}
unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
unset($_SESSION[get_class($this)][$sesPrefix .'-timeout']);
- setcookie('Pman.timeout', -1, time() + (30*60), '/');
+ //setcookie('Pman.timeout', -1, time() + (30*60), '/');
return false;
}
if (isset($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
$_SESSION[get_class($this)][$sesPrefix .'-auth-timeout'] = time() + (30*60); // eg. 30 minutes
- setcookie('Pman.timeout', time() + (30*60), time() + (30*60), '/');
+ //setcookie('Pman.timeout', time() + (30*60), time() + (30*60), '/');
}
// not really sure why it's cloned..
return clone (self::$authUser);
$d = $p->toArray();
$_SESSION[get_class($this)][$sesPrefix .'-auth-timeout'] = time() + (30*60); // eg. 30 minutes
- setcookie('Pman.timeout', time() + (30*60), time() + (30*60), '/');
+ //setcookie('Pman.timeout', time() + (30*60), time() + (30*60), '/');
//var_dump(array(get_class($this),$sesPrefix .'-auth'));
$_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object)$d);
function beforeInsert($req, $roo)
{
+ if (!empty($req['_bulk_update_passwords'])) {
+ $this->bulkUpdatePasswords($req['_bulk_update_passwords'], $roo);
+ return;
+ }
+
$p = DB_DataObject::factory('core_person');
if ($roo->authUser->id > -1 || $p->count() > 1) {
$pp = DB_DataObject::factory('core_person');
- $pp->email = trim($this->email);
+ $pp->whereAdd('LOWER(email) = "' . $pp->escape(strtolower(trim($this->email))) . '"');
if ($pp->count()){
- $roo->jerr("that email already exists in the database");
+ $roo->jerror("NOTICE-DUPE-EMAIL", "that email already exists in the database");
}
$ff= HTML_FlexyFramework::get();
$appname = empty($ff->appNameShort) ? $ff->project : $ff->project . '-' . $ff->appNameShort;
-
$dname = method_exists($this, 'getDatabaseConnection') ? $this->getDatabaseConnection()->dsn['database'] : $this->databaseNickname();
-
$sesPrefix = $appname.'-' .get_class($this) .'-' . $dname;
return $sesPrefix;
function loginPublic() // used where???
{
$this->isAuth(); // force session start..
-
$db = $this->getDatabaseConnection();
-
$ff = HTML_FlexyFramework::get();
if(empty($ff->Pman) || empty($ff->Pman['login_public'])){
function beforeUpdate($old, $q, $roo)
{
$this->email = trim($this->email);
+
+ $p = DB_DataObject::factory('core_person');
+ if ($roo->authUser->id > -1 || $p->count() > 1) {
+ $pp = DB_DataObject::factory('core_person');
+ $pp->whereAdd('LOWER(email) = "' . $pp->escape(strtolower(trim($this->email))) . '"');
+ $pp->whereAdd('id != ' . $old->id);
+ if ($pp->count()){
+ $roo->jerror("NOTICE-DUPE-EMAIL", "that email already exists in the database");
+ }
+ }
}
function generateOathKey()
return $content;
}
-
+ function bulkUpdatePasswords($data, $roo)
+ {
+
+ if ( !$roo->hasPerm("Core.Staff", "E")) {
+ $roo->jerr("permission denied");
+ }
+ $rows = explode("\n",$data);
+ $upd = array();
+ $bad = array();
+
+ foreach($rows as $i=>$row) {
+ if (!strlen(trim($row))) {
+ continue;
+ }
+ $bits = preg_split('/\s+/', trim($row));
+ if (count($bits) != 2) {
+ $bad[] = "Invalid line: {$row}";
+ continue;
+ }
+ // validate.
+ $upd[strtolower($bits[0])] = $bits[1];
+
+ }
+ if (empty($upd)) {
+
+ $roo->jerr(empty($bad) ? "No rows to update": ("ERRORS: ". implode("\n", $bad)));
+ return;
+ }
+ // next fetch them all.
+ $p = DB_DataObject::factory('core_person');
+ $p->whereAddIn('email', array_keys($upd), 'string');
+ foreach($p->fetchAll() as $p) {
+ $map[strtolower($p->email)] = $p;
+ }
+ foreach($upd as $k=>$nv) {
+ if (!isset($map[$k])) {
+ $bad[] = "Missing account with email: " . $k;
+ continue;
+ }
+ if ($map[$k]->id == $roo->authUser->id) {
+ $bad[] = "You can not update your own password here: " . $k;
+ continue;
+ }
+ }
+ if (!empty($bad)) {
+ $roo->jerr("ERRORS: ". implode("\n", $bad));
+ return;
+ }
+ foreach($map as $k => $p) {
+ $pp = clone($p);
+ $p->setPassword($upd[$k]);
+ $p->update($pp);
+ }
+ $roo->jok("Updated");
+
+
+ }
}
projects / Pman.Core / blobdiff