Index: trunk/core/units/users/users_event_handler.php =================================================================== diff -u -N -r6833 -r7391 --- trunk/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 6833) +++ trunk/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 7391) @@ -12,6 +12,7 @@ $permissions = Array( // admin 'OnSetPersistantVariable' => Array('self' => 'view'), // because setting to logged in user only + 'OnUpdateRootPassword' => Array('self' => true), // because setting to logged in user only // front 'OnRefreshForm' => Array('self' => true), @@ -41,7 +42,7 @@ } if (!$this->Application->IsAdmin()) { - $user_id = $this->Application->GetVar('u_id'); + $user_id = $this->Application->RecallVar('user_id'); $items_info = $this->Application->GetVar($event->getPrefixSpecial(true)); if ($event->Name == 'OnCreate' && $user_id == -2) { @@ -105,8 +106,8 @@ function OnLogin(&$event) { // persistent session data after login is not refreshed, because redirect will follow in any case - $object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true)); - + $prefix_special = $this->Application->IsAdmin() ? 'u.current' : 'u'; // "u" used on front not to change theme + $object =& $this->Application->recallObject($prefix_special, null, Array('skip_autoload' => true)); $password = $this->Application->GetVar('password'); if(!$password) { @@ -119,6 +120,11 @@ list($login_field, $submit_field) = $email_as_login && !$this->Application->IsAdmin() ? Array('Email', 'email') : Array('Login', 'login'); $login_value = $this->Application->GetVar($submit_field); + // process "Save Username" checkbox + $save_username = $this->Application->GetVar('cb_save_username') ? $login_value : ''; + $this->Application->Session->SetCookie('save_username', $save_username, adodb_mktime() + 31104000); // 1 year expiration + $this->Application->SetVar('save_username', $save_username); // cookie will be set on next refresh, but refresh won't occur if login error present, so duplicate cookie in HTTPQuery + if ($this->Application->IsAdmin() && ($login_value == 'root')) { // logging in "root" (admin only) $root_password = $this->Application->ConfigValue('RootPass'); @@ -137,7 +143,7 @@ $session =& $this->Application->recallObject('Session'); $session->SetField('PortalUserId', $user_id); // $session->SetField('GroupList', implode(',', $groups) ); - $this->Application->SetVar('u_id', $user_id); + $this->Application->SetVar('u.current_id', $user_id); $this->Application->StoreVar('user_id', $user_id); $this->processLoginRedirect($event, $password); @@ -168,9 +174,8 @@ $session =& $this->Application->recallObject('Session'); $session->SetField('PortalUserId', $user_id); $session->SetField('GroupList', implode(',', $groups) ); - $this->Application->SetVar('u_id', $user_id); + $this->Application->SetVar('u.current_id', $user_id); $this->Application->StoreVar('user_id', $user_id); - $this->Application->setVisitField('PortalUserId', $user_id); $this_login = (int)$object->getPersistantVar('ThisLogin'); $object->setPersistantVar('LastLogin', $this_login); @@ -194,6 +199,8 @@ $object->SetError('ValidateLogin', 'invalid_password', 'lu_invalid_password'); $event->status = erFAIL; } + + $event->SetRedirectParam('pass', 'm'); } /** @@ -226,7 +233,8 @@ */ function processLoginRedirect(&$event, $password) { - $object =& $event->getObject(); + $prefix_special = $this->Application->IsAdmin() ? 'u.current' : 'u'; // "u" used on front not to change theme + $object =& $this->Application->recallObject($prefix_special, null, Array('skip_autoload' => true)); $next_template = $this->Application->GetVar('next_template'); if ($next_template == '_ses_redirect') { @@ -291,9 +299,9 @@ $session =& $this->Application->recallObject('Session'); $session->SetField('PortalUserId', -2); - $this->Application->SetVar('u_id', -2); + $this->Application->SetVar('u.current_id', -2); $this->Application->StoreVar('user_id', -2); - $object =& $this->Application->recallObject('u'); + $object =& $this->Application->recallObject('u.current', null, Array('skip_autoload' => true)); $object->Load(-2); $this->Application->DestroySession(); @@ -305,6 +313,8 @@ if ($this->Application->ConfigValue('UseJSRedirect')) { $event->SetRedirectParam('js_redirect', 1); } + + $event->SetRedirectParam('pass', 'm'); } /** @@ -336,14 +346,26 @@ { $object =& $event->getObject(); - $sql = 'UPDATE '.TABLE_PREFIX.'UserGroup + $ug_table = TABLE_PREFIX.'UserGroup'; + if ($object->mode == 't') { + $ug_table = $this->Application->GetTempName($ug_table, 'prefix:'.$event->Prefix); + } + + $sql = 'UPDATE '.$ug_table.' SET PrimaryGroup = 0 WHERE PortalUserId = '.$object->GetDBField('PortalUserId'); $this->Conn->Query($sql); - $group_id = $this->Application->ConfigValue('User_NewGroup'); + // set primary group to user + if ($this->Application->IsAdmin() && $this->Application->GetVar('user_group')) { + // while in admin you can set any group for new users + $group_id = $this->Application->GetVar('user_group'); + } + else { + $group_id = $this->Application->ConfigValue('User_NewGroup'); + } - $sql = 'REPLACE INTO '.TABLE_PREFIX.'UserGroup(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,1)'; + $sql = 'REPLACE INTO '.$ug_table.'(PortalUserId,GroupId,PrimaryGroup) VALUES (%s,%s,1)'; $this->Conn->Query( sprintf($sql, $object->GetID(), $group_id) ); } } @@ -356,7 +378,7 @@ function autoLoginUser(&$event) { $object =& $event->getObject(); - $this->Application->SetVar('u_id', $object->GetID() ); + $this->Application->SetVar('u.current_id', $object->GetID() ); if($object->GetDBField('Status') == STATUS_ACTIVE && !$this->Application->ConfigValue('User_Password_Auto')) { @@ -459,7 +481,7 @@ parent::OnCreate($event); - $this->Application->SetVar('u_id', $object->getID() ); + $this->Application->SetVar('u.current_id', $object->getID() ); // for affil:OnRegisterAffiliate after hook $this->setNextTemplate($event); @@ -553,14 +575,16 @@ $friend_email = $this->Application->GetVar('friend_email'); $friend_name = $this->Application->GetVar('friend_email'); + // used for error reporting only -> rewrite code + theme (by Alex) + $object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too + if (preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $friend_email)) { - $send_params = array(); $send_params['to_email']=$friend_email; $send_params['to_name']=$friend_name; - $user_id = $this->Application->GetVar('u_id'); + $user_id = $this->Application->RecallVar('user_id'); $email_event = &$this->Application->EmailEventUser('SITE.SUGGEST', $user_id, $send_params); if ($email_event->status == erSUCCESS){ @@ -570,21 +594,17 @@ else { // $event->redirect_params = array('opener' => 's', 'pass' => 'all'); // $event->redirect = $this->Application->GetVar('template_fail'); - $object =& $this->Application->recallObject('u'); + $object->ErrorMsgs['send_error'] = $this->Application->Phrase('lu_email_send_error'); $object->FieldErrors['Email']['pseudo'] = 'send_error'; $event->status = erFAIL; - } } else { - $object =& $this->Application->recallObject('u'); $object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail'); $object->FieldErrors['Email']['pseudo'] = 'invalid_email'; $event->status = erFAIL; } - - } /** @@ -609,8 +629,8 @@ $event->redirect = false; } - function OnSubscribeQuery(&$event){ - + function OnSubscribeQuery(&$event) + { $user_email = $this->Application->GetVar('subscriber_email'); if ( preg_match("/^[_a-zA-Z0-9-\.]+@[a-zA-Z0-9-\.]+\.[a-z]{2,4}$/", $user_email) ){ @@ -620,29 +640,20 @@ if( $object->Load(array('Email'=>$user_email)) ){ $group_info = $this->GetGroupInfo($object->GetID()); - if($group_info){ - $event->redirect = $this->Application->GetVar('unsubscribe_template'); - } - else { - $event->redirect = $this->Application->GetVar('subscribe_template'); - } + $event->redirect = $this->Application->GetVar($group_info ? 'unsubscribe_template' : 'subscribe_template'); } else { $event->redirect = $this->Application->GetVar('subscribe_template'); $this->Application->StoreVar('SubscriberEmail', $user_email); } - } else { - - $object =& $this->Application->recallObject('u'); + // used for error reporting only -> rewrite code + theme (by Alex) + $object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too $object->ErrorMsgs['invalid_email'] = $this->Application->Phrase('lu_InvalidEmail'); $object->FieldErrors['SubscribeEmail']['pseudo'] = 'invalid_email'; $event->status = erFAIL; - } - - //subscribe_query_ok_template } @@ -737,10 +748,12 @@ } - function OnForgotPassword(&$event){ - + function OnForgotPassword(&$event) + { $user_object = &$this->Application->recallObject('u.forgot', null, Array('skip_autoload' => true)); - $user_current_object = &$this->Application->recallObject('u'); + + // used for error reporting only -> rewrite code + theme (by Alex) + $user_current_object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too $username = $this->Application->GetVar('username'); $email = $this->Application->GetVar('email'); @@ -844,12 +857,14 @@ } - function OnResetPasswordConfirmed(&$event){ - + function OnResetPasswordConfirmed(&$event) + { $passed_key = $this->Application->GetVar('user_key'); $user_object = &$this->Application->recallObject('u.forgot'); - $user_current_object = &$this->Application->recallObject('u'); + + // used for error reporting only -> rewrite code + theme (by Alex) + $user_current_object =& $this->Application->recallObject('u', null, Array('skip_autoload' => true));// TODO: change theme too if (strlen(trim($passed_key)) == 0) { $event->redirect_params = array('opener' => 's', 'pass' => 'all'); @@ -1037,6 +1052,50 @@ } return parent::getPassedID($event); } + + /** + * Allows to change root password + * + * @param kEvent $event + */ + function OnUpdateRootPassword(&$event) + { + $user_id = $this->Application->RecallVar('user_id'); + if ($user_id != -1) { + // not "root" can't change root's password via this event + return false; + } + + // put salt to user's config + $field_options = $this->Application->getUnitOption($event->Prefix.'.RootPassword', 'Fields'); + $field_options['salt'] = 'b38'; + $this->Application->setUnitOption($event->Prefix.'.RootPassword', 'Fields', $field_options); + + $object =& $event->getObject( Array('skip_autoload' => true) ); + /* @var $object UsersItem */ + + $items_info = $this->Application->GetVar( $event->getPrefixSpecial(true) ); + if ($items_info) { + list ($id, $field_values) = each($items_info); + $this->RemoveRequiredFields($object); + $object->SetDBField('RootPassword', $this->Application->ConfigValue('RootPass')); + $object->SetFieldsFromHash($field_values); + $status = $object->Validate(); + if ($status) { + // validation on, password match too + $fields_hash = Array ( + 'VariableValue' => $object->GetDBField('RootPassword') + ); + $conf_table = $this->Application->getUnitOption('conf', 'TableName'); + $this->Conn->doUpdate($fields_hash, $conf_table, 'VariableName = "RootPass"'); + $event->SetRedirectParam('opener', 'u'); + } + else { + $event->status = erFAIL; + $event->redirect = false; + } + } + } } ?> \ No newline at end of file