Projekt

Obecné

Profil

« Předchozí | Další » 

Revize 410613f3

Přidáno uživatelem David Raška před asi 9 roky(ů)

refs #988: Added support for onetime passwords

Zobrazit rozdíly:

application/controllers/members.php
'class' => 'popup_link'
)
);
$user_links[] = html::anchor(
'users/generate_password/'.$user->id, __('Generate onetime password'),
array
(
'title' => strtolower(__('Generate onetime password')),
'class' => 'confirm_link'
)
);
}
// change application password link
......
$form->password('confirm_password')
->rules('required|length['.$pass_min_len.',50]')
->matches($form->password);
->matches($form->password)
->class('join1');
$form->checkbox('autogen_pass')
->label('Generate onetime password')
->class('join2')
->style('width: initial; margin-left: 15px;');
$form->group('Address of connecting place');
......
->rules('length[0,250]');
$form->submit('Add');
// posted
if($form->validate())
if ($_POST)
{
$form_data = $form->as_array();
$match = array();
$match2 = array();
// validate address
if ($address_point_server_active &&
(
!Address_points_Controller::is_address_point_valid(
$form_data['country_id'],
$form_data['town'],
$form_data['district'],
$form_data['street'],
$form_data['zip']
) ||
!preg_match('((ev\.č\.)?[0-9][0-9]*(/[0-9][0-9]*[a-zA-Z]*)*)', $form_data['street'], $match)
))
if (@$_POST['autogen_pass'] == "1")
{
$form->street->add_error('required', __('Invalid address point.'));
$form->inputs['password']->rules('-length['.$pass_min_len.',50]')->rules('-required');
$form->inputs['confirm_password']->rules('-length['.$pass_min_len.',50]')->rules('-required');
}
else if ($form_data['use_domicile'] &&
$address_point_server_active &&
// posted
if($form->validate())
{
$form_data = $form->as_array();
$match = array();
$match2 = array();
// validate address
if ($address_point_server_active &&
(
!Address_points_Controller::is_address_point_valid(
$form_data['domicile_country_id'],
$form_data['domicile_town'],
$form_data['domicile_district'],
$form_data['domicile_street'],
$form_data['domicile_zip']
) ||
!preg_match('((ev\.č\.)?[0-9][0-9]*(/[0-9][0-9]*[a-zA-Z]*)*)', $form_data['domicile_street'], $match2)
!Address_points_Controller::is_address_point_valid(
$form_data['country_id'],
$form_data['town'],
$form_data['district'],
$form_data['street'],
$form_data['zip']
) ||
!preg_match('((ev\.č\.)?[0-9][0-9]*(/[0-9][0-9]*[a-zA-Z]*)*)', $form_data['street'], $match)
))
{
$form->domicile_street->add_error('required', __('Invalid address point.'));
}
else
{
// street
if ($address_point_server_active)
{
$street = trim(preg_replace(' ((ev\.č\.)?[0-9][0-9]*(/[0-9][0-9]*[a-zA-Z]*)*)', '', $form_data['street']));
$number = $match[0];
$form->street->add_error('required', __('Invalid address point.'));
}
if ($form_data['use_domicile'] &&
$address_point_server_active)
else if ($form_data['use_domicile'] &&
$address_point_server_active &&
(
!Address_points_Controller::is_address_point_valid(
$form_data['domicile_country_id'],
$form_data['domicile_town'],
$form_data['domicile_district'],
$form_data['domicile_street'],
$form_data['domicile_zip']
) ||
!preg_match('((ev\.č\.)?[0-9][0-9]*(/[0-9][0-9]*[a-zA-Z]*)*)', $form_data['domicile_street'], $match2)
))
{
$domicile_street = trim(preg_replace(' ((ev\.č\.)?[0-9][0-9]*(/[0-9][0-9]*[a-zA-Z]*)*)', '', $form_data['domicile_street']));
$domicile_number = $match2[0];
$form->domicile_street->add_error('required', __('Invalid address point.'));
}
// gps
$gpsx = NULL;
$gpsy = NULL;
if (!empty($form_data['gpsx']) && !empty($form_data['gpsy']))
else
{
$gpsx = doubleval($form_data['gpsx']);
$gpsy = doubleval($form_data['gpsy']);
if (gps::is_valid_degrees_coordinate($form_data['gpsx']))
// street
if ($address_point_server_active)
{
$gpsx = gps::degrees2real($form_data['gpsx']);
}
$street = trim(preg_replace(' ((ev\.č\.)?[0-9][0-9]*(/[0-9][0-9]*[a-zA-Z]*)*)', '', $form_data['street']));
if (gps::is_valid_degrees_coordinate($form_data['gpsy']))
{
$gpsy = gps::degrees2real($form_data['gpsy']);
$number = $match[0];
}
}
if ($form_data['use_domicile'] &&
$address_point_server_active)
{
$domicile_street = trim(preg_replace(' ((ev\.č\.)?[0-9][0-9]*(/[0-9][0-9]*[a-zA-Z]*)*)', '', $form_data['domicile_street']));
// gps domicicle
$domicile_gpsx = NULL;
$domicile_gpsy = NULL;
$domicile_number = $match2[0];
}
if (!empty($form_data['domicile_gpsx']) && !empty($form_data['domicile_gpsy']))
{
$domicile_gpsx = doubleval($form_data['domicile_gpsx']);
$domicile_gpsy = doubleval($form_data['domicile_gpsy']);
// gps
$gpsx = NULL;
$gpsy = NULL;
if (gps::is_valid_degrees_coordinate($form_data['domicile_gpsx']))
if (!empty($form_data['gpsx']) && !empty($form_data['gpsy']))
{
$domicile_gpsx = gps::degrees2real($form_data['domicile_gpsx']);
$gpsx = doubleval($form_data['gpsx']);
$gpsy = doubleval($form_data['gpsy']);
if (gps::is_valid_degrees_coordinate($form_data['gpsx']))
{
$gpsx = gps::degrees2real($form_data['gpsx']);
}
if (gps::is_valid_degrees_coordinate($form_data['gpsy']))
{
$gpsy = gps::degrees2real($form_data['gpsy']);
}
}
if (gps::is_valid_degrees_coordinate($form_data['domicile_gpsy']))
// gps domicicle
$domicile_gpsx = NULL;
$domicile_gpsy = NULL;
if (!empty($form_data['domicile_gpsx']) && !empty($form_data['domicile_gpsy']))
{
$domicile_gpsy = gps::degrees2real($form_data['domicile_gpsy']);
}
}
$domicile_gpsx = doubleval($form_data['domicile_gpsx']);
$domicile_gpsy = doubleval($form_data['domicile_gpsy']);
$member = new Member_Model();
if (gps::is_valid_degrees_coordinate($form_data['domicile_gpsx']))
{
$domicile_gpsx = gps::degrees2real($form_data['domicile_gpsx']);
}
try
{
//$profiler = new Profiler();
// let's start safe transaction processing
$member->transaction_start();
if (gps::is_valid_degrees_coordinate($form_data['domicile_gpsy']))
{
$domicile_gpsy = gps::degrees2real($form_data['domicile_gpsy']);
}
}
$user = new User_Model();
$account = new Account_Model();
$address_point_model = new Address_point_Model();
$member = new Member_Model();
if ($address_point_server_active)
try
{
$t = new Town_Model();
$s = new Street_Model();
$t_id = $t->get_town($form_data['zip'], $form_data['town'], $form_data['district'])->id;
$s_id = $s->get_street($street, $t_id)->id;
//$profiler = new Profiler();
// let's start safe transaction processing
$member->transaction_start();
$user = new User_Model();
$account = new Account_Model();
$address_point_model = new Address_point_Model();
$address_point = $address_point_model->get_address_point($form_data['country_id'], $t_id, $s_id, $number,
if ($address_point_server_active)
{
$t = new Town_Model();
$s = new Street_Model();
$t_id = $t->get_town($form_data['zip'], $form_data['town'], $form_data['district'])->id;
$s_id = $s->get_street($street, $t_id)->id;
$address_point = $address_point_model->get_address_point($form_data['country_id'], $t_id, $s_id, $number,
$gpsx, $gpsy);
}
else
{
$address_point = $address_point_model->get_address_point(
}
else
{
$address_point = $address_point_model->get_address_point(
$form_data['country_id'], $form_data['town_id'],
$form_data['street_id'], $form_data['street_number'],
$gpsx, $gpsy
);
}
);
}
// add address point if there is no such
if (!$address_point->id)
{
$address_point->save_throwable();
}
// add address point if there is no such
if (!$address_point->id)
{
$address_point->save_throwable();
}
// add GPS
if (!empty($gpsx) && !empty($gpsy))
{ // save
$address_point->update_gps_coordinates(
// add GPS
if (!empty($gpsx) && !empty($gpsy))
{ // save
$address_point->update_gps_coordinates(
$address_point->id, $gpsx, $gpsy
);
}
else
{ // delete gps
$address_point->gps = '';
$address_point->save_throwable();
}
);
}
else
{ // delete gps
$address_point->gps = '';
$address_point->save_throwable();
}
$member->address_point_id = $address_point->id;
$member->address_point_id = $address_point->id;
$account->account_attribute_id = Account_attribute_Model::CREDIT;
$account->account_attribute_id = Account_attribute_Model::CREDIT;
if ($form_data['membername'] == '')
{
$account->name = $form_data['surname'].' '.$form_data['name'];
}
else
{
$account->name = $form_data['membername'];
}
if ($form_data['membername'] == '')
{
$account->name = $form_data['surname'] . ' ' . $form_data['name'];
}
else
{
$account->name = $form_data['membername'];
}
$user->name = $form_data['name'];
$user->middle_name = $form_data['middle_name'];
$user->login = $form_data['login'];
$user->surname = $form_data['surname'];
$user->pre_title = $form_data['title1'];
$user->post_title = $form_data['title2'];
$user->birthday = date("Y-m-d",$form_data['birthday']);
$user->password = sha1($form_data['password']);
$user->type = User_Model::MAIN_USER;
$user->application_password = security::generate_password();
// id of user who added member
$member->user_id = $this->session->get('user_id');
$member->comment = $form_data['comment'];
if ($form_data['autogen_pass'] == "1")
{
// generate random password
$raw_password = security::generate_password(6);
$user->password_is_onetime = 1;
}
else
{
$raw_password = $form_data['password'];
}
if ($form_data['membername'] == '')
{
$member->name = $form_data['name'].' '.$form_data['surname'];
}
else
{
$member->name = $form_data['membername'];
}
$user->name = $form_data['name'];
$user->middle_name = $form_data['middle_name'];
$user->login = $form_data['login'];
$user->surname = $form_data['surname'];
$user->pre_title = $form_data['title1'];
$user->post_title = $form_data['title2'];
$user->birthday = date("Y-m-d", $form_data['birthday']);
$user->password = sha1($raw_password);
$user->type = User_Model::MAIN_USER;
$user->application_password = security::generate_password();
// id of user who added member
$member->user_id = $this->session->get('user_id');
$member->comment = $form_data['comment'];
$member->type = $form_data['type'];
if ($form_data['membername'] == '')
{
$member->name = $form_data['name'] . ' ' . $form_data['surname'];
}
else
{
$member->name = $form_data['membername'];
}
// access control
if ($this->acl_check_new('Members_Controller', 'organization_id'))
{
$member->organization_identifier = $form_data['organization_identifier'];
}
$member->type = $form_data['type'];
// access control
if ($this->acl_check_new('Members_Controller', 'vat_organization_identifier'))
{
$member->vat_organization_identifier = $form_data['vat_organization_identifier'];
}
// access control
if ($this->acl_check_new('Members_Controller', 'organization_id'))
{
$member->organization_identifier = $form_data['organization_identifier'];
}
$member->speed_class_id = $form_data['speed_class'];
// access control
if ($this->acl_check_new('Members_Controller', 'vat_organization_identifier'))
{
$member->vat_organization_identifier = $form_data['vat_organization_identifier'];
}
if (Settings::get('finance_enabled'))
{
$member->entrance_fee = $form_data['entrance_fee'];
$member->debt_payment_rate = $form_data['debt_payment_rate'];
}
$member->speed_class_id = $form_data['speed_class'];
if ($member->type == Member_Model::TYPE_APPLICANT)
{
$member->entrance_date = NULL;
}
else
{
$member->entrance_date = date('Y-m-d', $form_data['entrance_date']);
}
if (Settings::get('finance_enabled'))
{
$member->entrance_fee = $form_data['entrance_fee'];
$member->debt_payment_rate = $form_data['debt_payment_rate'];
}
// saving member
$member->save_throwable();
if ($member->type == Member_Model::TYPE_APPLICANT)
{
$member->entrance_date = NULL;
}
else
{
$member->entrance_date = date('Y-m-d', $form_data['entrance_date']);
}
// saving member
$member->save_throwable();
// saving user
$user->member_id = $member->id;
$user->save_throwable();
// saving user
$user->member_id = $member->id;
$user->save_throwable();
// telephone
$contact_model = new Contact_Model();
// telephone
$contact_model = new Contact_Model();
// search for contacts
$p_contact_id = $contact_model->find_contact_id(
// search for contacts
$p_contact_id = $contact_model->find_contact_id(
Contact_Model::TYPE_PHONE, $form_data['phone']
);
);
if ($p_contact_id)
{
$contact_model = ORM::factory('contact', $p_contact_id);
$contact_model->add($user);
$contact_model->save_throwable();
}
else
{ // add whole contact
$contact_model->type = Contact_Model::TYPE_PHONE;
$contact_model->value = $form_data['phone'];
$contact_model->save_throwable();
if ($p_contact_id)
{
$contact_model = ORM::factory('contact', $p_contact_id);
$contact_model->add($user);
$contact_model->save_throwable();
}
else
{ // add whole contact
$contact_model->type = Contact_Model::TYPE_PHONE;
$contact_model->value = $form_data['phone'];
$contact_model->save_throwable();
$contact_model->add($user);
$contact_model->add($user);
$phone_country = new Country_Model($form_data['phone_prefix']);
$contact_model->add($phone_country);
$phone_country = new Country_Model($form_data['phone_prefix']);
$contact_model->add($phone_country);
$contact_model->save_throwable();
}
$contact_model->save_throwable();
}
$contact_model->clear();
$contact_model->clear();
// email
if (!empty($form_data['email']))
{
// search for contacts
$e_contact_id = $contact_model->find_contact_id(
Contact_Model::TYPE_EMAIL, $form_data['email']
);
if ($e_contact_id)
{
$contact_model = ORM::factory('contact', $e_contact_id);
$contact_model->add($user);
$contact_model->save_throwable();
}
else
{ // add whole contact
$contact_model->type = Contact_Model::TYPE_EMAIL;
$contact_model->value = $form_data['email'];
$contact_model->save_throwable();
$contact_model->add($user);
$contact_model->save_throwable();
}
if ($form_data['send_verify_email'])
// email
if (!empty($form_data['email']))
{
try
// search for contacts
$e_contact_id = $contact_model->find_contact_id(
Contact_Model::TYPE_EMAIL, $form_data['email']
);
if ($e_contact_id)
{
Contacts_Controller::send_verify_message($contact_model->id);
status::success('Verification message have been successfully sent.');
$contact_model = ORM::factory('contact', $e_contact_id);
$contact_model->add($user);
$contact_model->save_throwable();
} else
{ // add whole contact
$contact_model->type = Contact_Model::TYPE_EMAIL;
$contact_model->value = $form_data['email'];
$contact_model->save_throwable();
$contact_model->add($user);
$contact_model->save_throwable();
}
catch (Exception $ex)
if ($form_data['send_verify_email'])
{
status::error('Error - cant send Verification message', $ex);
Log::add_exception($ex);
try
{
Contacts_Controller::send_verify_message($contact_model->id);
status::success('Verification message have been successfully sent.');
}
catch (Exception $ex)
{
status::error('Error - cant send Verification message', $ex);
Log::add_exception($ex);
}
}
}
}
// saving account
$account->member_id = $member->id;
$account->save_throwable();
// saving account
$account->member_id = $member->id;
$account->save_throwable();
if (Settings::get('finance_enabled'))
{
// saving variable symbol
if (!isset($form_data['variable_symbol_generate']) ||
!$form_data['variable_symbol_generate'])
{
$var_sym = $form_data['variable_symbol'];
}
else
if (Settings::get('finance_enabled'))
{
$var_sym = Variable_Key_Generator::factory()->generate($member->id);
}
// saving variable symbol
if (!isset($form_data['variable_symbol_generate']) ||
!$form_data['variable_symbol_generate'])
{
$var_sym = $form_data['variable_symbol'];
}
else
{
$var_sym = Variable_Key_Generator::factory()->generate($member->id);
}
if (empty($var_sym))
{
throw new Exception(__('Empty variable symbol.'));
}
if (empty($var_sym))
{
throw new Exception(__('Empty variable symbol.'));
}
$variable_symbol_model = new Variable_Symbol_Model();
$variable_symbol_model->account_id = $account->id;
$variable_symbol_model->variable_symbol = $var_sym;
$variable_symbol_model->save_throwable();
}
$variable_symbol_model = new Variable_Symbol_Model();
$variable_symbol_model->account_id = $account->id;
$variable_symbol_model->variable_symbol = $var_sym;
$variable_symbol_model->save_throwable();
}
// save allowed subnets count of member
$allowed_subnets_count = new Allowed_subnets_count_Model();
$allowed_subnets_count->member_id = $member->id;
$allowed_subnets_count->count = Settings::get('allowed_subnets_default_count');
$allowed_subnets_count->save();
// save allowed subnets count of member
$allowed_subnets_count = new Allowed_subnets_count_Model();
$allowed_subnets_count->member_id = $member->id;
$allowed_subnets_count->count = Settings::get('allowed_subnets_default_count');
$allowed_subnets_count->save();
// address of connecting place is different than address of domicile
if ($form_data['use_domicile'])
{
if ($address_point_server_active)
// address of connecting place is different than address of domicile
if ($form_data['use_domicile'])
{
$t = new Town_Model();
$s = new Street_Model();
$t_id = $t->get_town($form_data['domicile_zip'],
$form_data['domicile_town'],
$form_data['domicile_district'])->id;
$s_id = $s->get_street($domicile_street, $t_id)->id;
if ($address_point_server_active)
{
$t = new Town_Model();
$s = new Street_Model();
$t_id = $t->get_town($form_data['domicile_zip'],
$form_data['domicile_town'],
$form_data['domicile_district'])->id;
$s_id = $s->get_street($domicile_street, $t_id)->id;
$address_point = $address_point_model->get_address_point(
$form_data['domicile_country_id'],
$t_id,
$s_id,
$domicile_number,
$domicile_gpsx, $domicile_gpsy
);
}
else
{
$address_point = $address_point_model->get_address_point(
$address_point = $address_point_model->get_address_point(
$form_data['domicile_country_id'],
$t_id,
$s_id,
$domicile_number,
$domicile_gpsx, $domicile_gpsy
);
}
else
{
$address_point = $address_point_model->get_address_point(
$form_data['domicile_country_id'],
$form_data['domicile_town_id'],
$form_data['domicile_street_id'],
$form_data['domicile_street_number'],
$domicile_gpsx, $domicile_gpsy
);
}
);
}
// add address point if there is no such
if (!$address_point->id)
{
$address_point->save_throwable();
}
// add address point if there is no such
if (!$address_point->id)
{
$address_point->save_throwable();
}
// test if address of connecting place is really
// different than address of domicile
if ($member->address_point_id != $address_point->id)
{
// add GPS
if (!empty($domicile_gpsx) && !empty($domicile_gpsy))
{ // save
$address_point->update_gps_coordinates(
// test if address of connecting place is really
// different than address of domicile
if ($member->address_point_id != $address_point->id)
{
// add GPS
if (!empty($domicile_gpsx) && !empty($domicile_gpsy))
{ // save
$address_point->update_gps_coordinates(
$address_point->id, $domicile_gpsx,
$domicile_gpsy
);
}
else
{ // delete gps
$address_point->gps = '';
$address_point->save_throwable();
);
}
else
{ // delete gps
$address_point->gps = '';
$address_point->save_throwable();
}
// add domicicle
$members_domicile = new Members_domicile_Model();
$members_domicile->member_id = $member->id;
$members_domicile->address_point_id = $address_point->id;
$members_domicile->save_throwable();
}
// add domicicle
$members_domicile = new Members_domicile_Model();
$members_domicile->member_id = $member->id;
$members_domicile->address_point_id = $address_point->id;
$members_domicile->save_throwable();
}
}
// insert regular member access rights
$groups_aro_map = new Groups_aro_map_Model();
$groups_aro_map->aro_id = $user->id;
$groups_aro_map->group_id = Aro_group_Model::REGULAR_MEMBERS;
$groups_aro_map->save_throwable();
// insert regular member access rights
$groups_aro_map = new Groups_aro_map_Model();
$groups_aro_map->aro_id = $user->id;
$groups_aro_map->group_id = Aro_group_Model::REGULAR_MEMBERS;
$groups_aro_map->save_throwable();
$password_message = '';
if ($form_data['autogen_pass'] == 1)
{
$password_message = '<br />'.__('Generated password of user is: %s', $raw_password);
}
// reset post
unset($form_data);
// reset post
unset($form_data);
// send welcome message to member
Mail_message_Model::create(
// send welcome message to member
Mail_message_Model::create(
Member_Model::ASSOCIATION, $user->id,
mail_message::format('welcome_subject'),
mail_message::format('welcome'), 1
);
);
// commit transaction
$member->transaction_commit();
status::success('Member has been successfully added.');
// add information about last added member by logged user
// for selecting member in dropdown for connection request
$this->session->set('last_added_member_id', $member->id);
// commit transaction
$member->transaction_commit();
status::success(__('Member has been successfully added.').$password_message, FALSE);
// redirect
url::redirect('members/show/'.$member->id);
}
catch (Exception $e)
{
// rollback transaction
$member->transaction_rollback();
Log::add_exception($e);
status::error('Error - cant add new member.', $e);
$this->redirect('members/show_all');
// add information about last added member by logged user
// for selecting member in dropdown for connection request
$this->session->set('last_added_member_id', $member->id);
// redirect
url::redirect('members/show/' . $member->id);
}
catch (Exception $e)
{
// rollback transaction
$member->transaction_rollback();
Log::add_exception($e);
status::error('Error - cant add new member.', $e);
$this->redirect('members/show_all');
}
}
}
}
$headline = __('Add new member');
// breadcrumbs navigation

Také k dispozici: Unified diff