords) >= $length);
}
if ($performSearch) {
$objSearchList = new clsSearchLogList();
$objSearchList->UpdateKeyword($keywords,0);
$objSearch->SetKeywords($keywords);
$objSearch->AddSimpleFields();
if(is_numeric($objConfig->Get("SearchRel_Pop_category")))
$objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
if(is_numeric($objConfig->Get("SearchRel_Keyword_category")))
$objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
if(is_numeric($objConfig->Get("SearchRel_Rating_article")))
$objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
//echo "Searching On $keywords<br>\n";
$objSearch->PerformSearch(1,$SortOrder,TRUE);
$SearchPerformed = TRUE;
//$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
//echo "Finished Setting Category Relevence<br>\n";
}
else {
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
$FormError["m_simplesearch"]["keywords"] = language("lu_keywords_tooshort");
}
}
else
{
if(strlen($_GET["Error"])>0)
$var_list["t"] = $_GET["Error"];
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
$FormError["m_simplesearch"]["keywords"] = language("lu_no_keyword");
}
break;
case "m_adv_search":
if ($_GET['type'])
{
$modules = Array( 1 => 'In-Portal', 2 => 'In-News',
3 => 'In-Bulletin', 4 => 'In-Link',
11 => 'In-Commerce');
$module = $modules[$_GET["type"]];
}
else
{
$module = 0;
}
if( !is_object($objSearchConfig) ) $objSearchConfig = new clsSearchConfigList($module);
switch($_GET["type"])
{
case 1: /* category */
//echo "Searching for categories<br>";
$objAdvSearch = new clsAdvancedSearchResults("Category","clsCategory", $_GET["type"]);
foreach($objSearchConfig->Items as $field)
{
$fld = $field->Get("FieldName");
$Verb = $_POST["verb"][$field->Get("FieldName")];
if(!strlen($Verb) && $field->Get("FieldType")=="boolean")
{
if($_POST["value"][$field->Get("FieldName")]!=-1)
{
$Value = $_POST["value"][$field->Get("FieldName")];
$Verb = "is";
}
}
else
{
$Value = $_POST["value"][$field->Get("FieldName")];
}
switch( $_POST["andor"][$field->Get("FieldName")])
{
case 1:
$Conjuction = "AND";
break;
case 2:
$Conjuction = "OR";
break;
default:
$Conjuction = "";
break;
}
if (strlen($Value) && $Verb=="any")
{
$Verb = 'contains';
}
if(strlen($Value) && strlen($Verb)>0 && $Verb!="any")
{
//echo "Adding CAT SearchField: [".$field->Get("TableName")."]; [".$field->Get("FieldName")."]; [$Verb]; [$Value]; [$Conjuction]<br>";
$objAdvSearch->AddAdvancedField($field->Get("TableName"),$field->Get("FieldName"),$Verb,$Value,$Conjuction);
}
}
$objAdvSearch->PerformSearch(1,NULL,TRUE);
break;
}
break;
case "m_id":
echo $Action.":".$DownloadId;
die();
break;
case "m_simple_subsearch":
$keywords = $_POST["keywords"];
$type = $objItemTypes->GetTypeByName("Category");
$objSearch = new clsSearchResults("Category","clsCategory");
$length = $objConfig->Get('Search_MinKeyword_Length');
if(strlen($keywords))
{
$performSearch = false;
$isExact = (substr($keywords, 0, 1) == '"' && substr($keywords, strlen($keywords) - 1, 1) == '"');
if ($isExact) {
$performSearch = (strlen(trim(str_replace('\"', '', $keywords))) >= $length);
}
else {
$key_arr = explode(' ', $keywords);
/*foreach($key_arr as $value) {
if (strlen($value) < $length) {
$keywords = str_replace(' '.$value, '', $keywords);
$keywords = str_replace($value.' ', '', $keywords);
}
}*/
//$keywords = str_replace(' ', ' ', $keywords);
$tmp_keywords = str_replace("+", "", $keywords);
$tmp_keywords = str_replace("-", "", $tmp_keywords);
$performSearch = (strlen($tmp_keywords) >= $length);
}
if ($performSearch) {
$objSearchList = new clsSearchLogList();
$objSearchList->UpdateKeyword($keywords,0);
$objSearch->SetKeywords($keywords);
$objSearch->AddSimpleFields();
if(is_numeric($objConfig->Get("SearchRel_Pop_category")))
$objSearch->PctPop = ($objConfig->Get("SearchRel_Pop_category")/100);
if(is_numeric($objConfig->Get("SearchRel_Keyword_category")))
$objSearch->PctRelevance = ($objConfig->Get("SearchRel_Keyword_category")/100);
if(is_numeric($objConfig->Get("SearchRel_Rating_article")))
$objSearch->PctRating = ($objConfig->Get("SearchRel_Rating_category")/100);
$SearchResultIdList = $objSearch->Result_IdList();
if(count($SearchResultIdList)>0)
{
$objSearch->PerformSearch(1,$SortOrder, TRUE,$SearchResultIdList);
//$objSearch->SetRelevence($type->Get("ItemType"), "CategoryId");
}
$SearchPerformed = TRUE;
}
else {
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
$FormError["m_simplesearch"]["keywords"] = language("lu_keywords_tooshort");
}
}
else {
$MissingCount = SetMissingDataErrors("m_simplesearch");
$MissingCount++;
$FormError["m_simplesearch"]["keywords"] = language("lu_no_keyword");
}
break;
}
?>
Property changes on: trunk/kernel/frontaction.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.52
\ No newline at end of property
+1.53
\ No newline at end of property
Index: trunk/core/units/users/users_event_handler.php
===================================================================
--- trunk/core/units/users/users_event_handler.php (revision 2479)
+++ trunk/core/units/users/users_event_handler.php (revision 2480)
@@ -1,718 +1,728 @@
<?php
class UsersEventHandler extends InpDBEventHandler
{
function OnSessionExpire()
{
if( $this->Application->IsAdmin() )
{
$location = $this->Application->BaseURL().ADMIN_DIR.'/index.php?expired=1';
header('Location: '.$location);
exit;
}
else
{
$t = $this->Application->GetVar('t');
$this->Application->Redirect($t ? $t : 'index', $_GET);
}
}
/**
* Checks user data and logs it in if allowed
*
* @param kEvent $event
*/
function OnLogin(&$event)
{
$this->Application->setUnitOption($event->Prefix, 'AutoLoad', false);
$object =& $this->Application->recallObject('u');
$password = $this->Application->GetVar('password');
if(!$password)
{
$object->SetError('ValidateLogin', 'blank_password', 'lu_blank_password');
$event->status = erFAIL;
return false;
}
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$login_value = $this->Application->GetVar($submit_field);
/*$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (%s = %s) AND (Password = MD5(%s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $login_field, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );*/
$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (Email = %1$s OR Login = %1$s) AND (Password = MD5(%2$s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );
if($user_id)
{
$object->Load($user_id);
if( $object->GetDBField('Status') == STATUS_ACTIVE )
{
$groups = $object->getMembershipGroups(true);
if(!$groups) $groups = Array();
if (!defined('ADMIN')) array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup') );
$this->Application->StoreVar( 'UserGroups', implode(',', $groups) );
if( $this->Application->CheckPermission('LOGIN',0) )
{
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', $user_id);
$this->Application->SetVar('u_id', $user_id);
$this->Application->StoreVar('user_id', $user_id);
$this->Application->setVisitField('PortalUserId', $user_id);
}
else
{
$object->Load(-2);
$object->SetError('ValidateLogin', 'no_permission', 'lu_no_permissions');
$event->status = erFAIL;
}
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
}
else
{
$event->redirect = $this->Application->GetVar('pending_disabled_template');
}
}
else
{
$object->SetError('ValidateLogin', 'invalid_password', 'lu_invalid_password');
$event->status = erFAIL;
}
}
+ /**
+ * Called when user logs in using old in-portal
+ *
+ * @param kEvent $event
+ */
+ function OnInpLogin(&$event)
+ {
+
+ }
+
function OnLogout(&$event)
{
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', -2);
$this->Application->SetVar('u_id', -2);
$this->Application->StoreVar('user_id', -2);
$object =& $this->Application->recallObject('u');
$object->Load(-2);
$this->Application->DestroySession();
$group_list = $this->Application->ConfigValue('User_GuestGroup').','.$this->Application->ConfigValue('User_LoggedInGroup');
$session->SetField('GroupList', $group_list);
$this->Application->StoreVar('UserGroups', $group_list);
}
/**
* Prefill states dropdown with correct values
*
* @param kEvent $event
* @access public
*/
function OnPrepareStates(&$event)
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->PopulateStates($event, 'State', 'Country');
$object =& $event->getObject();
if( $cs_helper->CountryHasStates( $object->GetDBField('Country') ) ) $object->Fields['State']['required'] = true;
if( $this->Application->ConfigValue('Email_As_Login') )
{
$object->SetDBField('Login', $object->GetDBField('Email') );
}
}
/**
* Redirects user after succesfull registration to confirmation template (on Front only)
*
* @param kEvent $event
*/
function OnAfterItemCreate(&$event)
{
$is_subscriber = $this->Application->GetVar('IsSubscriber');
if (!$is_subscriber){
$object =& $event->getObject();
$group_id = $this->Application->ConfigValue('User_NewGroup');
$sql = 'INSERT INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,1)';
$this->Conn->Query( sprintf($sql, $object->GetID(), $group_id) );
}
}
/**
* Login user if possible, if not then redirect to corresponding template
*
* @param kEvent $event
*/
function autoLoginUser(&$event)
{
$object =& $event->getObject();
$this->Application->SetVar('u_id', $object->GetID() );
if($object->GetDBField('Status') == STATUS_ACTIVE)
{
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$this->Application->SetVar($submit_field, $object->GetDBField($login_field) );
$this->Application->SetVar('password', $object->GetDBField('Password_plain') );
$event->CallSubEvent('OnLogin');
}
}
/**
* Creates new user
*
* @param kEvent $event
*/
function OnCreate(&$event)
{
if( !$this->Application->IsAdmin() ) $this->setUserStatus($event);
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->CheckStateField($event, 'State', 'Country');
parent::OnCreate($event);
$object =& $event->getObject();
$this->Application->SetVar('u_id', $object->getID() );
$this->Application->setUnitOption('u', 'AutoLoad', true);
switch ($object->GetDBField('Status')){
case 1:
$this->Application->EmailEventAdmin('USER.ADD', $object->GetID());
$this->Application->EmailEventUser('USER.ADD', $object->GetID());
break;
case 2:
$this->Application->EmailEventAdmin('USER.ADD.PENDING', $object->GetID());
$this->Application->EmailEventUser('USER.ADD.PENDING', $object->GetID());
break;
}
$this->setNextTemplate($event);
if( !$this->Application->IsAdmin() && ($event->status == erSUCCESS) && $event->redirect)
{
$this->autoLoginUser($event);
/*$object =& $event->getObject();
if( $object->GetDBField('Status') != STATUS_ACTIVE )
{
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
}*/
}
}
/**
* Set's new user status based on config options
*
* @param kEvent $event
*/
function setUserStatus(&$event)
{
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object =& $event->getObject();
$new_users_allowed = $this->Application->ConfigValue('User_Allow_New');
// 1 - Instant, 2 - Not Allowed, 3 - Pending
switch ($new_users_allowed)
{
case 1: // Instant
$object->SetDBField('Status', 1);
$next_template = $this->Application->GetVar('registration_confirm_template');
if($next_template) $event->redirect = $next_template;
break;
case 3: // Pending
$next_template = $this->Application->GetVar('registration_confirm_pending_template');
if($next_template) $event->redirect = $next_template;
$object->SetDBField('Status', 2);
break;
case 2: // Not Allowed
$object->SetDBField('Status', 0);
break;
}
}
/**
* Set's new unique resource id to user
*
* @param kEvent $event
*/
function OnBeforeItemCreate(&$event)
{
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
$object =& $event->getObject();
if ($email_as_login) {
$object->Fields['Email']['error_msgs']['unique'] =$this->Application->Phrase('lu_user_and_email_already_exist');
}
}
/**
* Set's new unique resource id to user
*
* @param kEvent $event
*/
function OnAfterItemValidate(&$event)
{
$object =& $event->getObject();
$object->SetDBField('ResourceId', $this->Application->NextResourceId() );
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnRecommend(&$event){
$friend_email = $this->Application->GetVar('friend_email');
$friend_name = $this->Application->GetVar('friend_email');
if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $friend_email))
{
$send_params = array();
$send_params['to_email']=$friend_email;
$send_params['to_name']=$friend_name;
$user_id = $this->Application->GetVar('u_id');
$email_event = &$this->Application->EmailEventUser('SITE.SUGGEST', $user_id, $send_params);
if ($email_event->status == erSUCCESS){
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
else {
// $event->redirect_params = array('opener' => 's', 'pass' => 'all');
// $event->redirect = $this->Application->GetVar('template_fail');
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['send_error'] = $this->Application->Phrase('lu_email_send_error');
$object->FieldErrors['Email']['pseudo'] = 'send_error';
$event->status = erFAIL;
}
}
else {
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail');
$object->FieldErrors['Email']['pseudo'] = 'invalid_email';
$event->status = erFAIL;
}
}
/**
* Saves address changes and mades no redirect
*
* @param kEvent $event
*/
function OnUpdateAddress(&$event)
{
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object =& $event->getObject();
$items_info = $this->Application->GetVar( $event->getPrefixSpecial(true) );
if($items_info)
{
list($id,$field_values) = each($items_info);
if($id > 0) $object->Load($id);
$object->SetFieldsFromHash($field_values);
$object->setID($id);
$object->Validate();
}
$event->redirect = false;
}
function OnSubscribeQuery(&$event){
$user_email = $this->Application->GetVar('subscriber_email');
if ( preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email) ){
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object = &$this->Application->recallObject($this->Prefix.'.subscriber');
$this->Application->StoreVar('SubscriberEmail', $user_email);
if( $object->Load(array('Email'=>$user_email)) ){
$group_info = $this->GetGroupInfo($object->GetID());
if($group_info){
$event->redirect = $this->Application->GetVar('unsubscribe_template');
}
else {
$event->redirect = $this->Application->GetVar('subscribe_template');
}
}
else {
$event->redirect = $this->Application->GetVar('subscribe_template');
$this->Application->StoreVar('SubscriberEmail', $user_email);
}
}
else {
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail');
$object->FieldErrors['SubscribeEmail']['pseudo'] = 'invalid_email';
$event->status = erFAIL;
}
//subscribe_query_ok_template
}
function OnSubscribeUser(&$event){
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object = &$this->Application->recallObject($this->Prefix.'.subscriber');
$user_email = $this->Application->RecallVar('SubscriberEmail');
if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email)){
if($object->Load(array('Email'=>$user_email))){
$group_info = $this->GetGroupInfo($object->GetID());
if ($group_info){
if ($event->getEventParam('no_unsubscribe')) return;
if ($group_info['PrimaryGroup']){
// delete user
$object->Delete();
}
else {
$this->RemoveSubscriberGroup($object->GetID());
}
$event->redirect = $this->Application->GetVar('unsubscribe_ok_template');
}
else {
$this->AddSubscriberGroup($object->GetID(), 0);
$event->redirect = $this->Application->GetVar('subscribe_ok_template');
}
}
else {
$object->SetField('Email', $user_email);
$object->SetField('Login', $user_email);
$object->SetDBField('dob', 1);
$object->SetDBField('dob_date', 1);
$object->SetDBField('dob_time', 1);
$ip = getenv('HTTP_X_FORWARDED_FOR')?getenv('HTTP_X_FORWARDED_FOR'):getenv('REMOTE_ADDR');
$object->SetDBField('ip', $ip);
$this->Application->SetVar('IsSubscriber', 1);
if ($object->Create()) {
$this->AddSubscriberGroup($object->GetID(), 1);
$event->redirect = $this->Application->GetVar('subscribe_ok_template');
}
$this->Application->SetVar('IsSubscriber', 0);
}
}
else {
// error handling here
$event->redirect = $this->Application->GetVar('subscribe_fail_template');
}
}
function AddSubscriberGroup($user_id, $is_primary){
$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'INSERT INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,'.$is_primary.')';
$this->Conn->Query( sprintf($sql, $user_id, $group_id) );
$this->Application->EmailEventAdmin('USER.SUBSCRIBE', $user_id);
$this->Application->EmailEventUser('USER.SUBSCRIBE', $user_id);
}
function RemoveSubscriberGroup($user_id){
$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup WHERE PortalUserId='.$user_id.' AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup');
$this->Conn->Query($sql);
$this->Application->EmailEventAdmin('USER.UNSUBSCRIBE', $user_id);
$this->Application->EmailEventUser('USER.UNSUBSCRIBE', $user_id);
}
function GetGroupInfo($user_id){
$group_info = $this->Conn->GetRow('SELECT * FROM '.TABLE_PREFIX.'UserGroup
WHERE PortalUserId='.$user_id.'
AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup'));
return $group_info;
}
function OnForgotPassword(&$event){
$this->Application->setUnitOption('u', 'AutoLoad', false);
$user_object = &$this->Application->recallObject('u.forgot');
$user_current_object = &$this->Application->recallObject('u');
$username = $this->Application->GetVar('username');
$email = $this->Application->GetVar('email');
$found = false;
$allow_reset = true;
if( strlen($username) )
{
if( $user_object->Load(array('Login'=>$username)) )
$found = ($user_object->GetDBField("Login")==$username && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password"));
}
else if( strlen($email) )
{
if( $user_object->Load(array('Email'=>$email)) )
$found = ($user_object->GetDBField("Email")==$email && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password"));
}
if( $user_object->isLoaded() )
{
$PwResetConfirm = $user_object->GetDBField('PwResetConfirm');
$PwRequestTime = $user_object->GetDBField('PwRequestTime');
$PassResetTime = $user_object->GetDBField('PassResetTime');
//$MinPwResetDelay = $user_object->GetDBField('MinPwResetDelay');
$MinPwResetDelay = $this->Application->ConfigValue('Users_AllowReset');
$allow_reset = (strlen($PwResetConfirm) ?
mktime() > $PwRequestTime + $MinPwResetDelay :
mktime() > $PassResetTime + $MinPwResetDelay);
}
if($found && $allow_reset)
{
$this->Application->StoreVar('tmp_user_id', $user_object->GetDBField("PortalUserId"));
$this->Application->StoreVar('tmp_email', $user_object->GetDBField("Email"));
$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
$event->redirect = $this->Application->GetVar('template_success');
}
else
{
if(!strlen($username) && !strlen($email))
{
$user_current_object->ErrorMsgs['forgotpw_nodata'] = $this->Application->Phrase('lu_ferror_forgotpw_nodata');
$user_current_object->FieldErrors['Login']['pseudo'] = 'lu_ferror_forgotpw_nodata';
}
else
{
if($allow_reset)
{
if( strlen($username) ){
$user_current_object->ErrorMsgs['unknown_username'] = $this->Application->Phrase('lu_ferror_unknown_username');
$user_current_object->FieldErrors['Login']['pseudo']='unknown_username';
}
if( strlen($email) ){
$user_current_object->ErrorMsgs['unknown_email'] = $this->Application->Phrase('lu_ferror_unknown_email');
$user_current_object->FieldErrors['Email']['pseudo']='unknown_email';
}
}
else
{
$user_current_object->ErrorMsgs['reset_denied'] = $this->Application->Phrase('lu_ferror_reset_denied');
if( strlen($username) ){
$user_current_object->FieldErrors['Login']['pseudo']='reset_denied';
}
if( strlen($email) ){
$user_current_object->FieldErrors['Email']['pseudo']='reset_denied';
}
}
}
if($user_current_object->FieldErrors){
$event->redirect = false;
}
}
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnResetPassword(&$event){
$user_object = &$this->Application->recallObject('u.forgot');
if($user_object->Load($this->Application->RecallVar('tmp_user_id'))){
$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
$event->redirect = $this->Application->GetVar('template_success');
$mod_object =& $this->Application->recallObject('mod.'.'In-Commerce');
$m_cat_id = $mod_object->GetDBField('RootCat');
$event->SetRedirectParam('pass', 'm');
//$event->SetRedirectParam('m_cat_id', $m_cat_id);
$this->Application->SetVar('m_cat_id', $m_cat_id);
}
}
function OnResetPasswordConfirmed(&$event){
$passed_key = $this->Application->GetVar('user_key');
$user_object = &$this->Application->recallObject('u.forgot');
$user_current_object = &$this->Application->recallObject('u');
if (strlen(trim($passed_key)) == 0) {
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = false;
$user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid';
}
if($user_object->Load(array('PwResetConfirm'=>$passed_key)))
{
$exp_time = $user_object->GetDBField('PwRequestTime') + 3600;
$user_object->SetDBField("PwResetConfirm", '');
$user_object->SetDBField("PwRequestTime", 0);
if ($exp_time > mktime())
{
//$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text';
$newpw = makepassword4();
$this->Application->StoreVar('password', $newpw);
$user_object->SetDBField("Password",$newpw);
$user_object->SetDBField("PassResetTime", time());
$user_object->SetDBField("PwResetConfirm", '');
$user_object->SetDBField("PwRequestTime", 0);
$user_object->Update();
$this->Application->SetVar('ForgottenPassword', $newpw);
$email_event_user = &$this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId'));
$email_event_admin = &$this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD');
$this->Application->DeleteVar('ForgottenPassword');
if ($email_event_user->status == erSUCCESS){
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
$user_object->SetDBField("Password",md5($newpw));
$user_object->Update();
} else {
$user_current_object->ErrorMsgs['code_expired'] = $this->Application->Phrase('lu_code_expired');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_expired';
$event->redirect = false;
}
} else {
$user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid';
$event->redirect = false;
}
}
function OnUpdate(&$event)
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->CheckStateField($event, 'State', 'Country');
parent::OnUpdate($event);
$this->setNextTemplate($event);
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function setNextTemplate(&$event)
{
if( !$this->Application->IsAdmin() )
{
$event->redirect_params['opener'] = 's';
$object =& $event->getObject();
if($object->GetDBField('Status') == STATUS_ACTIVE)
{
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
}
}
}
function OnCheckExpiredMembership(&$event)
{
$sql = 'SELECT PortalUserId FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.mktime();
$user_ids = $this->Conn->GetCol($sql);
if(is_array($user_ids) && count($user_ids) > 0)
{
foreach($user_ids as $id)
{
$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRED', $id);
$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRED');
}
}
$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.mktime();
$this->Conn->Query($sql);
$pre_expiration = mktime() + $this->Application->ConfigValue('User_MembershipExpirationReminder') * 3600 * 24;
$sql = 'SELECT PortalUserId, GroupId FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.$pre_expiration.'
AND ExpirationReminderSent = 0';
$res = $this->Conn->Query($sql);
if(is_array($res) && count($res) > 0)
{
$conditions = Array();
foreach($res as $record)
{
$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRATION_NOTICE', $record['PortalUserId']);
$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRATION_NOTICE');
$conditions[] = '(PortalUserId = '.$record['PortalUserId'].' AND GroupId = '.$record['GroupId'].')';
}
$sql = 'UPDATE '.TABLE_PREFIX.'UserGroup
SET ExpirationReminderSent = 1
WHERE '.implode(' OR ', $conditions);
$this->Conn->Query($sql);
}
}
}
?>
\ No newline at end of file
Property changes on: trunk/core/units/users/users_event_handler.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.24
\ No newline at end of property
+1.25
\ No newline at end of property
Event Timeline
Log In to Comment