.
if (!defined('EG')) die('Direct access not allowed!');
class UsersController extends BaseController
{
private $_updating;
public function __construct($model, $controller, $queryString)
{
parent::__construct($model, $controller, $queryString);
$this->model('UsersModel');
$this->model('ProfileModel');
$this->model('HardwareModel');
$this->model('ParamsModel');
$updating = $this->m['ParamsModel']->select('updating')->where(array('id_par'=>1))->toList('updating')->send();
$data['updating_flag'] = $updating[0];
$this->_updating = $data['updating_flag'];
$data['title'] = 'Login';
$this->append($data);
}
public function login($lang = 'en', $type = null,$the_action = null,$the_id = null)
{
$data = array();
if ( strcmp($this->_updating,'no') === 0 )
{
$data['flag'] = isset($type) ? 'setted' : null;
$html['type'] = in_array($type,Hardware::$controllers) ? sanitizeAll($type) : 'notebooks';
$html['the_action'] = sanitizeAlphanum($the_action);
$html['the_id'] = (int)$the_id;
$html['lang'] = Lang::sanitize($lang);
$data['title'] = 'Login - '.Website::$generalName;
if (isset($type))
{
$data['action'] = Url::getRoot("users/login/".$html['lang']."/".$html['type']."/".$html['the_action']."/".$html['the_id']);
}
else
{
$data['action'] = Url::getRoot("users/login/".$html['lang']);
}
$data['notice'] = null;
$this->s['registered']->checkStatus();
if ($this->s['registered']->status['status']=='logged') { //check if already logged
$this->s['registered']->redirect('logged');
}
if (isset($_POST['username']) and isset($_POST['password']))
{
$username = ctype_alnum($_POST['username']) ? sanitizeAll($_POST['username']) : '';
$choice = $this->s['registered']->login($username,$_POST['password']);
switch($choice) {
case 'logged':
$this->redirect('home/index',3,'You are already logged...');
break;
case 'accepted':
if (isset($type))
{
$address = strcmp($html['the_action'],'view') === 0 ? $html['type']."/view/".$html['lang']."/".$html['the_id'] : $html['type']."/catalogue/".$html['lang'];
$this->redirect($address,0);
}
else
{
$this->redirect('home/index',0);
}
break;
case 'login-error':
$data['notice'] = '
Wrong username or password
';
break;
case 'wait':
$data['notice'] = 'You have to wait 5 seconds before you can try to login another time
';
break;
}
}
}
$this->append($data);
$this->load('login');
}
public function logout($lang = 'en')
{
$res = $this->s['registered']->logout();
if ($res === 'not-logged')
{
$data['notice'] = "You can't logout because you are not logged..
\n";
}
else if ($res === 'was-logged')
{
$this->redirect('home',0);
}
else if ($res === 'error')
{
}
$this->append($data);
$this->load('logout');
}
public function add($lang = 'en')
{
$data['title'] = 'create account - '.Website::$generalName;
if ( strcmp($this->_updating,'no') === 0 )
{
//start session for captcha
session_start();
if ( isset($_SESSION['status']) ) unset($_SESSION['status']);
$this->shift(1);
$this->m['UsersModel']->strongConditions['insert'] = array(
"checkAlphanum" => "username",
"checkLength|35" => "username",
"checkMail" => "e_mail",
"+checkLength|60" => "e_mail",
"checkEqual" => "password,confirmation",
"checkMatch|/^[a-zA-Z0-9\_\-\!]+$/" => "password,confirmation|characters allowed for the password: a-z A-Z 0-9 - _ !"
);
$this->m['UsersModel']->databaseConditions['insert'] = array(
"checkUnique" => "username",
"+checkUnique" => "e_mail"
);
if ($this->s['registered']->status['status'] === 'logged')
{
$this->redirect('home/index/'.$this->lang,2,'you are already logged..');
}
else
{
$data['notice'] = null;
$this->m['UsersModel']->setFields('username:sanitizeAll,e_mail:sanitizeAll,password:sha1','none');
$this->m['UsersModel']->updateTable('insert');
$data['notice'] = $this->m['UsersModel']->notice;
$values = $this->m['UsersModel']->getFormValues('insert','sanitizeHtml');
$values['confirmation'] = '';
$data['values'] = $values;
$this->append($data);
$this->load('add');
$this->right();
}
}
else
{
$this->redirect('users/login/'.$this->lang,0);
}
}
public function confirm($lang = 'en', $id_user = 0, $confirmation_token = '')
{
$data['title'] = 'confirm account - '.Website::$generalName;
if ( strcmp($this->_updating,'no') === 0 )
{
if ($this->s['registered']->status['status'] === 'logged')
{
$this->redirect('home/index/'.$this->lang,2,'you are already logged..');
}
else
{
$clean['id_user'] = (int)$id_user;
$clean['confirmation_token'] = sanitizeAlphanum($confirmation_token);
$data['status_confirm'] = false;
$res = $this->m['UsersModel']->select('id_user,creation_time')->where(array("id_user"=>$clean['id_user'],"confirmation_token"=>$clean['confirmation_token'],"has_confirmed"=>1,"deleted"=>"no"))->send();
// echo $this->m['UsersModel']->getQuery();
if (count($res) > 0)
{
$now = time();
$checkTime = $res[0]['regusers']['creation_time'] + Account::$confirmTime;
if ($checkTime > $now)
{
$this->m['UsersModel']->values = array('has_confirmed' => 0, 'creation_time' => 0);
if ($this->m['UsersModel']->update($clean['id_user']))
{
$data['status_confirm'] = true;
//ad a record in the profile table
$this->m['ProfileModel']->values = array('created_by' => $clean['id_user']);
$this->m['ProfileModel']->insert();
}
}
}
// var_dump($data['status_confirm']);
$this->append($data);
$this->load('confirmation');
$this->right();
}
}
else
{
$this->redirect('users/login/'.$this->lang,0);
}
}
public function change($lang = 'en', $id_user = 0, $forgot_token = '')
{
session_start();
$data['title'] = 'change password - '.Website::$generalName;
if ( strcmp($this->_updating,'no') === 0 )
{
if ($this->s['registered']->status['status'] === 'logged')
{
$this->redirect('home/index/'.$this->lang,2,'you are already logged..');
}
else
{
$clean['id_user'] = (int)$id_user;
$clean['forgot_token'] = sanitizeAlphanum($forgot_token);
$res = $this->m['UsersModel']->select('username,id_user,forgot_time,e_mail')->where(array("id_user"=>$clean['id_user'],"forgot_token"=>$clean['forgot_token'],"has_confirmed"=>0,"deleted"=>"no"))->send();
if (count($res) > 0)
{
$now = time();
$checkTime = $res[0]['regusers']['forgot_time'] + Account::$confirmTime;
if ($checkTime > $now)
{
$username = $res[0]['regusers']['username'];
$email = $res[0]['regusers']['e_mail'];
$newPassword = generateString(10);
$this->m['UsersModel']->values = array('password' => sha1($newPassword), 'forgot_time' => 0);
if ($this->m['UsersModel']->update($clean['id_user']))
{
$result = Account::sendpassword($username,$email,$newPassword);
if ($result)
{
$_SESSION['status'] = 'sent_new_password';
}
else
{
$_SESSION['status'] = 'sent_new_password_error';
}
$hed = new HeaderObj(DOMAIN_NAME);
$hed->redirect('users/notice/'.Lang::$current,1);
}
}
}
$this->append($data);
$this->load('change');
$this->right();
}
}
else
{
$this->redirect('users/login/'.$this->lang,0);
}
}
public function forgot($lang = 'en')
{
$data['title'] = 'request password - '.Website::$generalName;
if ( strcmp($this->_updating,'no') === 0 )
{
session_start();
if ( isset($_SESSION['status']) ) unset($_SESSION['status']);
$this->shift(1);
if ($this->s['registered']->status['status'] === 'logged')
{
$this->redirect('home/index/'.$this->lang,2,'you are already logged..');
}
else
{
$data['notice'] = null;
if (isset($_POST['forgotAction']))
{
if (isset($_POST['username']))
{
$this->m['UsersModel']->forgot($_POST['username']);
$data['notice'] = $this->m['UsersModel']->notice;
}
}
$this->append($data);
$this->load('forgot');
$this->right();
}
}
else
{
$this->redirect('users/login/'.$this->lang,0);
}
}
public function notice($lang = 'en')
{
$data['title'] = 'notice - '.Website::$generalName;
if ( strcmp($this->_updating,'no') === 0 )
{
session_start();
if ($this->s['registered']->status['status'] === 'logged')
{
$this->redirect('home/index/'.$this->lang,2,'you are already logged..');
}
else
{
$this->load('notice');
$this->right();
}
}
else
{
$this->redirect('users/login/'.$this->lang,0);
}
}
public function meet($lang = 'en', $user = '')
{
$clean['user'] = ctype_alnum($user) ? sanitizeAll($user) : '';
$data['title'] = "meet ".$clean['user']." - ".Website::$generalName;
if (strcmp($clean['user'],'') !== 0)
{
$this->shift(2);
$res = $this->m['UsersModel']->db->select('regusers','has_confirmed,deleted,username','username="'.$clean['user'].'" and has_confirmed=0 and deleted="no"');
// echo $this->m['UsersModel']->getQuery();
if (count($res) > 0)
{
$whereArray = array(
'username' => $clean['user'],
'has_confirmed' => 0,
'deleted' => 'no'
);
$data['table'] = $this->m['ProfileModel']->select('regusers.e_mail,regusers.username,profile.*')->from('regusers inner join profile')->on('regusers.id_user = profile.created_by')->where($whereArray)->send();
// echo $this->m['HardwareModel']->getQuery();
$data['meet_username'] = $res[0]['regusers']['username'];
$this->append($data);
$this->load('meet');
$this->right();
}
}
}
public function contributions($lang = 'en', $user = '')
{
$clean['user'] = ctype_alnum($user) ? sanitizeAll($user) : '';
$data['title'] = $clean['user']." contributions - ".Website::$generalName;
if (strcmp($clean['user'],'') !== 0)
{
$this->shift(2);
$res = $this->m['UsersModel']->db->select('regusers','has_confirmed,deleted,username','username="'.$clean['user'].'" and has_confirmed=0 and deleted="no"');
if (count($res) > 0)
{
$whereArray = array(
'username' => $clean['user'],
'has_confirmed' => 0,
'deleted' => 'no'
);
$data['table'] = $this->m['HardwareModel']->select('hardware.*,regusers.username')->where($whereArray)->send();
// echo $this->m['HardwareModel']->getQuery();
$data['meet_username'] = $res[0]['regusers']['username'];
$this->append($data);
$this->load('contributions');
$this->right();
}
}
}
}