Index: trunk/core/units/users/users_event_handler.php =================================================================== diff -u -N -r3031 -r3136 --- trunk/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 3031) +++ trunk/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 3136) @@ -1,8 +1,8 @@ Application->IsAdmin() ) @@ -19,7 +19,7 @@ $this->Application->Redirect($t ? $t : 'index', $http_query->Get); } } - + /** * Checks user data and logs it in if allowed * @@ -29,25 +29,25 @@ { $this->Application->setUnitOption($event->Prefix, 'AutoLoad', false); $object =& $this->Application->recallObject('u'); - + $password = $this->Application->GetVar('password'); if(!$password) { $object->SetError('ValidateLogin', 'blank_password', 'lu_blank_password'); $event->status = erFAIL; return false; } - + $email_as_login = $this->Application->ConfigValue('Email_As_Login'); list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login'); $login_value = $this->Application->GetVar($submit_field); /*$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (%s = %s) AND (Password = MD5(%s))'; $user_id = $this->Conn->GetOne( sprintf($sql, $login_field, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );*/ - + $sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (Email = %1$s OR Login = %1$s) AND (Password = MD5(%2$s))'; $user_id = $this->Conn->GetOne( sprintf($sql, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) ); - + if($user_id) { $object->Load($user_id); @@ -57,7 +57,7 @@ if(!$groups) $groups = Array(); if ( !$this->Application->IsAdmin() ) array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup') ); $this->Application->StoreVar( 'UserGroups', implode(',', $groups) ); - + if( $this->Application->CheckPermission('LOGIN',0) ) { $session =& $this->Application->recallObject('Session'); @@ -73,7 +73,7 @@ $object->SetError('ValidateLogin', 'no_permission', 'lu_no_permissions'); $event->status = erFAIL; } - + $next_template = $this->Application->GetVar('next_template'); if($next_template) $event->redirect = $next_template; } @@ -88,17 +88,17 @@ $event->status = erFAIL; } } - + /** * Called when user logs in using old in-portal * * @param kEvent $event */ function OnInpLogin(&$event) { - + } - + function OnLogout(&$event) { $session =& $this->Application->recallObject('Session'); @@ -107,14 +107,14 @@ $this->Application->StoreVar('user_id', -2); $object =& $this->Application->recallObject('u'); $object->Load(-2); - + $this->Application->DestroySession(); - + $group_list = $this->Application->ConfigValue('User_GuestGroup').','.$this->Application->ConfigValue('User_LoggedInGroup'); $session->SetField('GroupList', $group_list); $this->Application->StoreVar('UserGroups', $group_list); } - + /** * Prefill states dropdown with correct values * @@ -125,13 +125,13 @@ { $cs_helper =& $this->Application->recallObject('CountryStatesHelper'); $cs_helper->PopulateStates($event, 'State', 'Country'); - + $object =& $event->getObject(); - + if( $object->isRequired('Country') && $cs_helper->CountryHasStates( $object->GetDBField('Country') ) ) $object->setRequired('State', true); $object->setLogin(); } - + /** * Redirects user after succesfull registration to confirmation template (on Front only) * @@ -143,19 +143,19 @@ if(!$is_subscriber) { $object =& $event->getObject(); - - $sql = 'UPDATE '.TABLE_PREFIX.'UserGroup - SET PrimaryGroup = 0 + + $sql = 'UPDATE '.TABLE_PREFIX.'UserGroup + SET PrimaryGroup = 0 WHERE PortalUserId = '.$object->GetDBField('PortalUserId'); $this->Conn->Query($sql); - + $group_id = $this->Application->ConfigValue('User_NewGroup'); - + $sql = 'REPLACE INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,1)'; $this->Conn->Query( sprintf($sql, $object->GetID(), $group_id) ); } } - + /** * Login user if possible, if not then redirect to corresponding template * @@ -165,20 +165,20 @@ { $object =& $event->getObject(); $this->Application->SetVar('u_id', $object->GetID() ); - + if($object->GetDBField('Status') == STATUS_ACTIVE) { $email_as_login = $this->Application->ConfigValue('Email_As_Login'); list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login'); - + $this->Application->SetVar($submit_field, $object->GetDBField($login_field) ); $this->Application->SetVar('password', $object->GetDBField('Password_plain') ); - + $event->CallSubEvent('OnLogin'); } } - - + + /** * When creating user & user with such email exists then force to use OnUpdate insted of OnCreate * @@ -206,7 +206,7 @@ } } } - + if( isset($event->MasterEvent) ) { $event->MasterEvent->setEventParam('is_subscriber_only', $ret); @@ -216,8 +216,8 @@ $event->setEventParam('is_subscriber_only', $ret); } } - - + + /** * Enter description here... * @@ -231,7 +231,7 @@ if( $event->getEventParam('is_subscriber_only') ) { $is_subscriber = true; - $object =& $event->getObject( Array('skip_autoload' => true) ); + $object =& $event->getObject( Array('skip_autoload' => true) ); $this->OnUpdate($event); if($event->status == erSUCCESS) { @@ -242,7 +242,7 @@ } return $is_subscriber; } - + /** * Creates new user * @@ -251,29 +251,29 @@ function OnCreate(&$event) { if( !$this->Application->IsAdmin() ) $this->setUserStatus($event); - + if( !$this->isSubscriberOnly($event) ) { $cs_helper =& $this->Application->recallObject('CountryStatesHelper'); $cs_helper->CheckStateField($event, 'State', 'Country'); - + parent::OnCreate($event); - - $object =& $event->getObject( Array('skip_autoload' => true) ); - + + $object =& $event->getObject( Array('skip_autoload' => true) ); + $this->Application->SetVar('u_id', $object->getID() ); $this->Application->setUnitOption('u', 'AutoLoad', true); - + $this->setNextTemplate($event); - + if( !$this->Application->IsAdmin() && ($event->status == erSUCCESS) && $event->redirect) { $object->SendEmailEvents(); $this->autoLoginUser($event); } } } - + /** * Set's new user status based on config options * @@ -306,10 +306,10 @@ break; } } - - - - + + + + /** * Set's new unique resource id to user * @@ -322,7 +322,7 @@ if ($email_as_login) { $object->Fields['Email']['error_msgs']['unique'] = $this->Application->Phrase('lu_user_and_email_already_exist'); } - + } /** @@ -335,28 +335,28 @@ $object =& $event->getObject(); $object->SetDBField('ResourceId', $this->Application->NextResourceId() ); } - + /** * Enter description here... * * @param kEvent $event */ function OnRecommend(&$event){ - + $friend_email = $this->Application->GetVar('friend_email'); $friend_name = $this->Application->GetVar('friend_email'); - + if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $friend_email)) { - + $send_params = array(); $send_params['to_email']=$friend_email; $send_params['to_name']=$friend_name; - + $user_id = $this->Application->GetVar('u_id'); $email_event = &$this->Application->EmailEventUser('SITE.SUGGEST', $user_id, $send_params); - + if ($email_event->status == erSUCCESS){ $event->redirect_params = array('opener' => 's', 'pass' => 'all'); $event->redirect = $this->Application->GetVar('template_success'); @@ -368,17 +368,17 @@ $object->ErrorMsgs['send_error'] = $this->Application->Phrase('lu_email_send_error'); $object->FieldErrors['Email']['pseudo'] = 'send_error'; $event->status = erFAIL; - + } - } + } else { $object =& $this->Application->recallObject('u'); $object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail'); $object->FieldErrors['Email']['pseudo'] = 'invalid_email'; $event->status = erFAIL; } - - + + } /** @@ -400,20 +400,20 @@ $object->setID($id); $object->Validate(); } - + $event->redirect = false; } - + function OnSubscribeQuery(&$event){ - + $user_email = $this->Application->GetVar('subscriber_email'); if ( preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email) ){ - + $this->Application->setUnitOption($event->Prefix,'AutoLoad',false); $object = &$this->Application->recallObject($this->Prefix.'.subscriber'); - + $this->Application->StoreVar('SubscriberEmail', $user_email); - + if( $object->Load(array('Email'=>$user_email)) ){ $group_info = $this->GetGroupInfo($object->GetID()); if($group_info){ @@ -427,124 +427,124 @@ $event->redirect = $this->Application->GetVar('subscribe_template'); $this->Application->StoreVar('SubscriberEmail', $user_email); } - + } else { - + $object =& $this->Application->recallObject('u'); $object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail'); $object->FieldErrors['SubscribeEmail']['pseudo'] = 'invalid_email'; $event->status = erFAIL; } - - + + //subscribe_query_ok_template } - + function OnSubscribeUser(&$event){ - + $this->Application->setUnitOption($event->Prefix,'AutoLoad',false); $object = &$this->Application->recallObject($this->Prefix.'.subscriber'); - + $user_email = $this->Application->RecallVar('SubscriberEmail'); - + if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email)){ if($object->Load(array('Email'=>$user_email))){ - + $group_info = $this->GetGroupInfo($object->GetID()); - + if ($group_info){ if ($event->getEventParam('no_unsubscribe')) return; - + if ($group_info['PrimaryGroup']){ // delete user $object->Delete(); } else { $this->RemoveSubscriberGroup($object->GetID()); } - + $event->redirect = $this->Application->GetVar('unsubscribe_ok_template'); - + } else { $this->AddSubscriberGroup($object->GetID(), 0); $event->redirect = $this->Application->GetVar('subscribe_ok_template'); } - - + + } else { - + $object->SetField('Email', $user_email); $object->SetField('Login', $user_email); $object->SetDBField('dob', 1); $object->SetDBField('dob_date', 1); $object->SetDBField('dob_time', 1); $ip = getenv('HTTP_X_FORWARDED_FOR')?getenv('HTTP_X_FORWARDED_FOR'):getenv('REMOTE_ADDR'); $object->SetDBField('ip', $ip); - + $this->Application->SetVar('IsSubscriber', 1); - + if ($object->Create()) { - + $this->AddSubscriberGroup($object->GetID(), 1); $event->redirect = $this->Application->GetVar('subscribe_ok_template'); } - + $this->Application->SetVar('IsSubscriber', 0); - } + } } else { // error handling here $event->redirect = $this->Application->GetVar('subscribe_fail_template'); } - - + + } - + function AddSubscriberGroup($user_id, $is_primary){ - + $group_id = $this->Application->ConfigValue('User_SubscriberGroup'); $sql = 'INSERT INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,'.$is_primary.')'; $this->Conn->Query( sprintf($sql, $user_id, $group_id) ); $this->Application->EmailEventAdmin('USER.SUBSCRIBE', $user_id); $this->Application->EmailEventUser('USER.SUBSCRIBE', $user_id); - + } - + function RemoveSubscriberGroup($user_id){ - + $group_id = $this->Application->ConfigValue('User_SubscriberGroup'); $sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup WHERE PortalUserId='.$user_id.' AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup'); $this->Conn->Query($sql); $this->Application->EmailEventAdmin('USER.UNSUBSCRIBE', $user_id); $this->Application->EmailEventUser('USER.UNSUBSCRIBE', $user_id); - - } - + + } + function GetGroupInfo($user_id){ - + $group_info = $this->Conn->GetRow('SELECT * FROM '.TABLE_PREFIX.'UserGroup - WHERE PortalUserId='.$user_id.' + WHERE PortalUserId='.$user_id.' AND GroupId='.$this->Application->ConfigValue('User_SubscriberGroup')); return $group_info; - + } - + function OnForgotPassword(&$event){ - + $this->Application->setUnitOption('u', 'AutoLoad', false); $user_object = &$this->Application->recallObject('u.forgot'); $user_current_object = &$this->Application->recallObject('u'); - + $username = $this->Application->GetVar('username'); $email = $this->Application->GetVar('email'); $found = false; $allow_reset = true; - + if( strlen($username) ) { if( $user_object->Load(array('Login'=>$username)) ) @@ -555,40 +555,40 @@ if( $user_object->Load(array('Email'=>$email)) ) $found = ($user_object->GetDBField("Email")==$email && $user_object->GetDBField("Status")==1) && strlen($user_object->GetDBField("Password")); } - - if( $user_object->isLoaded() ) + + if( $user_object->isLoaded() ) { $PwResetConfirm = $user_object->GetDBField('PwResetConfirm'); $PwRequestTime = $user_object->GetDBField('PwRequestTime'); $PassResetTime = $user_object->GetDBField('PassResetTime'); //$MinPwResetDelay = $user_object->GetDBField('MinPwResetDelay'); $MinPwResetDelay = $this->Application->ConfigValue('Users_AllowReset'); - $allow_reset = (strlen($PwResetConfirm) ? - mktime() > $PwRequestTime + $MinPwResetDelay : + $allow_reset = (strlen($PwResetConfirm) ? + mktime() > $PwRequestTime + $MinPwResetDelay : mktime() > $PassResetTime + $MinPwResetDelay); } - + if($found && $allow_reset) { $this->Application->StoreVar('tmp_user_id', $user_object->GetDBField("PortalUserId")); $this->Application->StoreVar('tmp_email', $user_object->GetDBField("Email")); - //$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId")); - + //$this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId")); + $event->redirect = $this->Application->GetVar('template_success'); } else { if(!strlen($username) && !strlen($email)) - { + { $user_current_object->ErrorMsgs['forgotpw_nodata'] = $this->Application->Phrase('lu_ferror_forgotpw_nodata'); $user_current_object->FieldErrors['Login']['pseudo'] = 'lu_ferror_forgotpw_nodata'; } else - { - + { + if($allow_reset) { if( strlen($username) ){ @@ -610,114 +610,114 @@ $user_current_object->FieldErrors['Email']['pseudo']='reset_denied'; } } - + } - + if($user_current_object->FieldErrors){ $event->redirect = false; } - } - + } + } - + /** * Enter description here... * * @param kEvent $event */ function OnResetPassword(&$event){ - + $user_object = &$this->Application->recallObject('u.forgot'); - + if($user_object->Load($this->Application->RecallVar('tmp_user_id'))){ - - $this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId")); - $event->redirect = $this->Application->GetVar('template_success'); - + + $this->Application->EmailEventUser('INCOMMERCEUSER.PSWDC', $user_object->GetDBField("PortalUserId")); + $event->redirect = $this->Application->GetVar('template_success'); + $mod_object =& $this->Application->recallObject('mod.'.'In-Commerce'); $m_cat_id = $mod_object->GetDBField('RootCat'); $event->SetRedirectParam('pass', 'm'); //$event->SetRedirectParam('m_cat_id', $m_cat_id); $this->Application->SetVar('m_cat_id', $m_cat_id); - - + + } - + } - + function OnResetPasswordConfirmed(&$event){ - + $passed_key = $this->Application->GetVar('user_key'); - + $user_object = &$this->Application->recallObject('u.forgot'); $user_current_object = &$this->Application->recallObject('u'); - + if (strlen(trim($passed_key)) == 0) { $event->redirect_params = array('opener' => 's', 'pass' => 'all'); $event->redirect = false; - + $user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid'); $user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid'; } - - + + if($user_object->Load(array('PwResetConfirm'=>$passed_key))) - { + { $exp_time = $user_object->GetDBField('PwRequestTime') + 3600; $user_object->SetDBField("PwResetConfirm", ''); $user_object->SetDBField("PwRequestTime", 0); - if ($exp_time > mktime()) + if ($exp_time > mktime()) { //$m_var_list_update['codevalidationresult'] = 'lu_resetpw_confirm_text'; - $newpw = makepassword4(); - - $this->Application->StoreVar('password', $newpw); - + $newpw = makepassword4(); + + $this->Application->StoreVar('password', $newpw); + $user_object->SetDBField("Password",$newpw); $user_object->SetDBField("PassResetTime", time()); $user_object->SetDBField("PwResetConfirm", ''); $user_object->SetDBField("PwRequestTime", 0); $user_object->Update(); - + $this->Application->SetVar('ForgottenPassword', $newpw); - + $email_event_user = &$this->Application->EmailEventUser('INCOMMERCEUSER.PSWD', $user_object->GetDBField('PortalUserId')); $email_event_admin = &$this->Application->EmailEventAdmin('INCOMMERCEUSER.PSWD'); - + $this->Application->DeleteVar('ForgottenPassword'); - + if ($email_event_user->status == erSUCCESS){ $event->redirect_params = array('opener' => 's', 'pass' => 'all'); $event->redirect = $this->Application->GetVar('template_success'); } - + $user_object->SetDBField("Password",md5($newpw)); $user_object->Update(); - + } else { $user_current_object->ErrorMsgs['code_expired'] = $this->Application->Phrase('lu_code_expired'); $user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_expired'; $event->redirect = false; - + } } else { $user_current_object->ErrorMsgs['code_is_not_valid'] = $this->Application->Phrase('lu_code_is_not_valid'); - $user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid'; + $user_current_object->FieldErrors['PwResetConfirm']['pseudo'] = 'code_is_not_valid'; $event->redirect = false; - - } + + } } - + function OnUpdate(&$event) { $cs_helper =& $this->Application->recallObject('CountryStatesHelper'); $cs_helper->CheckStateField($event, 'State', 'Country'); - + parent::OnUpdate($event); - + $this->setNextTemplate($event); } - + /** * Enter description here... * @@ -736,7 +736,7 @@ } } } - + function OnCheckExpiredMembership(&$event) { $sql = 'SELECT PortalUserId FROM '.TABLE_PREFIX.'UserGroup @@ -753,7 +753,7 @@ $sql = 'DELETE FROM '.TABLE_PREFIX.'UserGroup WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.mktime(); $this->Conn->Query($sql); - + $pre_expiration = mktime() + $this->Application->ConfigValue('User_MembershipExpirationReminder') * 3600 * 24; $sql = 'SELECT PortalUserId, GroupId FROM '.TABLE_PREFIX.'UserGroup WHERE MembershipExpires IS NOT NULL AND MembershipExpires < '.$pre_expiration.' @@ -774,7 +774,7 @@ $this->Conn->Query($sql); } } - + /** * Enter description here... * @@ -792,5 +792,5 @@ $object->SetFieldsFromHash($fields); } } - + ?> \ No newline at end of file