xpressengine /
xe-core
Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.
Common duplication problems, and corresponding solutions are:
Complex classes like memberController often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use memberController, and based on these observations, apply Extract Interface, too.
| 1 | <?php |
||
| 8 | class memberController extends member |
||
| 9 | { |
||
| 10 | /** |
||
| 11 | * Info of selected member |
||
| 12 | * |
||
| 13 | * @var object |
||
| 14 | */ |
||
| 15 | var $memberInfo; |
||
| 16 | |||
| 17 | /** |
||
| 18 | * Initialization |
||
| 19 | * |
||
| 20 | * @return void |
||
| 21 | */ |
||
| 22 | function init() |
||
| 25 | |||
| 26 | /** |
||
| 27 | * Log-in by checking user_id and password |
||
| 28 | * |
||
| 29 | * @param string $user_id |
||
| 30 | * @param string $password |
||
| 31 | * @param string $keep_signed |
||
| 32 | * |
||
| 33 | * @return void|Object (void : success, Object : fail) |
||
| 34 | */ |
||
| 35 | function procMemberLogin($user_id = null, $password = null, $keep_signed = null) |
||
| 36 | { |
||
| 37 | if(!$user_id && !$password && Context::getRequestMethod() == 'GET') |
||
| 38 | { |
||
| 39 | $this->setRedirectUrl(getNotEncodedUrl('')); |
||
| 40 | return new Object(-1, 'null_user_id'); |
||
| 41 | } |
||
| 42 | |||
| 43 | // Variables |
||
| 44 | if(!$user_id) $user_id = Context::get('user_id'); |
||
| 45 | $user_id = trim($user_id); |
||
| 46 | |||
| 47 | if(!$password) $password = Context::get('password'); |
||
| 48 | $password = trim($password); |
||
| 49 | |||
| 50 | if(!$keep_signed) $keep_signed = Context::get('keep_signed'); |
||
| 51 | // Return an error when id and password doesn't exist |
||
| 52 | if(!$user_id) return new Object(-1,'null_user_id'); |
||
| 53 | if(!$password) return new Object(-1,'null_password'); |
||
| 54 | |||
| 55 | $output = $this->doLogin($user_id, $password, $keep_signed=='Y'?true:false); |
||
| 56 | if (!$output->toBool()) return $output; |
||
| 57 | |||
| 58 | $oModuleModel = getModel('module'); |
||
| 59 | $config = $oModuleModel->getModuleConfig('member'); |
||
| 60 | |||
| 61 | // Check change_password_date |
||
| 62 | $limit_date = $config->change_password_date; |
||
| 63 | |||
| 64 | // Check if change_password_date is set |
||
| 65 | if($limit_date > 0) |
||
| 66 | { |
||
| 67 | $oMemberModel = getModel('member'); |
||
| 68 | if($this->memberInfo->change_password_date < date ('YmdHis', strtotime ('-' . $limit_date . ' day'))) |
||
| 69 | { |
||
| 70 | $msg = sprintf(Context::getLang('msg_change_password_date'), $limit_date); |
||
| 71 | return $this->setRedirectUrl(getNotEncodedUrl('','vid',Context::get('vid'),'mid',Context::get('mid'),'act','dispMemberModifyPassword'), new Object(-1, $msg)); |
||
| 72 | } |
||
| 73 | } |
||
| 74 | |||
| 75 | // Delete all previous authmail if login is successful |
||
| 76 | $args = new stdClass(); |
||
| 77 | $args->member_srl = $this->memberInfo->member_srl; |
||
| 78 | executeQuery('member.deleteAuthMail', $args); |
||
| 79 | |||
| 80 | if(!$config->after_login_url) |
||
| 81 | { |
||
| 82 | $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', ''); |
||
| 83 | } |
||
| 84 | else |
||
| 85 | { |
||
| 86 | $returnUrl = $config->after_login_url; |
||
| 87 | } |
||
| 88 | return $this->setRedirectUrl($returnUrl, $output); |
||
| 89 | } |
||
| 90 | |||
| 91 | /** |
||
| 92 | * Log-out |
||
| 93 | * |
||
| 94 | * @return Object |
||
| 95 | */ |
||
| 96 | function procMemberLogout() |
||
| 97 | { |
||
| 98 | // Call a trigger before log-out (before) |
||
| 99 | $logged_info = Context::get('logged_info'); |
||
| 100 | $trigger_output = ModuleHandler::triggerCall('member.doLogout', 'before', $logged_info); |
||
| 101 | if(!$trigger_output->toBool()) return $trigger_output; |
||
| 102 | // Destroy session information |
||
| 103 | $this->destroySessionInfo(); |
||
| 104 | // Call a trigger after log-out (after) |
||
| 105 | $trigger_output = ModuleHandler::triggerCall('member.doLogout', 'after', $logged_info); |
||
| 106 | if(!$trigger_output->toBool()) return $trigger_output; |
||
| 107 | |||
| 108 | $output = new Object(); |
||
| 109 | |||
| 110 | $oModuleModel = getModel('module'); |
||
| 111 | $config = $oModuleModel->getModuleConfig('member'); |
||
| 112 | if($config->after_logout_url) |
||
| 113 | $output->redirect_url = $config->after_logout_url; |
||
| 114 | |||
| 115 | $this->_clearMemberCache($logged_info->member_srl); |
||
| 116 | |||
| 117 | return $output; |
||
| 118 | } |
||
| 119 | |||
| 120 | /** |
||
| 121 | * Scrap document |
||
| 122 | * |
||
| 123 | * @return void|Object (void : success, Object : fail) |
||
| 124 | */ |
||
| 125 | function procMemberScrapDocument() |
||
| 126 | { |
||
| 127 | // Check login information |
||
| 128 | if(!Context::get('is_logged')) return new Object(-1, 'msg_not_logged'); |
||
| 129 | $logged_info = Context::get('logged_info'); |
||
| 130 | |||
| 131 | $document_srl = (int)Context::get('document_srl'); |
||
| 132 | if(!$document_srl) $document_srl = (int)Context::get('target_srl'); |
||
| 133 | if(!$document_srl) return new Object(-1,'msg_invalid_request'); |
||
| 134 | // Get document |
||
| 135 | $oDocumentModel = getModel('document'); |
||
| 136 | $oDocument = $oDocumentModel->getDocument($document_srl); |
||
| 137 | // Variables |
||
| 138 | $args = new stdClass(); |
||
| 139 | $args->document_srl = $document_srl; |
||
| 140 | $args->member_srl = $logged_info->member_srl; |
||
| 141 | $args->user_id = $oDocument->get('user_id'); |
||
| 142 | $args->user_name = $oDocument->get('user_name'); |
||
| 143 | $args->nick_name = $oDocument->get('nick_name'); |
||
| 144 | $args->target_member_srl = $oDocument->get('member_srl'); |
||
| 145 | $args->title = $oDocument->get('title'); |
||
| 146 | // Check if already scrapped |
||
| 147 | $output = executeQuery('member.getScrapDocument', $args); |
||
| 148 | if($output->data->count) return new Object(-1, 'msg_alreay_scrapped'); |
||
| 149 | // Insert |
||
| 150 | $output = executeQuery('member.addScrapDocument', $args); |
||
| 151 | if(!$output->toBool()) return $output; |
||
| 152 | |||
| 153 | $this->setError(-1); |
||
| 154 | $this->setMessage('success_registed'); |
||
| 155 | } |
||
| 156 | |||
| 157 | /** |
||
| 158 | * Delete a scrap |
||
| 159 | * |
||
| 160 | * @return void|Object (void : success, Object : fail) |
||
| 161 | */ |
||
| 162 | function procMemberDeleteScrap() |
||
| 163 | { |
||
| 164 | // Check login information |
||
| 165 | if(!Context::get('is_logged')) return new Object(-1, 'msg_not_logged'); |
||
| 166 | $logged_info = Context::get('logged_info'); |
||
| 167 | |||
| 168 | $document_srl = (int)Context::get('document_srl'); |
||
| 169 | if(!$document_srl) return new Object(-1,'msg_invalid_request'); |
||
| 170 | // Variables |
||
| 171 | $args = new stdClass; |
||
| 172 | $args->member_srl = $logged_info->member_srl; |
||
| 173 | $args->document_srl = $document_srl; |
||
| 174 | return executeQuery('member.deleteScrapDocument', $args); |
||
| 175 | } |
||
| 176 | |||
| 177 | /** |
||
| 178 | * Save posts |
||
| 179 | * @deprecated - instead Document Controller - procDocumentTempSave method use |
||
| 180 | * @return Object |
||
| 181 | */ |
||
| 182 | function procMemberSaveDocument() |
||
| 186 | |||
| 187 | /** |
||
| 188 | * Delete the post |
||
| 189 | * |
||
| 190 | * @return void|Object (void : success, Object : fail) |
||
| 191 | */ |
||
| 192 | function procMemberDeleteSavedDocument() |
||
| 193 | { |
||
| 194 | // Check login information |
||
| 195 | if(!Context::get('is_logged')) return new Object(-1, 'msg_not_logged'); |
||
| 196 | $logged_info = Context::get('logged_info'); |
||
| 197 | |||
| 198 | $document_srl = (int)Context::get('document_srl'); |
||
| 199 | if(!$document_srl) return new Object(-1,'msg_invalid_request'); |
||
| 200 | // Variables |
||
| 201 | $oDocumentController = getController('document'); |
||
| 202 | $oDocumentController->deleteDocument($document_srl, true); |
||
| 203 | } |
||
| 204 | |||
| 205 | /** |
||
| 206 | * Check values when member joining |
||
| 207 | * |
||
| 208 | * @return void|Object (void : success, Object : fail) |
||
| 209 | */ |
||
| 210 | function procMemberCheckValue() |
||
| 211 | { |
||
| 212 | $name = Context::get('name'); |
||
| 213 | $value = Context::get('value'); |
||
| 214 | if(!$value) return; |
||
| 215 | |||
| 216 | $oMemberModel = getModel('member'); |
||
| 217 | // Check if logged-in |
||
| 218 | $logged_info = Context::get('logged_info'); |
||
| 219 | |||
| 220 | |||
| 221 | switch($name) |
||
| 222 | { |
||
| 223 | case 'user_id' : |
||
| 224 | // Check denied ID |
||
| 225 | if($oMemberModel->isDeniedID($value)) return new Object(0,'denied_user_id'); |
||
| 226 | // Check if duplicated |
||
| 227 | $member_srl = $oMemberModel->getMemberSrlByUserID($value); |
||
| 228 | if($member_srl && $logged_info->member_srl != $member_srl ) return new Object(0,'msg_exists_user_id'); |
||
| 229 | break; |
||
| 230 | case 'nick_name' : |
||
| 231 | // Check denied ID |
||
| 232 | if($oMemberModel->isDeniedNickName($value)) |
||
| 233 | { |
||
| 234 | return new Object(0,'denied_nick_name'); |
||
| 235 | } |
||
| 236 | // Check if duplicated |
||
| 237 | $member_srl = $oMemberModel->getMemberSrlByNickName($value); |
||
| 238 | if($member_srl && $logged_info->member_srl != $member_srl ) return new Object(0,'msg_exists_nick_name'); |
||
| 239 | |||
| 240 | break; |
||
| 241 | case 'email_address' : |
||
| 242 | // Check if duplicated |
||
| 243 | $member_srl = $oMemberModel->getMemberSrlByEmailAddress($value); |
||
| 244 | if($member_srl && $logged_info->member_srl != $member_srl ) return new Object(0,'msg_exists_email_address'); |
||
| 245 | break; |
||
| 246 | } |
||
| 247 | } |
||
| 248 | |||
| 249 | /** |
||
| 250 | * Join Membership |
||
| 251 | * |
||
| 252 | * @return void|Object (void : success, Object : fail) |
||
| 253 | */ |
||
| 254 | function procMemberInsert() |
||
| 424 | |||
| 425 | function procMemberModifyInfoBefore() |
||
| 426 | { |
||
| 427 | if($_SESSION['rechecked_password_step'] != 'INPUT_PASSWORD') |
||
| 428 | { |
||
| 429 | return $this->stop('msg_invalid_request'); |
||
| 430 | } |
||
| 431 | |||
| 432 | if(!Context::get('is_logged')) |
||
| 433 | { |
||
| 434 | return $this->stop('msg_not_logged'); |
||
| 435 | } |
||
| 436 | |||
| 437 | $password = Context::get('password'); |
||
| 438 | |||
| 439 | if(!$password) |
||
| 440 | { |
||
| 441 | return $this->stop('msg_invalid_request'); |
||
| 442 | } |
||
| 443 | |||
| 444 | $oMemberModel = getModel('member'); |
||
| 445 | |||
| 446 | if(!$this->memberInfo->password) |
||
| 447 | { |
||
| 448 | // Get information of logged-in user |
||
| 449 | $logged_info = Context::get('logged_info'); |
||
| 450 | $member_srl = $logged_info->member_srl; |
||
| 451 | |||
| 452 | $columnList = array('member_srl', 'password'); |
||
| 453 | $memberInfo = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); |
||
| 454 | $this->memberInfo->password = $memberInfo->password; |
||
| 455 | } |
||
| 456 | // Verify the current password |
||
| 457 | if(!$oMemberModel->isValidPassword($this->memberInfo->password, $password)) |
||
| 458 | { |
||
| 459 | return new Object(-1, 'invalid_password'); |
||
| 460 | } |
||
| 461 | |||
| 462 | $_SESSION['rechecked_password_step'] = 'VALIDATE_PASSWORD'; |
||
| 463 | |||
| 464 | if(Context::get('success_return_url')) |
||
| 465 | { |
||
| 466 | $redirectUrl = Context::get('success_return_url'); |
||
| 467 | } |
||
| 468 | else |
||
| 469 | { |
||
| 470 | $redirectUrl = getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberModifyInfo'); |
||
| 471 | } |
||
| 472 | $this->setRedirectUrl($redirectUrl); |
||
| 473 | } |
||
| 474 | |||
| 475 | /** |
||
| 476 | * Edit member profile |
||
| 477 | * |
||
| 478 | * @return void|Object (void : success, Object : fail) |
||
| 479 | */ |
||
| 480 | function procMemberModifyInfo() |
||
| 481 | { |
||
| 482 | if(!Context::get('is_logged')) |
||
| 483 | { |
||
| 484 | return $this->stop('msg_not_logged'); |
||
| 485 | } |
||
| 486 | |||
| 487 | if($_SESSION['rechecked_password_step'] != 'INPUT_DATA') |
||
| 488 | { |
||
| 489 | return $this->stop('msg_invalid_request'); |
||
| 490 | } |
||
| 491 | unset($_SESSION['rechecked_password_step']); |
||
| 492 | |||
| 493 | // Extract the necessary information in advance |
||
| 494 | $oMemberModel = &getModel ('member'); |
||
| 495 | $config = $oMemberModel->getMemberConfig (); |
||
| 496 | $getVars = array('find_account_answer','allow_mailing','allow_message'); |
||
| 497 | View Code Duplication | if($config->signupForm) |
|
| 498 | { |
||
| 499 | foreach($config->signupForm as $formInfo) |
||
| 500 | { |
||
| 501 | if($formInfo->isDefaultForm && ($formInfo->isUse || $formInfo->required || $formInfo->mustRequired)) |
||
| 502 | { |
||
| 503 | $getVars[] = $formInfo->name; |
||
| 504 | } |
||
| 505 | } |
||
| 506 | } |
||
| 507 | |||
| 508 | $args = new stdClass; |
||
| 509 | View Code Duplication | foreach($getVars as $val) |
|
| 510 | { |
||
| 511 | $args->{$val} = Context::get($val); |
||
| 512 | if($val == 'birthday') $args->birthday_ui = Context::get('birthday_ui'); |
||
| 513 | } |
||
| 514 | // Login Information |
||
| 515 | $logged_info = Context::get('logged_info'); |
||
| 516 | $args->member_srl = $logged_info->member_srl; |
||
| 517 | $args->birthday = intval(strtr($args->birthday, array('-'=>'', '/'=>'', '.'=>'', ' '=>''))); |
||
| 518 | View Code Duplication | if(!$args->birthday && $args->birthday_ui) $args->birthday = intval(strtr($args->birthday_ui, array('-'=>'', '/'=>'', '.'=>'', ' '=>''))); |
|
| 519 | // Remove some unnecessary variables from all the vars |
||
| 520 | $all_args = Context::getRequestVars(); |
||
| 521 | unset($all_args->module); |
||
| 522 | unset($all_args->act); |
||
| 523 | unset($all_args->member_srl); |
||
| 524 | unset($all_args->is_admin); |
||
| 525 | unset($all_args->description); |
||
| 526 | unset($all_args->group_srl_list); |
||
| 527 | unset($all_args->body); |
||
| 528 | unset($all_args->accept_agreement); |
||
| 529 | unset($all_args->signature); |
||
| 530 | unset($all_args->_filter); |
||
| 531 | unset($all_args->mid); |
||
| 532 | unset($all_args->error_return_url); |
||
| 533 | unset($all_args->ruleset); |
||
| 534 | unset($all_args->password); |
||
| 535 | |||
| 536 | // Add extra vars after excluding necessary information from all the requested arguments |
||
| 537 | $extra_vars = delObjectVars($all_args, $args); |
||
| 538 | $args->extra_vars = serialize($extra_vars); |
||
| 539 | |||
| 540 | // remove whitespace |
||
| 541 | $checkInfos = array('user_id', 'user_name', 'nick_name', 'email_address'); |
||
| 542 | View Code Duplication | foreach($checkInfos as $val) |
|
| 543 | { |
||
| 544 | if(isset($args->{$val})) |
||
| 545 | { |
||
| 546 | $args->{$val} = preg_replace('/[\pZ\pC]+/u', '', $args->{$val}); |
||
| 547 | } |
||
| 548 | } |
||
| 549 | |||
| 550 | // Execute insert or update depending on the value of member_srl |
||
| 551 | $output = $this->updateMember($args); |
||
| 552 | if(!$output->toBool()) return $output; |
||
| 553 | |||
| 554 | $profile_image = $_FILES['profile_image']; |
||
| 555 | if(is_uploaded_file($profile_image['tmp_name'])) |
||
| 556 | { |
||
| 557 | $this->insertProfileImage($args->member_srl, $profile_image['tmp_name']); |
||
| 558 | } |
||
| 559 | |||
| 560 | $image_mark = $_FILES['image_mark']; |
||
| 561 | if(is_uploaded_file($image_mark['tmp_name'])) |
||
| 562 | { |
||
| 563 | $this->insertImageMark($args->member_srl, $image_mark['tmp_name']); |
||
| 564 | } |
||
| 565 | |||
| 566 | $image_name = $_FILES['image_name']; |
||
| 567 | if(is_uploaded_file($image_name['tmp_name'])) |
||
| 568 | { |
||
| 569 | $this->insertImageName($args->member_srl, $image_name['tmp_name']); |
||
| 570 | } |
||
| 571 | |||
| 572 | // Save Signature |
||
| 573 | $signature = Context::get('signature'); |
||
| 574 | $this->putSignature($args->member_srl, $signature); |
||
| 575 | |||
| 576 | // Get user_id information |
||
| 577 | $this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($args->member_srl); |
||
| 578 | |||
| 579 | |||
| 580 | // Call a trigger after successfully log-in (after) |
||
| 581 | $trigger_output = ModuleHandler::triggerCall('member.procMemberModifyInfo', 'after', $this->memberInfo); |
||
| 582 | if(!$trigger_output->toBool()) return $trigger_output; |
||
| 583 | |||
| 584 | $this->setSessionInfo(); |
||
| 585 | // Return result |
||
| 586 | $this->add('member_srl', $args->member_srl); |
||
| 587 | $this->setMessage('success_updated'); |
||
| 588 | |||
| 589 | $site_module_info = Context::get('site_module_info'); |
||
| 590 | $this->_clearMemberCache($args->member_srl, $site_module_info->site_srl); |
||
| 591 | |||
| 592 | $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberInfo'); |
||
| 593 | $this->setRedirectUrl($returnUrl); |
||
| 594 | } |
||
| 595 | |||
| 596 | /** |
||
| 597 | * Change the user password |
||
| 598 | * |
||
| 599 | * @return void|Object (void : success, Object : fail) |
||
| 600 | */ |
||
| 601 | function procMemberModifyPassword() |
||
| 602 | { |
||
| 603 | if(!Context::get('is_logged')) return $this->stop('msg_not_logged'); |
||
| 604 | // Extract the necessary information in advance |
||
| 605 | $current_password = trim(Context::get('current_password')); |
||
| 606 | $password = trim(Context::get('password1')); |
||
| 607 | // Get information of logged-in user |
||
| 608 | $logged_info = Context::get('logged_info'); |
||
| 609 | $member_srl = $logged_info->member_srl; |
||
| 610 | // Create a member model object |
||
| 611 | $oMemberModel = getModel('member'); |
||
| 612 | // Get information of member_srl |
||
| 613 | $columnList = array('member_srl', 'password'); |
||
| 614 | |||
| 615 | $member_info = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); |
||
| 616 | // Verify the cuttent password |
||
| 617 | if(!$oMemberModel->isValidPassword($member_info->password, $current_password, $member_srl)) return new Object(-1, 'invalid_password'); |
||
| 618 | |||
| 619 | // Check if a new password is as same as the previous password |
||
| 620 | if($current_password == $password) return new Object(-1, 'invalid_new_password'); |
||
| 621 | |||
| 622 | // Execute insert or update depending on the value of member_srl |
||
| 623 | $args = new stdClass; |
||
| 624 | $args->member_srl = $member_srl; |
||
| 625 | $args->password = $password; |
||
| 626 | $output = $this->updateMemberPassword($args); |
||
| 627 | if(!$output->toBool()) return $output; |
||
| 628 | |||
| 629 | $this->add('member_srl', $args->member_srl); |
||
| 630 | $this->setMessage('success_updated'); |
||
| 631 | |||
| 632 | $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberInfo'); |
||
| 633 | $this->setRedirectUrl($returnUrl); |
||
| 634 | } |
||
| 635 | |||
| 636 | /** |
||
| 637 | * Membership withdrawal |
||
| 638 | * |
||
| 639 | * @return void|Object (void : success, Object : fail) |
||
| 640 | */ |
||
| 641 | function procMemberLeave() |
||
| 642 | { |
||
| 643 | if(!Context::get('is_logged')) return $this->stop('msg_not_logged'); |
||
| 644 | // Extract the necessary information in advance |
||
| 645 | $password = trim(Context::get('password')); |
||
| 646 | // Get information of logged-in user |
||
| 647 | $logged_info = Context::get('logged_info'); |
||
| 648 | $member_srl = $logged_info->member_srl; |
||
| 649 | // Create a member model object |
||
| 650 | $oMemberModel = getModel('member'); |
||
| 651 | // Get information of member_srl |
||
| 652 | if(!$this->memberInfo->password) |
||
| 653 | { |
||
| 654 | $columnList = array('member_srl', 'password'); |
||
| 655 | $memberInfo = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); |
||
| 656 | $this->memberInfo->password = $memberInfo->password; |
||
| 657 | } |
||
| 658 | // Verify the cuttent password |
||
| 659 | if(!$oMemberModel->isValidPassword($this->memberInfo->password, $password)) return new Object(-1, 'invalid_password'); |
||
| 660 | |||
| 661 | $output = $this->deleteMember($member_srl); |
||
| 662 | if(!$output->toBool()) return $output; |
||
| 663 | // Destroy all session information |
||
| 664 | $this->destroySessionInfo(); |
||
| 665 | // Return success message |
||
| 666 | $this->setMessage('success_leaved'); |
||
| 667 | |||
| 668 | $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', ''); |
||
| 669 | $this->setRedirectUrl($returnUrl); |
||
| 670 | } |
||
| 671 | |||
| 672 | /** |
||
| 673 | * Add a profile image |
||
| 674 | * |
||
| 675 | * @return void|Object (void : success, Object : fail) |
||
| 676 | */ |
||
| 677 | View Code Duplication | function procMemberInsertProfileImage() |
|
| 678 | { |
||
| 679 | // Check if the file is successfully uploaded |
||
| 680 | $file = $_FILES['profile_image']; |
||
| 681 | if(!is_uploaded_file($file['tmp_name'])) return $this->stop('msg_not_uploaded_profile_image'); |
||
| 682 | // Ignore if member_srl is invalid or doesn't exist. |
||
| 683 | $member_srl = Context::get('member_srl'); |
||
| 684 | if(!$member_srl) return $this->stop('msg_not_uploaded_profile_image'); |
||
| 685 | |||
| 686 | $logged_info = Context::get('logged_info'); |
||
| 687 | if($logged_info->is_admin != 'Y' && $logged_info->member_srl != $member_srl) return $this->stop('msg_not_uploaded_profile_image'); |
||
| 688 | // Return if member module is set not to use an image name or the user is not an administrator ; |
||
| 689 | $oModuleModel = getModel('module'); |
||
| 690 | $config = $oModuleModel->getModuleConfig('member'); |
||
| 691 | if($logged_info->is_admin != 'Y' && $config->profile_image != 'Y') return $this->stop('msg_not_uploaded_profile_image'); |
||
| 692 | |||
| 693 | $this->insertProfileImage($member_srl, $file['tmp_name']); |
||
| 694 | // Page refresh |
||
| 695 | //$this->setRefreshPage(); |
||
| 696 | |||
| 697 | $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberModifyInfo'); |
||
| 698 | $this->setRedirectUrl($returnUrl); |
||
| 699 | } |
||
| 700 | |||
| 701 | /** |
||
| 702 | * Insert a profile image |
||
| 703 | * |
||
| 704 | * @param int $member_srl |
||
| 705 | * @param object $target_file |
||
| 706 | * |
||
| 707 | * @return void |
||
| 708 | */ |
||
| 709 | function insertProfileImage($member_srl, $target_file) |
||
| 710 | { |
||
| 711 | |||
| 712 | // Check uploaded file |
||
| 713 | if(!checkUploadedFile($target_file)) return; |
||
| 714 | |||
| 715 | $oMemberModel = getModel('member'); |
||
| 716 | $config = $oMemberModel->getMemberConfig(); |
||
| 717 | |||
| 718 | // Get an image size |
||
| 719 | $max_width = $config->profile_image_max_width; |
||
| 720 | if(!$max_width) $max_width = "90"; |
||
| 721 | $max_height = $config->profile_image_max_height; |
||
| 722 | if(!$max_height) $max_height = "90"; |
||
| 723 | // Get a target path to save |
||
| 724 | $target_path = sprintf('files/member_extra_info/profile_image/%s', getNumberingPath($member_srl)); |
||
| 725 | FileHandler::makeDir($target_path); |
||
| 726 | |||
| 727 | // Get file information |
||
| 728 | list($width, $height, $type, $attrs) = @getimagesize($target_file); |
||
| 729 | if(IMAGETYPE_PNG == $type) $ext = 'png'; |
||
| 730 | elseif(IMAGETYPE_JPEG == $type) $ext = 'jpg'; |
||
| 731 | elseif(IMAGETYPE_GIF == $type) $ext = 'gif'; |
||
| 732 | else |
||
| 733 | { |
||
| 734 | return; |
||
| 735 | } |
||
| 736 | |||
| 737 | FileHandler::removeFilesInDir($target_path); |
||
| 738 | |||
| 739 | $target_filename = sprintf('%s%d.%s', $target_path, $member_srl, $ext); |
||
| 740 | // Convert if the image size is larger than a given size or if the format is not a gif |
||
| 741 | if(($width > $max_width || $height > $max_height ) && $type != 1) |
||
| 742 | { |
||
| 743 | FileHandler::createImageFile($target_file, $target_filename, $max_width, $max_height, $ext); |
||
| 744 | } |
||
| 745 | else |
||
| 746 | { |
||
| 747 | @copy($target_file, $target_filename); |
||
| 748 | } |
||
| 749 | } |
||
| 750 | |||
| 751 | /** |
||
| 752 | * Add an image name |
||
| 753 | * |
||
| 754 | * @return void|Object (void : success, Object : fail) |
||
| 755 | */ |
||
| 756 | View Code Duplication | function procMemberInsertImageName() |
|
| 757 | { |
||
| 758 | // Check if the file is successfully uploaded |
||
| 759 | $file = $_FILES['image_name']; |
||
| 760 | if(!is_uploaded_file($file['tmp_name'])) return $this->stop('msg_not_uploaded_image_name'); |
||
| 761 | // Ignore if member_srl is invalid or doesn't exist. |
||
| 762 | $member_srl = Context::get('member_srl'); |
||
| 763 | if(!$member_srl) return $this->stop('msg_not_uploaded_image_name'); |
||
| 764 | |||
| 765 | $logged_info = Context::get('logged_info'); |
||
| 766 | if($logged_info->is_admin != 'Y' && $logged_info->member_srl != $member_srl) return $this->stop('msg_not_uploaded_image_name'); |
||
| 767 | // Return if member module is set not to use an image name or the user is not an administrator ; |
||
| 768 | $oModuleModel = getModel('module'); |
||
| 769 | $config = $oModuleModel->getModuleConfig('member'); |
||
| 770 | if($logged_info->is_admin != 'Y' && $config->image_name != 'Y') return $this->stop('msg_not_uploaded_image_name'); |
||
| 771 | |||
| 772 | $this->insertImageName($member_srl, $file['tmp_name']); |
||
| 773 | // Page refresh |
||
| 774 | //$this->setRefreshPage(); |
||
| 775 | |||
| 776 | $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberModifyInfo'); |
||
| 777 | $this->setRedirectUrl($returnUrl); |
||
| 778 | } |
||
| 779 | |||
| 780 | /** |
||
| 781 | * Insert a image name |
||
| 782 | * |
||
| 783 | * @param int $member_srl |
||
| 784 | * @param object $target_file |
||
| 785 | * |
||
| 786 | * @return void |
||
| 787 | */ |
||
| 788 | View Code Duplication | function insertImageName($member_srl, $target_file) |
|
| 789 | { |
||
| 790 | // Check uploaded file |
||
| 791 | if(!checkUploadedFile($target_file)) return; |
||
| 792 | |||
| 793 | $oModuleModel = getModel('module'); |
||
| 794 | $config = $oModuleModel->getModuleConfig('member'); |
||
| 795 | // Get an image size |
||
| 796 | $max_width = $config->image_name_max_width; |
||
| 797 | if(!$max_width) $max_width = "90"; |
||
| 798 | $max_height = $config->image_name_max_height; |
||
| 799 | if(!$max_height) $max_height = "20"; |
||
| 800 | // Get a target path to save |
||
| 801 | $target_path = sprintf('files/member_extra_info/image_name/%s/', getNumberingPath($member_srl)); |
||
| 802 | FileHandler::makeDir($target_path); |
||
| 803 | |||
| 804 | $target_filename = sprintf('%s%d.gif', $target_path, $member_srl); |
||
| 805 | // Get file information |
||
| 806 | list($width, $height, $type, $attrs) = @getimagesize($target_file); |
||
| 807 | // Convert if the image size is larger than a given size or if the format is not a gif |
||
| 808 | if($width > $max_width || $height > $max_height || $type!=1) FileHandler::createImageFile($target_file, $target_filename, $max_width, $max_height, 'gif'); |
||
| 809 | else @copy($target_file, $target_filename); |
||
| 810 | } |
||
| 811 | |||
| 812 | /** |
||
| 813 | * Delete profile image |
||
| 814 | * |
||
| 815 | * @return Object |
||
| 816 | */ |
||
| 817 | View Code Duplication | function procMemberDeleteProfileImage($_memberSrl = 0) |
|
| 818 | { |
||
| 819 | $member_srl = ($_memberSrl) ? $_memberSrl : Context::get('member_srl'); |
||
| 820 | if(!$member_srl) |
||
| 821 | { |
||
| 822 | return new Object(0,'success'); |
||
| 823 | } |
||
| 824 | |||
| 825 | $logged_info = Context::get('logged_info'); |
||
| 826 | |||
| 827 | if($logged_info && ($logged_info->is_admin == 'Y' || $logged_info->member_srl == $member_srl)) |
||
| 828 | { |
||
| 829 | $oMemberModel = getModel('member'); |
||
| 830 | $profile_image = $oMemberModel->getProfileImage($member_srl); |
||
| 831 | FileHandler::removeFile($profile_image->file); |
||
| 832 | } |
||
| 833 | return new Object(0,'success'); |
||
| 834 | } |
||
| 835 | |||
| 836 | /** |
||
| 837 | * Delete Image name |
||
| 838 | * |
||
| 839 | * @return void |
||
| 840 | */ |
||
| 841 | View Code Duplication | function procMemberDeleteImageName($_memberSrl = 0) |
|
| 842 | { |
||
| 843 | $member_srl = ($_memberSrl) ? $_memberSrl : Context::get('member_srl'); |
||
| 844 | if(!$member_srl) |
||
| 845 | { |
||
| 846 | return new Object(0,'success'); |
||
| 847 | } |
||
| 848 | |||
| 849 | $logged_info = Context::get('logged_info'); |
||
| 850 | |||
| 851 | if($logged_info && ($logged_info->is_admin == 'Y' || $logged_info->member_srl == $member_srl)) |
||
| 852 | { |
||
| 853 | $oMemberModel = getModel('member'); |
||
| 854 | $image_name = $oMemberModel->getImageName($member_srl); |
||
| 855 | FileHandler::removeFile($image_name->file); |
||
| 856 | } |
||
| 857 | return new Object(0,'success'); |
||
| 858 | } |
||
| 859 | |||
| 860 | /** |
||
| 861 | * Add an image to mark |
||
| 862 | * |
||
| 863 | * @return void|Object (void : success, Object : fail) |
||
| 864 | */ |
||
| 865 | View Code Duplication | function procMemberInsertImageMark() |
|
| 866 | { |
||
| 867 | // Check if the file is successfully uploaded |
||
| 868 | $file = $_FILES['image_mark']; |
||
| 869 | if(!is_uploaded_file($file['tmp_name'])) return $this->stop('msg_not_uploaded_image_mark'); |
||
| 870 | // Ignore if member_srl is invalid or doesn't exist. |
||
| 871 | $member_srl = Context::get('member_srl'); |
||
| 872 | if(!$member_srl) return $this->stop('msg_not_uploaded_image_mark'); |
||
| 873 | |||
| 874 | $logged_info = Context::get('logged_info'); |
||
| 875 | if($logged_info->is_admin != 'Y' && $logged_info->member_srl != $member_srl) return $this->stop('msg_not_uploaded_image_mark'); |
||
| 876 | // Membership in the images mark the module using the ban was set by an administrator or return; |
||
| 877 | $oModuleModel = getModel('module'); |
||
| 878 | $config = $oModuleModel->getModuleConfig('member'); |
||
| 879 | if($logged_info->is_admin != 'Y' && $config->image_mark != 'Y') return $this->stop('msg_not_uploaded_image_mark'); |
||
| 880 | |||
| 881 | $this->insertImageMark($member_srl, $file['tmp_name']); |
||
| 882 | // Page refresh |
||
| 883 | //$this->setRefreshPage(); |
||
| 884 | |||
| 885 | $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberModifyInfo'); |
||
| 886 | $this->setRedirectUrl($returnUrl); |
||
| 887 | } |
||
| 888 | |||
| 889 | /** |
||
| 890 | * Insert a image mark |
||
| 891 | * |
||
| 892 | * @param int $member_srl |
||
| 893 | * @param object $target_file |
||
| 894 | * |
||
| 895 | * @return void |
||
| 896 | */ |
||
| 897 | View Code Duplication | function insertImageMark($member_srl, $target_file) |
|
| 898 | { |
||
| 899 | // Check uploaded file |
||
| 900 | if(!checkUploadedFile($target_file)) return; |
||
| 901 | |||
| 902 | $oModuleModel = getModel('module'); |
||
| 903 | $config = $oModuleModel->getModuleConfig('member'); |
||
| 904 | // Get an image size |
||
| 905 | $max_width = $config->image_mark_max_width; |
||
| 906 | if(!$max_width) $max_width = "20"; |
||
| 907 | $max_height = $config->image_mark_max_height; |
||
| 908 | if(!$max_height) $max_height = "20"; |
||
| 909 | |||
| 910 | $target_path = sprintf('files/member_extra_info/image_mark/%s/', getNumberingPath($member_srl)); |
||
| 911 | FileHandler::makeDir($target_path); |
||
| 912 | |||
| 913 | $target_filename = sprintf('%s%d.gif', $target_path, $member_srl); |
||
| 914 | // Get file information |
||
| 915 | list($width, $height, $type, $attrs) = @getimagesize($target_file); |
||
| 916 | |||
| 917 | if($width > $max_width || $height > $max_height || $type!=1) FileHandler::createImageFile($target_file, $target_filename, $max_width, $max_height, 'gif'); |
||
| 918 | else @copy($target_file, $target_filename); |
||
| 919 | } |
||
| 920 | |||
| 921 | /** |
||
| 922 | * Delete Image Mark |
||
| 923 | * |
||
| 924 | * @return Object |
||
| 925 | */ |
||
| 926 | View Code Duplication | function procMemberDeleteImageMark($_memberSrl = 0) |
|
| 927 | { |
||
| 928 | $member_srl = ($_memberSrl) ? $_memberSrl : Context::get('member_srl'); |
||
| 929 | if(!$member_srl) |
||
| 930 | { |
||
| 931 | return new Object(0,'success'); |
||
| 932 | } |
||
| 933 | |||
| 934 | $logged_info = Context::get('logged_info'); |
||
| 935 | |||
| 936 | if($logged_info && ($logged_info->is_admin == 'Y' || $logged_info->member_srl == $member_srl)) |
||
| 937 | { |
||
| 938 | $oMemberModel = getModel('member'); |
||
| 939 | $image_mark = $oMemberModel->getImageMark($member_srl); |
||
| 940 | FileHandler::removeFile($image_mark->file); |
||
| 941 | } |
||
| 942 | return new Object(0,'success'); |
||
| 943 | } |
||
| 944 | |||
| 945 | /** |
||
| 946 | * Find ID/Password |
||
| 947 | * |
||
| 948 | * @return Object |
||
| 949 | */ |
||
| 950 | function procMemberFindAccount() |
||
| 951 | { |
||
| 952 | $email_address = Context::get('email_address'); |
||
| 953 | if(!$email_address) return new Object(-1, 'msg_invalid_request'); |
||
| 954 | |||
| 955 | $oMemberModel = getModel('member'); |
||
| 956 | $oModuleModel = getModel('module'); |
||
| 957 | |||
| 958 | // Check if a member having the same email address exists |
||
| 959 | $member_srl = $oMemberModel->getMemberSrlByEmailAddress($email_address); |
||
| 960 | if(!$member_srl) return new Object(-1, 'msg_email_not_exists'); |
||
| 961 | |||
| 962 | // Get information of the member |
||
| 963 | $columnList = array('denied', 'member_srl', 'user_id', 'user_name', 'email_address', 'nick_name'); |
||
| 964 | $member_info = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); |
||
| 965 | |||
| 966 | // Check if possible to find member's ID and password |
||
| 967 | if($member_info->denied == 'Y') |
||
| 968 | { |
||
| 969 | $chk_args = new stdClass; |
||
| 970 | $chk_args->member_srl = $member_info->member_srl; |
||
| 971 | $output = executeQuery('member.chkAuthMail', $chk_args); |
||
| 972 | if($output->toBool() && $output->data->count != '0') return new Object(-1, 'msg_user_not_confirmed'); |
||
| 973 | } |
||
| 974 | |||
| 975 | // Insert data into the authentication DB |
||
| 976 | $oPassword = new Password(); |
||
| 977 | $args = new stdClass(); |
||
| 978 | $args->user_id = $member_info->user_id; |
||
| 979 | $args->member_srl = $member_info->member_srl; |
||
| 980 | $args->new_password = $oPassword->createTemporaryPassword(8); |
||
| 981 | $args->auth_key = $oPassword->createSecureSalt(40); |
||
| 982 | $args->is_register = 'N'; |
||
| 983 | |||
| 984 | $output = executeQuery('member.insertAuthMail', $args); |
||
| 985 | if(!$output->toBool()) return $output; |
||
| 986 | // Get content of the email to send a member |
||
| 987 | Context::set('auth_args', $args); |
||
| 988 | |||
| 989 | $member_config = $oModuleModel->getModuleConfig('member'); |
||
| 990 | $memberInfo = array(); |
||
| 991 | global $lang; |
||
| 992 | View Code Duplication | if(is_array($member_config->signupForm)) |
|
| 993 | { |
||
| 994 | $exceptForm=array('password', 'find_account_question'); |
||
| 995 | foreach($member_config->signupForm as $form) |
||
| 996 | { |
||
| 997 | if(!in_array($form->name, $exceptForm) && $form->isDefaultForm && ($form->required || $form->mustRequired)) |
||
| 998 | { |
||
| 999 | $memberInfo[$lang->{$form->name}] = $member_info->{$form->name}; |
||
| 1000 | } |
||
| 1001 | } |
||
| 1002 | } |
||
| 1003 | else |
||
| 1004 | { |
||
| 1005 | $memberInfo[$lang->user_id] = $args->user_id; |
||
| 1006 | $memberInfo[$lang->user_name] = $args->user_name; |
||
| 1007 | $memberInfo[$lang->nick_name] = $args->nick_name; |
||
| 1008 | $memberInfo[$lang->email_address] = $args->email_address; |
||
| 1009 | } |
||
| 1010 | Context::set('memberInfo', $memberInfo); |
||
| 1011 | |||
| 1012 | if(!$member_config->skin) $member_config->skin = "default"; |
||
| 1013 | if(!$member_config->colorset) $member_config->colorset = "white"; |
||
| 1014 | |||
| 1015 | Context::set('member_config', $member_config); |
||
| 1016 | |||
| 1017 | $tpl_path = sprintf('%sskins/%s', $this->module_path, $member_config->skin); |
||
| 1018 | if(!is_dir($tpl_path)) $tpl_path = sprintf('%sskins/%s', $this->module_path, 'default'); |
||
| 1019 | |||
| 1020 | $find_url = getFullUrl ('', 'module', 'member', 'act', 'procMemberAuthAccount', 'member_srl', $member_info->member_srl, 'auth_key', $args->auth_key); |
||
| 1021 | Context::set('find_url', $find_url); |
||
| 1022 | |||
| 1023 | $oTemplate = &TemplateHandler::getInstance(); |
||
| 1024 | $content = $oTemplate->compile($tpl_path, 'find_member_account_mail'); |
||
| 1025 | // Get information of the Webmaster |
||
| 1026 | $oModuleModel = getModel('module'); |
||
| 1027 | $member_config = $oModuleModel->getModuleConfig('member'); |
||
| 1028 | // Send a mail |
||
| 1029 | $oMail = new Mail(); |
||
| 1030 | $oMail->setTitle( Context::getLang('msg_find_account_title') ); |
||
| 1031 | $oMail->setContent($content); |
||
| 1032 | $oMail->setSender( $member_config->webmaster_name?$member_config->webmaster_name:'webmaster', $member_config->webmaster_email); |
||
| 1033 | $oMail->setReceiptor( $member_info->user_name, $member_info->email_address ); |
||
| 1034 | $oMail->send(); |
||
| 1035 | // Return message |
||
| 1036 | $msg = sprintf(Context::getLang('msg_auth_mail_sent'), $member_info->email_address); |
||
| 1037 | View Code Duplication | if(!in_array(Context::getRequestMethod(),array('XMLRPC','JSON'))) |
|
| 1038 | { |
||
| 1039 | $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberFindAccount'); |
||
| 1040 | $this->setRedirectUrl($returnUrl); |
||
| 1041 | } |
||
| 1042 | return new Object(0,$msg); |
||
| 1043 | } |
||
| 1044 | |||
| 1045 | /** |
||
| 1046 | * Generate a temp password by answering to the pre-determined question |
||
| 1047 | * |
||
| 1048 | * @return void|Object (void : success, Object : fail) |
||
| 1049 | */ |
||
| 1050 | function procMemberFindAccountByQuestion() |
||
| 1051 | { |
||
| 1052 | $oMemberModel = getModel('member'); |
||
| 1053 | $config = $oMemberModel->getMemberConfig(); |
||
| 1054 | |||
| 1055 | $email_address = Context::get('email_address'); |
||
| 1056 | $user_id = Context::get('user_id'); |
||
| 1057 | $find_account_question = trim(Context::get('find_account_question')); |
||
| 1058 | $find_account_answer = trim(Context::get('find_account_answer')); |
||
| 1059 | |||
| 1060 | if(($config->identifier == 'user_id' && !$user_id) || !$email_address || !$find_account_question || !$find_account_answer) return new Object(-1, 'msg_invalid_request'); |
||
| 1061 | |||
| 1062 | $oModuleModel = getModel('module'); |
||
| 1063 | // Check if a member having the same email address exists |
||
| 1064 | $member_srl = $oMemberModel->getMemberSrlByEmailAddress($email_address); |
||
| 1065 | if(!$member_srl) return new Object(-1, 'msg_email_not_exists'); |
||
| 1066 | // Get information of the member |
||
| 1067 | $columnList = array('member_srl', 'find_account_question', 'find_account_answer'); |
||
| 1068 | $member_info = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); |
||
| 1069 | |||
| 1070 | // Display a message if no answer is entered |
||
| 1071 | if(!$member_info->find_account_question || !$member_info->find_account_answer) return new Object(-1, 'msg_question_not_exists'); |
||
| 1072 | |||
| 1073 | if(trim($member_info->find_account_question) != $find_account_question || trim($member_info->find_account_answer) != $find_account_answer) return new Object(-1, 'msg_answer_not_matches'); |
||
| 1074 | |||
| 1075 | if($config->identifier == 'email_address') |
||
| 1076 | { |
||
| 1077 | $user_id = $email_address; |
||
| 1078 | } |
||
| 1079 | |||
| 1080 | // Update to a temporary password and set change_password_date to 1 |
||
| 1081 | $oPassword = new Password(); |
||
| 1082 | $temp_password = $oPassword->createTemporaryPassword(8); |
||
| 1083 | |||
| 1084 | $args = new stdClass(); |
||
| 1085 | $args->member_srl = $member_srl; |
||
| 1086 | $args->password = $temp_password; |
||
| 1087 | $args->change_password_date = '1'; |
||
| 1088 | $output = $this->updateMemberPassword($args); |
||
| 1089 | if(!$output->toBool()) return $output; |
||
| 1090 | |||
| 1091 | $_SESSION['xe_temp_password_' . $user_id] = $temp_password; |
||
| 1092 | |||
| 1093 | $this->add('user_id',$user_id); |
||
| 1094 | |||
| 1095 | $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', ''); |
||
| 1096 | $this->setRedirectUrl($returnUrl.'&user_id='.$user_id); |
||
| 1097 | } |
||
| 1098 | |||
| 1099 | /** |
||
| 1100 | * Execute finding ID/Passoword |
||
| 1101 | * When clicking the link in the verification email, a method is called to change the old password and to authenticate it |
||
| 1102 | * |
||
| 1103 | * @return void|Object (void : success, Object : fail) |
||
| 1104 | */ |
||
| 1105 | function procMemberAuthAccount() |
||
| 1106 | { |
||
| 1107 | $oMemberModel = getModel('member'); |
||
| 1108 | |||
| 1109 | // Test user_id and authkey |
||
| 1110 | $member_srl = Context::get('member_srl'); |
||
| 1111 | $auth_key = Context::get('auth_key'); |
||
| 1112 | |||
| 1113 | if(!$member_srl || !$auth_key) |
||
| 1114 | { |
||
| 1115 | return $this->stop('msg_invalid_request'); |
||
| 1116 | } |
||
| 1117 | |||
| 1118 | // Test logs for finding password by user_id and authkey |
||
| 1119 | $args = new stdClass; |
||
| 1120 | $args->member_srl = $member_srl; |
||
| 1121 | $args->auth_key = $auth_key; |
||
| 1122 | $output = executeQuery('member.getAuthMail', $args); |
||
| 1123 | |||
| 1124 | View Code Duplication | if(!$output->toBool() || $output->data->auth_key != $auth_key) |
|
| 1125 | { |
||
| 1126 | if(strlen($output->data->auth_key) !== strlen($auth_key)) |
||
| 1127 | { |
||
| 1128 | executeQuery('member.deleteAuthMail', $args); |
||
| 1129 | } |
||
| 1130 | |||
| 1131 | return $this->stop('msg_invalid_auth_key'); |
||
| 1132 | } |
||
| 1133 | |||
| 1134 | if(ztime($output->data->regdate) < $_SERVER['REQUEST_TIME'] + zgap() - 86400) |
||
| 1135 | { |
||
| 1136 | executeQuery('member.deleteAuthMail', $args); |
||
| 1137 | return $this->stop('msg_invalid_auth_key'); |
||
| 1138 | } |
||
| 1139 | |||
| 1140 | $args->password = $output->data->new_password; |
||
| 1141 | |||
| 1142 | // If credentials are correct, change the password to a new one |
||
| 1143 | if($output->data->is_register == 'Y') |
||
| 1144 | { |
||
| 1145 | $args->denied = 'N'; |
||
| 1146 | } |
||
| 1147 | else |
||
| 1148 | { |
||
| 1149 | $args->password = $oMemberModel->hashPassword($args->password); |
||
| 1150 | } |
||
| 1151 | |||
| 1152 | // Back up the value of $Output->data->is_register |
||
| 1153 | $is_register = $output->data->is_register; |
||
| 1154 | |||
| 1155 | $output = executeQuery('member.updateMemberPassword', $args); |
||
| 1156 | if(!$output->toBool()) |
||
| 1157 | { |
||
| 1158 | return $this->stop($output->getMessage()); |
||
| 1159 | } |
||
| 1160 | |||
| 1161 | // Remove all values having the member_srl from authentication table |
||
| 1162 | executeQuery('member.deleteAuthMail',$args); |
||
| 1163 | |||
| 1164 | $this->_clearMemberCache($args->member_srl); |
||
| 1165 | |||
| 1166 | // Notify the result |
||
| 1167 | Context::set('is_register', $is_register); |
||
| 1168 | $this->setTemplatePath($this->module_path.'tpl'); |
||
| 1169 | $this->setTemplateFile('msg_success_authed'); |
||
| 1170 | } |
||
| 1171 | |||
| 1172 | /** |
||
| 1173 | * Request to re-send the authentication mail |
||
| 1174 | * |
||
| 1175 | * @return void|Object (void : success, Object : fail) |
||
| 1176 | */ |
||
| 1177 | function procMemberResendAuthMail() |
||
| 1178 | { |
||
| 1179 | // Get an email_address |
||
| 1180 | $email_address = Context::get('email_address'); |
||
| 1181 | if(!$email_address) return new Object(-1, 'msg_invalid_request'); |
||
| 1182 | // Log test by using email_address |
||
| 1183 | $oMemberModel = getModel('member'); |
||
| 1184 | |||
| 1185 | $args = new stdClass; |
||
| 1186 | $args->email_address = $email_address; |
||
| 1187 | $memberSrl = $oMemberModel->getMemberSrlByEmailAddress($email_address); |
||
| 1188 | if(!$memberSrl) return new Object(-1, 'msg_not_exists_member'); |
||
| 1189 | |||
| 1190 | $columnList = array('member_srl', 'user_id', 'user_name', 'nick_name', 'email_address'); |
||
| 1191 | $member_info = $oMemberModel->getMemberInfoByMemberSrl($memberSrl, 0, $columnList); |
||
| 1192 | |||
| 1193 | $oModuleModel = getModel('module'); |
||
| 1194 | $member_config = $oModuleModel->getModuleConfig('member'); |
||
| 1195 | if(!$member_config->skin) $member_config->skin = "default"; |
||
| 1196 | if(!$member_config->colorset) $member_config->colorset = "white"; |
||
| 1197 | |||
| 1198 | // Check if a authentication mail has been sent previously |
||
| 1199 | $chk_args = new stdClass; |
||
| 1200 | $chk_args->member_srl = $member_info->member_srl; |
||
| 1201 | $output = executeQuery('member.chkAuthMail', $chk_args); |
||
| 1202 | if($output->toBool() && $output->data->count == '0') return new Object(-1, 'msg_invalid_request'); |
||
| 1203 | |||
| 1204 | $auth_args = new stdClass; |
||
| 1205 | $auth_args->member_srl = $member_info->member_srl; |
||
| 1206 | $output = executeQueryArray('member.getAuthMailInfo', $auth_args); |
||
| 1207 | if(!$output->data || !$output->data[0]->auth_key) return new Object(-1, 'msg_invalid_request'); |
||
| 1208 | $auth_info = $output->data[0]; |
||
| 1209 | |||
| 1210 | // Update the regdate of authmail entry |
||
| 1211 | $renewal_args = new stdClass; |
||
| 1212 | $renewal_args->member_srl = $member_info->member_srl; |
||
| 1213 | $renewal_args->auth_key = $auth_info->auth_key; |
||
| 1214 | $output = executeQuery('member.updateAuthMail', $renewal_args); |
||
| 1215 | |||
| 1216 | $memberInfo = array(); |
||
| 1217 | global $lang; |
||
| 1218 | View Code Duplication | if(is_array($member_config->signupForm)) |
|
| 1219 | { |
||
| 1220 | $exceptForm=array('password', 'find_account_question'); |
||
| 1221 | foreach($member_config->signupForm as $form) |
||
| 1222 | { |
||
| 1223 | if(!in_array($form->name, $exceptForm) && $form->isDefaultForm && ($form->required || $form->mustRequired)) |
||
| 1224 | { |
||
| 1225 | $memberInfo[$lang->{$form->name}] = $member_info->{$form->name}; |
||
| 1226 | } |
||
| 1227 | } |
||
| 1228 | } |
||
| 1229 | else |
||
| 1230 | { |
||
| 1231 | $memberInfo[$lang->user_id] = $member_info->user_id; |
||
| 1232 | $memberInfo[$lang->user_name] = $member_info->user_name; |
||
| 1233 | $memberInfo[$lang->nick_name] = $member_info->nick_name; |
||
| 1234 | $memberInfo[$lang->email_address] = $member_info->email_address; |
||
| 1235 | } |
||
| 1236 | |||
| 1237 | // Get content of the email to send a member |
||
| 1238 | Context::set('memberInfo', $memberInfo); |
||
| 1239 | Context::set('member_config', $member_config); |
||
| 1240 | |||
| 1241 | $tpl_path = sprintf('%sskins/%s', $this->module_path, $member_config->skin); |
||
| 1242 | if(!is_dir($tpl_path)) $tpl_path = sprintf('%sskins/%s', $this->module_path, 'default'); |
||
| 1243 | |||
| 1244 | $auth_url = getFullUrl('','module','member','act','procMemberAuthAccount','member_srl',$member_info->member_srl, 'auth_key',$auth_info->auth_key); |
||
| 1245 | Context::set('auth_url', $auth_url); |
||
| 1246 | |||
| 1247 | $oTemplate = &TemplateHandler::getInstance(); |
||
| 1248 | $content = $oTemplate->compile($tpl_path, 'confirm_member_account_mail'); |
||
| 1249 | // Send a mail |
||
| 1250 | $oMail = new Mail(); |
||
| 1251 | $oMail->setTitle( Context::getLang('msg_confirm_account_title') ); |
||
| 1252 | $oMail->setContent($content); |
||
| 1253 | $oMail->setSender( $member_config->webmaster_name?$member_config->webmaster_name:'webmaster', $member_config->webmaster_email); |
||
| 1254 | $oMail->setReceiptor( $args->user_name, $args->email_address ); |
||
| 1255 | $oMail->send(); |
||
| 1256 | |||
| 1257 | $msg = sprintf(Context::getLang('msg_confirm_mail_sent'), $args->email_address); |
||
| 1258 | $this->setMessage($msg); |
||
| 1259 | |||
| 1260 | $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', ''); |
||
| 1261 | $this->setRedirectUrl($returnUrl); |
||
| 1262 | } |
||
| 1263 | |||
| 1264 | function procMemberResetAuthMail() |
||
| 1265 | { |
||
| 1266 | $memberInfo = $_SESSION['auth_member_info']; |
||
| 1267 | unset($_SESSION['auth_member_info']); |
||
| 1268 | |||
| 1269 | if(!$memberInfo) |
||
| 1270 | { |
||
| 1271 | return $this->stop('msg_invalid_request'); |
||
| 1272 | } |
||
| 1273 | |||
| 1274 | $newEmail = Context::get('email_address'); |
||
| 1275 | |||
| 1276 | if(!$newEmail) |
||
| 1277 | { |
||
| 1278 | return $this->stop('msg_invalid_request'); |
||
| 1279 | } |
||
| 1280 | |||
| 1281 | $oMemberModel = getModel('member'); |
||
| 1282 | $member_srl = $oMemberModel->getMemberSrlByEmailAddress($newEmail); |
||
| 1283 | if($member_srl) |
||
| 1284 | { |
||
| 1285 | return new Object(-1,'msg_exists_email_address'); |
||
| 1286 | } |
||
| 1287 | |||
| 1288 | // remove all key by member_srl |
||
| 1289 | $args = new stdClass; |
||
| 1290 | $args->member_srl = $memberInfo->member_srl; |
||
| 1291 | $output = executeQuery('member.deleteAuthMail', $args); |
||
| 1292 | |||
| 1293 | if(!$output->toBool()) |
||
| 1294 | { |
||
| 1295 | return $output; |
||
| 1296 | } |
||
| 1297 | |||
| 1298 | // update member info |
||
| 1299 | $args->email_address = $newEmail; |
||
| 1300 | list($args->email_id, $args->email_host) = explode('@', $newEmail); |
||
| 1301 | |||
| 1302 | $output = executeQuery('member.updateMemberEmailAddress', $args); |
||
| 1303 | if(!$output->toBool()) |
||
| 1304 | { |
||
| 1305 | return $this->stop($output->getMessage()); |
||
| 1306 | } |
||
| 1307 | |||
| 1308 | $this->_clearMemberCache($args->member_srl); |
||
| 1309 | |||
| 1310 | // generate new auth key |
||
| 1311 | $oPassword = new Password(); |
||
| 1312 | $auth_args = new stdClass(); |
||
| 1313 | $auth_args->user_id = $memberInfo->user_id; |
||
| 1314 | $auth_args->member_srl = $memberInfo->member_srl; |
||
| 1315 | $auth_args->new_password = $memberInfo->password; |
||
| 1316 | $auth_args->auth_key = $oPassword->createSecureSalt(40); |
||
| 1317 | $auth_args->is_register = 'Y'; |
||
| 1318 | |||
| 1319 | $output = executeQuery('member.insertAuthMail', $auth_args); |
||
| 1320 | if(!$output->toBool()) return $output; |
||
| 1321 | |||
| 1322 | $memberInfo->email_address = $newEmail; |
||
| 1323 | |||
| 1324 | // resend auth mail. |
||
| 1325 | $this->_sendAuthMail($auth_args, $memberInfo); |
||
| 1326 | |||
| 1327 | $msg = sprintf(Context::getLang('msg_confirm_mail_sent'), $memberInfo->email_address); |
||
| 1328 | $this->setMessage($msg); |
||
| 1329 | |||
| 1330 | $returnUrl = getUrl(''); |
||
| 1331 | $this->setRedirectUrl($returnUrl); |
||
| 1332 | } |
||
| 1333 | |||
| 1334 | function _sendAuthMail($auth_args, $member_info) |
||
| 1335 | { |
||
| 1336 | $oMemberModel = getModel('member'); |
||
| 1337 | $member_config = $oMemberModel->getMemberConfig(); |
||
| 1338 | // Get content of the email to send a member |
||
| 1339 | Context::set('auth_args', $auth_args); |
||
| 1340 | |||
| 1341 | $memberInfo = array(); |
||
| 1342 | |||
| 1343 | global $lang; |
||
| 1344 | View Code Duplication | if(is_array($member_config->signupForm)) |
|
| 1345 | { |
||
| 1346 | $exceptForm=array('password', 'find_account_question'); |
||
| 1347 | foreach($member_config->signupForm as $form) |
||
| 1348 | { |
||
| 1349 | if(!in_array($form->name, $exceptForm) && $form->isDefaultForm && ($form->required || $form->mustRequired)) |
||
| 1350 | { |
||
| 1351 | $memberInfo[$lang->{$form->name}] = $member_info->{$form->name}; |
||
| 1352 | } |
||
| 1353 | } |
||
| 1354 | } |
||
| 1355 | else |
||
| 1356 | { |
||
| 1357 | $memberInfo[$lang->user_id] = $member_info->user_id; |
||
| 1358 | $memberInfo[$lang->user_name] = $member_info->user_name; |
||
| 1359 | $memberInfo[$lang->nick_name] = $member_info->nick_name; |
||
| 1360 | $memberInfo[$lang->email_address] = $member_info->email_address; |
||
| 1361 | } |
||
| 1362 | Context::set('memberInfo', $memberInfo); |
||
| 1363 | |||
| 1364 | if(!$member_config->skin) $member_config->skin = "default"; |
||
| 1365 | if(!$member_config->colorset) $member_config->colorset = "white"; |
||
| 1366 | |||
| 1367 | Context::set('member_config', $member_config); |
||
| 1368 | |||
| 1369 | $tpl_path = sprintf('%sskins/%s', $this->module_path, $member_config->skin); |
||
| 1370 | if(!is_dir($tpl_path)) $tpl_path = sprintf('%sskins/%s', $this->module_path, 'default'); |
||
| 1371 | |||
| 1372 | $auth_url = getFullUrl('','module','member','act','procMemberAuthAccount','member_srl',$member_info->member_srl, 'auth_key',$auth_args->auth_key); |
||
| 1373 | Context::set('auth_url', $auth_url); |
||
| 1374 | |||
| 1375 | $oTemplate = &TemplateHandler::getInstance(); |
||
| 1376 | $content = $oTemplate->compile($tpl_path, 'confirm_member_account_mail'); |
||
| 1377 | // Send a mail |
||
| 1378 | $oMail = new Mail(); |
||
| 1379 | $oMail->setTitle( Context::getLang('msg_confirm_account_title') ); |
||
| 1380 | $oMail->setContent($content); |
||
| 1381 | $oMail->setSender( $member_config->webmaster_name?$member_config->webmaster_name:'webmaster', $member_config->webmaster_email); |
||
| 1382 | $oMail->setReceiptor( $member_info->user_name, $member_info->email_address ); |
||
| 1383 | $oMail->send(); |
||
| 1384 | } |
||
| 1385 | |||
| 1386 | /** |
||
| 1387 | * Join a virtual site |
||
| 1388 | * |
||
| 1389 | * @return void|Object (void : success, Object : fail) |
||
| 1390 | */ |
||
| 1391 | function procMemberSiteSignUp() |
||
| 1392 | { |
||
| 1393 | $site_module_info = Context::get('site_module_info'); |
||
| 1394 | $logged_info = Context::get('logged_info'); |
||
| 1395 | View Code Duplication | if(!$site_module_info->site_srl || !Context::get('is_logged') || count($logged_info->group_srl_list) ) return new Object(-1,'msg_invalid_request'); |
|
| 1396 | |||
| 1397 | $oMemberModel = getModel('member'); |
||
| 1398 | $columnList = array('site_srl', 'group_srl', 'title'); |
||
| 1399 | $default_group = $oMemberModel->getDefaultGroup($site_module_info->site_srl, $columnList); |
||
| 1400 | $this->addMemberToGroup($logged_info->member_srl, $default_group->group_srl, $site_module_info->site_srl); |
||
| 1401 | $groups[$default_group->group_srl] = $default_group->title; |
||
| 1402 | $logged_info->group_list = $groups; |
||
| 1403 | } |
||
| 1404 | |||
| 1405 | /** |
||
| 1406 | * Leave the virtual site |
||
| 1407 | * |
||
| 1408 | * @return void|Object (void : success, Object : fail) |
||
| 1409 | */ |
||
| 1410 | function procMemberSiteLeave() |
||
| 1411 | { |
||
| 1412 | $site_module_info = Context::get('site_module_info'); |
||
| 1413 | $logged_info = Context::get('logged_info'); |
||
| 1414 | View Code Duplication | if(!$site_module_info->site_srl || !Context::get('is_logged') || count($logged_info->group_srl_list) ) return new Object(-1,'msg_invalid_request'); |
|
| 1415 | |||
| 1416 | $args = new stdClass; |
||
| 1417 | $args->site_srl= $site_module_info->site_srl; |
||
| 1418 | $args->member_srl = $logged_info->member_srl; |
||
| 1419 | $output = executeQuery('member.deleteMembersGroup', $args); |
||
| 1420 | if(!$output->toBool()) return $output; |
||
| 1421 | $this->setMessage('success_deleted'); |
||
| 1422 | $this->_clearMemberCache($args->member_srl, $site_module_info->site_srl); |
||
| 1423 | } |
||
| 1424 | |||
| 1425 | /** |
||
| 1426 | * Save the member configurations |
||
| 1427 | * |
||
| 1428 | * @param object $args |
||
| 1429 | * |
||
| 1430 | * @return void |
||
| 1431 | */ |
||
| 1432 | function setMemberConfig($args) |
||
| 1433 | { |
||
| 1434 | if(!$args->skin) $args->skin = "default"; |
||
| 1435 | if(!$args->colorset) $args->colorset = "white"; |
||
| 1436 | if(!$args->editor_skin) $args->editor_skin= "ckeditor"; |
||
| 1437 | if(!$args->editor_colorset) $args->editor_colorset = "moono"; |
||
| 1438 | if($args->enable_join!='Y') $args->enable_join = 'N'; |
||
| 1439 | $args->enable_openid= 'N'; |
||
| 1440 | if($args->profile_image !='Y') $args->profile_image = 'N'; |
||
| 1441 | if($args->image_name!='Y') $args->image_name = 'N'; |
||
| 1442 | if($args->image_mark!='Y') $args->image_mark = 'N'; |
||
| 1443 | if($args->group_image_mark!='Y') $args->group_image_mark = 'N'; |
||
| 1444 | if(!trim(strip_tags($args->agreement))) $args->agreement = null; |
||
| 1445 | $args->limit_day = (int)$args->limit_day; |
||
| 1446 | |||
| 1447 | $agreement = trim($args->agreement); |
||
| 1448 | unset($args->agreement); |
||
| 1449 | |||
| 1450 | $oModuleController = getController('module'); |
||
| 1451 | $output = $oModuleController->insertModuleConfig('member',$args); |
||
| 1452 | if(!$output->toBool()) return $output; |
||
| 1453 | |||
| 1454 | $agreement_file = _XE_PATH_.'files/member_extra_info/agreement.txt'; |
||
| 1455 | FileHandler::writeFile($agreement_file, $agreement); |
||
| 1456 | |||
| 1457 | return new Object(); |
||
| 1458 | } |
||
| 1459 | |||
| 1460 | /** |
||
| 1461 | * Save the signature as a file |
||
| 1462 | * |
||
| 1463 | * @param int $member_srl |
||
| 1464 | * @param string $signature |
||
| 1465 | * |
||
| 1466 | * @return void |
||
| 1467 | */ |
||
| 1468 | function putSignature($member_srl, $signature) |
||
| 1469 | { |
||
| 1470 | $signature = trim(removeHackTag($signature)); |
||
| 1471 | $signature = preg_replace('/<(\/?)(embed|object|param)/is', '<$1$2', $signature); |
||
| 1472 | |||
| 1473 | $check_signature = trim(str_replace(array(' ',"\n","\r"),'',strip_tags($signature,'<img><object>'))); |
||
| 1474 | $path = sprintf('files/member_extra_info/signature/%s/', getNumberingPath($member_srl)); |
||
| 1475 | $filename = sprintf('%s%d.signature.php', $path, $member_srl); |
||
| 1476 | |||
| 1477 | if(!$check_signature) return FileHandler::removeFile($filename); |
||
| 1478 | |||
| 1479 | $buff = sprintf('<?php if(!defined("__XE__")) exit();?>%s', $signature); |
||
| 1480 | FileHandler::makeDir($path); |
||
| 1481 | FileHandler::writeFile($filename, $buff); |
||
| 1482 | } |
||
| 1483 | |||
| 1484 | /** |
||
| 1485 | * Delete the signature file |
||
| 1486 | * |
||
| 1487 | * @param string $member_srl |
||
| 1488 | * |
||
| 1489 | * @return void |
||
| 1490 | */ |
||
| 1491 | function delSignature($member_srl) |
||
| 1492 | { |
||
| 1493 | $filename = sprintf('files/member_extra_info/signature/%s%d.gif', getNumberingPath($member_srl), $member_srl); |
||
| 1494 | FileHandler::removeFile($filename); |
||
| 1495 | } |
||
| 1496 | |||
| 1497 | /** |
||
| 1498 | * Add group_srl to member_srl |
||
| 1499 | * |
||
| 1500 | * @param int $member_srl |
||
| 1501 | * @param int $group_srl |
||
| 1502 | * @param int $site_srl |
||
| 1503 | * |
||
| 1504 | * @return Object |
||
| 1505 | */ |
||
| 1506 | function addMemberToGroup($member_srl, $group_srl, $site_srl=0) |
||
| 1507 | { |
||
| 1508 | $args = new stdClass(); |
||
| 1509 | $args->member_srl = $member_srl; |
||
| 1510 | $args->group_srl = $group_srl; |
||
| 1511 | if($site_srl) $args->site_srl = $site_srl; |
||
| 1512 | |||
| 1513 | // Add |
||
| 1514 | $output = executeQuery('member.addMemberToGroup',$args); |
||
| 1515 | $output2 = ModuleHandler::triggerCall('member.addMemberToGroup', 'after', $args); |
||
| 1516 | |||
| 1517 | $this->_clearMemberCache($member_srl, $site_srl); |
||
| 1518 | |||
| 1519 | return $output; |
||
| 1520 | } |
||
| 1521 | |||
| 1522 | /** |
||
| 1523 | * Change a group of certain members |
||
| 1524 | * Available only when a member has a single group |
||
| 1525 | * |
||
| 1526 | * @param object $args |
||
| 1527 | * |
||
| 1528 | * @return Object |
||
| 1529 | */ |
||
| 1530 | function replaceMemberGroup($args) |
||
| 1531 | { |
||
| 1532 | $obj = new stdClass; |
||
| 1533 | $obj->site_srl = $args->site_srl; |
||
| 1534 | $obj->member_srl = implode(',',$args->member_srl); |
||
| 1535 | |||
| 1536 | $output = executeQueryArray('member.getMembersGroup', $obj); |
||
| 1537 | if($output->data) foreach($output->data as $key => $val) $date[$val->member_srl] = $val->regdate; |
||
| 1538 | |||
| 1539 | $output = executeQuery('member.deleteMembersGroup', $obj); |
||
| 1540 | if(!$output->toBool()) return $output; |
||
| 1541 | |||
| 1542 | $inserted_members = array(); |
||
| 1543 | foreach($args->member_srl as $key => $val) |
||
| 1544 | { |
||
| 1545 | if($inserted_members[$val]) continue; |
||
| 1546 | $inserted_members[$val] = true; |
||
| 1547 | |||
| 1548 | unset($obj); |
||
| 1549 | $obj = new stdClass; |
||
| 1550 | $obj->member_srl = $val; |
||
| 1551 | $obj->group_srl = $args->group_srl; |
||
| 1552 | $obj->site_srl = $args->site_srl; |
||
| 1553 | $obj->regdate = $date[$obj->member_srl]; |
||
| 1554 | $output = executeQuery('member.addMemberToGroup', $obj); |
||
| 1555 | if(!$output->toBool()) return $output; |
||
| 1556 | |||
| 1557 | $this->_clearMemberCache($obj->member_srl, $args->site_srl); |
||
| 1558 | } |
||
| 1559 | |||
| 1560 | return new Object(); |
||
| 1561 | } |
||
| 1562 | |||
| 1563 | |||
| 1564 | /** |
||
| 1565 | * Auto-login |
||
| 1566 | * |
||
| 1567 | * @return void |
||
| 1568 | */ |
||
| 1569 | function doAutologin() |
||
| 1570 | { |
||
| 1571 | // Get a key value of auto log-in |
||
| 1572 | $args = new stdClass; |
||
| 1573 | $args->autologin_key = $_COOKIE['xeak']; |
||
| 1574 | // Get information of the key |
||
| 1575 | $output = executeQuery('member.getAutologin', $args); |
||
| 1576 | // If no information exists, delete a cookie |
||
| 1577 | View Code Duplication | if(!$output->toBool() || !$output->data) |
|
| 1578 | { |
||
| 1579 | setCookie('xeak',null,$_SERVER['REQUEST_TIME']+60*60*24*365, '/'); |
||
| 1580 | return; |
||
| 1581 | } |
||
| 1582 | |||
| 1583 | $oMemberModel = getModel('member'); |
||
| 1584 | $config = $oMemberModel->getMemberConfig(); |
||
| 1585 | |||
| 1586 | $user_id = ($config->identifier == 'user_id') ? $output->data->user_id : $output->data->email_address; |
||
| 1587 | $password = $output->data->password; |
||
| 1588 | |||
| 1589 | View Code Duplication | if(!$user_id || !$password) |
|
| 1590 | { |
||
| 1591 | setCookie('xeak',null,$_SERVER['REQUEST_TIME']+60*60*24*365, '/'); |
||
| 1592 | return; |
||
| 1593 | } |
||
| 1594 | |||
| 1595 | $do_auto_login = false; |
||
| 1596 | |||
| 1597 | // Compare key values based on the information |
||
| 1598 | $check_key = strtolower($user_id).$password.$_SERVER['HTTP_USER_AGENT']; |
||
| 1599 | $check_key = substr(hash_hmac('sha256', $check_key, substr($args->autologin_key, 0, 32)), 0, 32); |
||
| 1600 | |||
| 1601 | if($check_key === substr($args->autologin_key, 32)) |
||
| 1602 | { |
||
| 1603 | // Check change_password_date |
||
| 1604 | $oModuleModel = getModel('module'); |
||
| 1605 | $member_config = $oModuleModel->getModuleConfig('member'); |
||
| 1606 | $limit_date = $member_config->change_password_date; |
||
| 1607 | |||
| 1608 | // Check if change_password_date is set |
||
| 1609 | if($limit_date > 0) |
||
| 1610 | { |
||
| 1611 | $oMemberModel = getModel('member'); |
||
| 1612 | $columnList = array('member_srl', 'change_password_date'); |
||
| 1613 | |||
| 1614 | if($config->identifier == 'user_id') |
||
| 1615 | { |
||
| 1616 | $member_info = $oMemberModel->getMemberInfoByUserID($user_id, $columnList); |
||
| 1617 | } |
||
| 1618 | else |
||
| 1619 | { |
||
| 1620 | $member_info = $oMemberModel->getMemberInfoByEmailAddress($user_id, $columnList); |
||
| 1621 | } |
||
| 1622 | |||
| 1623 | if($member_info->change_password_date >= date('YmdHis', strtotime('-'.$limit_date.' day')) ){ |
||
| 1624 | $do_auto_login = true; |
||
| 1625 | } |
||
| 1626 | |||
| 1627 | } |
||
| 1628 | else |
||
| 1629 | { |
||
| 1630 | $do_auto_login = true; |
||
| 1631 | } |
||
| 1632 | } |
||
| 1633 | |||
| 1634 | if($do_auto_login) |
||
| 1635 | { |
||
| 1636 | $output = $this->doLogin($user_id); |
||
| 1637 | } |
||
| 1638 | else |
||
| 1639 | { |
||
| 1640 | executeQuery('member.deleteAutologin', $args); |
||
| 1641 | setCookie('xeak',null,$_SERVER['REQUEST_TIME']+60*60*24*365, '/'); |
||
| 1642 | } |
||
| 1643 | } |
||
| 1644 | |||
| 1645 | /** |
||
| 1646 | * Log-in |
||
| 1647 | * |
||
| 1648 | * @param string $user_id |
||
| 1649 | * @param string $password |
||
| 1650 | * @param boolean $keep_signed |
||
| 1651 | * |
||
| 1652 | * @return Object |
||
| 1653 | */ |
||
| 1654 | function doLogin($user_id, $password = '', $keep_signed = false) |
||
| 1655 | { |
||
| 1656 | $user_id = strtolower($user_id); |
||
| 1657 | if(!$user_id) return new Object(-1, 'null_user_id'); |
||
| 1658 | // Call a trigger before log-in (before) |
||
| 1659 | $trigger_obj = new stdClass(); |
||
| 1660 | $trigger_obj->user_id = $user_id; |
||
| 1661 | $trigger_obj->password = $password; |
||
| 1662 | $trigger_output = ModuleHandler::triggerCall('member.doLogin', 'before', $trigger_obj); |
||
| 1663 | if(!$trigger_output->toBool()) return $trigger_output; |
||
| 1664 | // Create a member model object |
||
| 1665 | $oMemberModel = getModel('member'); |
||
| 1666 | |||
| 1667 | // check IP access count. |
||
| 1668 | $config = $oMemberModel->getMemberConfig(); |
||
| 1669 | $args = new stdClass(); |
||
| 1670 | $args->ipaddress = $_SERVER['REMOTE_ADDR']; |
||
| 1671 | |||
| 1672 | // check identifier |
||
| 1673 | if($config->identifier == 'email_address') |
||
| 1674 | { |
||
| 1675 | // Get user_id information |
||
| 1676 | $this->memberInfo = $oMemberModel->getMemberInfoByEmailAddress($user_id); |
||
| 1677 | // Set an invalid user if no value returned |
||
| 1678 | if(!$user_id || strtolower($this->memberInfo->email_address) != strtolower($user_id)) return $this->recordLoginError(-1, 'invalid_email_address'); |
||
| 1679 | |||
| 1680 | } |
||
| 1681 | else |
||
| 1682 | { |
||
| 1683 | // Get user_id information |
||
| 1684 | $this->memberInfo = $oMemberModel->getMemberInfoByUserID($user_id); |
||
| 1685 | // Set an invalid user if no value returned |
||
| 1686 | if(!$user_id || strtolower($this->memberInfo->user_id) != strtolower($user_id)) return $this->recordLoginError(-1, 'invalid_user_id'); |
||
| 1687 | } |
||
| 1688 | |||
| 1689 | $output = executeQuery('member.getLoginCountByIp', $args); |
||
| 1690 | $errorCount = $output->data->count; |
||
| 1691 | if($errorCount >= $config->max_error_count) |
||
| 1692 | { |
||
| 1693 | $last_update = strtotime($output->data->last_update); |
||
| 1694 | $term = intval($_SERVER['REQUEST_TIME']-$last_update); |
||
| 1695 | if($term < $config->max_error_count_time) |
||
| 1696 | { |
||
| 1697 | $term = $config->max_error_count_time - $term; |
||
| 1698 | if($term < 60) $term = intval($term).Context::getLang('unit_sec'); |
||
| 1699 | elseif(60 <= $term && $term < 3600) $term = intval($term/60).Context::getLang('unit_min'); |
||
| 1700 | elseif(3600 <= $term && $term < 86400) $term = intval($term/3600).Context::getLang('unit_hour'); |
||
| 1701 | else $term = intval($term/86400).Context::getLang('unit_day'); |
||
| 1702 | |||
| 1703 | return new Object(-1, sprintf(Context::getLang('excess_ip_access_count'),$term)); |
||
| 1704 | } |
||
| 1705 | else |
||
| 1706 | { |
||
| 1707 | $args->ipaddress = $_SERVER['REMOTE_ADDR']; |
||
| 1708 | $output = executeQuery('member.deleteLoginCountByIp', $args); |
||
| 1709 | } |
||
| 1710 | } |
||
| 1711 | |||
| 1712 | // Password Check |
||
| 1713 | if($password && !$oMemberModel->isValidPassword($this->memberInfo->password, $password, $this->memberInfo->member_srl)) |
||
| 1714 | { |
||
| 1715 | return $this->recordMemberLoginError(-1, 'invalid_password',$this->memberInfo); |
||
| 1716 | } |
||
| 1717 | |||
| 1718 | // If denied == 'Y', notify |
||
| 1719 | if($this->memberInfo->denied == 'Y') |
||
| 1720 | { |
||
| 1721 | $args->member_srl = $this->memberInfo->member_srl; |
||
| 1722 | $output = executeQuery('member.chkAuthMail', $args); |
||
| 1723 | if ($output->toBool() && $output->data->count != '0') |
||
| 1724 | { |
||
| 1725 | $_SESSION['auth_member_srl'] = $this->memberInfo->member_srl; |
||
| 1726 | $redirectUrl = getUrl('', 'act', 'dispMemberResendAuthMail'); |
||
| 1727 | return $this->setRedirectUrl($redirectUrl, new Object(-1,'msg_user_not_confirmed')); |
||
| 1728 | } |
||
| 1729 | return new Object(-1,'msg_user_denied'); |
||
| 1730 | } |
||
| 1731 | // Notify if denied_date is less than the current time |
||
| 1732 | if($this->memberInfo->limit_date && substr($this->memberInfo->limit_date,0,8) >= date("Ymd")) return new Object(-9,sprintf(Context::getLang('msg_user_limited'),zdate($this->memberInfo->limit_date,"Y-m-d"))); |
||
| 1733 | // Update the latest login time |
||
| 1734 | $args->member_srl = $this->memberInfo->member_srl; |
||
| 1735 | $output = executeQuery('member.updateLastLogin', $args); |
||
| 1736 | |||
| 1737 | $site_module_info = Context::get('site_module_info'); |
||
| 1738 | $this->_clearMemberCache($args->member_srl, $site_module_info->site_srl); |
||
| 1739 | |||
| 1740 | // Check if there is recoding table. |
||
| 1741 | $oDB = &DB::getInstance(); |
||
| 1742 | if($oDB->isTableExists('member_count_history') && $config->enable_login_fail_report != 'N') |
||
| 1743 | { |
||
| 1744 | // check if there is login fail records. |
||
| 1745 | $output = executeQuery('member.getLoginCountHistoryByMemberSrl', $args); |
||
| 1746 | if($output->data && $output->data->content) |
||
| 1747 | { |
||
| 1748 | $title = Context::getLang('login_fail_report'); |
||
| 1749 | $message = '<ul>'; |
||
| 1750 | $content = unserialize($output->data->content); |
||
| 1751 | if(count($content) > $config->max_error_count) |
||
| 1752 | { |
||
| 1753 | foreach($content as $val) |
||
| 1754 | { |
||
| 1755 | $message .= '<li>'.Context::getLang('regdate').': '.date('Y-m-d h:i:sa',$val[2]).'<ul><li>'.Context::getLang('ipaddress').': '.$val[0].'</li><li>'.Context::getLang('message').': '.$val[1].'</li></ul></li>'; |
||
| 1756 | } |
||
| 1757 | $message .= '</ul>'; |
||
| 1758 | $content = sprintf(Context::getLang('login_fail_report_contents'),$message,date('Y-m-d h:i:sa')); |
||
| 1759 | |||
| 1760 | //send message |
||
| 1761 | $oCommunicationController = getController('communication'); |
||
| 1762 | $oCommunicationController->sendMessage($args->member_srl, $args->member_srl, $title, $content, true); |
||
| 1763 | |||
| 1764 | if($this->memberInfo->email_address && $this->memberInfo->allow_mailing == 'Y') |
||
| 1765 | { |
||
| 1766 | $view_url = Context::getRequestUri(); |
||
| 1767 | $content = sprintf("%s<hr /><p>From: <a href=\"%s\" target=\"_blank\">%s</a><br />To: %s(%s)</p>",$content, $view_url, $view_url, $this->memberInfo->nick_name, $this->memberInfo->email_id); |
||
| 1768 | $oMail = new Mail(); |
||
| 1769 | $oMail->setTitle($title); |
||
| 1770 | $oMail->setContent($content); |
||
| 1771 | $oMail->setSender($config->webmaster_name?$config->webmaster_name:'webmaster', $config->webmaster_email); |
||
| 1772 | $oMail->setReceiptor($this->memberInfo->email_id.'('.$this->memberInfo->nick_name.')', $this->memberInfo->email_address); |
||
| 1773 | $oMail->send(); |
||
| 1774 | } |
||
| 1775 | $output = executeQuery('member.deleteLoginCountHistoryByMemberSrl', $args); |
||
| 1776 | } |
||
| 1777 | } |
||
| 1778 | } |
||
| 1779 | // Call a trigger after successfully log-in (after) |
||
| 1780 | $trigger_output = ModuleHandler::triggerCall('member.doLogin', 'after', $this->memberInfo); |
||
| 1781 | if(!$trigger_output->toBool()) return $trigger_output; |
||
| 1782 | // When user checked to use auto-login |
||
| 1783 | if($keep_signed) |
||
| 1784 | { |
||
| 1785 | // Key generate for auto login |
||
| 1786 | $oPassword = new Password(); |
||
| 1787 | $random_key = $oPassword->createSecureSalt(32, 'hex'); |
||
| 1788 | $extra_key = strtolower($user_id).$this->memberInfo->password.$_SERVER['HTTP_USER_AGENT']; |
||
| 1789 | $extra_key = substr(hash_hmac('sha256', $extra_key, $random_key), 0, 32); |
||
| 1790 | $autologin_args = new stdClass; |
||
| 1791 | $autologin_args->autologin_key = $random_key.$extra_key; |
||
| 1792 | $autologin_args->member_srl = $this->memberInfo->member_srl; |
||
| 1793 | executeQuery('member.deleteAutologin', $autologin_args); |
||
| 1794 | $autologin_output = executeQuery('member.insertAutologin', $autologin_args); |
||
| 1795 | if($autologin_output->toBool()) setCookie('xeak',$autologin_args->autologin_key, $_SERVER['REQUEST_TIME']+31536000, '/'); |
||
| 1796 | } |
||
| 1797 | if($this->memberInfo->is_admin == 'Y') |
||
| 1798 | { |
||
| 1799 | $oMemberAdminModel = getAdminModel('member'); |
||
| 1800 | if(!$oMemberAdminModel->getMemberAdminIPCheck()) |
||
| 1801 | { |
||
| 1802 | $_SESSION['denied_admin'] = 'Y'; |
||
| 1803 | } |
||
| 1804 | } |
||
| 1805 | |||
| 1806 | $this->setSessionInfo(); |
||
| 1807 | |||
| 1808 | return $output; |
||
| 1809 | } |
||
| 1810 | |||
| 1811 | /** |
||
| 1812 | * Update or create session information |
||
| 1813 | */ |
||
| 1814 | function setSessionInfo() |
||
| 1815 | { |
||
| 1816 | $oMemberModel = getModel('member'); |
||
| 1817 | // If your information came through the current session information to extract information from the users |
||
| 1818 | if(!$this->memberInfo && $_SESSION['member_srl'] && $oMemberModel->isLogged() ) |
||
| 1819 | { |
||
| 1820 | $this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($_SESSION['member_srl']); |
||
| 1821 | // If you do not destroy the session Profile |
||
| 1822 | if($this->memberInfo->member_srl != $_SESSION['member_srl']) |
||
| 1823 | { |
||
| 1824 | $this->destroySessionInfo(); |
||
| 1825 | return; |
||
| 1826 | } |
||
| 1827 | } |
||
| 1828 | // Stop using the session id is destroyed |
||
| 1829 | if($this->memberInfo->denied=='Y') |
||
| 1830 | { |
||
| 1831 | $this->destroySessionInfo(); |
||
| 1832 | return; |
||
| 1833 | } |
||
| 1834 | // Log in for treatment sessions set |
||
| 1835 | $_SESSION['is_logged'] = true; |
||
| 1836 | $_SESSION['ipaddress'] = $_SERVER['REMOTE_ADDR']; |
||
| 1837 | $_SESSION['member_srl'] = $this->memberInfo->member_srl; |
||
| 1838 | $_SESSION['is_admin'] = ''; |
||
| 1839 | setcookie('xe_logged', 'true', 0, '/'); |
||
| 1840 | // Do not save your password in the session jiwojum;; |
||
| 1841 | //unset($this->memberInfo->password); |
||
| 1842 | // User Group Settings |
||
| 1843 | /* |
||
| 1844 | if($this->memberInfo->group_list) { |
||
| 1845 | $group_srl_list = array_keys($this->memberInfo->group_list); |
||
| 1846 | $_SESSION['group_srls'] = $group_srl_list; |
||
| 1847 | // If the group is designated as an administrator administrator |
||
| 1848 | $oMemberModel = getModel('member'); |
||
| 1849 | $admin_group = $oMemberModel->getAdminGroup(); |
||
| 1850 | if($admin_group->group_srl && in_array($admin_group->group_srl, $group_srl_list)) $_SESSION['is_admin'] = 'Y'; |
||
| 1851 | } |
||
| 1852 | */ |
||
| 1853 | |||
| 1854 | // Information stored in the session login user |
||
| 1855 | Context::set('is_logged', true); |
||
| 1856 | Context::set('logged_info', $this->memberInfo); |
||
| 1857 | |||
| 1858 | // Only the menu configuration of the user (such as an add-on to the menu can be changed) |
||
| 1859 | $this->addMemberMenu( 'dispMemberInfo', 'cmd_view_member_info'); |
||
| 1860 | $this->addMemberMenu( 'dispMemberScrappedDocument', 'cmd_view_scrapped_document'); |
||
| 1861 | $this->addMemberMenu( 'dispMemberSavedDocument', 'cmd_view_saved_document'); |
||
| 1862 | $this->addMemberMenu( 'dispMemberOwnDocument', 'cmd_view_own_document'); |
||
| 1863 | } |
||
| 1864 | |||
| 1865 | /** |
||
| 1866 | * Logged method for providing a personalized menu |
||
| 1867 | * Login information is used in the output widget, or personalized page |
||
| 1868 | */ |
||
| 1869 | function addMemberMenu($act, $str) |
||
| 1870 | { |
||
| 1871 | $logged_info = Context::get('logged_info'); |
||
| 1872 | |||
| 1873 | $logged_info->menu_list[$act] = Context::getLang($str); |
||
| 1874 | |||
| 1875 | Context::set('logged_info', $logged_info); |
||
| 1876 | } |
||
| 1877 | |||
| 1878 | /** |
||
| 1879 | * Nickname and click Log In to add a pop-up menu that appears when the method |
||
| 1880 | */ |
||
| 1881 | View Code Duplication | function addMemberPopupMenu($url, $str, $icon = '', $target = 'self') |
|
| 1882 | { |
||
| 1883 | $member_popup_menu_list = Context::get('member_popup_menu_list'); |
||
| 1884 | if(!is_array($member_popup_menu_list)) $member_popup_menu_list = array(); |
||
| 1885 | |||
| 1886 | $obj = new stdClass; |
||
| 1887 | $obj->url = $url; |
||
| 1888 | $obj->str = $str; |
||
| 1889 | $obj->icon = $icon; |
||
| 1890 | $obj->target = $target; |
||
| 1891 | $member_popup_menu_list[] = $obj; |
||
| 1892 | |||
| 1893 | Context::set('member_popup_menu_list', $member_popup_menu_list); |
||
| 1894 | } |
||
| 1895 | |||
| 1896 | /** |
||
| 1897 | * Add users to the member table |
||
| 1898 | */ |
||
| 1899 | function insertMember(&$args, $password_is_hashed = false) |
||
| 2084 | |||
| 2085 | /** |
||
| 2086 | * Modify member information |
||
| 2087 | * |
||
| 2088 | * @param bool $is_admin , modified 2013-11-22 |
||
| 2089 | */ |
||
| 2090 | function updateMember($args, $is_admin = FALSE) |
||
| 2272 | |||
| 2273 | /** |
||
| 2274 | * Modify member password |
||
| 2275 | */ |
||
| 2276 | function updateMemberPassword($args) |
||
| 2277 | { |
||
| 2278 | if($args->password) |
||
| 2279 | { |
||
| 2280 | |||
| 2281 | // check password strength |
||
| 2282 | $oMemberModel = getModel('member'); |
||
| 2283 | $config = $oMemberModel->getMemberConfig(); |
||
| 2284 | |||
| 2285 | View Code Duplication | if(!$oMemberModel->checkPasswordStrength($args->password, $config->password_strength)) |
|
| 2286 | { |
||
| 2287 | $message = Context::getLang('about_password_strength'); |
||
| 2288 | return new Object(-1, $message[$config->password_strength]); |
||
| 2289 | } |
||
| 2290 | |||
| 2291 | $args->password = $oMemberModel->hashPassword($args->password); |
||
| 2292 | } |
||
| 2293 | else if($args->hashed_password) |
||
| 2294 | { |
||
| 2295 | $args->password = $args->hashed_password; |
||
| 2296 | } |
||
| 2297 | |||
| 2298 | $output = executeQuery('member.updateMemberPassword', $args); |
||
| 2299 | if($output->toBool()) |
||
| 2300 | { |
||
| 2301 | $result = executeQuery('member.updateChangePasswordDate', $args); |
||
| 2302 | } |
||
| 2303 | |||
| 2304 | $this->_clearMemberCache($args->member_srl); |
||
| 2305 | |||
| 2306 | return $output; |
||
| 2307 | } |
||
| 2308 | |||
| 2309 | /** |
||
| 2310 | * Delete User |
||
| 2311 | */ |
||
| 2312 | function deleteMember($member_srl) |
||
| 2387 | |||
| 2388 | /** |
||
| 2389 | * Destroy all session information |
||
| 2390 | */ |
||
| 2391 | function destroySessionInfo() |
||
| 2417 | |||
| 2418 | function _updatePointByGroup($memberSrl, $groupSrlList) |
||
| 2447 | |||
| 2448 | function procMemberModifyEmailAddress() |
||
| 2518 | |||
| 2519 | function procMemberAuthEmailAddress() |
||
| 2552 | |||
| 2553 | /** |
||
| 2554 | * trigger for document.getDocumentMenu. Append to popup menu a button for procMemberSpammerManage() |
||
| 2555 | * |
||
| 2556 | * @param array &$menu_list |
||
| 2557 | * |
||
| 2558 | * @return object |
||
| 2559 | **/ |
||
| 2560 | View Code Duplication | function triggerGetDocumentMenu(&$menu_list) |
|
| 2582 | |||
| 2583 | /** |
||
| 2584 | * trigger for comment.getCommentMenu. Append to popup menu a button for procMemberSpammerManage() |
||
| 2585 | * |
||
| 2586 | * @param array &$menu_list |
||
| 2587 | * |
||
| 2588 | * @return object |
||
| 2589 | **/ |
||
| 2590 | View Code Duplication | function triggerGetCommentMenu(&$menu_list) |
|
| 2612 | |||
| 2613 | /** |
||
| 2614 | * Spammer manage. Denied user login. And delete or trash all documents. Response Ajax string |
||
| 2615 | * |
||
| 2616 | * @return object |
||
| 2617 | **/ |
||
| 2618 | function procMemberSpammerManage() |
||
| 2676 | |||
| 2677 | /** |
||
| 2678 | * Denied user login and write description |
||
| 2679 | * |
||
| 2680 | * @param int $member_srl |
||
| 2681 | * |
||
| 2682 | * @return object |
||
| 2683 | **/ |
||
| 2684 | private function _spammerMember($member_srl) { |
||
| 2716 | |||
| 2717 | /** |
||
| 2718 | * Delete or trash all documents |
||
| 2719 | * |
||
| 2720 | * @param int $member_srl |
||
| 2721 | * @param bool $isMoveToTrash |
||
| 2722 | * |
||
| 2723 | * @return object |
||
| 2724 | **/ |
||
| 2725 | private function _spammerDocuments($member_srl, $isMoveToTrash) { |
||
| 2759 | |||
| 2760 | function _clearMemberCache($member_srl, $site_srl = 0) |
||
| 2785 | } |
||
| 2786 | /* End of file member.controller.php */ |
||
| 2788 |
Loading history...
In PHP, under loose comparison (like
==, or!=, orswitchconditions), values of different types might be equal.For
stringvalues, the empty string''is a special case, in particular the following results might be unexpected: