mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-31 03:40:37 +02:00
Code Issues Releases Wiki Activity

More work on user management

Browse Source
This commit is contained in:
e107steved
2008-12-29 09:31:36 +00:00
parent 5d25c47657
commit a794a90c4f
4 changed files with 57 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
e107_admin/users.php
View File

@@ -9,9 +9,9 @@
* Administration Area - Users
*
* $Source: /cvs_backup/e107_0.8/e107_admin/users.php,v $
* $Revision: 1.22 $
* $Date: 2008-12-22 14:06:17 $
* $Author: mcfly_e107 $
* $Revision: 1.23 $
* $Date: 2008-12-29 09:31:36 $
* $Author: e107steved $
*
*/
require_once('../class2.php');
@@ -51,8 +51,10 @@ require_once('auth.php');
require_once(e_HANDLER.'form_handler.php');
require_once(e_HANDLER.'userclass_class.php');
require_once(e_HANDLER.'user_handler.php');
include_once(e_HANDLER.'user_extended_class.php');
require_once(e_HANDLER.'validator_class.php');
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php');
$ue = new e107_user_extended;
$userMethods = new UserHandler;
$user_data = array();
@@ -220,10 +222,13 @@ if (isset($_POST['adduser']))
validatorClass::checkMandatory('user_name,user_loginname', $allData); // Check for missing fields (email done in userValidation() )
validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0); // Do basic DB-related checks
$userMethods->userValidation($allData); // Do user-specific DB checks
if (($_POST['password1'] != $_POST['password2']) && !isset($allData['errors']['user_password']))
{
$allData['errors']['user_password'] = ERR_PASSWORDS_DIFFERENT;
if (!isset($allData['errors']['user_password']))
{ // No errors in password - keep it outside the main data array
$savePassword = $allData['validate']['user_password'];
unset($allData['validate']['user_password']); // Delete the password value in the output array
}
unset($_POST['password1']); // Restrict the scope of this
unset($_POST['password2']);
if (!check_class($pref['displayname_class'], $allData['validate']['user_class']))
{
if ($allData['validate']['user_name'] != $allData['validate']['user_loginname'])
@@ -246,11 +251,15 @@ if (isset($_POST['adduser']))
if (!$error)
{
$message = '';
$user_data['user_password'] = $userMethods->HashPassword($_POST['password1'],$loginname);
$user_data['user_password'] = $userMethods->HashPassword($savePassword,$loginname);
$user_data['user_join'] = time();
if ($userMethods->needEmailPassword())
{ // Save separate password encryption for use with email address
$user_data['user_prefs'] = serialize(array('email_password' => $userMethods->HashPassword($_POST['password1'], $user_data['user_email'])));
$user_data['user_prefs'] = serialize(array('email_password' => $userMethods->HashPassword($savePassword, $user_data['user_email'])));
}
if (varsettrue($pref['user_new_period']))
{
$user_data['user_class'] = user_class::ucAdd(e_UC_NEWUSER, $user_data['user_class']); // Probationary user class
}
$userMethods->addNonDefaulted($user_data);
if (admin_update($sql -> db_Insert("user", $user_data), 'insert', USRLAN_70))
@@ -262,7 +271,7 @@ if (isset($_POST['adduser']))
if (isset($_POST['sendconfemail']))
{ // Send confirmation email to user
require_once(e_HANDLER.'mail.php');
$e_message = str_replace(array('--SITE--','--LOGIN--','--PASSWORD--'),array(SITEURL,$loginname,$_POST['password1']),USRLAN_185).USRLAN_186;
$e_message = str_replace(array('--SITE--','--LOGIN--','--PASSWORD--'),array(SITEURL,$loginname,$savePassword),USRLAN_185).USRLAN_186;
if (sendemail($user_data['user_email'],USRLAN_187.SITEURL,$e_message,$user_data['user_login'],'',''))
{
$message = USRLAN_188.'<br /><br />';
@@ -274,7 +283,7 @@ if (isset($_POST['adduser']))
}
$message .= str_replace('--NAME--',$user_data['user_name'], USRLAN_174) ;
if (isset($_POST['generateloginname'])) $message .= '<br /><br />'.USRLAN_173.': '.$loginname;
if (isset($_POST['generatepassword'])) $message .= '<br /><br />'.USRLAN_172.': '.$_POST['password1'];
if (isset($_POST['generatepassword'])) $message .= '<br /><br />'.USRLAN_172.': '.$savePassword;
unset($user_data); // Don't recycle the data once the user's been accepted without error
}

15
e107_handlers/userclass_class.php
View File

@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_handlers/userclass_class.php,v $
| $Revision: 1.25 $
| $Date: 2008-12-28 22:37:43 $
| $Revision: 1.26 $
| $Date: 2008-12-29 09:31:36 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@@ -669,6 +669,17 @@ class user_class
}
// Utility to add a specified class ID to the default comma-separated list
function ucAdd($classID, $to, $asArray = FALSE)
{
$tmp = array_flip(explode(',',$to));
$tmp[$classID] = 1;
$tmp = array_keys($tmp);
if ($asArray) { return $tmp; }
return implode(',',$tmp);
}
/*
Return all users in a particular class or set of classes.
$classlist is a comma separated list of classes - if the 'predefined' classes are required, they must be included. No spaces allowed

34
signup.php
View File

@@ -9,8 +9,8 @@
* User signup
*
* $Source: /cvs_backup/e107_0.8/signup.php,v $
* $Revision: 1.29 $
* $Date: 2008-12-28 22:37:42 $
* $Revision: 1.30 $
* $Date: 2008-12-29 09:31:36 $
* $Author: e107steved $
*
*/
@@ -28,7 +28,7 @@ include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php'); // Generic user-related
define('SIGNUP_DEBUG', FALSE);
include_once(e_HANDLER.'user_extended_class.php');
$usere = new e107_user_extended;
$ue = new e107_user_extended;
require_once(e_HANDLER.'calendar/calendar_class.php');
$cal = new DHTML_Calendar(true);
require_once(e_HANDLER.'validator_class.php');
@@ -49,6 +49,8 @@ include_once(e_FILE."shortcode/batch/signup_shortcodes.php");
$signup_imagecode = ($pref['signcode'] && extension_loaded("gd"));
$text = '';
$extraErrors = array();
$error = FALSE;
//-------------------------------
@@ -358,20 +360,19 @@ if (isset($_POST['register']))
$_POST['user_xup'] = trim(varset($_POST['user_xup'],''));
$readXUP = varsettrue($pref['xup_enabled']) && varsettrue($_POST['user_xup']);
$e107cache->clear("online_menu_totals");
$error_message = "";
require_once(e_HANDLER."message_handler.php");
if (isset($_POST['rand_num']) && $signup_imagecode && !$readXUP )
{
if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))
{
$error_message .= LAN_SIGNUP_3."\\n";
$extraErrors[] = LAN_SIGNUP_3."\\n";
$error = TRUE;
}
}
if($invalid = $e_event->trigger("usersup_veri", $_POST))
{
$error_message .= $invalid."\\n";
$extraErrors[] = $invalid."\\n";
$error = TRUE;
}
@@ -381,7 +382,7 @@ if (isset($_POST['register']))
$xml = new parseXml;
if(!$rawData = $xml -> getRemoteXmlFile($_POST['user_xup']))
{
$error_message .= LAN_SIGNUP_68."\\n";
$extraErrors[] = LAN_SIGNUP_68."\\n";
$error = TRUE;
}
else
@@ -436,13 +437,10 @@ if (isset($_POST['register']))
validatorClass::checkMandatory('user_name,user_loginname', $allData); // Check for missing fields (email done in userValidation() )
validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0); // Do basic DB-related checks
$userMethods->userValidation($allData); // Do user-specific DB checks
if (($_POST['password1'] != $_POST['password2']) && !isset($allData['errors']['user_password']))
{
$allData['errors']['user_password'] = ERR_PASSWORDS_DIFFERENT;
}
else
{
$savePassword = $_POST['password1']; // May need in plaintext later
if (!isset($allData['errors']['user_password']))
{ // No errors in password - keep it outside the main data array
$savePassword = $allData['validate']['user_password'];
unset($allData['validate']['user_password']); // Delete the password value in the output array
}
unset($_POST['password1']); // Restrict the scope of this
unset($_POST['password2']);
@@ -495,13 +493,17 @@ if (isset($_POST['register']))
// Determine whether we have an error
$error = ((isset($allData['errors']) && count($allData['errors'])) || (isset($eufVals['errors']) && count($eufVals['errors'])));
$error = ((isset($allData['errors']) && count($allData['errors'])) || (isset($eufVals['errors']) && count($eufVals['errors'])) || count($extraErrors));
// All validated here - handle any errors
if ($error)
{
require_once(e_HANDLER."message_handler.php");
$temp = array();
if (count($extraErrors))
{
$temp[] = implode('<br />', $extraErrors);
}
if (count($allData['errors']))
{
$temp[] = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
@@ -510,7 +512,6 @@ if (isset($_POST['register']))
{
$temp[] = validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
}
if ($error_message) { $temp[] = $error_message; }
message_handler('P_ALERT', implode('<br />', $temp));
}
} // End of data validation
@@ -525,6 +526,7 @@ if (isset($_POST['register']))
if (!$error)
{
$error_message = '';
$fp = new floodprotect;
if ($fp->flood("user", "user_join") == FALSE)
{

14
usersettings.php
View File

@@ -9,8 +9,8 @@
* User settings modify
*
* $Source: /cvs_backup/e107_0.8/usersettings.php,v $
* $Revision: 1.30 $
* $Date: 2008-12-28 22:37:42 $
* $Revision: 1.31 $
* $Date: 2008-12-29 09:31:36 $
* $Author: e107steved $
*
*/
@@ -521,20 +521,20 @@ if (!$error && !$promptPassword) { unset($_POST); }
if ($error)
{
require_once (e_HANDLER.'message_handler.php');
$temp = '';
$temp = array();
if (count($extraErrors))
{
$temp .= implode('<br />', $extraErrors);
$temp[] = implode('<br />', $extraErrors);
}
if (count($allData['errors']))
{
$temp .= validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
$temp[] = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
}
if (varsettrue($eufData['errors']))
{
$temp .= '<br />'.validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
$temp[] = '<br />'.validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
}
message_handler('P_ALERT', $temp);
message_handler('P_ALERT', implode('<br />', $temp));
// $adref = $_POST['adminreturn'];
}