/default_www/backend/modules/users/actions/add.php

https://github.com/yoniweb/forkcms-Golden-Gate · PHP · 183 lines · 101 code · 27 blank · 55 comment · 11 complexity · 43964472516d12ce03e2d20fe57f767a MD5 · raw file 

    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * This is the add-action, it will display a form to create a new user
    5. 

  5.  *
    6. 

  6.  * @package		backend
    7. 

  7.  * @subpackage	users
    8. 

  8.  *
    9. 

  9.  * @author		Tijs Verkoyen <tijs@netlash.com>
    10. 

  10.  * @author		Davy Hellemans <davy@netlash.com>
    11. 

  11.  * @since		2.0
    12. 

  12.  */
    13. 

  13. class BackendUsersAdd extends BackendBaseActionAdd
    14. 

  14. {
    15. 

  15. 	/**
    16. 

  16. 	 * Execute the action
    17. 

  17. 	 *
    18. 

  18. 	 * @return	void
    19. 

  19. 	 */
    20. 

  20. 	public function execute()
    21. 

  21. 	{
    22. 

  22. 		// call parent, this will probably add some general CSS/JS or other required files
    23. 

  23. 		parent::execute();
    24. 

  24. 

  25. 		// load the form
    26. 

  26. 		$this->loadForm();
    27. 

  27. 

  28. 		// validate the form
    29. 

  29. 		$this->validateForm();
    30. 

  30. 

  31. 		// parse the datagrid
    32. 

  32. 		$this->parse();
    33. 

  33. 

  34. 		// display the page
    35. 

  35. 		$this->display();
    36. 

  36. 	}
    37. 

  37. 

  38. 

  39. 	/**
    40. 

  40. 	 * Load the form
    41. 

  41. 	 *
    42. 

  42. 	 * @return	void
    43. 

  43. 	 */
    44. 

  44. 	private function loadForm()
    45. 

  45. 	{
    46. 

  46. 		// create form
    47. 

  47. 		$this->frm = new BackendForm('add');
    48. 

  48. 

  49. 		$groups = BackendUsersModel::getGroups();
    50. 

  50. 		$groupIds = array_keys($groups);
    51. 

  51. 		$defaultGroupId = BackendModel::getModuleSetting('users', 'default_group', $groupIds[0]);
    52. 

  52. 

  53. 		// create elements
    54. 

  54. 		$this->frm->addText('email', null, 255);
    55. 

  55. 		$this->frm->addPassword('password', null, 75, 'inputText inputPassword passwordGenerator', 'inputTextError inputPasswordError passwordGenerator');
    56. 

  56. 		$this->frm->addPassword('confirm_password', null, 75);
    57. 

  57. 		$this->frm->addText('nickname', null, 24);
    58. 

  58. 		$this->frm->addText('name', null, 255);
    59. 

  59. 		$this->frm->addText('surname', null, 255);
    60. 

  60. 		$this->frm->addDropdown('interface_language', BackendLanguage::getInterfaceLanguages());
    61. 

  61. 		$this->frm->addDropdown('date_format', BackendUsersModel::getDateFormats(), BackendAuthentication::getUser()->getSetting('date_format'));
    62. 

  62. 		$this->frm->addDropdown('time_format', BackendUsersModel::getTimeFormats(), BackendAuthentication::getUser()->getSetting('time_format'));
    63. 

  63. 		$this->frm->addDropdown('number_format', BackendUsersModel::getNumberFormats(), BackendAuthentication::getUser()->getSetting('number_format', 'dot_nothing'));
    64. 

  64. 		$this->frm->addImage('avatar');
    65. 

  65. 		$this->frm->addCheckbox('active', true);
    66. 

  66. 		$this->frm->addCheckbox('api_access', false);
    67. 

  67. 		$this->frm->addDropdown('group', $groups, $defaultGroupId);
    68. 

  68. 

  69. 		// disable autocomplete
    70. 

  70. 		$this->frm->getField('password')->setAttributes(array('autocomplete' => 'off'));
    71. 

  71. 		$this->frm->getField('confirm_password')->setAttributes(array('autocomplete' => 'off'));
    72. 

  72. 	}
    73. 

  73. 

  74. 

  75. 	/**
    76. 

  76. 	 * Validate the form
    77. 

  77. 	 *
    78. 

  78. 	 * @return	void
    79. 

  79. 	 */
    80. 

  80. 	private function validateForm()
    81. 

  81. 	{
    82. 

  82. 		// is the form submitted?
    83. 

  83. 		if($this->frm->isSubmitted())
    84. 

  84. 		{
    85. 

  85. 			// cleanup the submitted fields, ignore fields that were added by hackers
    86. 

  86. 			$this->frm->cleanupFields();
    87. 

  87. 

  88. 			// email is present
    89. 

  89. 			if($this->frm->getField('email')->isFilled(BL::err('EmailIsRequired')))
    90. 

  90. 			{
    91. 

  91. 				// is this an email-address
    92. 

  92. 				if($this->frm->getField('email')->isEmail(BL::err('EmailIsInvalid')))
    93. 

  93. 				{
    94. 

  94. 					// was this emailaddress deleted before
    95. 

  95. 					if(BackendUsersModel::emailDeletedBefore($this->frm->getField('email')->getValue())) $this->frm->getField('email')->addError(sprintf(BL::err('EmailWasDeletedBefore'), BackendModel::createURLForAction('undo_delete', null, null, array('email' => $this->frm->getField('email')->getValue()))));
    96. 

  96. 

  97. 					else
    98. 

  98. 					{
    99. 

  99. 						// email already exists
    100. 

  100. 						if(BackendUsersModel::existsEmail($this->frm->getField('email')->getValue())) $this->frm->getField('email')->addError(BL::err('EmailAlreadyExists'));
    101. 

  101. 					}
    102. 

  102. 				}
    103. 

  103. 			}
    104. 

  104. 

  105. 			// required fields
    106. 

  106. 			$this->frm->getField('password')->isFilled(BL::err('PasswordIsRequired'));
    107. 

  107. 			$this->frm->getField('nickname')->isFilled(BL::err('NicknameIsRequired'));
    108. 

  108. 			$this->frm->getField('name')->isFilled(BL::err('NameIsRequired'));
    109. 

  109. 			$this->frm->getField('surname')->isFilled(BL::err('SurnameIsRequired'));
    110. 

  110. 			$this->frm->getField('interface_language')->isFilled(BL::err('FieldIsRequired'));
    111. 

  111. 			$this->frm->getField('date_format')->isFilled(BL::err('FieldIsRequired'));
    112. 

  112. 			$this->frm->getField('time_format')->isFilled(BL::err('FieldIsRequired'));
    113. 

  113. 			$this->frm->getField('number_format')->isFilled(BL::err('FieldIsRequired'));
    114. 

  114. 			if($this->frm->getField('password')->isFilled())
    115. 

  115. 			{
    116. 

  116. 				if($this->frm->getField('password')->getValue() !== $this->frm->getField('confirm_password')->getValue()) $this->frm->getField('confirm_password')->addError(BL::err('ValuesDontMatch'));
    117. 

  117. 			}
    118. 

  118. 

  119. 			// validate avatar
    120. 

  120. 			if($this->frm->getField('avatar')->isFilled())
    121. 

  121. 			{
    122. 

  122. 				// correct extension
    123. 

  123. 				if($this->frm->getField('avatar')->isAllowedExtension(array('jpg', 'jpeg', 'gif', 'png'), BL::err('JPGGIFAndPNGOnly')))
    124. 

  124. 				{
    125. 

  125. 					// correct mimetype?
    126. 

  126. 					$this->frm->getField('avatar')->isAllowedMimeType(array('image/gif', 'image/jpg', 'image/jpeg', 'image/png'), BL::err('JPGGIFAndPNGOnly'));
    127. 

  127. 				}
    128. 

  128. 			}
    129. 

  129. 

  130. 			// no errors?
    131. 

  131. 			if($this->frm->isCorrect())
    132. 

  132. 			{
    133. 

  133. 				// build settings-array
    134. 

  134. 				$settings['nickname'] = $this->frm->getField('nickname')->getValue();
    135. 

  135. 				$settings['name'] = $this->frm->getField('name')->getValue();
    136. 

  136. 				$settings['surname'] = $this->frm->getField('surname')->getValue();
    137. 

  137. 				$settings['interface_language'] = $this->frm->getField('interface_language')->getValue();
    138. 

  138. 				$settings['date_format'] = $this->frm->getField('date_format')->getValue();
    139. 

  139. 				$settings['time_format'] = $this->frm->getField('time_format')->getValue();
    140. 

  140. 				$settings['datetime_format'] = $settings['date_format'] . ' ' . $settings['time_format'];
    141. 

  141. 				$settings['number_format'] = $this->frm->getField('number_format')->getValue();
    142. 

  142. 				$settings['password_key'] = uniqid();
    143. 

  143. 				$settings['avatar'] = 'no-avatar.gif';
    144. 

  144. 				$settings['api_access'] = (bool) $this->frm->getField('api_access')->getChecked();
    145. 

  145. 

  146. 				// build user-array
    147. 

  147. 				$user['email'] = $this->frm->getField('email')->getValue();
    148. 

  148. 				$user['password'] = BackendAuthentication::getEncryptedString($this->frm->getField('password')->getValue(true), $settings['password_key']);
    149. 

  149. 				$user['group_id'] = $this->frm->getField('group')->getValue();
    150. 

  150. 

  151. 				// save changes
    152. 

  152. 				$user['id'] = (int) BackendUsersModel::insert($user, $settings);
    153. 

  153. 

  154. 				// has the user submitted an avatar?
    155. 

  155. 				if($this->frm->getField('avatar')->isFilled())
    156. 

  156. 				{
    157. 

  157. 					// create new filename
    158. 

  158. 					$filename = rand(0,3) . '_' . $user['id'] . '.' . $this->frm->getField('avatar')->getExtension();
    159. 

  159. 

  160. 					// add into settings to update
    161. 

  161. 					$settings['avatar'] = $filename;
    162. 

  162. 

  163. 					// resize (128x128)
    164. 

  164. 					$this->frm->getField('avatar')->createThumbnail(FRONTEND_FILES_PATH . '/backend_users/avatars/128x128/' . $filename, 128, 128, true, false, 100);
    165. 

  165. 

  166. 					// resize (64x64)
    167. 

  167. 					$this->frm->getField('avatar')->createThumbnail(FRONTEND_FILES_PATH . '/backend_users/avatars/64x64/' . $filename, 64, 64, true, false, 100);
    168. 

  168. 

  169. 					// resize (32x32)
    170. 

  170. 					$this->frm->getField('avatar')->createThumbnail(FRONTEND_FILES_PATH . '/backend_users/avatars/32x32/' . $filename, 32, 32, true, false, 100);
    171. 

  171. 				}
    172. 

  172. 

  173. 				// update settings (in this case the avatar)
    174. 

  174. 				BackendUsersModel::update($user, $settings);
    175. 

  175. 

  176. 				// everything is saved, so redirect to the overview
    177. 

  177. 				$this->redirect(BackendModel::createURLForAction('index') . '&report=added&var=' . $settings['nickname'] . '&highlight=row-' . $user['id']);
    178. 

  178. 			}
    179. 

  179. 		}
    180. 

  180. 	}
    181. 

  181. }
    182. 

  182. 

  183. ?>
    184.