Index: branches/5.3.x/core/units/users/users_event_handler.php =================================================================== diff -u -N -r15483 -r15677 --- branches/5.3.x/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 15483) +++ branches/5.3.x/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 15677) @@ -1,6 +1,6 @@ Array('self' => 'view'), // because setting to logged in user only - 'OnUpdateRootPassword' => Array('self' => true), 'OnUpdatePassword' => Array('self' => true), 'OnSaveSelected' => Array ('self' => 'view'), 'OnGeneratePassword' => Array ('self' => 'view'), @@ -186,7 +185,7 @@ } $user_dummy->Load($id); - $status_field = array_shift($this->Application->getUnitOption($event->Prefix, 'StatusField')); + $status_field = $user_dummy->getStatusField(); if ( $user_dummy->GetDBField($status_field) != STATUS_ACTIVE ) { // not active user is not allowed to update his record (he could not activate himself manually) @@ -289,8 +288,8 @@ $password = $object->GetDBField('UserPassword'); $remember_login = $object->GetDBField('UserRememberLogin') == 1; - $user_helper = $this->Application->recallObject('UserHelper'); /* @var $user_helper UserHelper */ + $user_helper = $this->Application->recallObject('UserHelper'); $user_helper->event =& $event; $result = $user_helper->loginUser($username, $password, false, $remember_login); @@ -335,8 +334,8 @@ return ; } - $user_helper = $this->Application->recallObject('UserHelper'); /* @var $user_helper UserHelper */ + $user_helper = $this->Application->recallObject('UserHelper'); $user_helper->loginUser('', '', false, false, $remember_login_cookie); } @@ -381,8 +380,8 @@ */ protected function OnLogout($event) { - $user_helper = $this->Application->recallObject('UserHelper'); /* @var $user_helper UserHelper */ + $user_helper = $this->Application->recallObject('UserHelper'); $user_helper->event =& $event; $user_helper->logoutUser(); @@ -448,7 +447,7 @@ if ( ($event->status == kEvent::erSUCCESS) && $event->redirect ) { $this->assignToPrimaryGroup($event); - $object->SendEmailEvents(); + $object->sendEmails(); $this->autoLoginUser($event); } } @@ -496,8 +495,8 @@ /* @var $object UsersItem */ if ( $object->GetDBField('Status') == STATUS_ACTIVE ) { - $user_helper = $this->Application->recallObject('UserHelper'); /* @var $user_helper UserHelper */ + $user_helper = $this->Application->recallObject('UserHelper'); $user =& $user_helper->getUserObject(); $user->Load($object->GetID()); @@ -540,14 +539,14 @@ $this->setUserGroup($object); - $user_helper = $this->Application->recallObject('UserHelper'); /* @var $user_helper UserHelper */ + $user_helper = $this->Application->recallObject('UserHelper'); if ( !$user_helper->checkBanRules($object) ) { $object->SetError('Username', 'banned'); } - $object->SetDBField('IPAddress', $_SERVER['REMOTE_ADDR']); + $object->SetDBField('IPAddress', $this->Application->getClientIp()); if ( !$this->Application->isAdmin ) { $object->SetDBField('FrontLanguage', $this->Application->GetVar('m_lang')); @@ -658,8 +657,8 @@ ); $user_id = $this->Application->RecallVar('user_id'); - $email_sent = $this->Application->EmailEventUser('USER.SUGGEST', $user_id, $send_params); - $this->Application->EmailEventAdmin('USER.SUGGEST'); + $email_sent = $this->Application->emailUser('USER.SUGGEST', $user_id, $send_params); + $this->Application->emailAdmin('USER.SUGGEST'); if ( $email_sent ) { $event->SetRedirectParam('pass', 'all'); @@ -816,8 +815,8 @@ $this->Conn->doInsert($fields_hash, TABLE_PREFIX . 'UserGroupRelations'); } - $this->Application->EmailEventAdmin('USER.SUBSCRIBE'); - $this->Application->EmailEventUser('USER.SUBSCRIBE', $object->GetID()); + $this->Application->emailAdmin('USER.SUBSCRIBE'); + $this->Application->emailUser('USER.SUBSCRIBE', $object->GetID()); } /** @@ -833,8 +832,8 @@ WHERE PortalUserId = ' . $user_id . ' AND GroupId = ' . $group_id; $this->Conn->Query($sql); - $this->Application->EmailEventAdmin('USER.UNSUBSCRIBE'); - $this->Application->EmailEventUser('USER.UNSUBSCRIBE', $user_id); + $this->Application->emailAdmin('USER.UNSUBSCRIBE'); + $this->Application->emailUser('USER.UNSUBSCRIBE', $user_id); } /** @@ -851,56 +850,43 @@ $field_values = $this->getSubmittedFields($event); $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); - $user_object = $this->Application->recallObject('u.tmp', null, Array('skip_autoload' => true)); - /* @var $user_object UsersItem */ + $user = $this->Application->recallObject('u.tmp', null, Array ('skip_autoload' => true)); + /* @var $user UsersItem */ $found = $allow_reset = false; - $username = $object->GetDBField('ForgotLogin'); - $email = $object->GetDBField('ForgotEmail'); + $email_or_username = $object->GetDBField('ForgotLogin'); + $is_email = strpos($email_or_username, '@') !== false; - if ( strlen($username) ) { - $user_object->Load($username, 'Username'); + if ( strlen($email_or_username) ) { + $user->Load($email_or_username, $is_email ? 'Email' : 'Username'); } - elseif ( strlen($email) ) { - $user_object->Load($email, 'Email'); - } - if ( $user_object->isLoaded() ) { + if ( $user->isLoaded() ) { $min_pwd_reset_delay = $this->Application->ConfigValue('Users_AllowReset'); - $found = ($user_object->GetDBField('Status') == STATUS_ACTIVE) && strlen( $user_object->GetDBField('Password') ); + $found = ($user->GetDBField('Status') == STATUS_ACTIVE) && strlen($user->GetDBField('Password')); - if ( !$user_object->GetDBField('PwResetConfirm') ) { + if ( !$user->GetDBField('PwResetConfirm') ) { // no reset made -> allow $allow_reset = true; } else { // reset made -> wait N minutes, then allow - $allow_reset = adodb_mktime() > $user_object->GetDBField('PwRequestTime') + $min_pwd_reset_delay; + $allow_reset = TIMENOW > $user->GetDBField('PwRequestTime') + $min_pwd_reset_delay; } } - if ($found && $allow_reset) { - $this->Application->EmailEventUser('USER.PSWDC', $user_object->GetID()); + if ( $found && $allow_reset ) { + $this->Application->emailUser('USER.PSWDC', $user->GetID()); $event->redirect = $this->Application->GetVar('template_success'); - return ; + return; } - if ( !strlen($username) && !strlen($email) ) { - $object->SetError('ForgotLogin', 'required'); - $object->SetError('ForgotEmail', 'required'); + if ( strlen($email_or_username) ) { + $object->SetError('ForgotLogin', $found ? 'reset_denied' : ($is_email ? 'unknown_email' : 'unknown_username')); } - else { - if ( strlen($username) ) { - $object->SetError('ForgotLogin', $found ? 'reset_denied' : 'unknown_username'); - } - if ( strlen($email) ) { - $object->SetError('ForgotEmail', $found ? 'reset_denied' : 'unknown_email'); - } - } - - if ( !$object->ValidateField('ForgotLogin') || !$object->ValidateField('ForgotEmail') ) { + if ( !$object->ValidateField('ForgotLogin') ) { $event->status = kEvent::erFAIL; } } @@ -1052,8 +1038,8 @@ if ($records) { $conditions = Array(); foreach ($records as $record) { - $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRATION.NOTICE', $record['PortalUserId']); - $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRATION.NOTICE'); + $this->Application->emailUser('USER.MEMBERSHIP.EXPIRATION.NOTICE', $record['PortalUserId']); + $this->Application->emailAdmin('USER.MEMBERSHIP.EXPIRATION.NOTICE'); $conditions[] = '(PortalUserId = '.$record['PortalUserId'].' AND GroupId = '.$record['GroupId'].')'; } $sql = 'UPDATE '.TABLE_PREFIX.'UserGroupRelations @@ -1070,8 +1056,8 @@ $user_ids = $this->Conn->GetCol($sql); if ($user_ids) { foreach ($user_ids as $id) { - $this->Application->EmailEventUser('USER.MEMBERSHIP.EXPIRED', $id); - $this->Application->EmailEventAdmin('USER.MEMBERSHIP.EXPIRED'); + $this->Application->emailUser('USER.MEMBERSHIP.EXPIRED', $id); + $this->Application->emailAdmin('USER.MEMBERSHIP.EXPIRED'); } } $sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroupRelations @@ -1147,8 +1133,8 @@ break; case 'forgot': - $user_helper = $this->Application->recallObject('UserHelper'); /* @var $user_helper UserHelper */ + $user_helper = $this->Application->recallObject('UserHelper'); $id = $user_helper->validateUserCode($this->Application->GetVar('user_key'), 'forgot_password'); @@ -1170,16 +1156,6 @@ * Allows to change root password * * @param kEvent $event - */ - function OnUpdateRootPassword($event) - { - return $this->OnUpdatePassword($event); - } - - /** - * Allows to change root password - * - * @param kEvent $event * @return void * @access protected */ @@ -1198,7 +1174,7 @@ /* @var $user_dummy kDBItem */ $user_dummy->Load($id); - $status_field = array_shift( $this->Application->getUnitOption($event->Prefix, 'StatusField') ); + $status_field = $user_dummy->getStatusField(); if ( $user_dummy->GetDBField($status_field) != STATUS_ACTIVE ) { // not active user is not allowed to update his record (he could not activate himself manually) @@ -1210,21 +1186,11 @@ $object = $event->getObject(Array ('skip_autoload' => true)); /* @var $object UsersItem */ - // put salt to user's config - $field_options = $object->GetFieldOptions('RootPassword'); - $field_options['salt'] = 'b38'; - // this is internal hack to allow root/root passwords for dev if ( $this->Application->isDebugMode() && $field_values['RootPassword'] == 'root' ) { - $field_options['min_length'] = 4; + $object->SetFieldOption('RootPassword', 'min_length', 4); } - $object->SetFieldOptions('RootPassword', $field_options); - - $verify_options = $object->GetFieldOptions('VerifyRootPassword'); - $verify_options['salt'] = 'b38'; - $object->SetFieldOptions('VerifyRootPassword', $verify_options); - $this->RemoveRequiredFields($object); $object->SetDBField('RootPassword', $this->Application->ConfigValue('RootPass')); $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); @@ -1415,7 +1381,7 @@ $object->SetField('Password', $email_passwords[$temp_id]); $object->SetField('VerifyPassword', $email_passwords[$temp_id]); - $this->Application->EmailEventUser($temp_id > 0 ? 'USER.NEW.PASSWORD': 'USER.ADD.BYADMIN', $object->GetID()); + $this->Application->emailUser($temp_id > 0 ? 'USER.NEW.PASSWORD': 'USER.ADD.BYADMIN', $object->GetID()); unset($email_passwords[$temp_id]); $this->Application->StoreVar('email_passwords', serialize($email_passwords)); @@ -1464,8 +1430,8 @@ $email_event = isset($status_events[$new_status]) ? $status_events[$new_status] : false; if (($prev_status != $new_status) && $email_event) { - $this->Application->EmailEventUser($email_event, $user_id); - $this->Application->EmailEventAdmin($email_event); + $this->Application->emailUser($email_event, $user_id); + $this->Application->emailAdmin($email_event); } // deletes sessions from users, that are no longer active @@ -1519,11 +1485,11 @@ 'to_name' => trim($object->GetDBField('FirstName') . ' ' . $object->GetDBField('LastName')), ); - $this->Application->EmailEventUser('USER.EMAIL.CHANGE.UNDO', null, $send_params); + $this->Application->emailUser('USER.EMAIL.CHANGE.UNDO', null, $send_params); } if ( $new_email ) { - $this->Application->EmailEventUser('USER.EMAIL.CHANGE.VERIFY', $user_id); + $this->Application->emailUser('USER.EMAIL.CHANGE.VERIFY', $user_id); } // direct DB update, since USER.EMAIL.CHANGE.VERIFY puts verification code in user record, that we don't want to loose @@ -1669,15 +1635,15 @@ $this->clearSelectedIDs($event); $dst_field = $this->Application->RecallVar('dst_field'); - if ($dst_field != 'PrimaryGroupId') { - return ; + if ( $dst_field != 'PrimaryGroupId' ) { + return; } - $group_ids = $this->Application->GetVar('g'); - $primary_group_id = $group_ids ? array_shift( array_keys($group_ids) ) : false; + $group_ids = array_keys($this->Application->GetVar('g')); + $primary_group_id = $group_ids ? array_shift($group_ids) : false; - if (!$user_ids || !$primary_group_id) { - return ; + if ( !$user_ids || !$primary_group_id ) { + return; } $table_name = $this->Application->getUnitOption('ug', 'TableName'); @@ -1866,7 +1832,9 @@ */ function OnAfterLogin($event) { - + if ( is_object($event->MasterEvent) && !$this->Application->isAdmin ) { + $event->MasterEvent->SetRedirectParam('login', 1); + } } /** @@ -1876,7 +1844,9 @@ */ function OnBeforeLogout($event) { - + if ( is_object($event->MasterEvent) && !$this->Application->isAdmin ) { + $event->MasterEvent->SetRedirectParam('logout', 1); + } } /** @@ -1906,8 +1876,8 @@ $event->CallSubEvent('OnUpdate'); if ( $event->status == kEvent::erSUCCESS ) { + /* @var $user_helper UserHelper */ $user_helper = $this->Application->recallObject('UserHelper'); - /* @var $user_helper UserHelper */ $user =& $user_helper->getUserObject(); $user->Load( $object->GetID() ); @@ -1931,10 +1901,9 @@ /* @var $password_formatter kPasswordFormatter */ $new_root_password = kUtil::generatePassword(); - $new_root_password_encrypted = $password_formatter->EncryptPassword($new_root_password, 'b38'); - $this->Application->SetConfigValue('RootPass', $new_root_password_encrypted); - $this->Application->EmailEventAdmin('ROOT.RESET.PASSWORD', null, Array ('password' => $new_root_password)); + $this->Application->SetConfigValue('RootPass', $password_formatter->hashPassword($new_root_password)); + $this->Application->emailAdmin('ROOT.RESET.PASSWORD', null, Array ('password' => $new_root_password)); $event->SetRedirectParam('reset', 1); $event->SetRedirectParam('pass', 'm'); @@ -1949,8 +1918,8 @@ */ protected function OnLoginAs(kEvent $event) { - $user_helper = $this->Application->recallObject('UserHelper'); /* @var $user_helper UserHelper */ + $user_helper = $this->Application->recallObject('UserHelper'); $user =& $user_helper->getUserObject(); $user->Load( $this->Application->GetVar('user_id') );