6543/CommunityID
1
0
Fork 0
Code Issues 3 Pull Requests Releases Wiki Activity

import v2.0.0.0_RC3 | 2012-07-01

Browse Source 
https://github.com/lucanos/CommunityID -> http://www.itadmins.net/archives/357
This commit is contained in:
6543
2019-07-17 22:31:04 +02:00
parent 38c146901c
commit 2f397f01f7
2677 changed files with 296182 additions and 45159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
modules/users/controllers/LoginController.php Executable file → Normal file
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkey Ltd
* @since CommunityID 0.9
@ -25,11 +25,28 @@ class Users_LoginController extends CommunityID_Controller_Action
$this->view->loginForm = new Users_Form_Login(null, $this->view->base, $this->view->useCaptcha);
if ($this->_config->SSL->enable_mixed_mode) {
$this->view->loginTargetBase = 'https://' . $_SERVER['HTTP_HOST'] . $this->view->base;
if ($this->_config->subdomain->enabled) {
// in this case $this->view->base contains the full URL, so we just gotta replace the protocol
$this->view->loginTargetBase = 'https' . substr($this->view->base, strpos($this->view->base, '://'));
} else {
$this->view->loginTargetBase = 'https://' . $_SERVER['HTTP_HOST'] . $this->view->base;
}
} else {
$this->view->loginTargetBase = $this->view->base;
}
$this->view->allowRegistrations = $this->_config->environment->registrations_enabled;
if ($this->user->role == Users_Model_User::ROLE_GUEST && @$_COOKIE['image']) {
$images = new Users_Model_SigninImages();
$this->view->image = $images->getByCookie($_COOKIE['image']);
} else {
$this->view->image = false;
}
$this->view->yubikey = $this->_config->yubikey;
$this->_helper->viewRenderer->setResponseSegment('sidebar');
}
@ -48,9 +65,15 @@ class Users_LoginController extends CommunityID_Controller_Action
}
$users = new Users_Model_Users();
$result = $users->authenticate($this->_request->getPost('username'),
$this->_request->getPost('password'));
$result = $users->authenticate(
$this->_request->getPost('username'),
$this->_config->yubikey->enabled && $this->_config->yubikey->force?
$this->_request->getPost('yubikey')
: $this->_request->getPost('password'),
false,
$this->view
);
if ($result) {
$user = $users->getUser();

37
modules/users/controllers/ManageusersController.php
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkey Ltd
* @since CommunityID 0.9
@ -21,7 +21,13 @@ class Users_ManageusersController extends CommunityID_Controller_Action
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNeverRender(true);
if ($this->_config->ldap->enabled && $this->_config->ldap->keepRecordsSynced) {
$ldap = Monkeys_Ldap::getInstance();
$ldap->delete($this->targetUser);
}
$this->targetUser->delete();
echo $this->view->translate('User has been deleted successfully');
}
@ -42,31 +48,30 @@ class Users_ManageusersController extends CommunityID_Controller_Action
$mail = self::getMail($user, $this->view->translate('Community-ID registration reminder'));
try {
$mail->send();
$user->reminders++;
$user->save();
} catch (Zend_Mail_Protocol_Exception $e) {
$this->_increaseReminderCount($user);
} catch (Zend_Mail_Exception $e) {
Zend_Registry::get('logger')->log($e->getMessage(), Zend_Log::ERR);
if (!$this->_config->environment->production) {
// still increase the reminder counter when testing
$this->_increaseReminderCount($user);
}
}
}
}
private function _increaseReminderCount(Users_Model_User $user)
{
$user->reminders++;
$user->save();
}
/**
* @return Zend_Mail
* @throws Zend_Mail_Protocol_Exception
*/
public static function getMail(Users_Model_User $user, $subject)
{
$locale = Zend_Registry::get('Zend_Locale');
$localeElements = explode('_', $locale);
if (file_exists(APP_DIR . "/resources/$locale/reminder_mail.txt")) {
$file = APP_DIR . "/resources/$locale/reminder_mail.txt";
} else if (count($localeElements == 2)
&& file_exists(APP_DIR . "/resources/".$localeElements[0]."/reminder_mail.txt")) {
$file = APP_DIR . "/resources/".$localeElements[0]."/reminder_mail.txt";
} else {
$file = APP_DIR . "/resources/en/reminder_mail.txt";
}
$file = CommunityID_Resources::getResourcePath('reminder_mail.txt');
$emailTemplate = file_get_contents($file);
$emailTemplate = str_replace('{userName}', $user->getFullName(), $emailTemplate);
@ -74,7 +79,7 @@ class Users_ManageusersController extends CommunityID_Controller_Action
preg_match('#(.*)/manageusers/sendreminder#', $currentUrl, $matches);
$emailTemplate = str_replace('{registrationURL}', $matches[1] . '/register/eula?token=' . $user->token, $emailTemplate);
// can't use $this-_config 'cause it's a static function
// can't use $this->_config 'cause it's a static function
$configEmail = Zend_Registry::get('config')->email;
switch (strtolower($configEmail->transport)) {

62
modules/users/controllers/PersonalinfoController.php
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkey Ltd
* @since CommunityID 0.9
@ -20,30 +20,33 @@ class Users_PersonalinfoController extends CommunityID_Controller_Action
public function indexAction()
{
$this->_helper->actionStack('index', 'login', 'users');
}
$profiles = new Users_Model_Profiles();
$this->view->profiles = $profiles->getForUser($this->user);
public function showAction()
{
$fields = new Model_Fields();
$this->view->fields = $fields->getValues($this->user);
$this->_helper->actionStack('index', 'login', 'users');
}
public function editAction()
{
$this->view->profile = $this->_getProfile();
$appSession = Zend_Registry::get('appSession');
if (isset($appSession->personalInfoForm)) {
$this->view->fields = $appSession->personalInfoForm->getElements();
unset($appSession->personalInfoForm);
} else {
$personalInfoForm = new Users_Form_PersonalInfo(null, $this->user);
$personalInfoForm = new Users_Form_PersonalInfo(null, $this->view->profile);
$this->view->fields = $personalInfoForm->getElements();
}
$this->_helper->actionStack('index', 'login', 'users');
}
public function saveAction()
{
$form = new Users_Form_PersonalInfo(null, $this->user);
$profile = $this->_getProfile();
$form = new Users_Form_PersonalInfo(null, $profile);
$formData = $this->_request->getPost();
$form->populate($formData);
@ -55,15 +58,23 @@ class Users_PersonalinfoController extends CommunityID_Controller_Action
}
$fieldsValues = new Model_FieldsValues();
$fieldsValues->deleteForUser($this->user);
if ($this->_getParam('profile')) {
$fieldsValues->deleteForProfile($profile);
} else {
$profile->user_id = $this->user->id;
$profile->name = $form->getValue('profileName');
$profile->save();
}
foreach ($form->getValues() as $fieldName => $fieldValue) {
if (!$fieldValue) {
if ($fieldName == 'profileName' || !$fieldValue) {
continue;
}
$fieldsValue = $fieldsValues->createRow();
$fieldsValue->user_id = $this->user->id;
$fieldsValue->profile_id = $profile->id;
list(, $fieldId) = explode('_', $fieldName);
$fieldsValue->field_id = $fieldId;
@ -73,7 +84,34 @@ class Users_PersonalinfoController extends CommunityID_Controller_Action
$fieldsValue->save();
}
$this->_helper->FlashMessenger->addMessage($this->view->translate('Profile has been saved'));
$this->_redirect('/users/personalinfo');
}
$this->_forward('show');
public function deleteAction()
{
$profile = $this->_getProfile();
if ($profile->id) {
$profile->delete();
}
$this->_helper->FlashMessenger->addMessage($this->view->translate('Profile has been deleted'));
$this->_redirect('/users/personalinfo');
}
private function _getProfile()
{
$profiles = new Users_Model_Profiles();
if (!$this->_getParam('profile')) {
return $profiles->createRow();
}
$profile = $profiles->getRowInstance($this->_getParam('profile'));
if (!$profile || $profile->user_id != $this->user->id) {
throw new Monkeys_AccessDeniedException();
}
return $profile;
}
}

9
modules/users/controllers/ProfileController.php Executable file → Normal file
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkey Ltd
* @since CommunityID 0.9
@ -17,6 +17,13 @@ class Users_ProfileController extends CommunityID_Controller_Action
throw new Monkeys_AccessDeniedException();
}
$this->view->canEditAccountInfo = !$this->_config->ldap->enabled
|| ($this->_config->ldap->enabled && $this->_config->ldap->keepRecordsSynced);
$this->view->canChangePassword = !$this->_config->ldap->enabled
|| ($this->_config->ldap->enabled && $this->_config->ldap->canChangePassword);
$this->view->yubikey = $this->_config->yubikey;
$this->_helper->actionStack('index', 'login', 'users');
}
}

157
modules/users/controllers/ProfilegeneralController.php
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkey Ltd
* @since CommunityID 0.9
@ -24,13 +24,15 @@ class Users_ProfilegeneralController extends CommunityID_Controller_Action
public function accountinfoAction()
{
$this->view->yubikey = $this->_config->yubikey;
}
public function editaccountinfoAction()
{
if ($this->targetUser->id != $this->user->id
// this condition checks for an non-admin trying to add a new user
&& ($this->targetUser->id != 0 || $this->user->role != Users_Model_User::ROLE_ADMIN))
if (($this->targetUser->id != $this->user->id
// this condition checks for an non-admin trying to add a new user
&& ($this->targetUser->id != 0 || $this->user->role != Users_Model_User::ROLE_ADMIN))
|| ($this->_config->ldap->enabled && !$this->_config->ldap->keepRecordsSynced))
{
throw new Monkeys_AccessDeniedException();
}
@ -46,16 +48,22 @@ class Users_ProfilegeneralController extends CommunityID_Controller_Action
'firstname' => $this->targetUser->firstname,
'lastname' => $this->targetUser->lastname,
'email' => $this->targetUser->email,
'authMethod' => $this->targetUser->auth_type,
'yubikey' => '' // of course empty
));
}
$this->view->yubikey = $this->_config->yubikey;
}
public function saveaccountinfoAction()
{
$isNewUser = is_null($this->targetUser->id)? true : false;
if (!$isNewUser && $this->targetUser->id != $this->user->id) {
// admins can add new users, but not edit existing ones
if (
// admins can add new users, but not edit existing ones
(!$isNewUser && $this->targetUser->id != $this->user->id)
|| ($this->_config->ldap->enabled && !$this->_config->ldap->keepRecordsSynced)) {
throw new Monkeys_AccessDeniedException();
}
@ -68,9 +76,10 @@ class Users_ProfilegeneralController extends CommunityID_Controller_Action
}
$existingUsernameOrEmail = false;
$oldUsername = $this->targetUser->username;
$newUsername = $form->getValue('username');
if (($isNewUser && $this->_usernameAlreadyExists($newUsername))
|| (!$isNewUser && ($this->targetUser->username != $newUsername)
|| (!$isNewUser && ($oldUsername != $newUsername)
&& $this->_usernameAlreadyExists($newUsername)))
{
$form->username->addError($this->view->translate('This username is already in use'));
@ -90,6 +99,21 @@ class Users_ProfilegeneralController extends CommunityID_Controller_Action
return $this->_redirectInvalidForm($form);
}
if ($this->_config->yubikey->enabled) {
$this->targetUser->auth_type = $form->getValue('authMethod');
$yubikey = trim($form->getValue('yubikey'));
if ($form->getValue('authMethod') == Users_Model_User::AUTH_YUBIKEY) {
// only store or update yubikey for new users or existing that filled in something
if ($isNewUser || $yubikey) {
if (!$publicId = $this->_getYubikeyPublicId($yubikey)) {
$form->yubikey->addError($this->view->translate('Could not validate Yubikey'));
return $this->_redirectInvalidForm($form);
}
$this->targetUser->yubikey_publicid = $publicId;
}
}
}
$this->targetUser->username = $newUsername;
$this->targetUser->firstname = $form->getValue('firstname');
$this->targetUser->lastname = $form->getValue('lastname');
@ -97,11 +121,35 @@ class Users_ProfilegeneralController extends CommunityID_Controller_Action
if ($isNewUser) {
$this->targetUser->accepted_eula = 1;
$this->targetUser->registration_date = date('Y-m-d');
$this->targetUser->openid = $this->_generateOpenId($this->targetUser->username);
preg_match('#(.*)/users/profile.*#', Zend_OpenId::selfURL(), $matches);
$this->targetUser->generateOpenId($matches[1]);
$this->targetUser->role = Users_Model_User::ROLE_REGISTERED;
$this->targetUser->setClearPassword($form->getValue('password1'));
}
if ($this->_config->ldap->enabled && $this->_config->ldap->keepRecordsSynced) {
$ldap = Monkeys_Ldap::getInstance();
if ($isNewUser) {
$this->targetUser->setPassword($form->getValue('password1'));
$ldap->add($this->targetUser);
} else {
if ($oldUsername != $newUsername) {
$ldap->modifyUsername($this->targetUser, $oldUsername);
}
$ldap->modify($this->targetUser);
}
// LDAP passwords must not be stored in the DB
$this->targetUser->setPassword('');
}
$this->targetUser->save();
if ($isNewUser) {
$this->targetUser->createDefaultProfile($this->view);
}
/**
* When the form is submitted through a YUI request using a file, an iframe is used,
@ -115,7 +163,7 @@ class Users_ProfilegeneralController extends CommunityID_Controller_Action
private function _usernameAlreadyExists($username)
{
$users = $this->_getUsers();
return $users->getUserWithUsername($username);
return $users->getUserWithUsername($username, false, $this->view);
}
private function _emailAlreadyExists($email)
@ -144,8 +192,9 @@ class Users_ProfilegeneralController extends CommunityID_Controller_Action
*/
public function changepasswordAction()
{
if ($this->targetUser->id != $this->user->id)
{
if (($this->targetUser->id != $this->user->id)
|| ($this->_config->ldap->enabled && !$this->_config->ldap->canChangePassword)
|| ($this->_config->yubikey->enabled && $this->_config->yubikey->force)) {
throw new Monkeys_AccessDeniedException();
}
@ -154,18 +203,19 @@ class Users_ProfilegeneralController extends CommunityID_Controller_Action
$this->view->changePasswordForm = $appSession->changePasswordForm;
unset($appSession->changePasswordForm);
} else {
$this->view->changePasswordForm = new Users_Form_ChangePassword();
$this->view->changePasswordForm = new Users_Form_ChangePassword(null, $this->user->username);
}
}
public function savepasswordAction()
{
if ($this->targetUser->id != $this->user->id)
{
if (($this->targetUser->id != $this->user->id)
|| ($this->_config->ldap->enabled && !$this->_config->ldap->canChangePassword)
|| ($this->_config->yubikey->enabled && $this->_config->yubikey->force)) {
throw new Monkeys_AccessDeniedException();
}
$form = new Users_Form_ChangePassword();
$form = new Users_Form_ChangePassword(null, $this->user->username);
$formData = $this->_request->getPost();
$form->populate($formData);
if (!$form->isValid($formData)) {
@ -175,14 +225,21 @@ class Users_ProfilegeneralController extends CommunityID_Controller_Action
}
$this->targetUser->setClearPassword($form->getValue('password1'));
$this->targetUser->save();
if ($this->_config->ldap->enabled && $this->_config->ldap->canChangePassword) {
$ldap = Monkeys_Ldap::getInstance();
$ldap->modify($this->targetUser, $form->getValue('password1'));
} else {
$this->targetUser->save();
}
return $this->_forward('accountinfo', null , null, array('userid' => $this->targetUser->id));
}
public function confirmdeleteAction()
{
if ($this->user->role == Users_Model_User::ROLE_ADMIN) {
if ($this->user->role == Users_Model_User::ROLE_ADMIN
|| ($this->_config->ldap->enabled && !$this->_config->ldap->keepRecordsSynced)) {
throw new Monkeys_AccessDeniedException();
}
@ -191,6 +248,11 @@ class Users_ProfilegeneralController extends CommunityID_Controller_Action
public function deleteAction()
{
if ($this->user->role == Users_Model_User::ROLE_ADMIN
|| ($this->_config->ldap->enabled && !$this->_config->ldap->keepRecordsSynced)) {
throw new Monkeys_AccessDeniedException();
}
$mail = self::getMail();
$mail->setFrom($this->_config->email->supportemail);
$mail->addTo($this->_config->email->supportemail);
@ -234,42 +296,26 @@ EOT;
$mail->setBodyText($body);
try {
$mail->send();
} catch (Zend_Mail_Protocol_Exception $e) {
} catch (Zend_Mail_Exception $e) {
if ($this->_config->logging->level == Zend_Log::DEBUG) {
$this->_helper->FlashMessenger->addMessage('Account was deleted, but feedback form couldn\'t be sent to admins');
$this->_helper->FlashMessenger->addMessage($this->view->translate('Account was deleted, but feedback form couldn\'t be sent to admins'));
}
}
$users = $this->_getUsers();
$users->deleteUser($this->user);
if ($this->_config->ldap->enabled && $this->_config->ldap->keepRecordsSynced) {
$ldap = Monkeys_Ldap::getInstance();
$ldap->delete($this->user);
}
Zend_Auth::getInstance()->clearIdentity();
$this->_helper->FlashMessenger->addMessage($this->view->translate('Your acccount has been successfully deleted'));
$this->_redirect('');
}
private function _generateOpenId($username)
{
$selfUrl = Zend_OpenId::selfUrl();
if (!preg_match('#(.*)/users/profile.*#', $selfUrl, $matches)) {
throw new Exception('Couldn\'t retrieve current URL');
}
if ($this->_config->subdomain->enabled) {
$openid = $this->getProtocol() . '://' . $username . '.' . $this->_config->subdomain->hostname;
} else {
$openid = $matches[1] . "/identity/$username";
}
if ($this->_config->SSL->enable_mixed_mode) {
$openid = str_replace('http://', 'https://', $openid);
}
Zend_OpenId::normalizeUrl($openid);
return $openid;
}
/**
* @return Zend_Mail
* @throws Zend_Mail_Protocol_Exception
@ -308,4 +354,33 @@ EOT;
return $this->_users;
}
private function _getYubikeyPublicId($yubikey)
{
$authAdapter = new Monkeys_Auth_Adapter_Yubikey(
array(
'api_id' => $this->_config->yubikey->api_id,
'api_key' => $this->_config->yubikey->api_key
),
null,
$yubikey
);
// do not go through Zend_Auth::getInstance() to avoid losing the session if
// the yubikey is invalid
$result = $authAdapter->authenticate($authAdapter);
if ($result->isValid()) {
$parts = Yubico_Auth::parsePasswordOTP($yubikey);
return $parts['prefix'];
}
$logger = Zend_Registry::get('logger');
$logger->log("Invalid authentication: " . implode(' - ', $result->getMessages()), Zend_Log::DEBUG);
$authOptions = $authAdapter->getOptions();
if ($yubi = @$authOptions['yubiClient']) {
$logger->log("Yubi request was: " . $yubi->getlastQuery(), Zend_Log::DEBUG);
}
return false;
}
}

30
modules/users/controllers/RecoverpasswordController.php Executable file → Normal file
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkey Ltd
* @since CommunityID 0.9
@ -57,23 +57,13 @@ class Users_RecoverpasswordController extends CommunityID_Controller_Action
$user->token = Users_Model_User::generateToken();
$user->save();
$locale = Zend_Registry::get('Zend_Locale');
$localeElements = explode('_', $locale);
if (file_exists(APP_DIR . "/resources/$locale/passwordreset_mail.txt")) {
$file = APP_DIR . "/resources/$locale/passwordreset_mail.txt";
} else if (count($localeElements == 2)
&& file_exists(APP_DIR . "/resources/".$localeElements[0]."/passwordreset_mail.txt")) {
$file = APP_DIR . "/resources/".$localeElements[0]."/passwordreset_mail.txt";
} else {
$file = APP_DIR . "/resources/en/passwordreset_mail.txt";
}
$file = CommunityID_Resources::getResourcePath('passwordreset_mail.txt');
$emailTemplate = file_get_contents($file);
$emailTemplate = str_replace('{userName}', $user->getFullName(), $emailTemplate);
$emailTemplate = str_replace('{IP}', $_SERVER['REMOTE_ADDR'], $emailTemplate);
// $_SERVER['SCRIPT_URI'] is not always available
$URI = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$URI = self::getProtocol() . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
preg_match('#(.*)/users/recoverpassword#', $URI, $matches);
$emailTemplate = str_replace('{passwordResetURL}',
$matches[1] . '/users/recoverpassword/reset?token=' . $user->token,
@ -90,7 +80,7 @@ class Users_RecoverpasswordController extends CommunityID_Controller_Action
$users = new Users_Model_Users();
$user = $users->getUserWithToken($this->_getParam('token'));
if (!$user) {
$this->_helper->FlashMessenger->addMessage('Wrong Token');
$this->_helper->FlashMessenger->addMessage($this->view->translate('Wrong Token'));
$this->_redirect('');
return;
}
@ -103,17 +93,7 @@ class Users_RecoverpasswordController extends CommunityID_Controller_Action
$user->save();
$locale = Zend_Registry::get('Zend_Locale');
$localeElements = explode('_', $locale);
if (file_exists(APP_DIR . "/resources/$locale/passwordreset2_mail.txt")) {
$file = APP_DIR . "/resources/$locale/passwordreset2_mail.txt";
} else if (count($localeElements == 2)
&& file_exists(APP_DIR . "/resources/".$localeElements[0]."/passwordreset2_mail.txt")) {
$file = APP_DIR . "/resources/".$localeElements[0]."/passwordreset2_mail.txt";
} else {
$file = APP_DIR . "/resources/en/passwordreset2_mail.txt";
}
$file = CommunityID_Resources::getResourcePath('passwordreset2_mail.txt');
$emailTemplate = file_get_contents($file);
$emailTemplate = str_replace('{userName}', $user->getFullName(), $emailTemplate);
$emailTemplate = str_replace('{password}', $newPassword, $emailTemplate);

74
modules/users/controllers/RegisterController.php Executable file → Normal file
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkey Ltd
* @since CommunityID 0.9
@ -55,7 +55,7 @@ class Users_RegisterController extends CommunityID_Controller_Action
$users = new Users_Model_Users();
if ($users->getUserWithUsername($form->getValue('username'))) {
if ($users->getUserWithUsername($form->getValue('username'), false, $this->view)) {
$form->username->addError($this->view->translate('This username is already in use'));
$appSession = Zend_Registry::get('appSession');
$appSession->registerForm = $form;
@ -76,35 +76,37 @@ class Users_RegisterController extends CommunityID_Controller_Action
$user->email = $form->getValue('email');
$user->username = $form->getValue('username');
$currentUrl = Zend_OpenId::selfURL();
preg_match('#(.*)/users/register/save#', $currentUrl, $matches);
if ($this->_config->subdomain->enabled) {
$openid = $this->getProtocol() . '://' . $user->username . '.' . $this->_config->subdomain->hostname;
preg_match('#(.*)/users/register/save#', Zend_OpenId::selfURL(), $matches);
$user->generateOpenId($matches[1]);
if ($this->_config->ldap->enabled) {
// when using ldap, unconfirmed users' password is saved unhashed temporarily, while he registers,
// and then it's stored in LDAP and cleared from the db
$user->setPassword($form->getValue('password1'));
} else {
$openid = $matches[1] . '/identity/' . $user->username;
$user->setClearPassword($form->getValue('password1'));
}
if ($this->_config->SSL->enable_mixed_mode) {
$openid = str_replace('http://', 'https://', $openid);
}
Zend_OpenId::normalizeUrl($openid);
$user->openid = $openid;
$user->setClearPassword($form->getValue('password1'));
$user->role = Users_Model_User::ROLE_GUEST;
$registrationToken = Users_Model_User::generateToken();
$user->token = $registrationToken;
$user->token = Users_Model_User::generateToken();
$user->accepted_eula = 0;
$user->registration_date = date('Y-m-d');
$user->save();
$mail = self::getMail($user, $this->view->translate('Community-ID registration confirmation'));
try {
$mail->send();
$user->save();
$user->createDefaultProfile($this->view);
$this->_helper->FlashMessenger->addMessage($this->view->translate('Thank you.'));
$this->_helper->FlashMessenger->addMessage($this->view->translate('You will receive an E-mail with instructions to activate the account.'));
} catch (Zend_Mail_Protocol_Exception $e) {
$this->_helper->FlashMessenger->addMessage($this->view->translate('The account was created but the E-mail could not be sent'));
} catch (Zend_Mail_Exception $e) {
if ($this->_config->environment->production) {
$this->_helper->FlashMessenger->addMessage($this->view->translate('The confirmation E-mail could not be sent, so the account creation was cancelled. Please contact support.'));
} else {
$this->_helper->FlashMessenger->addMessage($this->view->translate('The account was created but the E-mail could not be sent'));
// I still wanna create the user when in development mode
$user->save();
}
if ($this->_config->logging->level == Zend_Log::DEBUG) {
$this->_helper->FlashMessenger->addMessage($e->getMessage());
}
@ -125,18 +127,7 @@ class Users_RegisterController extends CommunityID_Controller_Action
$this->view->token = $user->token;
$locale = Zend_Registry::get('Zend_Locale');
$localeElements = explode('_', $locale);
if (file_exists(APP_DIR . "/resources/$locale/eula.txt")) {
$file = APP_DIR . "/resources/$locale/eula.txt";
} else if (count($localeElements == 2)
&& file_exists(APP_DIR . "/resources/".$localeElements[0]."/eula.txt")) {
$file = APP_DIR . "/resources/".$localeElements[0]."/eula.txt";
} else {
$file = APP_DIR . "/resources/en/eula.txt";
}
$file = CommunityID_Resources::getResourcePath('eula.txt');
$this->view->eula = file_get_contents($file);
}
@ -171,6 +162,15 @@ class Users_RegisterController extends CommunityID_Controller_Action
$user->accepted_eula = 1;
$user->registration_date = date('Y-m-d');
$user->token = '';
if ($this->_config->ldap->enabled) {
$ldap = Monkeys_Ldap::getInstance();
$ldap->add($user);
// clear unencrypted password
$user->setPassword('');
}
$user->save();
$auth = Zend_Auth::getInstance();
@ -185,17 +185,7 @@ class Users_RegisterController extends CommunityID_Controller_Action
*/
public static function getMail(Users_Model_User $user, $subject)
{
$locale = Zend_Registry::get('Zend_Locale');
$localeElements = explode('_', $locale);
if (file_exists(APP_DIR . "/resources/$locale/registration_mail.txt")) {
$file = APP_DIR . "/resources/$locale/registration_mail.txt";
} else if (count($localeElements == 2)
&& file_exists(APP_DIR . "/resources/".$localeElements[0]."/registration_mail.txt")) {
$file = APP_DIR . "/resources/".$localeElements[0]."/registration_mail.txt";
} else {
$file = APP_DIR . "/resources/en/registration_mail.txt";
}
$file = CommunityID_Resources::getResourcePath('registration_mail.txt');
$emailTemplate = file_get_contents($file);
$emailTemplate = str_replace('{userName}', $user->getFullName(), $emailTemplate);

119
modules/users/controllers/SigninimageController.php Normal file
View File

@ -0,0 +1,119 @@
<?php
/*
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkey Ltd
* @since CommunityID 0.9
* @package CommunityID
* @packager Keyboard Monkeys
*/
class Users_SigninimageController extends CommunityID_Controller_Action
{
public function indexAction()
{
$appSession = Zend_Registry::get('appSession');
if (isset($appSession->signinImageForm)) {
$this->view->signinImageForm = $appSession->signinImageForm;
unset($appSession->signinImageForm);
} else {
$this->view->signinImageForm = new Users_Form_SigninImage();
}
if (@$_COOKIE['image']) {
$this->view->enabled = true;
} else {
$this->view->enabled = false;
}
$this->_helper->actionStack('index', 'login', 'users');
}
public function saveimageAction()
{
$form = new Users_Form_SigninImage();
$formData = $this->_request->getPost();
// the framework doesn't allow doing this cleanly yet
$formData = array_merge($formData, array('image' => $_FILES['image']['name']));
$form->populate($formData);
if (!$form->isValid($formData)) {
$appSession = Zend_Registry::get('appSession');
$appSession->signinImageForm = $form;
$this->_forward('index');
return;
}
$fileInfo = $form->image->getFileInfo();
$images = new Users_Model_SigninImages();
$images->deleteForUser($this->user);
$image = $images->createRow();
$image->user_id = $this->user->id;
$image->image = file_get_contents($fileInfo['image']['tmp_name']);
$image->mime = $fileInfo['image']['type'];
$image->cookie = $images->generateCookieId($this->user);
$image->save();
// delete cookie
setcookie('image', $image->cookie, time() - 3600, '/', $this->_getCookieDomain());
$this->_redirect('/users/signinimage');
}
public function setcookieAction()
{
if ($this->_request->getParam('enable')) {
$images = new Users_Model_SigninImages();
if (!$image = $images->getForUser($this->user)) {
$this->_helper->FlashMessenger->addMessage($this->view->translate('There is no image uploaded'));
$this->_redirect('/users/signinimage');
return;
}
if (!setcookie('image', $image->cookie, time() + 24*60*60*10000, '/', $this->_getCookieDomain())) {
$this->_helper->FlashMessenger->addMessage($this->view->translate('There was a problem setting the cookie'));
$this->_redirect('/users/signinimage');
return;
}
$this->_helper->FlashMessenger->addMessage($this->view->translate('Image has been set successfully on this computer/browser'));
} else {
setcookie('image', $image->cookie, time() - 3600, '/', $this->_getCookieDomain());
$this->_helper->FlashMessenger->addMessage($this->view->translate('Image has been disabled successfully on this computer/browser'));
}
$this->_redirect('/users/signinimage');
}
public function imageAction()
{
$this->_helper->viewRenderer->setNeverRender(true);
$this->_helper->layout->disableLayout();
$images = new Users_Model_SigninImages();
if ($cookie = $this->_request->getParam('id')) {
$image = $images->getByCookie($cookie);
} else if ($this->user->role != Users_Model_User::ROLE_GUEST) {
$image = $images->getForUser($this->user);
} else {
return;
}
$this->_response->setHeader('Content-type', $image->mime);
echo $image->image;
}
private function _getCookieDomain()
{
if ($this->_config->subdomain->enabled) {
$domain = '.' . $this->_config->subdomain->hostname;
} else {
$domain = $_SERVER['HTTP_HOST'];
}
}
}

11
modules/users/controllers/UserslistController.php Executable file → Normal file
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkey Ltd
* @since CommunityID 0.9
@ -29,6 +29,9 @@ class Users_UserslistController extends CommunityID_Controller_Action
break;
}
// This retrieves user data from the users table, even if using LDAP. This means the user's full name
// might be out of sync with what it's in LDAP. No biggie since user's names rarely change ;)
// However do know that a given user name is synced with LDAP every time he logs in.
$usersRows = $users->getUsers(
$this->_getParam('startIndex'),
$this->_getParam('results'),
@ -49,6 +52,10 @@ class Users_UserslistController extends CommunityID_Controller_Action
foreach ($usersRows as $user) {
if ($user->role == Users_Model_User::ROLE_ADMIN) {
if ($this->_config->ldap->enabled && $user->username != $this->_config->ldap->admin) {
// this is the admin created during the installation, that is not used when ldap is enabled
continue;
}
$status = $this->view->translate('admin');
} else if ($user->accepted_eula) {
$status = $this->view->translate('confirmed');
@ -61,7 +68,7 @@ class Users_UserslistController extends CommunityID_Controller_Action
$jsonObjUser->registration = $user->registration_date;
$jsonObjUser->role = $user->role;
$jsonObjUser->status = $status;
$jsonObjUser->reminders = $user->reminders;
$jsonObjUser->reminders = $user->accepted_eula? 0 : $user->reminders;
$jsonObj->records[] = $jsonObjUser;
}

24
modules/users/forms/AccountInfo.php
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
@ -45,14 +45,32 @@ class Users_Form_AccountInfo extends Zend_Form
->setRequired(true)
->addValidator('EmailAddress');
$this->addElements(array($username, $firstname, $lastname, $email));
$authMethod = new Monkeys_Form_Element_Select('authMethod');
translate('Auth Method');
$authMethod->setLabel('Auth Method')
->addMultiOption(Users_Model_User::AUTH_PASSWORD, 'Password')
->addMultiOption(Users_Model_User::AUTH_YUBIKEY, 'YubiKey')
->setAttrib('onchange', 'COMMID.general.toggleYubikey()');
$yubikey = new Monkeys_Form_Element_Text('yubikey');
translate('Associated YubiKey');
$yubikey->setLabel('Associated YubiKey')
->setAttrib('class', 'yubiKeyInput');
$this->addElements(array($username, $firstname, $lastname, $email, $authMethod, $yubikey));
if (!$this->_targetUser->id) {
$password1 = new Monkeys_Form_Element_Password('password1');
translate('Enter password');
$passwordValidator = new Monkeys_Validate_Password();
$password1->setLabel('Enter password')
->setRequired(true)
->addValidator(new Monkeys_Validate_PasswordConfirmation());
->addValidator(new Monkeys_Validate_PasswordConfirmation())
->addValidator($passwordValidator);
if ($restrictions = $passwordValidator->getPasswordRestrictionsDescription()) {
$password1->setDescription($restrictions);
}
$password2 = new Monkeys_Form_Element_Password('password2');
translate('Enter password again');

18
modules/users/forms/ChangePassword.php
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
@ -12,13 +12,27 @@
class Users_Form_ChangePassword extends Zend_Form
{
private $_username;
public function __construct($options = null, $username = null)
{
$this->_username = $username;
parent::__construct($options);
}
public function init()
{
$password1 = new Monkeys_Form_Element_Password('password1');
translate('Enter password');
$passwordValidator = new Monkeys_Validate_Password($this->_username);
$password1->setLabel('Enter password')
->setRequired(true)
->addValidator(new Monkeys_Validate_PasswordConfirmation());
->addValidator(new Monkeys_Validate_PasswordConfirmation())
->addValidator($passwordValidator);
if ($restrictions = $passwordValidator->getPasswordRestrictionsDescription()) {
$password1->setDescription($restrictions);
}
$password2 = new Monkeys_Form_Element_Password('password2');
translate('Enter password again');

13
modules/users/forms/Login.php Executable file → Normal file
View File

@ -28,14 +28,19 @@ class Users_Form_Login extends Zend_Form
$password->setLabel('PASSWORD')
->setDecoratorOptions(array(
'separateLine' => true,
'dontMarkRequired' => true,
))
->setRequired(true);
));
$yubikey = new Monkeys_Form_Element_Text('yubikey');
$yubikey->setLabel('YUBIKEY')
->setDecoratorOptions(array(
'separateLine' => true,
))
->setAttrib('class', 'yubiKeyInput');
$rememberme = new Monkeys_Form_Element_Checkbox('rememberme');
$rememberme->setLabel('Remember me');
$this->addElements(array($username, $password, $rememberme));
$this->addElements(array($username, $password, $yubikey, $rememberme));
if ($this->_useCaptcha) {
$captcha = new Monkeys_Form_Element_Captcha('captcha', array(

58
modules/users/forms/PersonalInfo.php
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
@ -12,15 +12,19 @@
class Users_Form_PersonalInfo extends Zend_Form
{
private $_profile;
private $_sregRequest;
private $_sregProps;
private $_formElements = array();
public function __construct($options = null, $user = null, $sregProps = null)
public function __construct($options = null, Users_Model_Profile $profile = null, $sregRequest = null, $sregProps = null)
{
$this->_profile = $profile;
$this->_sregRequest= $sregRequest;
$this->_sregProps = $sregProps;
$fields = new Model_Fields();
$fieldsArr = $fields->getValues($user);
$fieldsArr = $fields->getValues($this->_profile);
for ($i = 0; $i < count($fieldsArr); $i++) {
$this->_formElements[$fieldsArr[$i]->openid] = array(
'field' => $fieldsArr[$i],
@ -57,6 +61,14 @@ class Users_Form_PersonalInfo extends Zend_Form
$this->addElement($element);
}
} else {
$profileName = new Monkeys_Form_Element_Text('profileName');
translate('Profile Name');
$profileName->setLabel('Profile Name')
->setRequired(true)
->setValue($this->_profile->name);
$this->addElement($profileName);
foreach ($this->_formElements as $formElement) {
$this->addElement($formElement['element']);
}
@ -75,4 +87,44 @@ class Users_Form_PersonalInfo extends Zend_Form
return $values;
}
public function getSregRequest()
{
return $this->_sregRequest;
}
public function getPolicyUrl()
{
$args = $this->_sregRequest->getExtensionArgs();
if (!$args || !isset($args['policy_url'])) {
return false;
}
return $args['policy_url'];
}
public static function getForm(Auth_OpenID_Request $request, Users_Model_Profile $profile)
{
// The class Auth_OpenID_SRegRequest is included in the following file
require_once 'libs/Auth/OpenID/SReg.php';
$sregRequest = Auth_OpenID_SRegRequest::fromOpenIDRequest($request);
$props = $sregRequest->allRequestedFields();
$args = $sregRequest->getExtensionArgs();
if (isset($args['required'])) {
$required = explode(',', $args['required']);
} else {
$required = false;
}
$sregProps = array();
foreach ($props as $field) {
$sregProps[$field] = $required && in_array($field, $required);
}
$personalInfoForm = new Users_Form_PersonalInfo(null, $profile, $sregRequest, $sregProps);
return $personalInfoForm;
}
}

2
modules/users/forms/RecoverPassword.php
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9

12
modules/users/forms/Register.php Executable file → Normal file
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
@ -13,10 +13,12 @@
class Users_Form_Register extends Zend_Form
{
private $_baseWebDir;
private $_config;
public function __construct($options = null, $baseWebDir = null)
{
$this->_baseWebDir = $baseWebDir;
$this->_config = Zend_Registry::get('config');
parent::__construct($options);
}
@ -47,9 +49,15 @@ class Users_Form_Register extends Zend_Form
$password1 = new Monkeys_Form_Element_Password('password1');
translate('Enter desired password');
$passwordValidator = new Monkeys_Validate_Password();
$password1->setLabel('Enter desired password')
->setRequired(true)
->addValidator(new Monkeys_Validate_PasswordConfirmation());
->addValidator(new Monkeys_Validate_PasswordConfirmation())
->addValidator($passwordValidator);
if ($restrictions = $passwordValidator->getPasswordRestrictionsDescription()) {
$password1->setDescription($restrictions);
}
$password2 = new Monkeys_Form_Element_Password('password2');
translate('Enter password again');

30
modules/users/forms/SigninImage.php Normal file
View File

@ -0,0 +1,30 @@
<?php
/*
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
* @package CommunityID
* @packager Keyboard Monkeys
*/
class Users_Form_SigninImage extends Zend_Form
{
public function init()
{
$image = new Monkeys_Form_Element_File('image');
$image->setLabel('')
->setRequired(true)
->setDescription('Only files of type jpg, jpeg, png and gif are allowed.<br />Maximum size is 2 MB.')
->addValidator('Count', false, 1)
->addValidator('Size', false, 2097152) // 2 MB
->addValidator('Extension', false, 'jpg, jpeg, png, gif')
->addFilter('StripNewlines'); // just a hack to circumvent ZF bug
translate('Only files of type jpg, jpeg, png and gif are allowed.<br />Maximum size is 2 MB.');
$this->addElements(array($image));
}
}

2
modules/users/models/AuthAttempt.php
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9

2
modules/users/models/AuthAttempts.php
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9

20
modules/users/models/Profile.php Normal file
View File

@ -0,0 +1,20 @@
<?php
/*
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
* @package CommunityID
* @packager Keyboard Monkeys
*/
class Users_Model_Profile extends Zend_Db_Table_Row_Abstract
{
public function getFields()
{
$fields = new Model_Fields();
return $fields->getValues($this);
}
}

26
modules/users/models/Profiles.php Normal file
View File

@ -0,0 +1,26 @@
<?php
/*
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
* @package CommunityID
* @packager Keyboard Monkeys
*/
class Users_Model_Profiles extends Monkeys_Db_Table_Gateway
{
protected $_name = 'profiles';
protected $_primary = 'id';
protected $_rowClass = 'Users_Model_Profile';
public function getForUser(Users_Model_User $user)
{
$select = $this->select()
->where('user_id=?', $user->id);
return $this->fetchAll($select);
}
}

59
modules/users/models/SigninImage.php Normal file
View File

@ -0,0 +1,59 @@
<?php
/*
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
* @package CommunityID
* @packager Keyboard Monkeys
*/
class Users_Model_SigninImage extends Zend_Db_Table_Row_Abstract
{
const MAX_WIDTH = 165;
const MAX_HEIGHT = 195;
private $_width;
private $_height;
public function getHeight()
{
list (,$height) = $this->_getDimensions();
return $height;
}
public function getWidth()
{
list ($width,) = $this->_getDimensions();
return $width;
}
private function _getDimensions()
{
if (!isset($this->_width) || !isset($this->_height)) {
$image = imagecreatefromstring($this->image);
$this->_width = imagesx($image);
$this->_height = imagesy($image);
if ($this->_height >= $this->_width * self::MAX_HEIGHT / self::MAX_WIDTH
&& $this->_height > self::MAX_HEIGHT) {
$newHeight = self::MAX_HEIGHT;
$newWidth = floor($width * $newHeight / $height);
$this->_height = $newHeight;
$this->_width = $newWidth;
} elseif ($this->_height < $this->_width * self::MAX_HEIGHT / self::MAX_WIDTH
&& $this->_width > self::MAX_WIDTH) {
$newWidth = self::MAX_WIDTH;
$newHeight = floor($newWidth * $this->_height / $this->_width);
$this->_height = $newHeight;
$this->_width = $newWidth;
}
}
return array($this->_width, $this->_height);
}
}

53
modules/users/models/SigninImages.php Normal file
View File

@ -0,0 +1,53 @@
<?php
/*
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
* @package CommunityID
* @packager Keyboard Monkeys
*/
class Users_Model_SigninImages extends Monkeys_Db_Table_Gateway
{
protected $_name = 'users_images';
protected $_primary = 'id';
protected $_rowClass = 'Users_Model_SigninImage';
public function getForUser(Users_Model_User $user)
{
$select = $this->select()
->where('user_id=?', $user->id);
return $this->fetchRow($select);
}
public function getByCookie($cookie)
{
$select = $this->select()
->where('cookie=?', $cookie);
return $this->fetchRow($select);
}
public function deleteForUser(Users_Model_User $user)
{
$where = $this->getAdapter()->quoteInto('user_id=?', $user->id);
$this->delete($where);
}
public function generateCookieId(Users_Model_User $user)
{
do {
$cookie = md5($user->username . rand(1, 1000));
$select = $this->select()
->where('cookie=?', $cookie);
$row = $this->fetchRow($select);
} while($row);
return $cookie;
}
}

156
modules/users/models/User.php Executable file → Normal file
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
@ -15,6 +15,11 @@ class Users_Model_User extends Zend_Db_Table_Row_Abstract
const ROLE_GUEST = 'guest';
const ROLE_REGISTERED = 'registered';
const ROLE_ADMIN = 'admin';
const AUTH_PASSWORD = 0;
const AUTH_YUBIKEY = 1;
private $_image;
/**
* To identify the app that owns the user obj in the session.
@ -35,10 +40,15 @@ class Users_Model_User extends Zend_Db_Table_Row_Abstract
* Password is stored using md5($this->openid.$password) because
* that's what's used in Zend_OpenId
*/
public function setPassword($password)
{
$this->password = $password;
$this->password_changed = date('Y-m-d');
}
public function setClearPassword($password)
{
$this->password = md5($this->openid.$password);
$this->password_changed = date('Y-m-d');
$this->setPassword(md5($this->openid.$password));
}
public function isAllowed($resource, $privilege)
@ -56,4 +66,144 @@ class Users_Model_User extends Zend_Db_Table_Row_Abstract
return md5($token.time());
}
public function overrideWithLdapData(Array $ldapData, $syncDb = false)
{
$acceptedEula = 1;
$username = $ldapData['cn'][0];
$firstname = $ldapData['givenname'][0];
$lastname = $ldapData['sn'][0];
$email = $ldapData['mail'][0];
if (Zend_Registry::get('config')->ldap->admin == $username) {
$role = Users_Model_User::ROLE_ADMIN;
} else {
$role = Users_Model_User::ROLE_REGISTERED;
}
if ($this->accepted_eula != $acceptedEula
|| $this->username != $username
|| $this->firstname != $firstname
|| $this->lastname != $lastname
|| $this->email != $email
|| $this->role != $role) {
$userChanged = true;
} else {
$userChanged = false;
}
$this->accepted_eula = $acceptedEula;
$this->username = $username;
$this->firstname = $firstname;
$this->lastname = $lastname;
$this->email = $email;
$this->role = $role;
if ($syncDb && $userChanged) {
$this->save();
}
}
public function generateOpenId($baseUrl)
{
$config = Zend_Registry::get('config');
if ($config->subdomain->enabled) {
$openid = Monkeys_Controller_Action::getProtocol() . '://' . $this->username . '.' . $config->subdomain->hostname;
} else {
$openid = $baseUrl . '/identity/' . $this->username;
}
if ($config->SSL->enable_mixed_mode) {
$openid = str_replace('http://', 'https://', $openid);
}
Zend_OpenId::normalizeUrl($openid);
$this->openid = $openid;
}
public function createDefaultProfile(Zend_View $view)
{
$profiles = new Users_Model_Profiles();
$profile = $profiles->createRow();
$profile->user_id = $this->id;
$profile->name = $view->translate('Default profile');
$profile->save();
return $profile->id;
}
public function generatePersonalInfo(Array $ldapData, $profileId)
{
if (!$this->id) {
throw new Exception('Can\'t call User::generatePersonalInfo() on an empty User object');
}
$ldapConfig = Zend_Registry::get('config')->ldap;
if (!isset($ldapConfig->fields)) {
return;
}
$fieldValues = new Model_FieldsValues();
$fields = new Model_Fields();
foreach ($ldapConfig->fields->toArray() as $openIdField => $ldapField) {
if (!$fieldRow = $fields->getByOpenIdIdentifier($openIdField)) {
continue;
}
if (!isset($ldapData[$ldapField])) {
if (strpos($ldapField, '+') == false) {
continue;
}
$subfields = explode('+', $ldapField);
array_walk($subfields, 'trim');
$value = array();
foreach ($subfields as $subfield) {
if (!isset($ldapData[$subfield])) {
continue;
}
$value[] = $ldapData[$subfield][0];
}
$value = implode(' ', $value);
} else {
$value = $ldapData[$ldapField][0];
}
$fieldsValue = $fieldValues->createRow();
$fieldsValue->user_id = $this->id;
$fieldsValue->profile_id = $profileId;
$fieldsValue->field_id = $fieldRow->id;
$fieldsValue->value = $value;
$fieldsValue->save();
}
}
public function getImage()
{
if (!isset($this->_image)) {
$images = new Users_Model_SigninImages();
if (!$row = $images->getForUser($this)) {
$this->_image = false;
} else {
$this->_image = $row;
}
}
return $this->_image;
}
public function markSuccessfullLogin()
{
$this->last_login = date('Y-m-d H:i:s');
}
public function getLastLoginUtc()
{
$time = strtotime($this->last_login);
return gmdate('Y-m-d\TH:i:s\Z', $time);
}
public function getSecondsSinceLastLogin()
{
return time() - strtotime($this->last_login);
}
}

240
modules/users/models/Users.php Executable file → Normal file
View File

@ -1,7 +1,7 @@
<?php
/*
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
* @license http://creativecommons.org/licenses/BSD/ BSD License
* @author Keyboard Monkeys Ltd.
* @since CommunityID 0.9
@ -54,43 +54,128 @@ class Users_Model_Users extends Monkeys_Db_Table_Gateway
*
* @return Zend_Auth_Result
*/
public function authenticate($identity, $password, $isOpenId = false)
public function authenticate($identity, $password, $isOpenId = false, Zend_View $view = null, $bypassMarkSuccessfullLogin = false)
{
$auth = Zend_Auth::getInstance();
$db = $this->getAdapter();
$config = Zend_Registry::get('config');
$useYubikey = false;
$result = $db->query("SHOW VARIABLES LIKE 'character_set_client'")->fetch();
$clientCharset = $result['Value'];
if ($isOpenId) {
if (!Zend_OpenId::normalize($identity)) {
return false;
}
$authAdapter = new Zend_Auth_Adapter_DbTable($db, 'users', 'openid', 'password',
'MD5(CONCAT(CONVERT(openid using ' . $clientCharset . '), CONVERT(? using ' . $clientCharset . ')))');
if (!$this->_user = $this->getUserWithOpenId($identity)) {
return false;
}
$cn = $this->_user->username;
} else {
$authAdapter = new Zend_Auth_Adapter_DbTable($db, 'users', 'username', 'password',
'MD5(CONCAT(CONVERT(openid using ' . $clientCharset . '), CONVERT(? using ' . $clientCharset . ')))');
$cn = $identity;
$this->_user = $this->getUserWithUsername($identity, false, $view);
}
$authAdapter->setIdentity($identity);
$authAdapter->setCredential($password);
if ($this->_user
&& $config->yubikey->enabled
&& ($this->_user->auth_type == Users_Model_User::AUTH_YUBIKEY
|| $config->yubikey->force)) {
$parts = Yubico_Auth::parsePasswordOTP($password);
if (!$parts || $this->_user->yubikey_publicid != $parts['prefix']) {
return false;
}
$useYubikey = true;
}
$config = Zend_Registry::get('config');
$ldapConfig = $config->ldap;
if ($useYubikey) {
if (!@$config->yubikey->api_id || !@$config->yubikey->api_key) {
throw new Zend_Exception('Admin must set the yubikey configuration options before attempting to log in using this method');
}
$authAdapter = new Monkeys_Auth_Adapter_Yubikey(
array(
'api_id' => $config->yubikey->api_id,
'api_key' => $config->yubikey->api_key
),
$identity,
$password
);
} else if ($ldapConfig->enabled) {
$ldapOptions = $ldapConfig->toArray();
$ldapOptions['accountCanonicalForm'] = Zend_Ldap::ACCTNAME_FORM_USERNAME;
unset($ldapOptions['enabled']);
unset($ldapOptions['admin']);
unset($ldapOptions['fields']);
unset($ldapOptions['keepRecordsSynced']);
unset($ldapOptions['canChangePassword']);
unset($ldapOptions['passwordHashing']);
// we'll try to bind directly as the user to be authenticated, so we're unsetting
// the LDAP admin credentials
unset($ldapOptions['username']);
unset($ldapOptions['password']);
$username = "cn=$cn,{$ldapOptions['baseDn']}";
$authAdapter = new Zend_Auth_Adapter_Ldap(
array('server1' => $ldapOptions),
$username,
$password
);
} else {
$db = $this->getAdapter();
$result = $db->query("SHOW VARIABLES LIKE 'character_set_client'")->fetch();
$clientCharset = $result['Value'];
if ($isOpenId) {
$authAdapter = new Zend_Auth_Adapter_DbTable($db, 'users', 'openid', 'password',
'MD5(CONCAT(CONVERT(openid using ' . $clientCharset . '), CONVERT(? using ' . $clientCharset . ')))');
} else {
$authAdapter = new Zend_Auth_Adapter_DbTable($db, 'users', 'username', 'password',
'MD5(CONCAT(CONVERT(openid using ' . $clientCharset . '), CONVERT(? using ' . $clientCharset . ')))');
}
$authAdapter->setIdentity($identity);
$authAdapter->setCredential($password);
}
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
if ($isOpenId) {
$this->_user = $this->getUserWithOpenId($identity);
} else {
$this->_user = $this->getUserWithUsername($identity);
if (!$isOpenId) {
try {
$this->_user = $this->getUserWithUsername($identity, true, $view);
} catch (Exception $e) {
// avoid leaving in the session an empty user object
Zend_Auth::getInstance()->clearIdentity();
Zend_Session::forgetMe();
throw $e;
}
}
if (!$bypassMarkSuccessfullLogin) {
$this->_user->markSuccessfullLogin();
}
$this->_user->save();
$auth->getStorage()->write($this->_user);
Zend_Registry::set('user', $this->_user);
return true;
}
// this is ugly, logging should be done in the controller, not here
$logger = Zend_Registry::get('logger');
$logger->log("Invalid authentication: " . implode(' - ', $result->getMessages()), Zend_Log::DEBUG);
if (is_a($authAdapter, 'Monkeys_Auth_Adapter_Yubikey')) {
$authOptions = $authAdapter->getOptions();
if ($yubi = @$authOptions['yubiClient']) {
$logger->log("Yubi request was: " . $yubi->getlastQuery(), Zend_Log::DEBUG);
}
}
return false;
}
@ -152,18 +237,80 @@ class Users_Model_Users extends Monkeys_Db_Table_Gateway
public function getUserWithEmail($email)
{
$select = $this->select()
->where('email=?', $email);
$ldapOptions = Zend_Registry::get('config')->ldap;
if ($ldapOptions->enabled) {
$ldap = Monkeys_Ldap::getInstance();
try {
$ldapUserData = $ldap->search($ldapOptions->baseDn, 'mail', $email);
} catch (Exception $e) {
if ($e->getCode() == Monkeys_Ldap::EXCEPTION_GET_ENTRIES) {
return false;
}
return $this->fetchRow($select);
throw $e;
}
$select = $this->select()
->where('username=?', $ldapUserData['cn'][0]);
$user = $this->fetchRow($select);
if (!$user) {
// user is registered in LDAP, but not in CID's db
$user = $this->createRow();
$user->registration_date = date('Y-m-d');
}
// this fields are always overridden from what comes from LDAP, because they might change
$user->overrideWithLdapData($ldapUserData);
} else {
$select = $this->select()
->where('email=?', $email);
$user = $this->fetchRow($select);
}
return $user;
}
public function getUserWithUsername($username)
public function getUserWithUsername($username, $generateNewIfMissing = false, Zend_View $view = null)
{
$select = $this->select()
->where('username=?', $username);
$user = $this->fetchRow($select);
return $this->fetchRow($select);
$ldapOptions = Zend_Registry::get('config')->ldap;
if ($ldapOptions->enabled) {
$ldap = Monkeys_Ldap::getInstance();
try {
$ldapUserData = $ldap->get("cn=$username,{$ldapOptions->baseDn}");
} catch (Exception $e) {
if ($e->getCode() == Monkeys_Ldap::EXCEPTION_SEARCH) {
return false;
}
throw $e;
}
if ($user) {
// this fields are always overridden from what comes from LDAP, because they might change
$user->overrideWithLdapData($ldapUserData);
} else {
// user is registered in LDAP, but not in CID's db
$user = $this->createRow();
$user->registration_date = date('Y-m-d');
$user->overrideWithLdapData($ldapUserData);
if ($user->role != Users_Model_User::ROLE_ADMIN) {
preg_match('#(.*)/users/login/authenticate#', Zend_OpenId::selfURL(), $matches);
$user->generateOpenId($matches[1]);
}
if ($generateNewIfMissing) {
$user->save();
$profileId = $user->createDefaultProfile($view);
$user->generatePersonalInfo($ldapUserData, $profileId);
}
}
}
return $user;
}
public function getUserWithOpenId($openid)
@ -305,6 +452,40 @@ class Users_Model_Users extends Monkeys_Db_Table_Gateway
'PRIMARY_POSITION' => NULL,
'IDENTITY' => false,
),
'last_login' =>
array(
'SCHEMA_NAME' => NULL,
'TABLE_NAME' => 'users',
'COLUMN_NAME' => 'last_login',
'COLUMN_POSITION' => 7,
'DATA_TYPE' => 'datetime',
'DEFAULT' => NULL,
'NULLABLE' => false,
'LENGTH' => NULL,
'SCALE' => NULL,
'PRECISION' => NULL,
'UNSIGNED' => NULL,
'PRIMARY' => false,
'PRIMARY_POSITION' => NULL,
'IDENTITY' => false,
),
'auth_type' =>
array (
'SCHEMA_NAME' => NULL,
'TABLE_NAME' => 'users',
'COLUMN_NAME' => 'auth_type',
'COLUMN_POSITION' => 7,
'DATA_TYPE' => 'tinyint',
'DEFAULT' => '0',
'NULLABLE' => false,
'LENGTH' => NULL,
'SCALE' => NULL,
'PRECISION' => NULL,
'UNSIGNED' => NULL,
'PRIMARY' => false,
'PRIMARY_POSITION' => NULL,
'IDENTITY' => false,
),
'password' =>
array (
'SCHEMA_NAME' => NULL,
@ -339,6 +520,23 @@ class Users_Model_Users extends Monkeys_Db_Table_Gateway
'PRIMARY_POSITION' => NULL,
'IDENTITY' => false,
),
'yubikey_publicid' =>
array (
'SCHEMA_NAME' => NULL,
'TABLE_NAME' => 'users',
'COLUMN_NAME' => 'yubikey_publicid',
'COLUMN_POSITION' => 9,
'DATA_TYPE' => 'varchar',
'DEFAULT' => NULL,
'NULLABLE' => false,
'LENGTH' => '50',
'SCALE' => NULL,
'PRECISION' => NULL,
'UNSIGNED' => NULL,
'PRIMARY' => false,
'PRIMARY_POSITION' => NULL,
'IDENTITY' => false,
),
'firstname' =>
array (
'SCHEMA_NAME' => NULL,

44
modules/users/views/scripts/login/index.phtml Executable file → Normal file
View File

@ -10,6 +10,9 @@
<li>
<a href="<?php echo $this->base ?>/users/personalinfo"><?php echo $this->translate('Personal Info') ?></a>
</li>
<li>
<a href="<?php echo $this->base ?>/users/signinimage"><?php echo $this->translate('Sign-in Image') ?></a>
</li>
<li>
<a href="<?php echo $this->base ?>/sites"><?php echo $this->translate('Sites database') ?></a>
</li>
@ -53,9 +56,22 @@
</div>
<?php endif ?>
<form id="loginForm" action="<?php echo $this->loginTargetBase ?>/users/login/authenticate" method="post" class="formGrid">
<div id="credentials">
<? if ($this->image): ?>
<div>
<img src="<?= $this->base ?>/users/signinimage/image/id/<?= $this->image->cookie ?>"
width="<?= $this->image->getWidth() ?>"
height="<?= $this->image->getHeight() ?>"
title="<?= $this->translate('This is the image that identifies your account in this computer') ?>"
alt="<?= $this->translate('This is the image that identifies your account in this computer') ?>" />
</div>
<? endif ?>
<div id="credentials">
<?php echo $this->loginForm->username ?>
<?php echo $this->loginForm->password ?>
<? if ($this->yubikey->enabled && $this->yubikey->force): ?>
<?= $this->loginForm->yubikey ?>
<? else: ?>
<?= $this->loginForm->password ?>
<? endif ?>
<?php if ($this->useCaptcha): ?>
<?php echo $this->loginForm->captcha ?>
<?php endif ?>
@ -72,16 +88,18 @@
</script>
</div>
<p>
<a href="<?php echo $this->base ?>/users/recoverpassword" class="panel_link"><?php echo $this->translate('Forgot you password?') ?></a>
<a href="<?php echo $this->base ?>/users/recoverpassword" class="panel_link"><?php echo $this->translate('Forgot your password?') ?></a>
</p>
</form>
<hr/>
<div id="registerNow">
<p>
<?php echo $this->translate('You don\'t have an account?') ?>
<div>
<a href="<?php echo $this->base ?>/users/register"><?php echo $this->translate('REGISTER NOW!') ?></a>
</div>
</p>&nbsp;<!-- safari bug workaround -->
</div>
<?php endif; ?>
<? if ($this->allowRegistrations): ?>
<hr/>
<div id="registerNow">
<p>
<?php echo $this->translate('You don\'t have an account?') ?>
<div>
<a href="<?php echo $this->base ?>/users/register"><?php echo $this->translate('REGISTER NOW!') ?></a>
</div>
</p>&nbsp;<!-- safari bug workaround -->
</div>
<? endif ?>
<? endif ?>

9
modules/users/views/scripts/personalinfo/edit.phtml
View File

@ -1,8 +1,8 @@
<form name="personalInfoForm" class="formGrid" >
<form name="personalInfoForm" class="formGrid" method="post" action="<?= $this->base ?>/users/personalinfo/save/profile/<?= $this->profile->id ?>">
<?php foreach ($this->fields as $field): ?>
<?php echo $field ?>
<?php endforeach ?><br />
<input type="button" id="save" value="<?php echo $this->translate('Save') ?>" onclick="COMMID.editPersonalInfo.save()" />
<input type="submit" id="save" value="<?php echo $this->translate('Save') ?>" />
<input type="button" id="cancel" value="<?php echo $this->translate('Cancel') ?>" onclick="COMMID.editPersonalInfo.cancel()" />
<script type="text/javascript">
YAHOO.util.Event.onDOMReady(function () {
@ -15,15 +15,14 @@
var oButton = new YAHOO.widget.Button(
"save",
{
type : "push",
onclick : {fn: COMMID.personalInfo.save}
type : "submit"
}
);
var oButton = new YAHOO.widget.Button(
"cancel",
{
type : "push",
onclick : {fn: COMMID.personalInfo.cancel}
onclick : {fn: function() {COMMID.personalInfo.cancel();}}
}
);
</script>

48
modules/users/views/scripts/personalinfo/index.phtml
View File

@ -11,18 +11,50 @@ YAHOO.util.Event.onDOMReady(function () {
<div id="generalTab" class="dataSection">
<div class="formHeader">
<h2><?php echo $this->translate('Personal Info') ?></h2>
<div>
<a href="javascript:void(0);" onclick="COMMID.personalInfo.edit();">
<?php echo $this->translate('Edit') ?>
</a>
<img id="loadingEditPersonalInfo" src="<?php echo $this->base ?>/images/progress.gif" style="visibility:hidden" />
</div>
</div>
<div style="margin:10px 0">
<em><?php echo $this->translate('This information will be used to automatically populate registration fields to any OpenID transaction that requires so') ?></em>
</div>
<div id="personalInfo">
<?php echo $this->action('show', 'personalinfo', 'users', array('userid' => $this->targetUser->id)) ?>
<? $i= 0; foreach ($this->profiles as $profile): ?>
<? $i++ ?>
<div id="personalInfo" style="position:relative; margin-bottom:15px; padding:20px; border:1px solid #999; -moz-border-radius:10px; -webkit-border-radius:10px">
<div style="position:absolute; right:10px; top:10px">
<a href="<?= $this->base ?>/users/personalinfo/edit/profile/<?= $profile->id ?>">
<?= $this->translate('Edit profile') ?>
</a>
<? if ($i > 1 || count($this->profiles) > 1): ?>
<form id="deleteprofile_<?= $profile->id ?>" method="post" action="<?= $this->base ?>/users/personalinfo/delete">
<input type="hidden" name="profile" value="<?= $profile->id ?>" />
<a href="#" onclick="COMMID.personalInfo.erase(<?= $profile->id ?>); return false;">
<?= $this->translate('Delete profile') ?>
</a>
</form>
<? endif ?>
</div>
<div class="formGrid">
<div class="yui-gf">
<div class="yui-u first">
<?= $this->translate('Profile Name') ?>:
</div>
<div class="yui-u">
<?= $profile->name ?>
</div>
</div>
<?php foreach ($profile->getFields() as $field): ?>
<div class="yui-gf">
<div class="yui-u first">
<?= $this->translate($field->name) ?>:
</div>
<div class="yui-u">
<?= (!$field->value)? $this->translate('Not Entered') : $field->value ?>
</div>
</div>
<?php endforeach ?>
</div>
</div>
<? endforeach ?>
<div style="text-align:right; margin-top:20px">
<a href="<?= $this->base ?>/users/personalinfo/edit"><?= $this->translate('Add another profile') ?></a>
</div>
</div>
</div>

12
modules/users/views/scripts/personalinfo/show.phtml
View File

@ -1,12 +0,0 @@
<div class="formGrid">
<?php foreach ($this->fields as $field): ?>
<div class="yui-gf">
<div class="yui-u first">
<?php echo $this->translate($field->name) ?>:
</div>
<div class="yui-u">
<?php echo is_null($field->value)? $this->translate('Not Entered') : $field->value ?>
</div>
</div>
<?php endforeach ?>
</div>

19
modules/users/views/scripts/profile/index.phtml Executable file → Normal file
View File

@ -13,12 +13,17 @@ YAHOO.util.Event.onDOMReady(function () {
<h2><?php echo $this->translate('Account info') ?></h2>
<?php if ($this->targetUser->id == $this->user->id): ?>
<div class="linksTopRight">
<a href="javascript:void(0);" onclick="COMMID.general.editAccountInfo();">
<?php echo $this->translate('Edit') ?>
</a>&nbsp;|&nbsp;
<a href="javascript:void(0);" onclick="COMMID.general.changePassword()" >
<?php echo $this->translate('Change Password') ?>
</a>
<? if ($this->canEditAccountInfo): ?>
<a href="javascript:void(0);" onclick="COMMID.general.editAccountInfo();">
<?php echo $this->translate('Edit') ?>
</a>
<? endif ?>
<? if ($this->canChangePassword && (!$this->yubikey->enabled || !$this->yubikey->force)): ?>
&nbsp;|&nbsp;
<a href="javascript:void(0);" onclick="COMMID.general.changePassword()" >
<?php echo $this->translate('Change Password') ?>
</a>
<? endif ?>
<img id="loadingAccountInfo" src="<?php echo $this->base ?>/images/progress.gif" style="visibility:hidden" />
</div>
<?php endif ?>
@ -34,7 +39,7 @@ YAHOO.util.Event.onDOMReady(function () {
<?php if ($this->targetUser->id && $this->targetUser->id == $this->user->id): ?>
<div class="accountForm">
<div class="linksTopRight" >
<?php if ($this->user->role == Users_Model_User::ROLE_REGISTERED): ?>
<?php if ($this->user->role == Users_Model_User::ROLE_REGISTERED && $this->canEditAccountInfo): ?>
<a href="<?php echo $this->base ?>/users/profilegeneral/confirmdelete">
<?php echo $this->translate('Delete Account') ?>
</a>

14
modules/users/views/scripts/profilegeneral/accountinfo.phtml
View File

@ -31,4 +31,18 @@
<?php echo $this->targetUser->openid ?>
</div>
</div>
<? if ($this->yubikey->enabled && !$this->yubikey->force): ?>
<div class="yui-gf">
<div class="yui-u first">
<?php echo $this->translate('Auth Method') ?>:
</div>
<div class="yui-u">
<? if ($this->targetUser->auth_type == Users_Model_User::AUTH_PASSWORD): ?>
<?= $this->translate('Password') ?>
<? else: ?>
YubiKey
<? endif ?>
</div>
</div>
<? endif ?>
</div>

0
modules/users/views/scripts/profilegeneral/confirmdelete.phtml Executable file → Normal file
View File

12
modules/users/views/scripts/profilegeneral/editaccountinfo.phtml
View File

@ -7,6 +7,14 @@
echo $this->accountInfoForm->password1;
echo $this->accountInfoForm->password2;
} ?>
<? if ($this->yubikey->enabled): ?>
<? if (!$this->yubikey->force): ?>
<?= $this->accountInfoForm->authMethod ?>
<? endif ?>
<div id="yubikeyWrapper" style="display:<?= $this->yubikey->force? 'block' : 'none' ?>">
<?= $this->accountInfoForm->yubikey ?>
</div>
<? endif ?>
<div class="yui-gf">
<div class="yui-u first">&nbsp;</div>
<div class="yui-u">
@ -14,6 +22,10 @@
<input type="button" id="cancel" value="<?php echo $this->translate('Cancel') ?>" onclick="COMMID.editAccountInfo.cancel()" />
<script type="text/javascript">
YAHOO.util.Event.onDOMReady(function () {
<? if ($this->yubikey->enabled && !$this->yubikey->force): ?>
COMMID.general.toggleYubikey();
<? endif ?>
new YAHOO.widget.Button(
"save",
{

0
modules/users/views/scripts/recoverpassword/index.phtml Executable file → Normal file
View File

0
modules/users/views/scripts/register/eula.phtml Executable file → Normal file
View File

0
modules/users/views/scripts/register/index.phtml Executable file → Normal file
View File

53
modules/users/views/scripts/signinimage/index.phtml Normal file
View File

@ -0,0 +1,53 @@
<h2><?= $this->translate('Sign-in Image') ?></h2>
<div style="text-align:center; margin:20px 0">
<? if ($this->user->getImage()): ?>
<img src="<?= $this->base ?>/users/signinimage/image"
width="<?= $this->user->getImage()->getWidth() ?>"
height="<?= $this->user->getImage()->getHeight() ?>" />
<? else: ?>
<?= $this->translate('You haven\'t uploaded an image yet') ?>
<? endif ?>
</div>
<div><?= $this->translate('Select an image to use as your Sign-in Image:') ?></div>
<form method="post" class="formGrid" style="margin:20px 0" action="<?= $this->base ?>/users/signinimage/saveimage" enctype="multipart/form-data">
<?= $this->signinImageForm->image ?>
<div style="text-align:right">
<input type="submit" id="save" class="submit" value="<?= $this->translate('Save') ?>" />
<script>
new YAHOO.widget.Button(
"save", {type: "submit"});
</script>
</div>
</form>
<p>
<?= $this->translate('This image will be shown in the log-in and OpenID authentication screens of Community-ID.') ?>
</p>
<p>
<?= $this->translate('It serves as a phishing counter-measure, as only you will recognize your image, proving these pages haven\'t been falsified.') ?>
</p>
<p style="font-weight:bold">
<?= $this->translate('After having uploaded the image, for the it to be shown you need to enable it on each computer/browser you want to use (the system is cookie-based).') ?>
</p>
<? if ($this->user->getImage()): ?>
<p>
<?= $this->translate('Use the following button to enable/disable it in the current computer/browser:') ?><br />
</p>
<form method="post" class="formGrid" style="text-align:center" action="<?= $this->base ?>/users/signinimage/setcookie">
<? if ($this->enabled): ?>
<input type="hidden" name="enable" value="0" />
<input type="submit" id="enable" value="<?= $this->translate('Disable') ?>" />
<? else: ?>
<input type="hidden" name="enable" value="1" />
<input type="submit" id="enable" value="<?= $this->translate('Enable') ?>" />
<? endif ?>
<script>
new YAHOO.widget.Button(
"enable", {type: "submit"});
</script>
</form>
<? else: ?>
<p>
<?= $this->translate('Further instructions will appear after you upload the image.') ?>
</p>
<? endif ?>