assign('users', Users::$users->select(null, 'all'))
->display();
}
/**
* Get user profile
*/
public static function getProfile($id)
{
View::factory('box/users/views/frontend/profile')
->assign('user', Users::$users->select("[id=".(int) $id."]", null))
->display();
}
/**
* Get New User Registration
*/
public static function getRegistration()
{
if (Option::get('users_frontend_registration') == 'true') {
// Is User Loged in ?
if ( ! Session::get('user_id')) {
$errors = array();
$user_email = Request::post('email');
$user_login = Request::post('login');
$user_password = Request::post('password');
// Register form submit
if (Request::post('register')) {
// Check csrf
if (Security::check(Request::post('csrf'))) {
$user_email = trim($user_email);
$user_login = trim($user_login);
$user_password = trim($user_password);
if (Option::get('captcha_installed') == 'true' && ! CryptCaptcha::check(Request::post('answer'))) $errors['users_captcha_wrong'] = __('Captcha code is wrong', 'captcha');
if ($user_login == '') $errors['users_empty_login'] = __('Required field', 'users');
if ($user_password == '') $errors['users_empty_password'] = __('Required field', 'users');
if ($user_email == '') $errors['users_empty_email'] = __('Required field', 'users');
if ($user_email != '' && ! Valid::email($user_email)) $errors['users_invalid_email'] = __('User email is invalid', 'users');
if (Users::$users->select("[login='".$user_login."']")) $errors['users_this_user_alredy_exists'] = __('This user alredy exist', 'users');
if (Users::$users->select("[email='".$user_email."']")) $errors['users_this_email_alredy_exists'] = __('This email alredy exist', 'users');
if (count($errors) == 0) {
Users::$users->insert(array('login' => Security::safeName($user_login),
'password' => Security::encryptPassword(Request::post('password')),
'email' => Request::post('email'),
'hash' => Text::random('alnum', 12),
'date_registered' => time(),
'role' => 'user'));
// Log in
$user = Users::$users->select("[id='".Users::$users->lastId()."']", null);
Session::set('user_id', (int) $user['id']);
Session::set('user_login', (string) $user['login']);
Session::set('user_role', (string) $user['role']);
// Message
$message = View::factory('box/users/views/frontend/registration_email')
->assign('site_name', Option::get('sitename'))
->assign('user_login', $user['login'])
->render();
// Send
@mail($user['email'], Option::get('sitename'), $message);
// Redirect to user profile
Request::redirect(Option::get('siteurl').'users/'.Users::$users->lastId());
}
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
// Display view
View::factory('box/users/views/frontend/registration')
->assign('errors', $errors)
->assign('user_email', $user_email)
->assign('user_login', $user_login)
->assign('user_password', $user_password)
->display();
} else {
Request::redirect(Site::url().'users/'.Session::get('user_id'));
}
} else {
echo __('User registration is closed.', 'users');
}
}
/**
* Get user panel
*/
public static function getPanel()
{
View::factory('box/users/views/frontend/userspanel')->display();
}
/**
* Is User Loged
*/
public static function isLoged()
{
if ((Session::get('user_id')) and (((int) Session::get('user_id') == Uri::segment(1)) or (in_array(Session::get('user_role'), array('admin'))))) {
return true;
} else {
return false;
}
}
/**
* Logout
*/
public static function logout()
{
Session::destroy();
Request::redirect($_SERVER["HTTP_REFERER"]);
}
/**
* Edit user profile
*/
public static function getProfileEdit($id)
{
// Is Current User Loged in ?
if (Users::isLoged()) {
$user = Users::$users->select("[id='".(int) $id."']", null);
// Edit Profile Submit
if (Request::post('edit_profile')) {
// Check csrf
if (Security::check(Request::post('csrf'))) {
if (Security::safeName(Request::post('login')) != '') {
if (Users::$users->update(Request::post('user_id'),
array('login' => Security::safeName(Request::post('login')),
'firstname' => Request::post('firstname'),
'lastname' => Request::post('lastname'),
'email' => Request::post('email'),
'skype' => Request::post('skype'),
'about_me' => Request::post('about_me'),
'twitter' => Request::post('twitter')))) {
// Change password
if (trim(Request::post('new_password')) != '') {
Users::$users->update(Request::post('user_id'), array('password' => Security::encryptPassword(trim(Request::post('new_password')))));
}
Notification::set('success', __('Your changes have been saved.', 'users'));
Request::redirect(Site::url().'users/'.$user['id']);
}
} else { }
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
View::factory('box/users/views/frontend/edit')
->assign('user', $user)
->display();
} else {
Request::redirect(Site::url().'users/login');
}
}
/**
* Get Password Reset
*/
public static function getPasswordReset()
{
// Is User Loged in ?
if ( ! Session::get('user_id')) {
$errors = array();
$site_url = Option::get('siteurl');
$site_name = Option::get('sitename');
// Reset Password from hash
if (Request::get('hash')) {
// Get user with specific hash
$user = Users::$users->select("[hash='" . Request::get('hash') . "']", null);
// If user exists
if ((count($user) > 0) && ($user['hash'] == Request::get('hash'))) {
// Generate new password
$new_password = Text::random('alnum', 6);
// Update user profile
// Set new hash and new password
Users::$users->updateWhere("[login='" . $user['login'] . "']", array('hash' => Text::random('alnum', 12), 'password' => Security::encryptPassword($new_password)));
// Message
$message = View::factory('box/users/views/frontend/new_password_email')
->assign('site_url', $site_url)
->assign('site_name', $site_name)
->assign('user_id', $user['id'])
->assign('user_login', $user['login'])
->assign('new_password', $new_password)
->render();
// Send
@mail($user['email'], __('Your new password for :site_name', 'users', array(':site_name' => $site_name)), $message);
// Set notification
Notification::set('success', __('New password has been sent', 'users'));
// Redirect to password-reset page
Request::redirect(Site::url().'users/password-reset');
}
}
// Reset Password Form Submit
if (Request::post('reset_password_submit')) {
$user_login = trim(Request::post('login'));
// Check csrf
if (Security::check(Request::post('csrf'))) {
if (Option::get('captcha_installed') == 'true' && ! CryptCaptcha::check(Request::post('answer'))) $errors['users_captcha_wrong'] = __('Captcha code is wrong', 'users');
if ($user_login == '') $errors['users_empty_field'] = __('Required field', 'users');
if ($user_login != '' && ! Users::$users->select("[login='".$user_login."']")) $errors['users_user_doesnt_exists'] = __('This user doesnt exist', 'users');
if (count($errors) == 0) {
// Get user
$user = Users::$users->select("[login='" . $user_login . "']", null);
// Generate new hash
$new_hash = Text::random('alnum', 12);
// Update user hash
Users::$users->updateWhere("[login='" . $user_login . "']", array('hash' => $new_hash));
// Message
$message = View::factory('box/users/views/frontend/reset_password_email')
->assign('site_url', $site_url)
->assign('site_name', $site_name)
->assign('user_id', $user['id'])
->assign('user_login', $user['login'])
->assign('new_hash', $new_hash)
->render();
// Send
@mail($user['email'], __('Your login details for :site_name', 'users', array(':site_name' => $site_name)), $message);
// Set notification
Notification::set('success', __('Your login details for :site_name has been sent', 'users', array(':site_name' => $site_name)));
// Redirect to password-reset page
Request::redirect(Site::url().'users/password-reset');
}
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
View::factory('box/users/views/frontend/password_reset')
->assign('errors', $errors)
->assign('user_login', trim(Request::post('login')))
->display();
}
}
/**
* Get User login
*/
public static function getLogin()
{
// Is User Loged in ?
if ( ! Session::get('user_id')) {
// Login Form Submit
if (Request::post('login_submit')) {
// Check csrf
if (Security::check(Request::post('csrf'))) {
$user = Users::$users->select("[login='" . trim(Request::post('username')) . "']", null);
if (count($user) !== 0) {
if ($user['login'] == Request::post('username')) {
if (trim($user['password']) == Security::encryptPassword(Request::post('password'))) {
if ($user['role'] == 'admin' || $user['role'] == 'editor') {
Session::set('admin', true);
}
Session::set('user_id', (int) $user['id']);
Session::set('user_login', (string) $user['login']);
Session::set('user_role', (string) $user['role']);
Request::redirect(Site::url().'users/'.Session::get('user_id'));
} else {
Notification::setNow('error', __('Wrong username or password', 'users'));
}
}
} else {
Notification::setNow('error', __('Wrong username or password', 'users'));
}
} else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
}
View::factory('box/users/views/frontend/login')->display();
} else {
Request::redirect(Site::url().'users/'.Session::get('user_id'));
}
}
/**
* Set title
*/
public static function title()
{
switch (Users::route()) {
case 'list': return __('Users', 'users'); break;
case 'profile': return __('Users - Profile', 'users'); break;
case 'edit': return __('Users - Edit Profile', 'users'); break;
case 'login': return __('Users - Login', 'users'); break;
case 'registration': return __('Users - Registration', 'users'); break;
case 'password-reset': return __('Users - Password Recover', 'users'); break;
}
}
/**
* Set content
*/
public static function content()
{
switch (Users::route()) {
case 'list': Users::getList(); break;
case 'profile': Users::getProfile(Uri::segment(1)); break;
case 'edit': Users::getProfileEdit(Uri::segment(1)); break;
case 'login': Users::getLogin(); break;
case 'registration': Users::getRegistration(); break;
case 'password-reset': Users::getPasswordReset(); break;
}
}
/**
* Set template
*/
public static function template()
{
return 'index';
}
/**
* Get Gravatar
*/
public static function getGravatarURL($email, $size)
{
return 'http://www.gravatar.com/avatar.php?gravatar_id='.md5($email).'&rating=PG'.'&size='.$size;
}
}