szurubooru/src/Controllers/UserController.php

<?php
class UserController
{
	public function listView($filter = 'order:alpha,asc', $page = 1)
	{
		$ret = Api::run(
			new ListUsersJob(),
			[
				ListUsersJob::PAGE_NUMBER => $page,
				ListUsersJob::QUERY => $filter,
			]);

		$context = getContext();

		$context->filter = $filter;
		$context->transport->users = $ret->entities;
		$context->transport->paginator = $ret;
	}

	public function genericView($name, $tab = 'favs', $page = 1)
	{
		$user = Api::run(
			new GetUserJob(),
			[
				GetUserJob::USER_NAME => $name,
			]);

		$flagged = in_array(TextHelper::reprUser($user), SessionHelper::get('flagged', []));

		$context = getContext();
		$context->flagged = $flagged;
		$context->transport->tab = $tab;
		$context->transport->user = $user;
		$context->handleExceptions = true;
		$context->viewName = 'user-view';

		if ($tab == 'uploads')
			$query = 'submit:' . $user->name;
		elseif ($tab == 'favs')
			$query = 'fav:' . $user->name;

		if (isset($query))
		{
			$ret = Api::run(
				new ListPostsJob(),
				[
					ListPostsJob::PAGE_NUMBER => $page,
					ListPostsJob::QUERY => $query
				]);

			$context->transport->posts = $ret->entities;
			$context->transport->paginator = $ret;
			$context->transport->lastSearchQuery = $query;
		}
	}

	public function settingsAction($name)
	{
		$this->genericView($name, 'settings');

		$user = getContext()->transport->user;

		Access::assert(
			Privilege::ChangeUserSettings,
			Access::getIdentity($user));

		$suppliedSafety = InputHelper::get('safety');
		if (!is_array($suppliedSafety))
			$suppliedSafety = [];
		foreach (PostSafety::getAll() as $safety)
			$user->enableSafety($safety, in_array($safety, $suppliedSafety));

		$user->enableEndlessScrolling(InputHelper::get('endless-scrolling'));
		$user->enablePostTagTitles(InputHelper::get('post-tag-titles'));
		$user->enableHidingDislikedPosts(InputHelper::get('hide-disliked-posts'));

		if ($user->accessRank != AccessRank::Anonymous)
			UserModel::save($user);
		if ($user->id == Auth::getCurrentUser()->id)
			Auth::setCurrentUser($user);

		Messenger::message('Browsing settings updated!');
	}

	public function editAction($name)
	{
		$this->genericView($name, 'edit');
		$this->requirePasswordConfirmation();

		if (InputHelper::get('password1') != InputHelper::get('password2'))
			throw new SimpleException('Specified passwords must be the same');

		$args =
		[
			EditUserNameJob::USER_NAME => $name,
			EditUserNameJob::NEW_USER_NAME => InputHelper::get('name'),
			EditUserPasswordJob::NEW_PASSWORD => InputHelper::get('password1'),
			EditUserEmailJob::NEW_EMAIL => InputHelper::get('email'),
			EditUserAccessRankJob::NEW_ACCESS_RANK => InputHelper::get('access-rank'),
		];

		$args = array_filter($args);
		$user = Api::run(new EditUserJob(), $args);

		if (Auth::getCurrentUser()->id == $user->id)
			Auth::setCurrentUser($user);

		$message = 'Account settings updated!';
		if (Mailer::getMailCounter() > 0)
			$message .= ' You will be sent an e-mail address confirmation message soon.';

		Messenger::message($message);
	}

	public function deleteAction($name)
	{
		$this->genericView($name, 'delete');
		$this->requirePasswordConfirmation();

		Api::run(new DeleteUserJob(), [
			DeleteUserJob::USER_NAME => $name]);

		$user = UserModel::findById(Auth::getCurrentUser()->id, false);
		if (!$user)
			Auth::logOut();

		\Chibi\Util\Url::forward(\Chibi\Router::linkTo(['StaticPagesController', 'mainPageView']));
		exit;
	}

	public function flagAction($name)
	{
		Api::run(new FlagUserJob(), [FlagUserJob::USER_NAME => $name]);
	}

	public function banAction($name)
	{
		Api::run(new ToggleUserBanJob(), [
			ToggleUserBanJob::USER_NAME => $name,
			ToggleUserBanJob::STATE => true]);
	}

	public function unbanAction($name)
	{
		Api::run(new ToggleUserBanJob(), [
			ToggleUserBanJob::USER_NAME => $name,
			ToggleUserBanJob::STATE => false]);
	}

	public function acceptRegistrationAction($name)
	{
		Api::run(new AcceptUserRegistrationJob(), [
			AcceptUserRegistrationJob::USER_NAME => $name]);
	}

	public function toggleSafetyAction($safety)
	{
		$user = Auth::getCurrentUser();

		Access::assert(
			Privilege::ChangeUserSettings,
			Access::getIdentity($user));

		if (!in_array($safety, PostSafety::getAll()))
			throw new SimpleExcetpion('Invalid safety');

		$user->enableSafety($safety, !$user->hasEnabledSafety($safety));

		if ($user->accessRank != AccessRank::Anonymous)
			UserModel::save($user);
		Auth::setCurrentUser($user);
	}

	public function registrationView()
	{
		$context = getContext();
		$context->handleExceptions = true;

		//check if already logged in
		if (Auth::isLoggedIn())
		{
			\Chibi\Util\Url::forward(\Chibi\Router::linkTo(['StaticPagesController', 'mainPageView']));
			exit;
		}
	}

	public function registrationAction()
	{
		$this->registrationView();

		if (InputHelper::get('password1') != InputHelper::get('password2'))
			throw new SimpleException('Specified passwords must be the same');

		$user = Api::run(new AddUserJob(),
		[
			EditUserNameJob::NEW_USER_NAME => InputHelper::get('name'),
			EditUserPasswordJob::NEW_PASSWORD => InputHelper::get('password1'),
			EditUserEmailJob::NEW_EMAIL => InputHelper::get('email'),
		]);

		if (!getConfig()->registration->needEmailForRegistering and !getConfig()->registration->staffActivation)
		{
			Auth::setCurrentUser($user);
		}

		$message = 'Congratulations, your account was created.';
		if (Mailer::getMailCounter() > 0)
		{
			$message .= ' Please wait for activation e-mail.';
			if (getConfig()->registration->staffActivation)
				$message .= ' After this, your registration must be confirmed by staff.';
		}
		elseif (getConfig()->registration->staffActivation)
			$message .= ' Your registration must be now confirmed by staff.';

		Messenger::message($message);
	}

	public function activationView()
	{
		$context = getContext();
		$context->viewName = 'user-select';
		Assets::setSubTitle('account activation');
	}

	public function activationAction($token)
	{
		$context = getContext();
		$context->viewName = 'message';
		Assets::setSubTitle('account activation');

		if (empty($token))
		{
			$name = InputHelper::get('name');
			$user = UserModel::findByNameOrEmail($name);
			if (empty($user->emailUnconfirmed))
			{
				if (!empty($user->emailConfirmed))
					throw new SimpleException('E-mail was already confirmed; activation skipped');
				else
					throw new SimpleException('This user has no e-mail specified; activation cannot proceed');
			}
			EditUserEmailJob::sendEmail($user);
			Messenger::message('Activation e-mail resent.');
		}
		else
		{
			$dbToken = TokenModel::findByToken($token);
			TokenModel::checkValidity($dbToken);

			$dbUser = $dbToken->getUser();
			if (empty($dbUser->emailConfirmed))
			{
				$dbUser->emailConfirmed = $dbUser->emailUnconfirmed;
				$dbUser->emailUnconfirmed = null;
			}
			$dbToken->used = true;
			TokenModel::save($dbToken);
			UserModel::save($dbUser);

			LogHelper::log('{subject} just activated account', ['subject' => TextHelper::reprUser($dbUser)]);
			$message = 'Activation completed successfully.';
			if (getConfig()->registration->staffActivation)
				$message .= ' However, your account still must be confirmed by staff.';
			Messenger::message($message);

			if (!getConfig()->registration->staffActivation)
			{
				Auth::setCurrentUser($dbUser);
			}
		}
	}

	public function passwordResetView()
	{
		$context = getContext();
		$context->viewName = 'user-select';
		Assets::setSubTitle('password reset');
	}

	public function passwordResetAction($token)
	{
		$context = getContext();
		$context->viewName = 'message';
		Assets::setSubTitle('password reset');

		if (empty($token))
		{
			$name = InputHelper::get('name');
			$user = UserModel::findByNameOrEmail($name);
			if (empty($user->emailConfirmed))
				throw new SimpleException('This user has no e-mail confirmed; password reset cannot proceed');

			self::sendPasswordResetConfirmation($user);
			Messenger::message('E-mail sent. Follow instructions to reset password.');
		}
		else
		{
			$dbToken = TokenModel::findByToken($token);
			TokenModel::checkValidity($dbToken);

			$alphabet = array_merge(range('A', 'Z'), range('a', 'z'), range('0', '9'));
			$randomPassword = join('', array_map(function($x) use ($alphabet)
			{
				return $alphabet[$x];
			}, array_rand($alphabet, 8)));

			$dbUser = $dbToken->getUser();
			$dbUser->passHash = UserModel::hashPassword($randomPassword, $dbUser->passSalt);
			$dbToken->used = true;
			TokenModel::save($dbToken);
			UserModel::save($dbUser);

			LogHelper::log('{subject} just reset password', ['subject' => TextHelper::reprUser($dbUser)]);
			$message = 'Password reset successful. Your new password is **' . $randomPassword . '**.';
			Messenger::message($message);

			Auth::setCurrentUser($dbUser);
		}
	}

	private static function sendPasswordResetConfirmation($user)
	{
		$regConfig = getConfig()->registration;

		$mail = new Mail();
		$mail->body = $regConfig->passwordResetEmailBody;
		$mail->subject = $regConfig->passwordResetEmailSubject;
		$mail->senderName = $regConfig->passwordResetEmailSenderName;
		$mail->senderEmail = $regConfig->passwordResetEmailSenderEmail;
		$mail->recipientEmail = $user->emailConfirmed;

		return Mailer::sendMailWithTokenLink(
			$user,
			['UserController', 'passwordResetAction'],
			$mail);
	}

	private function requirePasswordConfirmation()
	{
		$user = getContext()->transport->user;
		if (Auth::getCurrentUser()->id == $user->id)
		{
			$suppliedPassword = InputHelper::get('current-password');
			$suppliedPasswordHash = UserModel::hashPassword($suppliedPassword, $user->passSalt);
			if ($suppliedPasswordHash != $user->passHash)
				throw new SimpleException('Must supply valid password');
		}
	}
}
Let there be placeholders 2013-10-05 19:24:08 +02:00			`<?php`
Moved AbstractController to Bootstrap 2013-10-05 21:24:20 +02:00			`class UserController`
Let there be placeholders 2013-10-05 19:24:08 +02:00			`{`
Moved user listing to API 2014-05-04 10:32:32 +02:00			`public function listView($filter = 'order:alpha,asc', $page = 1)`
Let there be placeholders 2013-10-05 19:24:08 +02:00			`{`
Moved user listing to API 2014-05-04 10:32:32 +02:00			`$ret = Api::run(`
			`new ListUsersJob(),`
			`[`
			`ListUsersJob::PAGE_NUMBER => $page,`
			`ListUsersJob::QUERY => $filter,`
			`]);`
Universal pagination; closed #3 2013-10-16 13:07:01 +02:00
Moved user listing to API 2014-05-04 10:32:32 +02:00			`$context = getContext();`
Universal pagination; closed #3 2013-10-16 13:07:01 +02:00
Moved user listing to API 2014-05-04 10:32:32 +02:00			`$context->filter = $filter;`
			`$context->transport->users = $ret->entities;`
			`$context->transport->paginator = $ret;`
Let there be placeholders 2013-10-05 19:24:08 +02:00			`}`

Simplified views in UserController 2014-05-04 12:01:14 +02:00			`public function genericView($name, $tab = 'favs', $page = 1)`
Worked on #4, #1 and #2 Also: - enhanced form stylesheets - W3C validation 2013-10-15 00:41:04 +02:00			`{`
Moved user retrieval to API 2014-05-04 12:45:26 +02:00			`$user = Api::run(`
			`new GetUserJob(),`
			`[`
			`GetUserJob::USER_NAME => $name,`
			`]);`

Simplified views in UserController 2014-05-04 12:01:14 +02:00			`$flagged = in_array(TextHelper::reprUser($user), SessionHelper::get('flagged', []));`
Closed #1; closed #2; closed #4; closed #27 2013-10-15 13:14:48 +02:00
Moved user account removal to API 2014-05-04 10:57:12 +02:00			`$context = getContext();`
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`$context->flagged = $flagged;`
			`$context->transport->tab = $tab;`
			`$context->transport->user = $user;`
			`$context->handleExceptions = true;`
			`$context->viewName = 'user-view';`
Worked on #4, #1 and #2 Also: - enhanced form stylesheets - W3C validation 2013-10-15 00:41:04 +02:00
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`if ($tab == 'uploads')`
			`$query = 'submit:' . $user->name;`
			`elseif ($tab == 'favs')`
			`$query = 'fav:' . $user->name;`
Increasing readability 2014-04-30 08:08:24 +02:00
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`if (isset($query))`
Closed #1; closed #2; closed #4; closed #27 2013-10-15 13:14:48 +02:00			`{`
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`$ret = Api::run(`
			`new ListPostsJob(),`
			`[`
			`ListPostsJob::PAGE_NUMBER => $page,`
			`ListPostsJob::QUERY => $query`
			`]);`

			`$context->transport->posts = $ret->entities;`
			`$context->transport->paginator = $ret;`
			`$context->transport->lastSearchQuery = $query;`
Increasing readability 2014-04-30 08:08:24 +02:00			`}`
Closed #1; closed #2; closed #4; closed #27 2013-10-15 13:14:48 +02:00			`}`

Closed #39 2013-10-22 00:17:06 +02:00			`public function settingsAction($name)`
			`{`
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`$this->genericView($name, 'settings');`

			`$user = getContext()->transport->user;`

PrivilegesHelper shortened to Access Methods are shorter, too 2014-04-29 23:52:17 +02:00			`Access::assert(`
New exception style; split long lines in php 2014-04-27 14:42:39 +02:00			`Privilege::ChangeUserSettings,`
PrivilegesHelper shortened to Access Methods are shorter, too 2014-04-29 23:52:17 +02:00			`Access::getIdentity($user));`
Closed #39 2013-10-22 00:17:06 +02:00
Increasing readability 2014-04-30 08:08:24 +02:00			`$suppliedSafety = InputHelper::get('safety');`
			`if (!is_array($suppliedSafety))`
			`$suppliedSafety = [];`
			`foreach (PostSafety::getAll() as $safety)`
			`$user->enableSafety($safety, in_array($safety, $suppliedSafety));`

			`$user->enableEndlessScrolling(InputHelper::get('endless-scrolling'));`
			`$user->enablePostTagTitles(InputHelper::get('post-tag-titles'));`
			`$user->enableHidingDislikedPosts(InputHelper::get('hide-disliked-posts'));`

			`if ($user->accessRank != AccessRank::Anonymous)`
			`UserModel::save($user);`
Simplified auth 2014-05-01 16:12:37 +02:00			`if ($user->id == Auth::getCurrentUser()->id)`
			`Auth::setCurrentUser($user);`
Simplified views in UserController 2014-05-04 12:01:14 +02:00
AJAX doesn't rely on StatusHelper Since the purpose that StatusHelper was mainly created for no longer holds, it was simplified to Messenger. It is now is used to transport simple messages to views and still transports info whether the message is about success or failure. 2014-05-01 22:29:36 +02:00			`Messenger::message('Browsing settings updated!');`
Closed #39 2013-10-22 00:17:06 +02:00			`}`

Closed #1; closed #2; closed #4; closed #27 2013-10-15 13:14:48 +02:00			`public function editAction($name)`
			`{`
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`$this->genericView($name, 'edit');`
			`$this->requirePasswordConfirmation();`

Moved user account settings to API 2014-05-04 13:39:00 +02:00			`if (InputHelper::get('password1') != InputHelper::get('password2'))`
			`throw new SimpleException('Specified passwords must be the same');`
Closed #1; closed #2; closed #4; closed #27 2013-10-15 13:14:48 +02:00
Moved user account settings to API 2014-05-04 13:39:00 +02:00			`$args =`
			`[`
			`EditUserNameJob::USER_NAME => $name,`
			`EditUserNameJob::NEW_USER_NAME => InputHelper::get('name'),`
			`EditUserPasswordJob::NEW_PASSWORD => InputHelper::get('password1'),`
			`EditUserEmailJob::NEW_EMAIL => InputHelper::get('email'),`
			`EditUserAccessRankJob::NEW_ACCESS_RANK => InputHelper::get('access-rank'),`
			`];`
Increasing readability 2014-04-30 08:08:24 +02:00
Moved user account settings to API 2014-05-04 13:39:00 +02:00			`$args = array_filter($args);`
			`$user = Api::run(new EditUserJob(), $args);`
Preparation for #62 2013-11-16 16:24:38 +01:00
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`if (Auth::getCurrentUser()->id == $user->id)`
			`Auth::setCurrentUser($user);`
Increasing readability 2014-04-30 08:08:24 +02:00
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`$message = 'Account settings updated!';`
Moved user account settings to API 2014-05-04 13:39:00 +02:00			`if (Mailer::getMailCounter() > 0)`
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`$message .= ' You will be sent an e-mail address confirmation message soon.';`
Increasing readability 2014-04-30 08:08:24 +02:00
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`Messenger::message($message);`
Worked on #4, #1 and #2 Also: - enhanced form stylesheets - W3C validation 2013-10-15 00:41:04 +02:00			`}`

Simplified views in UserController 2014-05-04 12:01:14 +02:00			`public function deleteAction($name)`
Let there be placeholders 2013-10-05 19:24:08 +02:00			`{`
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`$this->genericView($name, 'delete');`
			`$this->requirePasswordConfirmation();`
Worked on #4 2013-10-14 10:22:53 +02:00
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`Api::run(new DeleteUserJob(), [`
			`DeleteUserJob::USER_NAME => $name]);`
New exception style; split long lines in php 2014-04-27 14:42:39 +02:00
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`$user = UserModel::findById(Auth::getCurrentUser()->id, false);`
			`if (!$user)`
			`Auth::logOut();`
Closed #1; closed #2; closed #4; closed #27 2013-10-15 13:14:48 +02:00
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`\Chibi\Util\Url::forward(\Chibi\Router::linkTo(['StaticPagesController', 'mainPageView']));`
			`exit;`
			`}`
Worked on #4 2013-10-14 10:22:53 +02:00
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`public function flagAction($name)`
			`{`
			`Api::run(new FlagUserJob(), [FlagUserJob::USER_NAME => $name]);`
			`}`
Worked on #4 2013-10-14 10:22:53 +02:00
Simplified views in UserController 2014-05-04 12:01:14 +02:00			`public function banAction($name)`
			`{`
			`Api::run(new ToggleUserBanJob(), [`
			`ToggleUserBanJob::USER_NAME => $name,`
			`ToggleUserBanJob::STATE => true]);`
			`}`

			`public function unbanAction($name)`
			`{`
			`Api::run(new ToggleUserBanJob(), [`
			`ToggleUserBanJob::USER_NAME => $name,`
			`ToggleUserBanJob::STATE => false]);`
			`}`

			`public function acceptRegistrationAction($name)`
			`{`
			`Api::run(new AcceptUserRegistrationJob(), [`
			`AcceptUserRegistrationJob::USER_NAME => $name]);`
Let there be placeholders 2013-10-05 19:24:08 +02:00			`}`
User safety settings 2013-10-14 00:25:40 +02:00
			`public function toggleSafetyAction($safety)`
			`{`
Simplified auth 2014-05-01 16:12:37 +02:00			`$user = Auth::getCurrentUser();`

PrivilegesHelper shortened to Access Methods are shorter, too 2014-04-29 23:52:17 +02:00			`Access::assert(`
New exception style; split long lines in php 2014-04-27 14:42:39 +02:00			`Privilege::ChangeUserSettings,`
Simplified auth 2014-05-01 16:12:37 +02:00			`Access::getIdentity($user));`
User safety settings 2013-10-14 00:25:40 +02:00
			`if (!in_array($safety, PostSafety::getAll()))`
			`throw new SimpleExcetpion('Invalid safety');`

Simplified auth 2014-05-01 16:12:37 +02:00			`$user->enableSafety($safety, !$user->hasEnabledSafety($safety));`
User safety settings 2013-10-14 00:25:40 +02:00
Simplified auth 2014-05-01 16:12:37 +02:00			`if ($user->accessRank != AccessRank::Anonymous)`
			`UserModel::save($user);`
			`Auth::setCurrentUser($user);`
User safety settings 2013-10-14 00:25:40 +02:00			`}`
Closed #32 2013-10-16 18:07:23 +02:00
Moved account registering to API 2014-05-04 14:57:44 +02:00			`public function registrationView()`
Closed #32 2013-10-16 18:07:23 +02:00			`{`
Newest chibi-core 2014-04-29 21:35:29 +02:00			`$context = getContext();`
			`$context->handleExceptions = true;`
Closed #32 2013-10-16 18:07:23 +02:00
			`//check if already logged in`
Simplified auth 2014-05-01 16:12:37 +02:00			`if (Auth::isLoggedIn())`
Closed #32 2013-10-16 18:07:23 +02:00			`{`
Renamed IndexController class and methods 2014-05-02 22:30:14 +02:00			`\Chibi\Util\Url::forward(\Chibi\Router::linkTo(['StaticPagesController', 'mainPageView']));`
Fixed erroreous redirects 2014-05-03 23:27:00 +02:00			`exit;`
Closed #32 2013-10-16 18:07:23 +02:00			`}`
Moved account registering to API 2014-05-04 14:57:44 +02:00			`}`
Closed #32 2013-10-16 18:07:23 +02:00
Moved account registering to API 2014-05-04 14:57:44 +02:00			`public function registrationAction()`
			`{`
			`$this->registrationView();`
Closed #32 2013-10-16 18:07:23 +02:00
Moved account registering to API 2014-05-04 14:57:44 +02:00			`if (InputHelper::get('password1') != InputHelper::get('password2'))`
Increasing readability 2014-04-30 08:08:24 +02:00			`throw new SimpleException('Specified passwords must be the same');`
Closed #32 2013-10-16 18:07:23 +02:00
Moved account registering to API 2014-05-04 14:57:44 +02:00			`$user = Api::run(new AddUserJob(),`
			`[`
			`EditUserNameJob::NEW_USER_NAME => InputHelper::get('name'),`
			`EditUserPasswordJob::NEW_PASSWORD => InputHelper::get('password1'),`
			`EditUserEmailJob::NEW_EMAIL => InputHelper::get('email'),`
			`]);`
Closed #32 2013-10-16 18:07:23 +02:00
Moved account registering to API 2014-05-04 14:57:44 +02:00			`if (!getConfig()->registration->needEmailForRegistering and !getConfig()->registration->staffActivation)`
Increasing readability 2014-04-30 08:08:24 +02:00			`{`
Moved account registering to API 2014-05-04 14:57:44 +02:00			`Auth::setCurrentUser($user);`
Increasing readability 2014-04-30 08:08:24 +02:00			`}`
Preparation for #62 2013-11-16 16:24:38 +01:00
Increasing readability 2014-04-30 08:08:24 +02:00			`$message = 'Congratulations, your account was created.';`
Moved user account settings to API 2014-05-04 13:39:00 +02:00			`if (Mailer::getMailCounter() > 0)`
Increasing readability 2014-04-30 08:08:24 +02:00			`{`
			`$message .= ' Please wait for activation e-mail.';`
			`if (getConfig()->registration->staffActivation)`
			`$message .= ' After this, your registration must be confirmed by staff.';`
			`}`
			`elseif (getConfig()->registration->staffActivation)`
			`$message .= ' Your registration must be now confirmed by staff.';`
Closed #32 2013-10-16 18:07:23 +02:00
AJAX doesn't rely on StatusHelper Since the purpose that StatusHelper was mainly created for no longer holds, it was simplified to Messenger. It is now is used to transport simple messages to views and still transports info whether the message is about success or failure. 2014-05-01 22:29:36 +02:00			`Messenger::message($message);`
Closed #32 2013-10-16 18:07:23 +02:00			`}`

Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`public function activationView()`
Closed #32 2013-10-16 18:07:23 +02:00			`{`
Newest chibi-core 2014-04-29 21:35:29 +02:00			`$context = getContext();`
Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`$context->viewName = 'user-select';`
Newest chibi-core 2014-04-29 21:35:29 +02:00			`Assets::setSubTitle('account activation');`
Closed #32 2013-10-16 18:07:23 +02:00			`}`
Further work on #62 Added ability to resend activation mail 2013-11-16 18:51:34 +01:00
Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`public function activationAction($token)`
Further work on #62 Added ability to resend activation mail 2013-11-16 18:51:34 +01:00			`{`
Newest chibi-core 2014-04-29 21:35:29 +02:00			`$context = getContext();`
			`$context->viewName = 'message';`
Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`Assets::setSubTitle('account activation');`
Closed #62 2013-11-16 19:24:33 +01:00
Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`if (empty($token))`
Closed #62 2013-11-16 19:24:33 +01:00			`{`
Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`$name = InputHelper::get('name');`
			`$user = UserModel::findByNameOrEmail($name);`
			`if (empty($user->emailUnconfirmed))`
			`{`
			`if (!empty($user->emailConfirmed))`
			`throw new SimpleException('E-mail was already confirmed; activation skipped');`
			`else`
			`throw new SimpleException('This user has no e-mail specified; activation cannot proceed');`
			`}`
			`EditUserEmailJob::sendEmail($user);`
			`Messenger::message('Activation e-mail resent.');`
			`}`
			`else`
			`{`
			`$dbToken = TokenModel::findByToken($token);`
			`TokenModel::checkValidity($dbToken);`

			`$dbUser = $dbToken->getUser();`
			`if (empty($dbUser->emailConfirmed))`
			`{`
			`$dbUser->emailConfirmed = $dbUser->emailUnconfirmed;`
			`$dbUser->emailUnconfirmed = null;`
			`}`
			`$dbToken->used = true;`
			`TokenModel::save($dbToken);`
			`UserModel::save($dbUser);`

			`LogHelper::log('{subject} just activated account', ['subject' => TextHelper::reprUser($dbUser)]);`
			`$message = 'Activation completed successfully.';`
			`if (getConfig()->registration->staffActivation)`
			`$message .= ' However, your account still must be confirmed by staff.';`
			`Messenger::message($message);`
Further work on #62 Added ability to resend activation mail 2013-11-16 18:51:34 +01:00
Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`if (!getConfig()->registration->staffActivation)`
			`{`
			`Auth::setCurrentUser($dbUser);`
			`}`
			`}`
Closed #62 2013-11-16 19:24:33 +01:00			`}`

Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`public function passwordResetView()`
Closed #62 2013-11-16 19:24:33 +01:00			`{`
Newest chibi-core 2014-04-29 21:35:29 +02:00			`$context = getContext();`
			`$context->viewName = 'user-select';`
			`Assets::setSubTitle('password reset');`
Closed #62 2013-11-16 19:24:33 +01:00			`}`

Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`public function passwordResetAction($token)`
Closed #62 2013-11-16 19:24:33 +01:00			`{`
Newest chibi-core 2014-04-29 21:35:29 +02:00			`$context = getContext();`
Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`$context->viewName = 'message';`
			`Assets::setSubTitle('password reset');`
Closed #62 2013-11-16 19:24:33 +01:00
Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`if (empty($token))`
			`{`
			`$name = InputHelper::get('name');`
			`$user = UserModel::findByNameOrEmail($name);`
			`if (empty($user->emailConfirmed))`
			`throw new SimpleException('This user has no e-mail confirmed; password reset cannot proceed');`
Increasing readability 2014-04-30 08:08:24 +02:00
Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`self::sendPasswordResetConfirmation($user);`
			`Messenger::message('E-mail sent. Follow instructions to reset password.');`
			`}`
			`else`
Further work on #62 Added ability to resend activation mail 2013-11-16 18:51:34 +01:00			`{`
Organized password reset and account activation 2014-05-04 15:10:51 +02:00			`$dbToken = TokenModel::findByToken($token);`
			`TokenModel::checkValidity($dbToken);`

			`$alphabet = array_merge(range('A', 'Z'), range('a', 'z'), range('0', '9'));`
			`$randomPassword = join('', array_map(function($x) use ($alphabet)`
			`{`
			`return $alphabet[$x];`
			`}, array_rand($alphabet, 8)));`

			`$dbUser = $dbToken->getUser();`
			`$dbUser->passHash = UserModel::hashPassword($randomPassword, $dbUser->passSalt);`
			`$dbToken->used = true;`
			`TokenModel::save($dbToken);`
			`UserModel::save($dbUser);`

			`LogHelper::log('{subject} just reset password', ['subject' => TextHelper::reprUser($dbUser)]);`
			`$message = 'Password reset successful. Your new password is ' . $randomPassword . '.';`
			`Messenger::message($message);`

			`Auth::setCurrentUser($dbUser);`
Further work on #62 Added ability to resend activation mail 2013-11-16 18:51:34 +01:00			`}`
Increasing readability 2014-04-30 08:08:24 +02:00			`}`

			`private static function sendPasswordResetConfirmation($user)`
			`{`
			`$regConfig = getConfig()->registration;`

Moved user account settings to API 2014-05-04 13:39:00 +02:00			`$mail = new Mail();`
			`$mail->body = $regConfig->passwordResetEmailBody;`
			`$mail->subject = $regConfig->passwordResetEmailSubject;`
			`$mail->senderName = $regConfig->passwordResetEmailSenderName;`
			`$mail->senderEmail = $regConfig->passwordResetEmailSenderEmail;`
			`$mail->recipientEmail = $user->emailConfirmed;`

			`return Mailer::sendMailWithTokenLink(`
Increasing readability 2014-04-30 08:08:24 +02:00			`$user,`
Moved user account settings to API 2014-05-04 13:39:00 +02:00			`['UserController', 'passwordResetAction'],`
			`$mail);`
Further work on #62 Added ability to resend activation mail 2013-11-16 18:51:34 +01:00			`}`
Simplified views in UserController 2014-05-04 12:01:14 +02:00
			`private function requirePasswordConfirmation()`
			`{`
			`$user = getContext()->transport->user;`
			`if (Auth::getCurrentUser()->id == $user->id)`
			`{`
			`$suppliedPassword = InputHelper::get('current-password');`
			`$suppliedPasswordHash = UserModel::hashPassword($suppliedPassword, $user->passSalt);`
			`if ($suppliedPasswordHash != $user->passHash)`
			`throw new SimpleException('Must supply valid password');`
			`}`
			`}`
Let there be placeholders 2013-10-05 19:24:08 +02:00			`}`