Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F1067977
in-portal
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Wed, Jul 16, 5:44 AM
Size
70 KB
Mime Type
text/x-diff
Expires
Fri, Jul 18, 5:44 AM (4 h, 46 m)
Engine
blob
Format
Raw Data
Handle
691059
Attached To
rINP In-Portal
in-portal
View Options
Index: trunk/kernel/units/users/users_event_handler.php
===================================================================
--- trunk/kernel/units/users/users_event_handler.php (revision 3206)
+++ trunk/kernel/units/users/users_event_handler.php (revision 3207)
@@ -1,799 +1,805 @@
<?php
class UsersEventHandler extends InpDBEventHandler
{
function OnSessionExpire()
{
if( $this->Application->IsAdmin() )
{
$location = $this->Application->BaseURL().ADMIN_DIR.'/index.php?expired=1';
header('Location: '.$location);
exit;
}
else
{
+ $unset_vars = Array(ENV_VAR_NAME, 'rewrite', 'url', 'Action');
$http_query =& $this->Application->recallObject('HTTPQuery');
- if( isset($http_query->Get[ENV_VAR_NAME]) ) unset($http_query->Get[ENV_VAR_NAME]);
+ $get = $http_query->Get;
+ foreach ($unset_vars as $var_name)
+ {
+ if( isset($get[$var_name]) ) unset( $get[$var_name] );
+ }
+
$t = $this->Application->GetVar('t');
- $this->Application->Redirect($t ? $t : 'index', $http_query->Get);
+ $this->Application->Redirect($t ? $t : 'index', $get);
}
}
/**
* Checks user data and logs it in if allowed
*
* @param kEvent $event
*/
function OnLogin(&$event)
{
$this->Application->setUnitOption($event->Prefix, 'AutoLoad', false);
$object =& $this->Application->recallObject('u');
$password = $this->Application->GetVar('password');
if(!$password)
{
$object->SetError('ValidateLogin', 'blank_password', 'lu_blank_password');
$event->status = erFAIL;
return false;
}
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$login_value = $this->Application->GetVar($submit_field);
/*$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (%s = %s) AND (Password = MD5(%s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $login_field, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );*/
$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (Email = %1$s OR Login = %1$s) AND (Password = MD5(%2$s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );
if($user_id)
{
$object->Load($user_id);
if( $object->GetDBField('Status') == STATUS_ACTIVE )
{
$groups = $object->getMembershipGroups(true);
if(!$groups) $groups = Array();
if ( !$this->Application->IsAdmin() ) array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup') );
$this->Application->StoreVar( 'UserGroups', implode(',', $groups) );
if( $this->Application->CheckPermission('LOGIN',0) )
{
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', $user_id);
$session->SetField('GroupList', implode(',', $groups) );
$this->Application->SetVar('u_id', $user_id);
$this->Application->StoreVar('user_id', $user_id);
$this->Application->setVisitField('PortalUserId', $user_id);
}
else
{
$object->Load(-2);
$object->SetError('ValidateLogin', 'no_permission', 'lu_no_permissions');
$event->status = erFAIL;
}
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
$event->SetRedirectParam('js_redirect', 1);
}
else
{
$event->redirect = $this->Application->GetVar('pending_disabled_template');
}
}
else
{
$object->SetError('ValidateLogin', 'invalid_password', 'lu_invalid_password');
$event->status = erFAIL;
}
}
/**
* Called when user logs in using old in-portal
*
* @param kEvent $event
*/
function OnInpLogin(&$event)
{
}
function OnLogout(&$event)
{
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', -2);
$this->Application->SetVar('u_id', -2);
$this->Application->StoreVar('user_id', -2);
$object =& $this->Application->recallObject('u');
$object->Load(-2);
$this->Application->DestroySession();
$group_list = $this->Application->ConfigValue('User_GuestGroup').','.$this->Application->ConfigValue('User_LoggedInGroup');
$session->SetField('GroupList', $group_list);
$this->Application->StoreVar('UserGroups', $group_list);
$event->SetRedirectParam('js_redirect', 1);
}
/**
* Prefill states dropdown with correct values
*
* @param kEvent $event
* @access public
*/
function OnPrepareStates(&$event)
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->PopulateStates($event, 'State', 'Country');
$object =& $event->getObject();
if( $object->isRequired('Country') && $cs_helper->CountryHasStates( $object->GetDBField('Country') ) ) $object->setRequired('State', true);
$object->setLogin();
}
/**
* Redirects user after succesfull registration to confirmation template (on Front only)
*
* @param kEvent $event
*/
function OnAfterItemCreate(&$event)
{
$is_subscriber = $this->Application->GetVar('IsSubscriber');
if(!$is_subscriber)
{
$object =& $event->getObject();
$sql = 'UPDATE '.TABLE_PREFIX.'UserGroup
SET PrimaryGroup = 0
WHERE PortalUserId = '.$object->GetDBField('PortalUserId');
$this->Conn->Query($sql);
$group_id = $this->Application->ConfigValue('User_NewGroup');
$sql = 'REPLACE INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,1)';
$this->Conn->Query( sprintf($sql, $object->GetID(), $group_id) );
}
}
/**
* Login user if possible, if not then redirect to corresponding template
*
* @param kEvent $event
*/
function autoLoginUser(&$event)
{
$object =& $event->getObject();
$this->Application->SetVar('u_id', $object->GetID() );
if($object->GetDBField('Status') == STATUS_ACTIVE)
{
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$this->Application->SetVar($submit_field, $object->GetDBField($login_field) );
$this->Application->SetVar('password', $object->GetDBField('Password_plain') );
$event->CallSubEvent('OnLogin');
}
}
/**
* When creating user & user with such email exists then force to use OnUpdate insted of OnCreate
*
* @param kEvent $event
*/
function OnSubstituteSubscriber(&$event)
{
$ret = false;
$object =& $event->getObject( Array('skip_autoload' => true) );
$items_info = $this->Application->GetVar( $event->getPrefixSpecial(true) );
if($items_info)
{
list($id, $field_values) = each($items_info);
$user_email = $field_values['Email'];
if($user_email)
{
// check if is subscriber
$verify_user =& $this->Application->recallObject('u.verify', null, Array('skup_autoload' => true) );
$verify_user->Load($user_email, 'Email');
if( $verify_user->isLoaded() && $verify_user->isSubscriberOnly() )
{
$items_info = Array( $verify_user->GetDBField('PortalUserId') => $field_values );
$this->Application->SetVar($event->getPrefixSpecial(true), $items_info);
$ret = true;
}
}
}
if( isset($event->MasterEvent) )
{
$event->MasterEvent->setEventParam('is_subscriber_only', $ret);
}
else
{
$event->setEventParam('is_subscriber_only', $ret);
}
}
/**
* Enter description here...
*
* @param kEvent $event
* @return bool
*/
function isSubscriberOnly(&$event)
{
$event->CallSubEvent('OnSubstituteSubscriber');
$is_subscriber = false;
if( $event->getEventParam('is_subscriber_only') )
{
$is_subscriber = true;
$object =& $event->getObject( Array('skip_autoload' => true) );
$this->OnUpdate($event);
if($event->status == erSUCCESS)
{
$this->OnAfterItemCreate($event);
$object->SendEmailEvents();
if( !$this->Application->IsAdmin() && ($event->status == erSUCCESS) && $event->redirect) $this->autoLoginUser($event);
}
}
return $is_subscriber;
}
/**
* Creates new user
*
* @param kEvent $event
*/
function OnCreate(&$event)
{
if( !$this->Application->IsAdmin() ) $this->setUserStatus($event);
if( !$this->isSubscriberOnly($event) )
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->CheckStateField($event, 'State', 'Country');
parent::OnCreate($event);
$object =& $event->getObject( Array('skip_autoload' => true) );
$this->Application->SetVar('u_id', $object->getID() );
$this->Application->setUnitOption('u', 'AutoLoad', true);
$this->setNextTemplate($event);
if( !$this->Application->IsAdmin() && ($event->status == erSUCCESS) && $event->redirect)
{
$object->SendEmailEvents();
$this->autoLoginUser($event);
}
}
}
/**
* Set's new user status based on config options
*
* @param kEvent $event
*/
function setUserStatus(&$event)
{
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object =& $event->getObject();
$new_users_allowed = $this->Application->ConfigValue('User_Allow_New');
// 1 - Instant, 2 - Not Allowed, 3 - Pending
switch ($new_users_allowed)
{
case 1: // Instant
$object->SetDBField('Status', 1);
$next_template = $this->Application->GetVar('registration_confirm_template');
if($next_template) $event->redirect = $next_template;
break;
case 3: // Pending
$next_template = $this->Application->GetVar('registration_confirm_pending_template');
if($next_template) $event->redirect = $next_template;
$object->SetDBField('Status', 2);
break;
case 2: // Not Allowed
$object->SetDBField('Status', 0);
break;
}
}
/**
* Set's new unique resource id to user
*
* @param kEvent $event
*/
function OnBeforeItemCreate(&$event)
{
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
$object =& $event->getObject();
if ($email_as_login) {
$object->Fields['Email']['error_msgs']['unique'] = $this->Application->Phrase('lu_user_and_email_already_exist');
}
}
/**
* Set's new unique resource id to user
*
* @param kEvent $event
*/
function OnAfterItemValidate(&$event)
{
$object =& $event->getObject();
$object->SetDBField('ResourceId', $this->Application->NextResourceId() );
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnRecommend(&$event){
$friend_email = $this->Application->GetVar('friend_email');
$friend_name = $this->Application->GetVar('friend_email');
if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $friend_email))
{
$send_params = array();
$send_params['to_email']=$friend_email;
$send_params['to_name']=$friend_name;
$user_id = $this->Application->GetVar('u_id');
$email_event = &$this->Application->EmailEventUser('SITE.SUGGEST', $user_id, $send_params);
if ($email_event->status == erSUCCESS){
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
else {
// $event->redirect_params = array('opener' => 's', 'pass' => 'all');
// $event->redirect = $this->Application->GetVar('template_fail');
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['send_error'] = $this->Application->Phrase('lu_email_send_error');
$object->FieldErrors['Email']['pseudo'] = 'send_error';
$event->status = erFAIL;
}
}
else {
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail');
$object->FieldErrors['Email']['pseudo'] = 'invalid_email';
$event->status = erFAIL;
}
}
/**
* Saves address changes and mades no redirect
*
* @param kEvent $event
*/
function OnUpdateAddress(&$event)
{
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object =& $event->getObject();
$items_info = $this->Application->GetVar( $event->getPrefixSpecial(true) );
if($items_info)
{
list($id,$field_values) = each($items_info);
if($id > 0) $object->Load($id);
$object->SetFieldsFromHash($field_values);
$object->setID($id);
$object->Validate();
}
$event->redirect = false;
}
function OnSubscribeQuery(&$event){
$user_email = $this->Application->GetVar('subscriber_email');
if ( preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email) ){
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object = &$this->Application->recallObject($this->Prefix.'.subscriber');
$this->Application->StoreVar('SubscriberEmail', $user_email);
if( $object->Load(array('Email'=>$user_email)) ){
$group_info = $this->GetGroupInfo($object->GetID());
if($group_info){
$event->redirect = $this->Application->GetVar('unsubscribe_template');
}
else {
$event->redirect = $this->Application->GetVar('subscribe_template');
}
}
else {
$event->redirect = $this->Application->GetVar('subscribe_template');
$this->Application->StoreVar('SubscriberEmail', $user_email);
}
}
else {
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail');
$object->FieldErrors['SubscribeEmail']['pseudo'] = 'invalid_email';
$event->status = erFAIL;
}
//subscribe_query_ok_template
}
function OnSubscribeUser(&$event){
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object = &$this->Application->recallObject($this->Prefix.'.subscriber');
$user_email = $this->Application->RecallVar('SubscriberEmail');
if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email)){
if($object->Load(array('Email'=>$user_email))){
$group_info = $this->GetGroupInfo($object->GetID());
if ($group_info){
if ($event->getEventParam('no_unsubscribe')) return;
if ($group_info['PrimaryGroup']){
// delete user
$object->Delete();
}
else {
$this->RemoveSubscriberGroup($object->GetID());
}
$event->redirect = $this->Application->GetVar('unsubscribe_ok_template');
}
else {
$this->AddSubscriberGroup($object->GetID(), 0);
$event->redirect = $this->Application->GetVar('subscribe_ok_template');
}
}
else {
$object->SetField('Email', $user_email);
$object->SetField('Login', $user_email);
$object->SetDBField('dob', 1);
$object->SetDBField('dob_date', 1);
$object->SetDBField('dob_time', 1);
$ip = getenv('HTTP_X_FORWARDED_FOR')?getenv('HTTP_X_FORWARDED_FOR'):getenv('REMOTE_ADDR');
$object->SetDBField('ip', $ip);
$this->Application->SetVar('IsSubscriber', 1);
if ($object->Create()) {
$this->AddSubscriberGroup($object->GetID(), 1);
$event->redirect = $this->Application->GetVar('subscribe_ok_template');
}
$this->Application->SetVar('IsSubscriber', 0);
}
}
else {
// error handling here
$event->redirect = $this->Application->GetVar('subscribe_fail_template');
}
}
function AddSubscriberGroup($user_id, $is_primary){
$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'INSERT INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,'.$is_primary.')';
$this->Conn->Query( sprintf($sql, $user_id, $group_id) );
$this->Application->EmailEventAdmin('USER.SUBSCRIBE', $user_id);
$this->Application->EmailEventUser('USER.SUBSCRIBE', $user_id);
}
function RemoveSubscriberGroup($user_id){
$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup WHERE PortalUserId='.$user_id.' AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup');
$this->Conn->Query($sql);
$this->Application->EmailEventAdmin('USER.UNSUBSCRIBE', $user_id);
$this->Application->EmailEventUser('USER.UNSUBSCRIBE', $user_id);
}
function GetGroupInfo($user_id){
$group_info = $this->Conn->GetRow('SELECT * FROM '.TABLE_PREFIX.'UserGroup
WHERE PortalUserId='.$user_id.'
AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup'));
return $group_info;
}
function OnForgotPassword(&$event){
$this->Application->setUnitOption('u', 'AutoLoad', false);
$user_object = &$this->Application->recallObject('u.forgot');
$user_current_object = &$this->Application->recallObject('u');
$username = $this->Application->GetVar('username');
$email = $this->Application->GetVar('email');
$found = false;
$allow_reset = true;
if( strlen($username) )
{
if( $user_object->Load(array('Login'=>$username)) )
$found = ($user_object->GetDBField("Login")==$username && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password"));
}
else if( strlen($email) )
{
if( $user_object->Load(array('Email'=>$email)) )
$found = ($user_object->GetDBField("Email")==$email && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password"));
}
if( $user_object->isLoaded() )
{
$PwResetConfirm = $user_object->GetDBField('PwResetConfirm');
$PwRequestTime = $user_object->GetDBField('PwRequestTime');
$PassResetTime = $user_object->GetDBField('PassResetTime');
//$MinPwResetDelay = $user_object->GetDBField('MinPwResetDelay');
$MinPwResetDelay = $this->Application->ConfigValue('Users_AllowReset');
$allow_reset = (strlen($PwResetConfirm) ?
mktime() > $PwRequestTime + $MinPwResetDelay :
mktime() > $PassResetTime + $MinPwResetDelay);
}
if($found && $allow_reset)
{
$this->Application->StoreVar('tmp_user_id', $user_object->GetDBField("PortalUserId"));
$this->Application->StoreVar('tmp_email', $user_object->GetDBField("Email"));
//$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
$event->redirect = $this->Application->GetVar('template_success');
}
else
{
if(!strlen($username) && !strlen($email))
{
$user_current_object->ErrorMsgs['forgotpw_nodata'] = $this->Application->Phrase('lu_ferror_forgotpw_nodata');
$user_current_object->FieldErrors['Login']['pseudo'] = 'lu_ferror_forgotpw_nodata';
}
else
{
if($allow_reset)
{
if( strlen($username) ){
$user_current_object->ErrorMsgs['unknown_username'] = $this->Application->Phrase('lu_ferror_unknown_username');
$user_current_object->FieldErrors['Login']['pseudo']='unknown_username';
}
if( strlen($email) ){
$user_current_object->ErrorMsgs['unknown_email'] = $this->Application->Phrase('lu_ferror_unknown_email');
$user_current_object->FieldErrors['Email']['pseudo']='unknown_email';
}
}
else
{
$user_current_object->ErrorMsgs['reset_denied'] = $this->Application->Phrase('lu_ferror_reset_denied');
if( strlen($username) ){
$user_current_object->FieldErrors['Login']['pseudo']='reset_denied';
}
if( strlen($email) ){
$user_current_object->FieldErrors['Email']['pseudo']='reset_denied';
}
}
}
if($user_current_object->FieldErrors){
$event->redirect = false;
}
}
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnResetPassword(&$event){
$user_object = &$this->Application->recallObject('u.forgot');
if($user_object->Load($this->Application->RecallVar('tmp_user_id'))){
$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
$event->redirect = $this->Application->GetVar('template_success');
$mod_object =& $this->Application->recallObject('mod.'.'In-Commerce');
$m_cat_id = $mod_object->GetDBField('RootCat');
$event->SetRedirectParam('pass', 'm');
//$event->SetRedirectParam('m_cat_id', $m_cat_id);
$this->Application->SetVar('m_cat_id', $m_cat_id);
}
}
function OnResetPasswordConfirmed(&$event){
$passed_key = $this->Application->GetVar('user_key');
$user_object = &$this->Application->recallObject('u.forgot');
$user_current_object = &$this->Application->recallObject('u');
if (strlen(trim($passed_key)) == 0) {
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = false;
$user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid';
}
if($user_object->Load(array('PwResetConfirm'=>$passed_key)))
{
$exp_time = $user_object->GetDBField('PwRequestTime') + 3600;
$user_object->SetDBField("PwResetConfirm", '');
$user_object->SetDBField("PwRequestTime", 0);
if ($exp_time > mktime())
{
//$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text';
$newpw = makepassword4();
$this->Application->StoreVar('password', $newpw);
$user_object->SetDBField("Password",$newpw);
$user_object->SetDBField("PassResetTime", time());
$user_object->SetDBField("PwResetConfirm", '');
$user_object->SetDBField("PwRequestTime", 0);
$user_object->Update();
$this->Application->SetVar('ForgottenPassword', $newpw);
$email_event_user = &$this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId'));
$email_event_admin = &$this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD');
$this->Application->DeleteVar('ForgottenPassword');
if ($email_event_user->status == erSUCCESS){
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
$user_object->SetDBField("Password",md5($newpw));
$user_object->Update();
} else {
$user_current_object->ErrorMsgs['code_expired'] = $this->Application->Phrase('lu_code_expired');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_expired';
$event->redirect = false;
}
} else {
$user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid';
$event->redirect = false;
}
}
function OnUpdate(&$event)
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->CheckStateField($event, 'State', 'Country');
parent::OnUpdate($event);
$this->setNextTemplate($event);
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function setNextTemplate(&$event)
{
if( !$this->Application->IsAdmin() )
{
$event->redirect_params['opener'] = 's';
$object =& $event->getObject();
if($object->GetDBField('Status') == STATUS_ACTIVE)
{
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
}
}
}
function OnCheckExpiredMembership(&$event)
{
$sql = 'SELECT PortalUserId FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.mktime();
$user_ids = $this->Conn->GetCol($sql);
if(is_array($user_ids) && count($user_ids) > 0)
{
foreach($user_ids as $id)
{
$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRED', $id);
$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRED');
}
}
$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.mktime();
$this->Conn->Query($sql);
$pre_expiration = mktime() + $this->Application->ConfigValue('User_MembershipExpirationReminder') * 3600 * 24;
$sql = 'SELECT PortalUserId, GroupId FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.$pre_expiration.'
AND ExpirationReminderSent = 0';
$res = $this->Conn->Query($sql);
if(is_array($res) && count($res) > 0)
{
$conditions = Array();
foreach($res as $record)
{
$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRATION_NOTICE', $record['PortalUserId']);
$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRATION_NOTICE');
$conditions[] = '(PortalUserId = '.$record['PortalUserId'].' AND GroupId = '.$record['GroupId'].')';
}
$sql = 'UPDATE '.TABLE_PREFIX.'UserGroup
SET ExpirationReminderSent = 1
WHERE '.implode(' OR ', $conditions);
$this->Conn->Query($sql);
}
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnRefreshForm(&$event)
{
$event->redirect = false;
$item_info = $this->Application->GetVar($event->Prefix_Special);
list($id, $fields) = each($item_info);
$object =& $event->getObject( Array('skip_autoload' => true) );
$object->setID($id);
$object->IgnoreValidation = true;
$object->SetFieldsFromHash($fields);
}
}
?>
\ No newline at end of file
Property changes on: trunk/kernel/units/users/users_event_handler.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.38
\ No newline at end of property
+1.39
\ No newline at end of property
Index: trunk/core/kernel/utility/http_query.php
===================================================================
--- trunk/core/kernel/utility/http_query.php (revision 3206)
+++ trunk/core/kernel/utility/http_query.php (revision 3207)
@@ -1,677 +1,683 @@
<?php
class HTTPQuery extends Params {
/**
* $_POST vars
*
* @var Array
* @access private
*/
var $Post;
/**
* $_GET vars
*
* @var Array
* @access private
*/
var $Get;
/**
* $_COOKIE vars
*
* @var Array
* @access private
*/
var $Cookie;
/**
* $_SERVER vars
*
* @var Array
* @access private
*/
var $Server;
/**
* $_ENV vars
*
* @var Array
* @access private
*/
var $Env;
/**
* Order in what write
* all vars together in
* the same array
*
* @var string
*/
var $Order;
/**
* Uploaded files info
*
* @var Array
* @access private
*/
var $Files;
var $specialsToRemove = Array();
var $Admin = false;
/**
* Description
*
* @var kDBConnection
* @access public
*/
var $Conn;
/**
* Loads info from $_POST, $_GET and
* related arrays into common place
*
* @param string $order
* @return HTTPQuery
* @access public
*/
function HTTPQuery($order = 'CGPF')
{
parent::Params();
$this->Conn =& $this->Application->GetADODBConnection();
$this->Order = $order;
$this->Admin = $this->Application->IsAdmin(); // better cache this value, not to calculate it each time in foreach
}
function Init($prefix, $special)
{
$this->AddAllVars();
$this->specialsToRemove = $this->Get('remove_specials');
if($this->specialsToRemove)
{
$this->_Params = $this->removeSpecials($this->_Params);
}
ini_set('magic_quotes_gpc', 0);
}
function removeSpecials($array)
{
$ret = Array();
$removed = false;
foreach($this->specialsToRemove as $prefix_special => $flag)
{
if($flag)
{
$removed = true;
list($prefix,$special) = explode('.',$prefix_special, 2);
foreach ($array as $key => $val) {
$new_key = preg_match("/^".$prefix."[._]{1}".$special."(.*)/", $key, $regs) ? $prefix.$regs[1] : $key;
$ret[$new_key] = is_array($val) ? $this->removeSpecials($val) : $val;
}
}
}
return $removed ? $ret : $array;
}
/**
* All all requested vars to
* common storage place
*
* @access private
*/
function AddAllVars()
{
for ($i=0; $i < strlen($this->Order); $i++)
{
$current = $this->Order[$i];
switch ($current) {
case 'G':
$this->Get = $this->AddVars($_GET);
$this->processQueryString();
if( $this->Application->RewriteURLs() )
{
if( $this->Application->isDebugMode() )
{
$this->Application->Debugger->profileStart('url_parsing', 'Parsing <b>MOD_REWRITE</b> url');
$this->processRewriteURL();
$this->Application->Debugger->profileFinish('url_parsing');
}
else
{
$this->processRewriteURL();
}
}
break;
case 'P':
$this->Post = $this->AddVars($_POST);
$this->convertPostEvents();
break;
case 'C':
$this->Cookie = $this->AddVars($_COOKIE);
break;
case 'E';
$this->Env = $this->AddVars($_ENV);
break;
case 'S';
$this->Server = $this->AddVars($_SERVER);
break;
case 'F';
$this->convertFiles();
$this->Files = $this->MergeVars($_FILES, false); //do not strip slashes!
break;
}
}
}
function convertFiles()
{
if (!$_FILES)
{
return false;
}
$file_keys = Array('error','name','size','tmp_name','type');
$tmp = Array();
foreach($_FILES as $file_name => $file_info)
{
if( is_array($file_info['error']) )
{
$tmp[$file_name] = $this->getArrayLevel( $file_info['error'], $file_name );
}
else
{
$normal_files[$file_name] = $file_info;
}
}
if(!$tmp) return false;
$files = $_FILES;
$_FILES = Array();
foreach($tmp as $prefix => $prefix_files)
{
$anchor =& $_FILES;
foreach($prefix_files['keys'] as $key)
{
$anchor =& $anchor[$key];
}
foreach($prefix_files['value'] as $field_name)
{
unset($inner_anchor);
unset($copy);
$work_copy = $prefix_files['keys'];
foreach($file_keys as $file_key)
{
$inner_anchor =& $files[$prefix][$file_key];
if (isset($copy))
{
$work_copy = $copy;
}
else
{
$copy = $work_copy;
}
array_shift($work_copy);
foreach($work_copy as $prefix_file_key)
{
$inner_anchor =& $inner_anchor[$prefix_file_key];
}
$anchor[$field_name][$file_key] = $inner_anchor[$field_name];
}
}
}
// keys: img_temp, 0, values: LocalPath, ThumbPath
}
function getArrayLevel(&$level, $prefix='')
{
$ret['keys'] = $prefix ? Array($prefix) : Array();
$ret['value'] = Array();
foreach($level as $level_key => $level_value)
{
if( is_array($level_value) )
{
$ret['keys'][] = $level_key;
$tmp = $this->getArrayLevel($level_value);
$ret['keys'] = array_merge($ret['keys'], $tmp['keys']);
$ret['value'] = array_merge($ret['value'], $tmp['value']);
}
else
{
$ret['value'][] = $level_key;
}
}
return $ret;
}
/**
* Owerwrites GET events with POST events in case if they are set and not empty
*
*/
function convertPostEvents()
{
$events = $this->Get('events');
if( is_array($events) )
{
foreach ($events as $prefix_special => $event_name)
{
if($event_name) $this->Set($prefix_special.'_event', $event_name);
}
}
}
+ function finalizeParsing($passed, $module_params = Array() )
+ {
+ if( is_array($passed) ) $passed = implode(',', $passed);
+ $this->Set('passed', $passed);
+ $env = $this->Application->BuildEnv( $this->Get('t'), $module_params, $passed, false, false );
+ $this->Set(ENV_VAR_NAME, $env);
+ $_REQUEST['env'] = $_GET['env'] = $env; // for capability with old in-portal code
+ }
function processRewriteURL()
{
// directory_1_2_3/sc1/inlink/detail/3/l1_ka_asd.html
$url = $this->Get('url');
if( substr($url, -5) == '.html' ) $url = substr($url, 0, strlen($url) - 5 );
$url_parts = $url ? explode('/', $url) : Array();
// set default values
$defaults = Array('t' => '', 'm_cat_id' => 0, 'm_cat_page' => 1, 'm_opener' => 's');
foreach ($defaults as $default_key => $default_value)
{
$this->Set($default_key, $default_value);
}
if(!$url_parts)
{
$this->Application->Phrases = new PhrasesCache();
$this->Application->VerifyLanguageId();
$this->Application->Phrases->Init('phrases');
$this->Application->VerifyThemeId();
// $this->Get('m_lang') );
$this->Set('t', $this->getDefaultTemplate('') );
+ $this->finalizeParsing('m');
return false;
}
$url_part = array_shift($url_parts);
// match language
$sql = 'SELECT LanguageId FROM '.TABLE_PREFIX.'Language WHERE LOWER(PackName) = '.$this->Conn->qstr($url_part).' AND Enabled = 1';
$language_id = $this->Conn->GetOne($sql);
$this->Application->Phrases = new PhrasesCache();
if($language_id)
{
$this->Set('m_lang', $language_id);
$url_part = $url_parts ? array_shift($url_parts) : ''; // prepare next url part for parsing
}
else
{
$this->Application->VerifyLanguageId();
}
$this->Application->Phrases->Init('phrases');
// $this->Get('m_lang') );
// match theme
if($url_part)
{
$sql = 'SELECT ThemeId FROM '.TABLE_PREFIX.'Theme WHERE LOWER(Name) = '.$this->Conn->qstr($url_part).' AND Enabled = 1';
$theme_id = $this->Conn->GetOne($sql);
if($theme_id)
{
$this->Set('m_theme', $theme_id);
$url_part = $url_parts ? array_shift($url_parts) : ''; // prepare next url part for parsing
}
else
{
$this->Application->VerifyThemeId();
}
}
// match category
if($url_part)
{
$category_stack = Array();
$category_found = false;
$category_path = '';
do
{
$category_path = trim($category_path.'/'.$url_part, '/');
if( preg_match('/(.*)_([\d]+)$/', $category_path, $rets) )
{
$category_path = $rets[1];
$this->Set('m_cat_page', $rets[2]);
}
$sql = 'SELECT CategoryId FROM '.TABLE_PREFIX.'Category WHERE NamedParentPath = '.$this->Conn->qstr($category_path);
array_push($category_stack, $this->Conn->GetOne($sql) );
$category_found = end($category_stack);
if($category_found) $url_part = array_shift($url_parts);
}while ($category_found);
if( count($category_stack) >= 2 )
{
array_pop($category_stack); // remove last not found category
$category_id = array_pop($category_stack);
if($category_id)
{
$this->Set('m_cat_id', $category_id);
}
}
}
// match module
if($url_part)
{
foreach ($this->Application->ModuleInfo as $module_name => $module_data)
{
if( trim($module_data['TemplatePath'], '/') == $url_part )
{
$module_prefix = $module_data['Var'];
break;
}
}
}
// match template
$template_path = '';
$template_found = false;
if($url_part)
{
array_unshift($url_parts, $url_part);
$template_parts = $url_parts;
$url_parts = Array();
do
{
$template_path = implode('/', $template_parts);
$sql = 'SELECT FileId FROM '.TABLE_PREFIX.'ThemeFiles WHERE CONCAT(FilePath, "/", FileName) = '.$this->Conn->qstr('/'.$template_path.'.tpl');
$template_found = $this->Conn->GetOne($sql);
if(!$template_found)
{
array_unshift( $url_parts, array_pop($template_parts) );
}
}while (!$template_found && $template_parts);
}
$this->Set('t', $this->getDefaultTemplate($template_found ? $template_path : '') );
// pass params left to module
$passed = Array('m');
$module_params = Array();
if( isset($module_prefix) )
{
$passed[] = $module_prefix;
$module_event = new kEvent($module_prefix.':ParseEnv', Array('url_parts' => $url_parts) );
$this->Application->HandleEvent($module_event);
$module_object =& $module_event->getObject();
$item_id = $module_object->GetID();
$module_params = Array($module_prefix.'_id' => $item_id ? $item_id : '0' );
}
- $this->Set('passed', implode(',', $passed) );
- $env = $this->Application->BuildEnv( $this->Get('t'), $module_params, implode(',', $passed), false, false );
- $this->Set(ENV_VAR_NAME, $env);
- $_REQUEST['env'] = $_GET['env'] = $env; // for capability with old in-portal code
+ $this->finalizeParsing($passed, $module_params);
}
function getDefaultTemplate($t)
{
$t = $this->getTemplateName( trim($t, '/') );
if (!$t) $t = 'index';
return trim($t, '/');
}
function extractSIDAndTemplate(&$parts)
{
if ( defined('INPORTAL_ENV') && INPORTAL_ENV ) // SID-TEMPLATE
{
$sub_parts = array_shift($parts);
list($sid, $t) = explode('-', $sub_parts, 2);
// Save Session ID
if($sid)
{
$this->Set('sid', $sid);
$this->Get['sid'] = $sid;
}
// Save Template Name
$this->Set('t', $this->getDefaultTemplate($t) );
}
else // SID:TEMPLATE
{
// Save Session ID
$sid = array_shift($parts);
if ($sid) $this->Set('sid', $sid);
// Save Template Name
$t = array_shift($parts);
$this->Set('t', $this->getDefaultTemplate($t) );
}
}
/**
* Process QueryString only, create
* events, ids, based on config
* set template name and sid in
* desired application variables.
*
* @access private
*/
function processQueryString()
{
// env=SID:TEMPLATE:m-1-1-1-1:l0-0-0:n-0-0-0:bb-0-0-1-1-1-0
$env_var = $this->Get(ENV_VAR_NAME);
if($env_var)
{
$env_var = str_replace('\:','_&+$$+&_', $env_var); // replace escaped "=" with spec-chars :)
$parts = explode(':', $env_var);
if( !$this->Application->RewriteURLs() )
{
$this->extractSIDAndTemplate($parts);
}
if($parts)
{
$query_maps = Array();
$event_manger =& $this->Application->recallObject('EventManager');
$passed = Array();
foreach($parts as $mixed_part)
{
//In-portal old style env conversion - adds '-' between prefix and first var
$mixed_part = str_replace('_&+$$+&_',':',$mixed_part);
$mixed_part = preg_replace("/^([a-zA-Z]+)([0-9]+)-(.*)/", "$1-$2-$3", $mixed_part);
$escaped_part = str_replace('\-', '_&+$$+&_', $mixed_part);
$escaped_part = explode('-', $escaped_part);
$mixed_part = array();
foreach ($escaped_part as $escaped_val) {
$mixed_part[] = str_replace('_&+$$+&_', '-', $escaped_val);
}
$prefix_special = array_shift($mixed_part); // l.pick, l
list($prefix) = explode('.', $prefix_special);
$query_maps[$prefix_special] = $this->Application->getUnitOption($prefix,'QueryString');
// if config is not defined for prefix in QueryString, then don't process it
if( $query_maps[$prefix_special] )
{
array_push($passed, $prefix);
foreach($query_maps[$prefix_special] as $index => $var_name)
{
// l_id, l_page, l_bla-bla-bla
$val = $mixed_part[$index - 1];
if ($val == '') $val = false;
$this->Set($prefix_special.'_'.$var_name, $val);
}
}
else
{
unset($query_maps[$prefix_special]);
}
}
$this->Set('passed', implode(',', $passed) );
$event_manger->setQueryMaps($query_maps);
}
}
else
{
$t=$this->getTemplateName('index');
$this->Set('t', $t);
}
}
/**
* Decides what template name to
* use from $_GET or from $_POST
*
* @param string $querystring_template
* @return string
* @access private
*/
function getTemplateName($querystring_template)
{
$t_from_post = $this->Get('t');
$t = $t_from_post ? $t_from_post : $querystring_template;
if ( is_numeric($t) )
{
$t = $this->Conn->GetOne(' SELECT CONCAT(FilePath, \'/\', FileName)
FROM '.TABLE_PREFIX.'ThemeFiles
WHERE FileId = '.$t);
}
$t = preg_replace('/\.tpl$/', '', $t);
return $t;
}
/**
* Saves variables from array specified
* into common variable storage place
*
* @param Array $array
* @return Array
* @access private
*/
function AddVars($array)
{
$array = $this->StripSlashes($array);
foreach($array as $key => $value)
{
$this->Set($key,$value);
}
return $array;
}
function MergeVars($array, $strip_slashes=true)
{
if ($strip_slashes) $array = $this->StripSlashes($array);
foreach($array as $key => $value)
{
$this->_Params = array_merge_recursive2($this->_Params, Array($key=>$value));
}
return $array;
}
function StripSlashes($array)
{
//if( !get_magic_quotes_gpc() ) return $array;
foreach($array as $key=>$value)
{
if( is_array($value) )
{
$array[$key] = $this->StripSlashes($value);
}
else
{
if( get_magic_quotes_gpc() ) $value = stripslashes($value);
if(!$this->Admin) $value = htmlspecialchars($value);
$array[$key] = $value;
}
//$array[$key]=is_array($value)?$this->StripSlashes($value):stripslashes($value);
}
return $array;
}
/**
* Returns the hash of http params
* matching the mask with values
*
* @param string $mask
* @return Array
* @access public
*/
function GetSelectedValues($mask)
{
return $this->Application->ExtractByMask($this->Vars, $mask);
}
/**
* Returns the sprintf'ed by format list of
* http params matching the mask and set to on
*
* @param string $mask
* @param string $format
* @return string
* @access public
*/
function GetSelectedIDs($mask, $format)
{
if ($mask == '') return;
$result = '';
foreach ($this->GetParams() as $name => $val)
{
if (eregi($mask, $name, $regs) && $val == 'on') {
$result.= sprintf($format, $regs[1]);
}
}
return $result;
}
/**
* Returns the sprintf'ed by format list of
* http params matching the mask and set to on
*
* @param string $mask
* @param string $value_mask
* @return Array
* @access public
*/
function GetSelectedIDsArray($mask, $value_mask="%s,")
{
$str = $this->GetSelectedIDs($mask, $value_mask);
$str = rtrim($str, ',');
if (!empty($str)) {
$ids = split(',', $str);
if ($ids !== false)
return $ids;
else return Array();
}
else return Array();
}
}
?>
\ No newline at end of file
Property changes on: trunk/core/kernel/utility/http_query.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.17
\ No newline at end of property
+1.18
\ No newline at end of property
Index: trunk/core/units/users/users_event_handler.php
===================================================================
--- trunk/core/units/users/users_event_handler.php (revision 3206)
+++ trunk/core/units/users/users_event_handler.php (revision 3207)
@@ -1,799 +1,805 @@
<?php
class UsersEventHandler extends InpDBEventHandler
{
function OnSessionExpire()
{
if( $this->Application->IsAdmin() )
{
$location = $this->Application->BaseURL().ADMIN_DIR.'/index.php?expired=1';
header('Location: '.$location);
exit;
}
else
{
+ $unset_vars = Array(ENV_VAR_NAME, 'rewrite', 'url', 'Action');
$http_query =& $this->Application->recallObject('HTTPQuery');
- if( isset($http_query->Get[ENV_VAR_NAME]) ) unset($http_query->Get[ENV_VAR_NAME]);
+ $get = $http_query->Get;
+ foreach ($unset_vars as $var_name)
+ {
+ if( isset($get[$var_name]) ) unset( $get[$var_name] );
+ }
+
$t = $this->Application->GetVar('t');
- $this->Application->Redirect($t ? $t : 'index', $http_query->Get);
+ $this->Application->Redirect($t ? $t : 'index', $get);
}
}
/**
* Checks user data and logs it in if allowed
*
* @param kEvent $event
*/
function OnLogin(&$event)
{
$this->Application->setUnitOption($event->Prefix, 'AutoLoad', false);
$object =& $this->Application->recallObject('u');
$password = $this->Application->GetVar('password');
if(!$password)
{
$object->SetError('ValidateLogin', 'blank_password', 'lu_blank_password');
$event->status = erFAIL;
return false;
}
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$login_value = $this->Application->GetVar($submit_field);
/*$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (%s = %s) AND (Password = MD5(%s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $login_field, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );*/
$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (Email = %1$s OR Login = %1$s) AND (Password = MD5(%2$s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );
if($user_id)
{
$object->Load($user_id);
if( $object->GetDBField('Status') == STATUS_ACTIVE )
{
$groups = $object->getMembershipGroups(true);
if(!$groups) $groups = Array();
if ( !$this->Application->IsAdmin() ) array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup') );
$this->Application->StoreVar( 'UserGroups', implode(',', $groups) );
if( $this->Application->CheckPermission('LOGIN',0) )
{
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', $user_id);
$session->SetField('GroupList', implode(',', $groups) );
$this->Application->SetVar('u_id', $user_id);
$this->Application->StoreVar('user_id', $user_id);
$this->Application->setVisitField('PortalUserId', $user_id);
}
else
{
$object->Load(-2);
$object->SetError('ValidateLogin', 'no_permission', 'lu_no_permissions');
$event->status = erFAIL;
}
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
$event->SetRedirectParam('js_redirect', 1);
}
else
{
$event->redirect = $this->Application->GetVar('pending_disabled_template');
}
}
else
{
$object->SetError('ValidateLogin', 'invalid_password', 'lu_invalid_password');
$event->status = erFAIL;
}
}
/**
* Called when user logs in using old in-portal
*
* @param kEvent $event
*/
function OnInpLogin(&$event)
{
}
function OnLogout(&$event)
{
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', -2);
$this->Application->SetVar('u_id', -2);
$this->Application->StoreVar('user_id', -2);
$object =& $this->Application->recallObject('u');
$object->Load(-2);
$this->Application->DestroySession();
$group_list = $this->Application->ConfigValue('User_GuestGroup').','.$this->Application->ConfigValue('User_LoggedInGroup');
$session->SetField('GroupList', $group_list);
$this->Application->StoreVar('UserGroups', $group_list);
$event->SetRedirectParam('js_redirect', 1);
}
/**
* Prefill states dropdown with correct values
*
* @param kEvent $event
* @access public
*/
function OnPrepareStates(&$event)
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->PopulateStates($event, 'State', 'Country');
$object =& $event->getObject();
if( $object->isRequired('Country') && $cs_helper->CountryHasStates( $object->GetDBField('Country') ) ) $object->setRequired('State', true);
$object->setLogin();
}
/**
* Redirects user after succesfull registration to confirmation template (on Front only)
*
* @param kEvent $event
*/
function OnAfterItemCreate(&$event)
{
$is_subscriber = $this->Application->GetVar('IsSubscriber');
if(!$is_subscriber)
{
$object =& $event->getObject();
$sql = 'UPDATE '.TABLE_PREFIX.'UserGroup
SET PrimaryGroup = 0
WHERE PortalUserId = '.$object->GetDBField('PortalUserId');
$this->Conn->Query($sql);
$group_id = $this->Application->ConfigValue('User_NewGroup');
$sql = 'REPLACE INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,1)';
$this->Conn->Query( sprintf($sql, $object->GetID(), $group_id) );
}
}
/**
* Login user if possible, if not then redirect to corresponding template
*
* @param kEvent $event
*/
function autoLoginUser(&$event)
{
$object =& $event->getObject();
$this->Application->SetVar('u_id', $object->GetID() );
if($object->GetDBField('Status') == STATUS_ACTIVE)
{
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$this->Application->SetVar($submit_field, $object->GetDBField($login_field) );
$this->Application->SetVar('password', $object->GetDBField('Password_plain') );
$event->CallSubEvent('OnLogin');
}
}
/**
* When creating user & user with such email exists then force to use OnUpdate insted of OnCreate
*
* @param kEvent $event
*/
function OnSubstituteSubscriber(&$event)
{
$ret = false;
$object =& $event->getObject( Array('skip_autoload' => true) );
$items_info = $this->Application->GetVar( $event->getPrefixSpecial(true) );
if($items_info)
{
list($id, $field_values) = each($items_info);
$user_email = $field_values['Email'];
if($user_email)
{
// check if is subscriber
$verify_user =& $this->Application->recallObject('u.verify', null, Array('skup_autoload' => true) );
$verify_user->Load($user_email, 'Email');
if( $verify_user->isLoaded() && $verify_user->isSubscriberOnly() )
{
$items_info = Array( $verify_user->GetDBField('PortalUserId') => $field_values );
$this->Application->SetVar($event->getPrefixSpecial(true), $items_info);
$ret = true;
}
}
}
if( isset($event->MasterEvent) )
{
$event->MasterEvent->setEventParam('is_subscriber_only', $ret);
}
else
{
$event->setEventParam('is_subscriber_only', $ret);
}
}
/**
* Enter description here...
*
* @param kEvent $event
* @return bool
*/
function isSubscriberOnly(&$event)
{
$event->CallSubEvent('OnSubstituteSubscriber');
$is_subscriber = false;
if( $event->getEventParam('is_subscriber_only') )
{
$is_subscriber = true;
$object =& $event->getObject( Array('skip_autoload' => true) );
$this->OnUpdate($event);
if($event->status == erSUCCESS)
{
$this->OnAfterItemCreate($event);
$object->SendEmailEvents();
if( !$this->Application->IsAdmin() && ($event->status == erSUCCESS) && $event->redirect) $this->autoLoginUser($event);
}
}
return $is_subscriber;
}
/**
* Creates new user
*
* @param kEvent $event
*/
function OnCreate(&$event)
{
if( !$this->Application->IsAdmin() ) $this->setUserStatus($event);
if( !$this->isSubscriberOnly($event) )
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->CheckStateField($event, 'State', 'Country');
parent::OnCreate($event);
$object =& $event->getObject( Array('skip_autoload' => true) );
$this->Application->SetVar('u_id', $object->getID() );
$this->Application->setUnitOption('u', 'AutoLoad', true);
$this->setNextTemplate($event);
if( !$this->Application->IsAdmin() && ($event->status == erSUCCESS) && $event->redirect)
{
$object->SendEmailEvents();
$this->autoLoginUser($event);
}
}
}
/**
* Set's new user status based on config options
*
* @param kEvent $event
*/
function setUserStatus(&$event)
{
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object =& $event->getObject();
$new_users_allowed = $this->Application->ConfigValue('User_Allow_New');
// 1 - Instant, 2 - Not Allowed, 3 - Pending
switch ($new_users_allowed)
{
case 1: // Instant
$object->SetDBField('Status', 1);
$next_template = $this->Application->GetVar('registration_confirm_template');
if($next_template) $event->redirect = $next_template;
break;
case 3: // Pending
$next_template = $this->Application->GetVar('registration_confirm_pending_template');
if($next_template) $event->redirect = $next_template;
$object->SetDBField('Status', 2);
break;
case 2: // Not Allowed
$object->SetDBField('Status', 0);
break;
}
}
/**
* Set's new unique resource id to user
*
* @param kEvent $event
*/
function OnBeforeItemCreate(&$event)
{
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
$object =& $event->getObject();
if ($email_as_login) {
$object->Fields['Email']['error_msgs']['unique'] = $this->Application->Phrase('lu_user_and_email_already_exist');
}
}
/**
* Set's new unique resource id to user
*
* @param kEvent $event
*/
function OnAfterItemValidate(&$event)
{
$object =& $event->getObject();
$object->SetDBField('ResourceId', $this->Application->NextResourceId() );
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnRecommend(&$event){
$friend_email = $this->Application->GetVar('friend_email');
$friend_name = $this->Application->GetVar('friend_email');
if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $friend_email))
{
$send_params = array();
$send_params['to_email']=$friend_email;
$send_params['to_name']=$friend_name;
$user_id = $this->Application->GetVar('u_id');
$email_event = &$this->Application->EmailEventUser('SITE.SUGGEST', $user_id, $send_params);
if ($email_event->status == erSUCCESS){
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
else {
// $event->redirect_params = array('opener' => 's', 'pass' => 'all');
// $event->redirect = $this->Application->GetVar('template_fail');
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['send_error'] = $this->Application->Phrase('lu_email_send_error');
$object->FieldErrors['Email']['pseudo'] = 'send_error';
$event->status = erFAIL;
}
}
else {
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail');
$object->FieldErrors['Email']['pseudo'] = 'invalid_email';
$event->status = erFAIL;
}
}
/**
* Saves address changes and mades no redirect
*
* @param kEvent $event
*/
function OnUpdateAddress(&$event)
{
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object =& $event->getObject();
$items_info = $this->Application->GetVar( $event->getPrefixSpecial(true) );
if($items_info)
{
list($id,$field_values) = each($items_info);
if($id > 0) $object->Load($id);
$object->SetFieldsFromHash($field_values);
$object->setID($id);
$object->Validate();
}
$event->redirect = false;
}
function OnSubscribeQuery(&$event){
$user_email = $this->Application->GetVar('subscriber_email');
if ( preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email) ){
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object = &$this->Application->recallObject($this->Prefix.'.subscriber');
$this->Application->StoreVar('SubscriberEmail', $user_email);
if( $object->Load(array('Email'=>$user_email)) ){
$group_info = $this->GetGroupInfo($object->GetID());
if($group_info){
$event->redirect = $this->Application->GetVar('unsubscribe_template');
}
else {
$event->redirect = $this->Application->GetVar('subscribe_template');
}
}
else {
$event->redirect = $this->Application->GetVar('subscribe_template');
$this->Application->StoreVar('SubscriberEmail', $user_email);
}
}
else {
$object =& $this->Application->recallObject('u');
$object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail');
$object->FieldErrors['SubscribeEmail']['pseudo'] = 'invalid_email';
$event->status = erFAIL;
}
//subscribe_query_ok_template
}
function OnSubscribeUser(&$event){
$this->Application->setUnitOption($event->Prefix,'AutoLoad',false);
$object = &$this->Application->recallObject($this->Prefix.'.subscriber');
$user_email = $this->Application->RecallVar('SubscriberEmail');
if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email)){
if($object->Load(array('Email'=>$user_email))){
$group_info = $this->GetGroupInfo($object->GetID());
if ($group_info){
if ($event->getEventParam('no_unsubscribe')) return;
if ($group_info['PrimaryGroup']){
// delete user
$object->Delete();
}
else {
$this->RemoveSubscriberGroup($object->GetID());
}
$event->redirect = $this->Application->GetVar('unsubscribe_ok_template');
}
else {
$this->AddSubscriberGroup($object->GetID(), 0);
$event->redirect = $this->Application->GetVar('subscribe_ok_template');
}
}
else {
$object->SetField('Email', $user_email);
$object->SetField('Login', $user_email);
$object->SetDBField('dob', 1);
$object->SetDBField('dob_date', 1);
$object->SetDBField('dob_time', 1);
$ip = getenv('HTTP_X_FORWARDED_FOR')?getenv('HTTP_X_FORWARDED_FOR'):getenv('REMOTE_ADDR');
$object->SetDBField('ip', $ip);
$this->Application->SetVar('IsSubscriber', 1);
if ($object->Create()) {
$this->AddSubscriberGroup($object->GetID(), 1);
$event->redirect = $this->Application->GetVar('subscribe_ok_template');
}
$this->Application->SetVar('IsSubscriber', 0);
}
}
else {
// error handling here
$event->redirect = $this->Application->GetVar('subscribe_fail_template');
}
}
function AddSubscriberGroup($user_id, $is_primary){
$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'INSERT INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,'.$is_primary.')';
$this->Conn->Query( sprintf($sql, $user_id, $group_id) );
$this->Application->EmailEventAdmin('USER.SUBSCRIBE', $user_id);
$this->Application->EmailEventUser('USER.SUBSCRIBE', $user_id);
}
function RemoveSubscriberGroup($user_id){
$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup WHERE PortalUserId='.$user_id.' AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup');
$this->Conn->Query($sql);
$this->Application->EmailEventAdmin('USER.UNSUBSCRIBE', $user_id);
$this->Application->EmailEventUser('USER.UNSUBSCRIBE', $user_id);
}
function GetGroupInfo($user_id){
$group_info = $this->Conn->GetRow('SELECT * FROM '.TABLE_PREFIX.'UserGroup
WHERE PortalUserId='.$user_id.'
AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup'));
return $group_info;
}
function OnForgotPassword(&$event){
$this->Application->setUnitOption('u', 'AutoLoad', false);
$user_object = &$this->Application->recallObject('u.forgot');
$user_current_object = &$this->Application->recallObject('u');
$username = $this->Application->GetVar('username');
$email = $this->Application->GetVar('email');
$found = false;
$allow_reset = true;
if( strlen($username) )
{
if( $user_object->Load(array('Login'=>$username)) )
$found = ($user_object->GetDBField("Login")==$username && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password"));
}
else if( strlen($email) )
{
if( $user_object->Load(array('Email'=>$email)) )
$found = ($user_object->GetDBField("Email")==$email && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password"));
}
if( $user_object->isLoaded() )
{
$PwResetConfirm = $user_object->GetDBField('PwResetConfirm');
$PwRequestTime = $user_object->GetDBField('PwRequestTime');
$PassResetTime = $user_object->GetDBField('PassResetTime');
//$MinPwResetDelay = $user_object->GetDBField('MinPwResetDelay');
$MinPwResetDelay = $this->Application->ConfigValue('Users_AllowReset');
$allow_reset = (strlen($PwResetConfirm) ?
mktime() > $PwRequestTime + $MinPwResetDelay :
mktime() > $PassResetTime + $MinPwResetDelay);
}
if($found && $allow_reset)
{
$this->Application->StoreVar('tmp_user_id', $user_object->GetDBField("PortalUserId"));
$this->Application->StoreVar('tmp_email', $user_object->GetDBField("Email"));
//$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
$event->redirect = $this->Application->GetVar('template_success');
}
else
{
if(!strlen($username) && !strlen($email))
{
$user_current_object->ErrorMsgs['forgotpw_nodata'] = $this->Application->Phrase('lu_ferror_forgotpw_nodata');
$user_current_object->FieldErrors['Login']['pseudo'] = 'lu_ferror_forgotpw_nodata';
}
else
{
if($allow_reset)
{
if( strlen($username) ){
$user_current_object->ErrorMsgs['unknown_username'] = $this->Application->Phrase('lu_ferror_unknown_username');
$user_current_object->FieldErrors['Login']['pseudo']='unknown_username';
}
if( strlen($email) ){
$user_current_object->ErrorMsgs['unknown_email'] = $this->Application->Phrase('lu_ferror_unknown_email');
$user_current_object->FieldErrors['Email']['pseudo']='unknown_email';
}
}
else
{
$user_current_object->ErrorMsgs['reset_denied'] = $this->Application->Phrase('lu_ferror_reset_denied');
if( strlen($username) ){
$user_current_object->FieldErrors['Login']['pseudo']='reset_denied';
}
if( strlen($email) ){
$user_current_object->FieldErrors['Email']['pseudo']='reset_denied';
}
}
}
if($user_current_object->FieldErrors){
$event->redirect = false;
}
}
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnResetPassword(&$event){
$user_object = &$this->Application->recallObject('u.forgot');
if($user_object->Load($this->Application->RecallVar('tmp_user_id'))){
$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId"));
$event->redirect = $this->Application->GetVar('template_success');
$mod_object =& $this->Application->recallObject('mod.'.'In-Commerce');
$m_cat_id = $mod_object->GetDBField('RootCat');
$event->SetRedirectParam('pass', 'm');
//$event->SetRedirectParam('m_cat_id', $m_cat_id);
$this->Application->SetVar('m_cat_id', $m_cat_id);
}
}
function OnResetPasswordConfirmed(&$event){
$passed_key = $this->Application->GetVar('user_key');
$user_object = &$this->Application->recallObject('u.forgot');
$user_current_object = &$this->Application->recallObject('u');
if (strlen(trim($passed_key)) == 0) {
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = false;
$user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid';
}
if($user_object->Load(array('PwResetConfirm'=>$passed_key)))
{
$exp_time = $user_object->GetDBField('PwRequestTime') + 3600;
$user_object->SetDBField("PwResetConfirm", '');
$user_object->SetDBField("PwRequestTime", 0);
if ($exp_time > mktime())
{
//$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text';
$newpw = makepassword4();
$this->Application->StoreVar('password', $newpw);
$user_object->SetDBField("Password",$newpw);
$user_object->SetDBField("PassResetTime", time());
$user_object->SetDBField("PwResetConfirm", '');
$user_object->SetDBField("PwRequestTime", 0);
$user_object->Update();
$this->Application->SetVar('ForgottenPassword', $newpw);
$email_event_user = &$this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId'));
$email_event_admin = &$this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD');
$this->Application->DeleteVar('ForgottenPassword');
if ($email_event_user->status == erSUCCESS){
$event->redirect_params = array('opener' => 's', 'pass' => 'all');
$event->redirect = $this->Application->GetVar('template_success');
}
$user_object->SetDBField("Password",md5($newpw));
$user_object->Update();
} else {
$user_current_object->ErrorMsgs['code_expired'] = $this->Application->Phrase('lu_code_expired');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_expired';
$event->redirect = false;
}
} else {
$user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid');
$user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid';
$event->redirect = false;
}
}
function OnUpdate(&$event)
{
$cs_helper =& $this->Application->recallObject('CountryStatesHelper');
$cs_helper->CheckStateField($event, 'State', 'Country');
parent::OnUpdate($event);
$this->setNextTemplate($event);
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function setNextTemplate(&$event)
{
if( !$this->Application->IsAdmin() )
{
$event->redirect_params['opener'] = 's';
$object =& $event->getObject();
if($object->GetDBField('Status') == STATUS_ACTIVE)
{
$next_template = $this->Application->GetVar('next_template');
if($next_template) $event->redirect = $next_template;
}
}
}
function OnCheckExpiredMembership(&$event)
{
$sql = 'SELECT PortalUserId FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.mktime();
$user_ids = $this->Conn->GetCol($sql);
if(is_array($user_ids) && count($user_ids) > 0)
{
foreach($user_ids as $id)
{
$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRED', $id);
$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRED');
}
}
$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.mktime();
$this->Conn->Query($sql);
$pre_expiration = mktime() + $this->Application->ConfigValue('User_MembershipExpirationReminder') * 3600 * 24;
$sql = 'SELECT PortalUserId, GroupId FROM '.TABLE_PREFIX.'UserGroup
WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.$pre_expiration.'
AND ExpirationReminderSent = 0';
$res = $this->Conn->Query($sql);
if(is_array($res) && count($res) > 0)
{
$conditions = Array();
foreach($res as $record)
{
$email_event_user =& $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRATION_NOTICE', $record['PortalUserId']);
$email_event_admin =& $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRATION_NOTICE');
$conditions[] = '(PortalUserId = '.$record['PortalUserId'].' AND GroupId = '.$record['GroupId'].')';
}
$sql = 'UPDATE '.TABLE_PREFIX.'UserGroup
SET ExpirationReminderSent = 1
WHERE '.implode(' OR ', $conditions);
$this->Conn->Query($sql);
}
}
/**
* Enter description here...
*
* @param kEvent $event
*/
function OnRefreshForm(&$event)
{
$event->redirect = false;
$item_info = $this->Application->GetVar($event->Prefix_Special);
list($id, $fields) = each($item_info);
$object =& $event->getObject( Array('skip_autoload' => true) );
$object->setID($id);
$object->IgnoreValidation = true;
$object->SetFieldsFromHash($fields);
}
}
?>
\ No newline at end of file
Property changes on: trunk/core/units/users/users_event_handler.php
___________________________________________________________________
Modified: cvs2svn:cvs-rev
## -1 +1 ##
-1.38
\ No newline at end of property
+1.39
\ No newline at end of property
Event Timeline
Log In to Comment