Index: branches/5.1.x/core/units/users/users_event_handler.php
===================================================================
diff -u -r12127 -r12657
--- branches/5.1.x/core/units/users/users_event_handler.php	(.../users_event_handler.php)	(revision 12127)
+++ branches/5.1.x/core/units/users/users_event_handler.php	(.../users_event_handler.php)	(revision 12657)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: users_event_handler.php 11892 2009-07-01 08:35:06Z alex $
+* @version	$Id: users_event_handler.php 12657 2009-10-04 20:07:31Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -12,6 +12,8 @@
 * See http://www.in-portal.net/license/ for copyright notices and details.
 */
 
+	defined('FULL_PATH') or die('restricted access!');
+
 	class UsersEventHandler extends kDBEventHandler
 	{
 		/**
@@ -79,8 +81,8 @@
 					// show only users, that user doesn't belong to current group
 					$table_name = $this->Application->GetTempName(TABLE_PREFIX.'UserGroup', 'prefix:g');
 					$sql = 'SELECT PortalUserId
-							FROM '.$table_name.'
-							WHERE GroupId = '.$group_id;
+							FROM ' . $table_name . '
+							WHERE GroupId = ' . (int)$group_id;
 					$user_ids = $this->Conn->GetCol($sql);
 //					array_push($user_ids); // Guest & Everyone groups are set dynamically
 					if ($user_ids) {
@@ -462,18 +464,21 @@
 
 			$this->Application->HandleEvent($dummy, 'session-log:OnEndSession');
 
-			$session =& $this->Application->recallObject('Session');
-			$session->SetField('PortalUserId', -2);
 			$this->Application->SetVar('u.current_id', -2);
-			$this->Application->StoreVar('user_id', -2);
 			$object =& $this->Application->recallObject('u.current', null, Array('skip_autoload' => true));
 			$object->Load(-2);
 
 			$this->Application->DestroySession();
 
-			$group_list = $this->Application->ConfigValue('User_GuestGroup').','.$this->Application->ConfigValue('User_LoggedInGroup');
+			$session =& $this->Application->recallObject('Session');
+			/* @var $session Session */
+
+			$group_list = $this->Application->ConfigValue('User_GuestGroup') . ',' . $this->Application->ConfigValue('User_LoggedInGroup');
+
+			$session->SetField('PortalUserId', -2);
 			$session->SetField('GroupList', $group_list);
-			$this->Application->StoreVar('UserGroups', $group_list);
+			$this->Application->StoreVar('user_id', -2, true);
+			$this->Application->StoreVar('UserGroups', $group_list, true);
 
 			if ($this->Application->ConfigValue('UseJSRedirect')) {
 				$event->SetRedirectParam('js_redirect', 1);
@@ -687,44 +692,40 @@
 			$object =& $event->getObject( Array('skip_autoload' => true) );
 
 			$new_users_allowed = $this->Application->ConfigValue('User_Allow_New');
-			// 1 - Instant, 2 - Not Allowed, 3 - Pending
 
-			switch ($new_users_allowed)
-			{
-				case 1: // Instant
-					$object->SetDBField('Status', 1);
+			switch ($new_users_allowed) {
+				case 1: // Immediate
+					$object->SetDBField('Status', STATUS_ACTIVE);
 					$next_template = $this->Application->GetVar('registration_confirm_template');
-					if($next_template) $event->redirect = $next_template;
+					if ($next_template) {
+						$event->redirect = $next_template;
+					}
 					break;
 
-				case 3: // Pending
+				case 3: // Upon Approval
+				case 4: // Email Activation
 					$next_template = $this->Application->GetVar('registration_confirm_pending_template');
-					if($next_template) $event->redirect = $next_template;
-					$object->SetDBField('Status', 2);
+					if ($next_template) {
+						$event->redirect = $next_template;
+					}
+					$object->SetDBField('Status', STATUS_PENDING);
 					break;
 
 				case 2: // Not Allowed
-					$object->SetDBField('Status', 0);
+					$object->SetDBField('Status', STATUS_DISABLED);
 					break;
 			}
-
-			/*if ($object->GetDBField('PaidMember') == 1) {
-				$this->Application->HandleEvent($add_to_cart, 'ord:OnAddToCart');
-				$event->redirect = 'in-commerce/checkout/shop_cart';
-			} */
-
 		}
 
-
-
-
 		/**
 		 * Set's new unique resource id to user
 		 *
 		 * @param kEvent $event
 		 */
 		function OnBeforeItemCreate(&$event)
 		{
+			$this->_makePasswordRequired($event);
+
 			$email_as_login = $this->Application->ConfigValue('Email_As_Login');
 			$object =& $event->getObject();
 			if (!$this->checkBanRules($object)) {
@@ -785,6 +786,7 @@
 
 				$user_id = $this->Application->RecallVar('user_id');
 				$email_event =& $this->Application->EmailEventUser('USER.SUGGEST', $user_id, $send_params);
+				$email_event =& $this->Application->EmailEventAdmin('USER.SUGGEST');
 
 				if ($email_event->status == erSUCCESS){
 					/*$fields_hash = Array (
@@ -926,24 +928,27 @@
 			}
 		}
 
-		function AddSubscriberGroup($user_id, $is_primary){
-
+		function AddSubscriberGroup($user_id, $is_primary)
+		{
 			$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
-			$sql = 'INSERT INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,'.$is_primary.')';
+			$sql = 'INSERT INTO ' . TABLE_PREFIX . 'UserGroup
+						(PortalUserId, GroupId, PrimaryGroup) VALUES (%s, %s, ' . $is_primary . ')';
 			$this->Conn->Query( sprintf($sql, $user_id, $group_id) );
-			$this->Application->EmailEventAdmin('USER.SUBSCRIBE', $user_id);
-			$this->Application->EmailEventUser('USER.SUBSCRIBE', $user_id);
 
+			$this->Application->EmailEventAdmin('USER.SUBSCRIBE');
+			$this->Application->EmailEventUser('USER.SUBSCRIBE', $user_id);
 		}
 
-		function RemoveSubscriberGroup($user_id){
-
+		function RemoveSubscriberGroup($user_id)
+		{
 			$group_id = $this->Application->ConfigValue('User_SubscriberGroup');
-			$sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup WHERE PortalUserId='.$user_id.' AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup');
+			$sql = 'DELETE FROM ' . TABLE_PREFIX . 'UserGroup
+						WHERE PortalUserId = ' . $user_id . '
+						AND GroupId = ' . $this->Application->ConfigValue('User_SubscriberGroup');
 			$this->Conn->Query($sql);
-			$this->Application->EmailEventAdmin('USER.UNSUBSCRIBE', $user_id);
-			$this->Application->EmailEventUser('USER.UNSUBSCRIBE', $user_id);
 
+			$this->Application->EmailEventAdmin('USER.UNSUBSCRIBE');
+			$this->Application->EmailEventUser('USER.UNSUBSCRIBE', $user_id);
 		}
 
 		/**
@@ -954,9 +959,9 @@
 		 */
 		function GetGroupInfo($user_id)
 		{
-			$sql = 'SELECT *
-					FROM '.TABLE_PREFIX.'UserGroup
-					WHERE (PortalUserId = '.$user_id.') AND (GroupId = '.$this->Application->ConfigValue('User_SubscriberGroup').')';
+			$sql = 'SELECT * FROM ' . TABLE_PREFIX . 'UserGroup
+						WHERE (PortalUserId = ' . $user_id . ')
+						AND (GroupId = ' . $this->Application->ConfigValue('User_SubscriberGroup') . ')';
 			return $this->Conn->GetRow($sql);
 		}
 
@@ -1296,17 +1301,17 @@
 
 				if ($user_dummy->GetDBField($status_field) != STATUS_ACTIVE) {
 					// not active user is not allowed to update his record (he could not activate himself manually)
-				return false;
+					return false;
+				}
 			}
-			}
 
 			if ($user_id == -1) {
 				$object =& $event->getObject( Array('skip_autoload' => true) );
 				/* @var $object UsersItem */
 
-			// put salt to user's config
+				// put salt to user's config
 				$field_options = $object->GetFieldOptions('RootPassword');
-			$field_options['salt'] = 'b38';
+				$field_options['salt'] = 'b38';
 				$object->SetFieldOptions('RootPassword', $field_options);
 				$verify_options = $object->GetFieldOptions('VerifyRootPassword');
 				$verify_options['salt'] = 'b38';
@@ -1325,8 +1330,8 @@
 				if ($status) {
 					// validation on, password match too
 					$fields_hash = 	Array (
-											'VariableValue' => $object->GetDBField('RootPassword')
-									);
+						'VariableValue' => $object->GetDBField('RootPassword')
+					);
 					$conf_table = $this->Application->getUnitOption('conf', 'TableName');
 					$this->Conn->doUpdate($fields_hash, $conf_table, 'VariableName = "RootPass"');
 					$event->SetRedirectParam('opener', 'u');
@@ -1340,11 +1345,13 @@
 			else {
 				$object =& $event->getObject();
 				$object->SetFieldsFromHash($field_values);
+
 				if (!$object->Update()) {
 					$event->status = erFAIL;
 					$event->redirect = false;
 				}
 			}
+
 			$event->SetRedirectParam('opener', 'u');
 			$event->redirect == true;
 		}
@@ -1822,6 +1829,50 @@
 
 			return !$found;
 		}
+
+		/**
+		 * Makes password required for new users
+		 *
+		 * @param kEvent $event
+		 */
+		function OnPreCreate(&$event)
+		{
+			parent::OnPreCreate($event);
+
+			if ($event->status == erSUCCESS) {
+				$this->_makePasswordRequired($event);
+			}
+		}
+
+		/**
+		 * Makes password required for new users
+		 *
+		 * @param kEvent $event
+		 */
+		function OnNew(&$event)
+		{
+			parent::OnNew($event);
+
+			if ($event->status == erSUCCESS) {
+				$this->_makePasswordRequired($event);
+			}
+		}
+
+		/**
+		 * Makes password required for new users
+		 *
+		 * @param kEvent $event
+		 */
+		function _makePasswordRequired(&$event)
+		{
+			$object =& $event->getObject();
+			/* @var $object kDBItem */
+
+			$required_fields = Array ('Password', 'Password_plain', 'VerifyPassword', 'VerifyPassword_plain');
+			foreach ($required_fields as $required_field) {
+				$object->setRequired($required_field);
+			}
+		}
 	}
 
 ?>
\ No newline at end of file