Index: branches/5.2.x/core/units/users/users_event_handler.php =================================================================== diff -u -N -r14476 -r14502 --- branches/5.2.x/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 14476) +++ branches/5.2.x/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 14502) @@ -1,6 +1,6 @@ Application->ConfigValue('Email_As_Login'); - $username = $this->Application->GetVar($email_as_login && !$this->Application->isAdmin ? 'email' : 'login'); - $password = $this->Application->GetVar('password'); - $rember_login = $this->Application->GetVar('cb_remember_login') == 1; + $object =& $event->getObject(); + /* @var $object kDBItem */ + $object->SetFieldsFromHash( $this->getSubmittedFields($event) ); + $username = $object->GetDBField('UserLogin'); + $password = $object->GetDBField('UserPassword'); + $rember_login = $object->GetDBField('UserRememberLogin') == 1; + $user_helper =& $this->Application->recallObject('UserHelper'); /* @var $user_helper UserHelper */ $user_helper->event =& $event; $result = $user_helper->loginUser($username, $password, false, $rember_login); if ($result != LoginResult::OK) { - $object =& $user_helper->getUserObject(); - - if ($result == LoginResult::NO_PERMISSION) { - $object->SetError('ValidateLogin', 'no_permission', 'la_no_permissions'); - } - else { - $object->SetID(USER_GUEST); - $object->SetError('ValidateLogin', 'invalid_password', 'la_invalid_password'); - } - $event->status = kEvent::erFAIL; + $object->SetError('UserLogin', $result == LoginResult::NO_PERMISSION ? 'no_permission' : 'invalid_password'); } } @@ -600,56 +594,35 @@ */ function OnRecommend(&$event) { - $friend_email = $this->Application->GetVar('friend_email'); - $friend_name = $this->Application->GetVar('friend_email'); + $object =& $event->getObject(); + /* @var $object kDBItem */ - // used for error reporting only -> rewrite code + theme (by Alex) - $object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too - /* @var $object UsersItem */ + $object->setRequired('RecommendEmail'); + $object->SetFieldsFromHash( $this->getSubmittedFields($event) ); - if (preg_match('/^(' . REGEX_EMAIL_USER . '@' . REGEX_EMAIL_DOMAIN . ')$/i', $friend_email)) - { - /*$cutoff = adodb_mktime() + (int)$this->Application->ConfigValue('Suggest_MinInterval'); - $sql = 'SELECT * - FROM ' . TABLE_PREFIX . 'SuggestMail - WHERE email = ' . $this->Conn->qstr($friend_email) . ' AND sent < ' . $cutoff; - if ($this->Conn->GetRow($sql) !== false) { - $object->SetError('Email', 'send_error', 'lu_email_already_suggested'); - $event->status = kEvent::erFAIL; - return ; - }*/ + if ( !$object->ValidateField('RecommendEmail') ) { + $event->status = kEvent::erFAIL; - $send_params = Array (); - $send_params['to_email'] = $friend_email; - $send_params['to_name'] = $friend_name; + return ; + } - $user_id = $this->Application->RecallVar('user_id'); - $email_event =& $this->Application->EmailEventUser('USER.SUGGEST', $user_id, $send_params); - $email_event =& $this->Application->EmailEventAdmin('USER.SUGGEST'); + $send_params = Array ( + 'to_email' => $object->GetDBField('RecommendEmail'), + 'to_name' => $object->GetDBField('RecommendEmail'), + ); - if ($email_event->status == kEvent::erSUCCESS){ - /*$fields_hash = Array ( - 'email' => $friend_email, - 'sent' => adodb_mktime(), - ); + $user_id = $this->Application->RecallVar('user_id'); + $email_event =& $this->Application->EmailEventUser('USER.SUGGEST', $user_id, $send_params); + $email_event =& $this->Application->EmailEventAdmin('USER.SUGGEST'); - $this->Conn->doInsert($fields_hash, TABLE_PREFIX . 'SuggestMail');*/ - - $event->setRedirectParams(Array('opener' => 's', 'pass' => 'all'), true); - $event->redirect = $this->Application->GetVar('template_success'); - } - else { -// $event->setRedirectParams(Array('opener' => 's', 'pass' => 'all'), true); -// $event->redirect = $this->Application->GetVar('template_fail'); - - $object->SetError('Email', 'send_error', 'lu_email_send_error'); - $event->status = kEvent::erFAIL; - } - } - else { - $object->SetError('Email', 'invalid_email', 'lu_InvalidEmail'); + if ( $email_event->status == kEvent::erSUCCESS ) { + $event->SetRedirectParam('pass', 'all'); + $event->redirect = $this->Application->GetVar('template_success'); + } + else { $event->status = kEvent::erFAIL; - } + $object->SetError('RecommendEmail', 'send_error'); + } } /** @@ -829,23 +802,29 @@ return $this->Conn->GetOne($sql); } + /** + * Checks, that user can reset his password + * + * @param kEvent $event + */ function OnForgotPassword(&$event) { - $user_object =& $this->Application->recallObject('u.forgot', null, Array('skip_autoload' => true)); - /* @var $user_object UsersItem */ + $object =& $event->getObject(); + /* @var $object kDBItem */ - // used for error reporting only -> rewrite code + theme (by Alex) - $user_current_object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too - /* @var $user_current_object UsersItem */ + $object->SetFieldsFromHash( $this->getSubmittedFields($event) ); + $user_object =& $this->Application->recallObject('u.tmp', null, Array('skip_autoload' => true)); + /* @var $user_object UsersItem */ + $found = $allow_reset = false; - $email = $this->Application->GetVar('email'); - $username = $this->Application->GetVar('username'); + $username = $object->GetDBField('ForgotLogin'); + $email = $object->GetDBField('ForgotEmail'); if ( strlen($username) ) { $user_object->Load($username, 'Login'); } - elseif( strlen($email) ) { + elseif ( strlen($email) ) { $user_object->Load($email, 'Email'); } @@ -865,38 +844,28 @@ if ($found && $allow_reset) { $this->Application->EmailEventUser('USER.PSWDC', $user_object->GetID()); - $event->redirect = $this->Application->GetVar('template_success'); return ; } if ( !strlen($username) && !strlen($email) ) { - $user_current_object->SetError('Login', 'forgotpw_nodata', 'lu_ferror_forgotpw_nodata'); - $user_current_object->SetError('Email', 'forgotpw_nodata', 'lu_ferror_forgotpw_nodata'); + $object->SetError('ForgotLogin', 'required'); + $object->SetError('ForgotEmail', 'required'); } - elseif ( !$found ) { + else { if ( strlen($username) ) { - $user_current_object->SetError('Login', 'unknown_username', 'lu_ferror_unknown_username'); + $object->SetError('ForgotLogin', $allow_reset ? 'unknown_username' : 'reset_denied'); } if ( strlen($email) ) { - $user_current_object->SetError('Email', 'unknown_email', 'lu_ferror_unknown_email'); + $object->SetError('ForgotEmail', $allow_reset ? 'unknown_email' : 'reset_denied'); } } - elseif ( !$allow_reset ) { - if ( strlen($username) ) { - $user_current_object->SetError('Login', 'reset_denied', 'lu_ferror_reset_denied'); - } - if ( strlen($email) ) { - $user_current_object->SetError('Email', 'reset_denied', 'lu_ferror_reset_denied'); - } + if ( !$object->ValidateField('ForgotLogin') || !$object->ValidateField('ForgotEmail') ) { + $event->status = kEvent::erFAIL; } - - if ( $user_current_object->HasErrors() ) { - $event->redirect = false; - } } function OnUpdate(&$event) @@ -1045,6 +1014,11 @@ */ function getPassedID(&$event) { + if ( preg_match('/^(login|register|recommend|subscribe|forgot)/', $event->Special) ) { + // this way we can have 2+ objects stating with same special, e.g. "u.login-sidebox" and "u.login-main" + return USER_GUEST; + } + switch ($event->Special) { case 'ord': $order =& $this->Application->recallObject('ord');