mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-01 20:30:39 +02:00
Code Issues Releases Wiki Activity

More work on user management

Browse Source
This commit is contained in:
e107steved
2008-12-29 09:31:36 +00:00
parent 5d25c47657
commit a794a90c4f
4 changed files with 57 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
e107_admin/users.php
View File

@@ -9,9 +9,9 @@
* Administration Area - Users * Administration Area - Users
* *
* $Source: /cvs_backup/e107_0.8/e107_admin/users.php,v $ * $Source: /cvs_backup/e107_0.8/e107_admin/users.php,v $
* $Revision: 1.22 $ * $Revision: 1.23 $
* $Date: 2008-12-22 14:06:17 $ * $Date: 2008-12-29 09:31:36 $
* $Author: mcfly_e107 $ * $Author: e107steved $
* *
*/ */
require_once('../class2.php'); require_once('../class2.php');
@@ -51,8 +51,10 @@ require_once('auth.php');
require_once(e_HANDLER.'form_handler.php'); require_once(e_HANDLER.'form_handler.php');
require_once(e_HANDLER.'userclass_class.php'); require_once(e_HANDLER.'userclass_class.php');
require_once(e_HANDLER.'user_handler.php'); require_once(e_HANDLER.'user_handler.php');
include_once(e_HANDLER.'user_extended_class.php');
require_once(e_HANDLER.'validator_class.php'); require_once(e_HANDLER.'validator_class.php');
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php'); include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php');
$ue = new e107_user_extended;
$userMethods = new UserHandler; $userMethods = new UserHandler;
$user_data = array(); $user_data = array();
@@ -220,10 +222,13 @@ if (isset($_POST['adduser']))
validatorClass::checkMandatory('user_name,user_loginname', $allData); // Check for missing fields (email done in userValidation() ) validatorClass::checkMandatory('user_name,user_loginname', $allData); // Check for missing fields (email done in userValidation() )
validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0); // Do basic DB-related checks validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0); // Do basic DB-related checks
$userMethods->userValidation($allData); // Do user-specific DB checks $userMethods->userValidation($allData); // Do user-specific DB checks
if (($_POST['password1'] != $_POST['password2']) && !isset($allData['errors']['user_password'])) if (!isset($allData['errors']['user_password']))
{ { // No errors in password - keep it outside the main data array
$allData['errors']['user_password'] = ERR_PASSWORDS_DIFFERENT; $savePassword = $allData['validate']['user_password'];
unset($allData['validate']['user_password']); // Delete the password value in the output array
} }
unset($_POST['password1']); // Restrict the scope of this
unset($_POST['password2']);
if (!check_class($pref['displayname_class'], $allData['validate']['user_class'])) if (!check_class($pref['displayname_class'], $allData['validate']['user_class']))
{ {
if ($allData['validate']['user_name'] != $allData['validate']['user_loginname']) if ($allData['validate']['user_name'] != $allData['validate']['user_loginname'])
@@ -246,11 +251,15 @@ if (isset($_POST['adduser']))
if (!$error) if (!$error)
{ {
$message = ''; $message = '';
$user_data['user_password'] = $userMethods->HashPassword($_POST['password1'],$loginname); $user_data['user_password'] = $userMethods->HashPassword($savePassword,$loginname);
$user_data['user_join'] = time(); $user_data['user_join'] = time();
if ($userMethods->needEmailPassword()) if ($userMethods->needEmailPassword())
{ // Save separate password encryption for use with email address { // Save separate password encryption for use with email address
$user_data['user_prefs'] = serialize(array('email_password' => $userMethods->HashPassword($_POST['password1'], $user_data['user_email']))); $user_data['user_prefs'] = serialize(array('email_password' => $userMethods->HashPassword($savePassword, $user_data['user_email'])));
}
if (varsettrue($pref['user_new_period']))
{
$user_data['user_class'] = user_class::ucAdd(e_UC_NEWUSER, $user_data['user_class']); // Probationary user class
} }
$userMethods->addNonDefaulted($user_data); $userMethods->addNonDefaulted($user_data);
if (admin_update($sql -> db_Insert("user", $user_data), 'insert', USRLAN_70)) if (admin_update($sql -> db_Insert("user", $user_data), 'insert', USRLAN_70))
@@ -262,7 +271,7 @@ if (isset($_POST['adduser']))
if (isset($_POST['sendconfemail'])) if (isset($_POST['sendconfemail']))
{ // Send confirmation email to user { // Send confirmation email to user
require_once(e_HANDLER.'mail.php'); require_once(e_HANDLER.'mail.php');
$e_message = str_replace(array('--SITE--','--LOGIN--','--PASSWORD--'),array(SITEURL,$loginname,$_POST['password1']),USRLAN_185).USRLAN_186; $e_message = str_replace(array('--SITE--','--LOGIN--','--PASSWORD--'),array(SITEURL,$loginname,$savePassword),USRLAN_185).USRLAN_186;
if (sendemail($user_data['user_email'],USRLAN_187.SITEURL,$e_message,$user_data['user_login'],'','')) if (sendemail($user_data['user_email'],USRLAN_187.SITEURL,$e_message,$user_data['user_login'],'',''))
{ {
$message = USRLAN_188.'<br /><br />'; $message = USRLAN_188.'<br /><br />';
@@ -274,7 +283,7 @@ if (isset($_POST['adduser']))
} }
$message .= str_replace('--NAME--',$user_data['user_name'], USRLAN_174) ; $message .= str_replace('--NAME--',$user_data['user_name'], USRLAN_174) ;
if (isset($_POST['generateloginname'])) $message .= '<br /><br />'.USRLAN_173.': '.$loginname; if (isset($_POST['generateloginname'])) $message .= '<br /><br />'.USRLAN_173.': '.$loginname;
if (isset($_POST['generatepassword'])) $message .= '<br /><br />'.USRLAN_172.': '.$_POST['password1']; if (isset($_POST['generatepassword'])) $message .= '<br /><br />'.USRLAN_172.': '.$savePassword;
unset($user_data); // Don't recycle the data once the user's been accepted without error unset($user_data); // Don't recycle the data once the user's been accepted without error
} }

15
e107_handlers/userclass_class.php
View File

@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org). | GNU General Public License (http://gnu.org).
| |
| $Source: /cvs_backup/e107_0.8/e107_handlers/userclass_class.php,v $ | $Source: /cvs_backup/e107_0.8/e107_handlers/userclass_class.php,v $
| $Revision: 1.25 $ | $Revision: 1.26 $
| $Date: 2008-12-28 22:37:43 $ | $Date: 2008-12-29 09:31:36 $
| $Author: e107steved $ | $Author: e107steved $
+----------------------------------------------------------------------------+ +----------------------------------------------------------------------------+
*/ */
@@ -669,6 +669,17 @@ class user_class
} }
// Utility to add a specified class ID to the default comma-separated list
function ucAdd($classID, $to, $asArray = FALSE)
{
$tmp = array_flip(explode(',',$to));
$tmp[$classID] = 1;
$tmp = array_keys($tmp);
if ($asArray) { return $tmp; }
return implode(',',$tmp);
}
/* /*
Return all users in a particular class or set of classes. Return all users in a particular class or set of classes.
$classlist is a comma separated list of classes - if the 'predefined' classes are required, they must be included. No spaces allowed $classlist is a comma separated list of classes - if the 'predefined' classes are required, they must be included. No spaces allowed

34
signup.php
View File

@@ -9,8 +9,8 @@
* User signup * User signup
* *
* $Source: /cvs_backup/e107_0.8/signup.php,v $ * $Source: /cvs_backup/e107_0.8/signup.php,v $
* $Revision: 1.29 $ * $Revision: 1.30 $
* $Date: 2008-12-28 22:37:42 $ * $Date: 2008-12-29 09:31:36 $
* $Author: e107steved $ * $Author: e107steved $
* *
*/ */
@@ -28,7 +28,7 @@ include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php'); // Generic user-related
define('SIGNUP_DEBUG', FALSE); define('SIGNUP_DEBUG', FALSE);
include_once(e_HANDLER.'user_extended_class.php'); include_once(e_HANDLER.'user_extended_class.php');
$usere = new e107_user_extended; $ue = new e107_user_extended;
require_once(e_HANDLER.'calendar/calendar_class.php'); require_once(e_HANDLER.'calendar/calendar_class.php');
$cal = new DHTML_Calendar(true); $cal = new DHTML_Calendar(true);
require_once(e_HANDLER.'validator_class.php'); require_once(e_HANDLER.'validator_class.php');
@@ -49,6 +49,8 @@ include_once(e_FILE."shortcode/batch/signup_shortcodes.php");
$signup_imagecode = ($pref['signcode'] && extension_loaded("gd")); $signup_imagecode = ($pref['signcode'] && extension_loaded("gd"));
$text = ''; $text = '';
$extraErrors = array();
$error = FALSE;
//------------------------------- //-------------------------------
@@ -358,20 +360,19 @@ if (isset($_POST['register']))
$_POST['user_xup'] = trim(varset($_POST['user_xup'],'')); $_POST['user_xup'] = trim(varset($_POST['user_xup'],''));
$readXUP = varsettrue($pref['xup_enabled']) && varsettrue($_POST['user_xup']); $readXUP = varsettrue($pref['xup_enabled']) && varsettrue($_POST['user_xup']);
$e107cache->clear("online_menu_totals"); $e107cache->clear("online_menu_totals");
$error_message = "";
require_once(e_HANDLER."message_handler.php"); require_once(e_HANDLER."message_handler.php");
if (isset($_POST['rand_num']) && $signup_imagecode && !$readXUP ) if (isset($_POST['rand_num']) && $signup_imagecode && !$readXUP )
{ {
if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify'])) if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))
{ {
$error_message .= LAN_SIGNUP_3."\\n"; $extraErrors[] = LAN_SIGNUP_3."\\n";
$error = TRUE; $error = TRUE;
} }
} }
if($invalid = $e_event->trigger("usersup_veri", $_POST)) if($invalid = $e_event->trigger("usersup_veri", $_POST))
{ {
$error_message .= $invalid."\\n"; $extraErrors[] = $invalid."\\n";
$error = TRUE; $error = TRUE;
} }
@@ -381,7 +382,7 @@ if (isset($_POST['register']))
$xml = new parseXml; $xml = new parseXml;
if(!$rawData = $xml -> getRemoteXmlFile($_POST['user_xup'])) if(!$rawData = $xml -> getRemoteXmlFile($_POST['user_xup']))
{ {
$error_message .= LAN_SIGNUP_68."\\n"; $extraErrors[] = LAN_SIGNUP_68."\\n";
$error = TRUE; $error = TRUE;
} }
else else
@@ -436,13 +437,10 @@ if (isset($_POST['register']))
validatorClass::checkMandatory('user_name,user_loginname', $allData); // Check for missing fields (email done in userValidation() ) validatorClass::checkMandatory('user_name,user_loginname', $allData); // Check for missing fields (email done in userValidation() )
validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0); // Do basic DB-related checks validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0); // Do basic DB-related checks
$userMethods->userValidation($allData); // Do user-specific DB checks $userMethods->userValidation($allData); // Do user-specific DB checks
if (($_POST['password1'] != $_POST['password2']) && !isset($allData['errors']['user_password'])) if (!isset($allData['errors']['user_password']))
{ { // No errors in password - keep it outside the main data array
$allData['errors']['user_password'] = ERR_PASSWORDS_DIFFERENT; $savePassword = $allData['validate']['user_password'];
} unset($allData['validate']['user_password']); // Delete the password value in the output array
else
{
$savePassword = $_POST['password1']; // May need in plaintext later
} }
unset($_POST['password1']); // Restrict the scope of this unset($_POST['password1']); // Restrict the scope of this
unset($_POST['password2']); unset($_POST['password2']);
@@ -495,13 +493,17 @@ if (isset($_POST['register']))
// Determine whether we have an error // Determine whether we have an error
$error = ((isset($allData['errors']) && count($allData['errors'])) || (isset($eufVals['errors']) && count($eufVals['errors']))); $error = ((isset($allData['errors']) && count($allData['errors'])) || (isset($eufVals['errors']) && count($eufVals['errors'])) || count($extraErrors));
// All validated here - handle any errors // All validated here - handle any errors
if ($error) if ($error)
{ {
require_once(e_HANDLER."message_handler.php"); require_once(e_HANDLER."message_handler.php");
$temp = array(); $temp = array();
if (count($extraErrors))
{
$temp[] = implode('<br />', $extraErrors);
}
if (count($allData['errors'])) if (count($allData['errors']))
{ {
$temp[] = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo); $temp[] = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
@@ -510,7 +512,6 @@ if (isset($_POST['register']))
{ {
$temp[] = validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo); $temp[] = validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
} }
if ($error_message) { $temp[] = $error_message; }
message_handler('P_ALERT', implode('<br />', $temp)); message_handler('P_ALERT', implode('<br />', $temp));
} }
} // End of data validation } // End of data validation
@@ -525,6 +526,7 @@ if (isset($_POST['register']))
if (!$error) if (!$error)
{ {
$error_message = '';
$fp = new floodprotect; $fp = new floodprotect;
if ($fp->flood("user", "user_join") == FALSE) if ($fp->flood("user", "user_join") == FALSE)
{ {

14
usersettings.php
View File

@@ -9,8 +9,8 @@
* User settings modify * User settings modify
* *
* $Source: /cvs_backup/e107_0.8/usersettings.php,v $ * $Source: /cvs_backup/e107_0.8/usersettings.php,v $
* $Revision: 1.30 $ * $Revision: 1.31 $
* $Date: 2008-12-28 22:37:42 $ * $Date: 2008-12-29 09:31:36 $
* $Author: e107steved $ * $Author: e107steved $
* *
*/ */
@@ -521,20 +521,20 @@ if (!$error && !$promptPassword) { unset($_POST); }
if ($error) if ($error)
{ {
require_once (e_HANDLER.'message_handler.php'); require_once (e_HANDLER.'message_handler.php');
$temp = ''; $temp = array();
if (count($extraErrors)) if (count($extraErrors))
{ {
$temp .= implode('<br />', $extraErrors); $temp[] = implode('<br />', $extraErrors);
} }
if (count($allData['errors'])) if (count($allData['errors']))
{ {
$temp .= validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo); $temp[] = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
} }
if (varsettrue($eufData['errors'])) if (varsettrue($eufData['errors']))
{ {
$temp .= '<br />'.validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo); $temp[] = '<br />'.validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '<br />', $userMethods->userVettingInfo);
} }
message_handler('P_ALERT', $temp); message_handler('P_ALERT', implode('<br />', $temp));
// $adref = $_POST['adminreturn']; // $adref = $_POST['adminreturn'];
} }