PageRenderTime 44ms CodeModel.GetById 17ms RepoModel.GetById 0ms app.codeStats 0ms

/classes/user/form/CreateAccountForm.inc.php

https://github.com/lib-uoguelph-ca/ocs
PHP | 333 lines | 229 code | 53 blank | 51 comment | 33 complexity | 4f2c65d8a9f155db47bef537d9fee45a MD5 | raw file
Possible License(s): GPL-2.0 
    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * @defgroup user_form
    5. 

  5.  */
    6. 

  6. 

  7. /**
    8. 

  8.  * @file CreateAccountForm.inc.php
    9. 

  9.  *
    10. 

  10.  * Copyright (c) 2000-2012 John Willinsky
    11. 

  11.  * Distributed under the GNU GPL v2. For full terms see the file docs/COPYING.
    12. 

  12.  *
    13. 

  13.  * @class CreateAccountForm
    14. 

  14.  * @ingroup user_form
    15. 

  15.  *
    16. 

  16.  * @brief Form for user account creation.
    17. 

  17.  *
    18. 

  18.  */
    19. 

  19. 

  20. // $Id$
    21. 

  21. 

  22. 

  23. import('form.Form');
    24. 

  24. 

  25. class CreateAccountForm extends Form {
    26. 

  26. 	/** @var boolean user is already registered with another conference */
    27. 

  27. 	var $existingUser;
    28. 

  28. 

  29. 	/** @var AuthPlugin default authentication source, if specified */
    30. 

  30. 	var $defaultAuth;
    31. 

  31. 

  32. 	/** @var boolean whether or not captcha is enabled for this form */
    33. 

  33. 	var $captchaEnabled;
    34. 

  34. 

  35. 	/**
    36. 

  36. 	 * Constructor.
    37. 

  37. 	 */
    38. 

  38. 	function CreateAccountForm() {
    39. 

  39. 		parent::Form('user/createAccount.tpl');
    40. 

  40. 

  41. 		$this->existingUser = Request::getUserVar('existingUser') ? 1 : 0;
    42. 

  42. 

  43. 		import('captcha.CaptchaManager');
    44. 

  44. 		$captchaManager = new CaptchaManager();
    45. 

  45. 		$this->captchaEnabled = ($captchaManager->isEnabled() && Config::getVar('captcha', 'captcha_on_register'))?true:false;
    46. 

  46. 

  47. 		// Validation checks for this form
    48. 

  48. 		$this->addCheck(new FormValidator($this, 'username', 'required', 'user.profile.form.usernameRequired'));
    49. 

  49. 		$this->addCheck(new FormValidator($this, 'password', 'required', 'user.profile.form.passwordRequired'));
    50. 

  50. 

  51. 		if ($this->existingUser) {
    52. 

  52. 			// Existing user -- check login
    53. 

  53. 			$this->addCheck(new FormValidatorCustom($this, 'username', 'required', 'user.login.loginError', create_function('$username,$form', 'return Validation::checkCredentials($form->getData(\'username\'), $form->getData(\'password\'));'), array(&$this)));
    54. 

  54. 		} else {
    55. 

  55. 			// New user -- check required profile fields
    56. 

  56. 			$site =& Request::getSite();
    57. 

  57. 

  58. 			$this->addCheck(new FormValidatorCustom($this, 'username', 'required', 'user.account.form.usernameExists', array(DAORegistry::getDAO('UserDAO'), 'userExistsByUsername'), array(), true));
    59. 

  59. 			$this->addCheck(new FormValidatorAlphaNum($this, 'username', 'required', 'user.account.form.usernameAlphaNumeric'));
    60. 

  60. 			$this->addCheck(new FormValidatorLength($this, 'password', 'required', 'user.account.form.passwordLengthTooShort', '>=', $site->getMinPasswordLength()));
    61. 

  61. 			$this->addCheck(new FormValidatorCustom($this, 'password', 'required', 'user.account.form.passwordsDoNotMatch', create_function('$password,$form', 'return $password == $form->getData(\'password2\');'), array(&$this)));
    62. 

  62. 			$this->addCheck(new FormValidator($this, 'firstName', 'required', 'user.profile.form.firstNameRequired'));
    63. 

  63. 			$this->addCheck(new FormValidator($this, 'lastName', 'required', 'user.profile.form.lastNameRequired'));
    64. 

  64. 			$this->addCheck(new FormValidatorUrl($this, 'userUrl', 'optional', 'user.profile.form.urlInvalid'));
    65. 

  65. 			$this->addCheck(new FormValidatorEmail($this, 'email', 'required', 'user.profile.form.emailRequired'));
    66. 

  66. 			$this->addCheck(new FormValidator($this, 'affiliation', 'required', 'user.profile.form.affiliationRequired'));
    67. 

  67. 			$this->addCheck(new FormValidatorCustom($this, 'email', 'required', 'user.account.form.emailExists', array(DAORegistry::getDAO('UserDAO'), 'userExistsByEmail'), array(), true));
    68. 

  68. 			if ($this->captchaEnabled) {
    69. 

  69. 				$this->addCheck(new FormValidatorCaptcha($this, 'captcha', 'captchaId', 'common.captchaField.badCaptcha'));
    70. 

  70. 			}
    71. 

  71. 

  72. 			$authDao =& DAORegistry::getDAO('AuthSourceDAO');
    73. 

  73. 			$this->defaultAuth =& $authDao->getDefaultPlugin();
    74. 

  74. 			if (isset($this->defaultAuth)) {
    75. 

  75. 				$this->addCheck(new FormValidatorCustom($this, 'username', 'required', 'user.account.form.usernameExists', create_function('$username,$form,$auth', 'return (!$auth->userExists($username) || $auth->authenticate($username, $form->getData(\'password\')));'), array(&$this, $this->defaultAuth)));
    76. 

  76. 			}
    77. 

  77. 		}
    78. 

  78. 

  79. 		$this->addCheck(new FormValidatorPost($this));
    80. 

  80. 	}
    81. 

  81. 

  82. 	/**
    83. 

  83. 	 * Display the form.
    84. 

  84. 	 */
    85. 

  85. 	function display() {
    86. 

  86. 		$templateMgr =& TemplateManager::getManager();
    87. 

  87. 		$site =& Request::getSite();
    88. 

  88. 		$templateMgr->assign('minPasswordLength', $site->getMinPasswordLength());
    89. 

  89. 		$conference =& Request::getConference();
    90. 

  90. 		$schedConf =& Request::getSchedConf();
    91. 

  91. 

  92. 		if ($this->captchaEnabled) {
    93. 

  93. 			import('captcha.CaptchaManager');
    94. 

  94. 			$captchaManager = new CaptchaManager();
    95. 

  95. 			$captcha =& $captchaManager->createCaptcha();
    96. 

  96. 			if ($captcha) {
    97. 

  97. 				$templateMgr->assign('captchaEnabled', $this->captchaEnabled);
    98. 

  98. 				$this->setData('captchaId', $captcha->getId());
    99. 

  99. 			}
    100. 

  100. 		}
    101. 

  101. 

  102. 		$countryDao =& DAORegistry::getDAO('CountryDAO');
    103. 

  103. 		$countries =& $countryDao->getCountries();
    104. 

  104. 		$templateMgr->assign_by_ref('countries', $countries);
    105. 

  105. 

  106. 		import('schedConf.SchedConfAction');
    107. 

  107. 		
    108. 

  108. 		$userDao =& DAORegistry::getDAO('UserDAO');
    109. 

  109. 		$templateMgr->assign('genderOptions', $userDao->getGenderOptions());
    110. 

  110. 

  111. 		$templateMgr->assign('privacyStatement', $conference->getLocalizedSetting('privacyStatement'));
    112. 

  112. 		$templateMgr->assign('enableOpenAccessNotification', $schedConf->getSetting('enableOpenAccessNotification')==1?1:0);
    113. 

  113. 		$templateMgr->assign('allowRegReader', SchedConfAction::allowRegReader($schedConf));
    114. 

  114. 		$templateMgr->assign('allowRegAuthor', SchedConfAction::allowRegAuthor($schedConf));
    115. 

  115. 		$templateMgr->assign('allowRegReviewer', SchedConfAction::allowRegReviewer($schedConf));
    116. 

  116. 		$templateMgr->assign('source', Request::getUserVar('source'));
    117. 

  117. 		$templateMgr->assign('pageHierarchy', array(
    118. 

  118. 			array(Request::url(null, 'index', 'index'), $conference->getConferenceTitle(), true),
    119. 

  119. 			array(Request::url(null, null, 'index'), $schedConf->getSchedConfTitle(), true)));
    120. 

  120. 

  121. 		$site =& Request::getSite();
    122. 

  122. 		$templateMgr->assign('availableLocales', $site->getSupportedLocaleNames());
    123. 

  123. 

  124. 		$templateMgr->assign('helpTopicId', 'conference.users.index');		
    125. 

  125. 		parent::display();
    126. 

  126. 	}
    127. 

  127. 

  128. 	function getLocaleFieldNames() {
    129. 

  129. 		$userDao =& DAORegistry::getDAO('UserDAO');
    130. 

  130. 		return $userDao->getLocaleFieldNames();
    131. 

  131. 	}
    132. 

  132. 

  133. 	/**
    134. 

  134. 	 * Initialize default data.
    135. 

  135. 	 */
    136. 

  136. 	function initData() {
    137. 

  137. 		$this->setData('createAsReader', 1);
    138. 

  138. 		if (Request::getUserVar('requiresAuthor')) $this->setData('createAsAuthor', 1);
    139. 

  139. 		$this->setData('existingUser', $this->existingUser);
    140. 

  140. 		$this->setData('userLocales', array());
    141. 

  141. 		$this->setData('sendPassword', 1);
    142. 

  142. 	}
    143. 

  143. 

  144. 	/**
    145. 

  145. 	 * Assign form data to user-submitted data.
    146. 

  146. 	 */
    147. 

  147. 	function readInputData() {
    148. 

  148. 		$userVars = array(
    149. 

  149. 			'username', 'password', 'password2',
    150. 

  150. 			'salutation', 'firstName', 'middleName', 'lastName',
    151. 

  151. 			'gender', 'initials', 'country',
    152. 

  152. 			'affiliation', 'email', 'userUrl', 'phone', 'fax', 'signature',
    153. 

  153. 			'mailingAddress', 'biography', 'interests', 'userLocales',
    154. 

  154. 			'createAsReader', 'openAccessNotification', 'createAsAuthor',
    155. 

  155. 			'createAsReviewer', 'existingUser', 'sendPassword'
    156. 

  156. 		);
    157. 

  157. 		if ($this->captchaEnabled) {
    158. 

  158. 			$userVars[] = 'captchaId';
    159. 

  159. 			$userVars[] = 'captcha';
    160. 

  160. 		}
    161. 

  161. 

  162. 		$this->readUserVars($userVars);
    163. 

  163. 

  164. 		if ($this->getData('userLocales') == null || !is_array($this->getData('userLocales'))) {
    165. 

  165. 			$this->setData('userLocales', array());
    166. 

  166. 		}
    167. 

  167. 

  168. 		if ($this->getData('username') != null) {
    169. 

  169. 			// Usernames must be lowercase
    170. 

  170. 			$this->setData('username', strtolower($this->getData('username')));
    171. 

  171. 		}
    172. 

  172. 	}
    173. 

  173. 

  174. 	/**
    175. 

  175. 	 * Send the registration confirmation email.
    176. 

  176. 	 * @param $user object
    177. 

  177. 	 */
    178. 

  178. 	function sendConfirmationEmail($user, $password, $sendPassword) {
    179. 

  179. 		$schedConf =& Request::getSchedConf();
    180. 

  180. 		import('mail.MailTemplate');
    181. 

  181. 		if (Config::getVar('email', 'require_validation')) {
    182. 

  182. 			// Create an access key
    183. 

  183. 			import('security.AccessKeyManager');
    184. 

  184. 			$accessKeyManager = new AccessKeyManager();
    185. 

  185. 			$accessKey = $accessKeyManager->createKey('RegisterContext', $user->getId(), null, Config::getVar('email', 'validation_timeout'));
    186. 

  186. 

  187. 			// Send email validation request to user
    188. 

  188. 			$mail = new MailTemplate('USER_VALIDATE');
    189. 

  189. 			$mail->setFrom($schedConf->getSetting('contactEmail'), $schedConf->getSetting('contactName'));
    190. 

  190. 			$mail->assignParams(array(
    191. 

  191. 				'userFullName' => $user->getFullName(),
    192. 

  192. 				'activateUrl' => Request::url(null, null, 'user', 'activateUser', array($user->getUsername(), $accessKey))
    193. 

  193. 			));
    194. 

  194. 			$mail->addRecipient($user->getEmail(), $user->getFullName());
    195. 

  195. 			$mail->send();
    196. 

  196. 			unset($mail);
    197. 

  197. 		}
    198. 

  198. 		if ($sendPassword) {
    199. 

  199. 			// Send welcome email to user
    200. 

  200. 			$mail = new MailTemplate('USER_REGISTER');
    201. 

  201. 			$mail->setFrom($schedConf->getSetting('contactEmail'), $schedConf->getSetting('contactName'));
    202. 

  202. 			$mail->assignParams(array(
    203. 

  203. 				'username' => $user->getUsername(),
    204. 

  204. 				'password' => String::substr($password, 0, 30), // Prevent mailer abuse via long passwords
    205. 

  205. 			));
    206. 

  206. 			$mail->addRecipient($user->getEmail(), $user->getFullName());
    207. 

  207. 			$mail->send();
    208. 

  208. 			unset($mail);
    209. 

  209. 		}
    210. 

  210. 	}
    211. 

  211. 

  212. 	/**
    213. 

  213. 	 * Register a new user.
    214. 

  214. 	 */
    215. 

  215. 	function execute() {
    216. 

  216. 		$requireValidation = Config::getVar('email', 'require_validation');
    217. 

  217. 		if ($this->existingUser) {
    218. 

  218. 			// Existing user in the system
    219. 

  219. 			$userDao =& DAORegistry::getDAO('UserDAO');
    220. 

  220. 			$user =& $userDao->getUserByUsername($this->getData('username'));
    221. 

  221. 			if ($user == null) {
    222. 

  222. 				return false;
    223. 

  223. 			}
    224. 

  224. 

  225. 			$userId = $user->getId();
    226. 

  226. 

  227. 		} else {
    228. 

  228. 			// New user
    229. 

  229. 			$user = new User();
    230. 

  230. 

  231. 			$user->setUsername($this->getData('username'));
    232. 

  232. 			$user->setSalutation($this->getData('salutation'));
    233. 

  233. 			$user->setFirstName($this->getData('firstName'));
    234. 

  234. 			$user->setMiddleName($this->getData('middleName'));
    235. 

  235. 			$user->setInitials($this->getData('initials'));
    236. 

  236. 			$user->setLastName($this->getData('lastName'));
    237. 

  237. 			$user->setGender($this->getData('gender'));
    238. 

  238. 			$user->setAffiliation($this->getData('affiliation'));
    239. 

  239. 			$user->setSignature($this->getData('signature'), null); // Localized
    240. 

  240. 			$user->setEmail($this->getData('email'));
    241. 

  241. 			$user->setUrl($this->getData('userUrl'));
    242. 

  242. 			$user->setPhone($this->getData('phone'));
    243. 

  243. 			$user->setFax($this->getData('fax'));
    244. 

  244. 			$user->setMailingAddress($this->getData('mailingAddress'));
    245. 

  245. 			$user->setBiography($this->getData('biography'), null); // Localized
    246. 

  246. 			$user->setInterests($this->getData('interests'), null); // Localized
    247. 

  247. 			$user->setDateRegistered(Core::getCurrentDate());
    248. 

  248. 			$user->setCountry($this->getData('country'));
    249. 

  249. 

  250. 			$site =& Request::getSite();
    251. 

  251. 			$availableLocales = $site->getSupportedLocales();
    252. 

  252. 

  253. 			$locales = array();
    254. 

  254. 			foreach ($this->getData('userLocales') as $locale) {
    255. 

  255. 				if (AppLocale::isLocaleValid($locale) && in_array($locale, $availableLocales)) {
    256. 

  256. 					array_push($locales, $locale);
    257. 

  257. 				}
    258. 

  258. 			}
    259. 

  259. 			$user->setLocales($locales);
    260. 

  260. 

  261. 			if (isset($this->defaultAuth)) {
    262. 

  262. 				$user->setPassword($this->getData('password'));
    263. 

  263. 				// FIXME Check result and handle failures
    264. 

  264. 				$this->defaultAuth->doCreateUser($user);
    265. 

  265. 				$user->setAuthId($this->defaultAuth->authId);
    266. 

  266. 			}
    267. 

  267. 			$user->setPassword(Validation::encryptCredentials($this->getData('username'), $this->getData('password')));
    268. 

  268. 

  269. 			if ($requireValidation) {
    270. 

  270. 				// The account should be created in a disabled
    271. 

  271. 				// state.
    272. 

  272. 				$user->setDisabled(true);
    273. 

  273. 				$user->setDisabledReason(__('user.login.accountNotValidated'));
    274. 

  274. 			}
    275. 

  275. 

  276. 			$userDao =& DAORegistry::getDAO('UserDAO');
    277. 

  277. 			$userDao->insertUser($user);
    278. 

  278. 			$userId = $user->getId();
    279. 

  279. 			if (!$userId) {
    280. 

  280. 				return false;
    281. 

  281. 			}
    282. 

  282. 

  283. 			$sessionManager =& SessionManager::getManager();
    284. 

  284. 			$session =& $sessionManager->getUserSession();
    285. 

  285. 			$session->setSessionVar('username', $user->getUsername());
    286. 

  286. 

  287. 		}
    288. 

  288. 

  289. 		$conference =& Request::getConference();
    290. 

  290. 		$schedConf =& Request::getSchedConf();
    291. 

  291. 

  292. 		$roleDao =& DAORegistry::getDAO('RoleDAO');
    293. 

  293. 

  294. 		// Roles users are allowed to register themselves in
    295. 

  295. 		$allowedRoles = array('reader' => 'createAsReader', 'author' => 'createAsAuthor', 'reviewer' => 'createAsReviewer');
    296. 

  296. 

  297. 		import('schedConf.SchedConfAction');
    298. 

  298. 		if (!SchedConfAction::allowRegReader($schedConf)) {
    299. 

  299. 			unset($allowedRoles['reader']);
    300. 

  300. 		}
    301. 

  301. 		if (!SchedConfAction::allowRegAuthor($schedConf)) {
    302. 

  302. 			unset($allowedRoles['author']);
    303. 

  303. 		}
    304. 

  304. 		if (!SchedConfAction::allowRegReviewer($schedConf)) {
    305. 

  305. 			unset($allowedRoles['reviewer']);
    306. 

  306. 		}
    307. 

  307. 

  308. 		foreach ($allowedRoles as $k => $v) {
    309. 

  309. 			$roleId = $roleDao->getRoleIdFromPath($k);
    310. 

  310. 			if ($this->getData($v) && !$roleDao->roleExists($conference->getId(), $schedConf->getId(), $userId, $roleId)) {
    311. 

  311. 				$role = new Role();
    312. 

  312. 				$role->setConferenceId($conference->getId());
    313. 

  313. 				$role->setSchedConfId($schedConf->getId());
    314. 

  314. 				$role->setUserId($userId);
    315. 

  315. 				$role->setRoleId($roleId);
    316. 

  316. 				$roleDao->insertRole($role);
    317. 

  317. 

  318. 			}
    319. 

  319. 		}
    320. 

  320. 

  321. 		if (!$this->existingUser) {
    322. 

  322. 			$this->sendConfirmationEmail($user, $this->getData('password'), $this->getData('sendPassword'));
    323. 

  323. 		}
    324. 

  324. 

  325. 		if (isset($allowedRoles['reader']) && $this->getData('openAccessNotification')) {
    326. 

  326. 			$userSettingsDao =& DAORegistry::getDAO('UserSettingsDAO');
    327. 

  327. 			$userSettingsDao->updateSetting($userId, 'openAccessNotification', true, 'bool', $conference->getId());
    328. 

  328. 		}
    329. 

  329. 	}
    330. 

  330. 

  331. }
    332. 

  332. 

  333. ?>
    334. 

  334.