diff --git a/include/ajax.users.php b/include/ajax.users.php
index 3a102c272208de0c9b47c71bf68f64e09aed35bd..3b6da01791ff0c3b3d88c42c46ef15aea95b6091 100644
--- a/include/ajax.users.php
+++ b/include/ajax.users.php
@@ -137,7 +137,7 @@ class UsersAjaxAPI extends AjaxController {
include(STAFFINC_DIR . 'templates/user-register.tmpl.php');
}
- function manage($id, $target) {
+ function manage($id, $target=null) {
global $thisstaff;
if (!$thisstaff)
diff --git a/include/class.user.php b/include/class.user.php
index a73bdd5cd1f6b40b7d3ca926128f9c91ee0493b1..f9e38f1feb599caa8a3ba426f91007d144e5c04c 100644
--- a/include/class.user.php
+++ b/include/class.user.php
@@ -235,10 +235,16 @@ class User extends UserModel {
function getAccountStatus() {
- if ($this->getAccount())
- return (string) $this->getAccount()->getStatus();
+ if (!($account=$this->getAccount()))
+ return 'Guest';
+
+ if ($account->isLocked())
+ return 'Locked (Administrative)';
+
+ if (!$account->isConfirmed())
+ return 'Locked (Pending Activation)';
- return 'Unregistered';
+ return 'Active';
}
function register($vars, &$errors) {
@@ -247,35 +253,7 @@ class User extends UserModel {
if ($this->getAccount())
return true;
- //Require temp password.
- if (!isset($vars['sendemail'])) {
- if (!$vars['passwd1'])
- $errors['passwd1'] = 'Temp. password required';
- elseif ($vars['passwd1'] && strlen($vars['passwd1'])<6)
- $errors['passwd1'] = 'Must be at least 6 characters';
- elseif ($vars['passwd1'] && strcmp($vars['passwd1'], $vars['passwd2']))
- $errors['passwd2'] = 'Password(s) do not match';
- }
-
- if ($errors) return false;
-
- $account = UserAccount::create(array('user_id' => $this->getId()));
- if (!$account)
- return false;
-
- $account->set('dst', isset($vars['dst'])?1:0);
- $account->set('timezone_id', $vars['timezone_id']);
-
- if ($vars['username'] && strcasecmp($vars['username'], $this->getEmail()))
- $account->set('username', $vars['username']);
-
- if (!$vars['sendemail'])
- $account->set('passwd', Password::hash($vars['passwd1']));
- //TODO: else $account->sendActivationEmail();
-
- $account->save(true);
-
- return $account;
+ return UserAccount::register($this, $vars, $errors);
}
//TODO: Add organization support
@@ -563,6 +541,7 @@ class UserAccountModel extends VerySimpleModel {
class UserAccount extends UserAccountModel {
var $_options = null;
+ var $_user;
const CONFIRMED = 0x0001;
const LOCKED = 0x0002;
@@ -628,17 +607,20 @@ class UserAccount extends UserAccountModel {
}
function getUser() {
- $user = User::lookup($this->getUserId());
- $user->set('account', $this);
- return $user;
+
+ if (!isset($this->_user)) {
+ if ($this->_user = User::lookup($this->getUserId()))
+ $this->_user->set('account', $this);
+ }
+ return $this->_user;
}
function sendResetEmail() {
- return static::sendUnlockEmail('pwreset-client');
+ return static::sendUnlockEmail('pwreset-client') === true;
}
function sendConfirmEmail() {
- return static::sendUnlockEmail('registration-confirm');
+ return static::sendUnlockEmail('registration-client') === true;
}
protected function sendUnlockEmail($template) {
@@ -650,7 +632,7 @@ class UserAccount extends UserAccountModel {
$content = Page::lookup(Page::getIdByType($template));
if (!$email || !$content)
- return new Error('Unable to retrieve password reset email template');
+ return new Error($template.': Unable to retrieve template');
$vars = array(
'url' => $ost->getConfig()->getBaseUrl(),
@@ -673,10 +655,12 @@ class UserAccount extends UserAccountModel {
), $vars);
$_config = new Config('pwreset');
- $_config->set($vars['token'], $this->user->getId());
+ $_config->set($vars['token'], $this->getUser()->getId());
- $email->send($this->user->default_email->get('address'),
+ $email->send($this->getUser()->getEmail(),
Format::striptags($msg['subj']), $msg['body']);
+
+ return true;
}
@@ -704,7 +688,7 @@ class UserAccount extends UserAccountModel {
// Changing password?
if ($vars['passwd1'] || $vars['passwd2']) {
if (!$vars['passwd1'])
- $errors['passwd1'] = 'New password required';
+ $errors['passwd1'] = 'Password required';
elseif ($vars['passwd1'] && strlen($vars['passwd1'])<6)
$errors['passwd1'] = 'Must be at least 6 characters';
elseif ($vars['passwd1'] && strcmp($vars['passwd1'], $vars['passwd2']))
@@ -727,6 +711,17 @@ class UserAccount extends UserAccountModel {
$this->setStatus(self::CONFIRMED);
}
+ // Set flags
+ if ($vars['pwreset-flag'])
+ $this->setStatus(self::PASSWD_RESET_REQUIRED);
+ else
+ $this->clearStatus(self::PASSWD_RESET_REQUIRED);
+
+ if ($vars['locked-flag'])
+ $this->setStatus(self::LOCKED);
+ else
+ $this->clearStatus(self::LOCKED);
+
return $this->save(true);
}
@@ -742,6 +737,47 @@ class UserAccount extends UserAccountModel {
return $user;
}
+
+ static function register($user, $vars, &$errors) {
+
+ if (!$user || !$vars)
+ return false;
+
+ //Require temp password.
+ if (!isset($vars['sendemail'])) {
+ if (!$vars['passwd1'])
+ $errors['passwd1'] = 'Temp. password required';
+ elseif ($vars['passwd1'] && strlen($vars['passwd1'])<6)
+ $errors['passwd1'] = 'Must be at least 6 characters';
+ elseif ($vars['passwd1'] && strcmp($vars['passwd1'], $vars['passwd2']))
+ $errors['passwd2'] = 'Password(s) do not match';
+ }
+
+ if ($errors) return false;
+
+ $account = UserAccount::create(array('user_id' => $user->getId()));
+ if (!$account)
+ return false;
+
+ $account->set('dst', isset($vars['dst'])?1:0);
+ $account->set('timezone_id', $vars['timezone_id']);
+
+ if ($vars['username'] && strcasecmp($vars['username'], $user->getEmail()))
+ $account->set('username', $vars['username']);
+
+ if ($vars['passwd1'] && !$vars['sendemail']) {
+ $account->set('passwd', Password::hash($vars['passwd1']));
+ $account->setStatus(self::CONFIRMED);
+ }
+
+ $account->save(true);
+
+ if ($vars['sendemail'])
+ $account->sendConfirmEmail();
+
+ return $account;
+ }
+
}
diff --git a/include/staff/templates/user-account.tmpl.php b/include/staff/templates/user-account.tmpl.php
index 2bd29e598692b7a13373c7e3f77db8602cd8e3e1..5a08e8e4cf3696c44efbdcd59d3a5530b7850dfd 100644
--- a/include/staff/templates/user-account.tmpl.php
+++ b/include/staff/templates/user-account.tmpl.php
@@ -95,6 +95,10 @@ if ($info['error']) {
<tr>
<th colspan="2"><em><strong>Account Access</strong></em></th>
</tr>
+ <tr>
+ <td width="180"> Status: </td>
+ <td> <?php echo $user->getAccountStatus(); ?> </td>
+ </tr>
<tr>
<td width="180">
Username:
@@ -130,8 +134,15 @@ if ($info['error']) {
</tr>
<tr>
<td colspan="2">
- <div><input type="checkbox" name="flags[]" value="locked"> Locked (reason here) </div>
- <div><input type="checkbox" name="flags[]" value="locked"> Require Password Reset</div>
+ <?php
+ echo sprintf('<div><input type="checkbox" name="locked-flag" %s
+ value="1"> Administratively Locked</div>',
+ $account->isLocked() ? 'checked="checked"' : ''
+ );
+ ?>
+ <div><input type="checkbox" name="pwreset-flag" value="1" <?php
+ echo $account->isPasswdResetForced() ?
+ 'checked="checked"' : ''; ?>> Password Reset Required</div>
</td>
</tr>
</tbody>
diff --git a/include/staff/templates/user-register.tmpl.php b/include/staff/templates/user-register.tmpl.php
index 805ee4a4f8df156e4d7a4cfaa97720e08b0526bd..996636578c55bcbef0c5105c0f21d358b6ffc03a 100644
--- a/include/staff/templates/user-register.tmpl.php
+++ b/include/staff/templates/user-register.tmpl.php
@@ -1,10 +1,18 @@
<?php
+global $cfg;
+
if (!$info['title'])
$info['title'] = 'Register: '.Format::htmlchars($user->getName());
-// TODO: Set defaults
if (!$_POST) {
+
$info['sendemail'] = true; // send email confirmation.
+
+ if (!isset($info['timezone_id']))
+ $info['timezone_id'] = $cfg->getDefaultTimezoneId();
+
+ if (!isset($info['dst']))
+ $info['dst'] = $cfg->observeDaylightSaving();
}
?>
@@ -83,11 +91,12 @@ $user->getName()->getOriginal(); ?></b>.</p></div>
<td>
<select name="timezone_id" id="timezone_id">
<?php
- $sql='SELECT id, offset,timezone FROM '.TIMEZONE_TABLE.' ORDER BY id';
+ $sql='SELECT id, offset, timezone FROM '.TIMEZONE_TABLE.' ORDER BY id';
if(($res=db_query($sql)) && db_num_rows($res)){
- while(list($id,$offset, $tz)=db_fetch_row($res)){
- $sel=($info['timezone_id']==$id)?'selected="selected"':'';
- echo sprintf('<option value="%d" %s>GMT %s - %s</option>',$id,$sel,$offset,$tz);
+ while(list($id, $offset, $tz) = db_fetch_row($res)) {
+ $sel=($info['timezone_id']==$id) ? 'selected="selected"' : '';
+ echo sprintf('<option value="%d" %s>GMT %s - %s</option>',
+ $id, $sel, $offset, $tz);
}
}
?>
diff --git a/include/staff/user-view.inc.php b/include/staff/user-view.inc.php
index ec5112478dd76a4150a7c5cd4ca36bf513cd7856..03c23c86629339acf616e54ac6a76069c950f098 100644
--- a/include/staff/user-view.inc.php
+++ b/include/staff/user-view.inc.php
@@ -31,13 +31,24 @@ if(!defined('OSTSCPINC') || !$thisstaff || !is_object($user)) die('Invalid path'
} ?>
<div id="action-dropdown-more" class="action-dropdown anchor-right">
<ul>
- <li><a class="confirm-action" href="#confirmlink"><i
- class="icon-lock"></i> Send Confirmation Link</a></li>
- <li><a class="confirm-action" href="#pwreset"><i
- class="icon-lock"></i> Send Password Reset Link</a></li>
- <li><a class="user-action"
- href="#users/<?php echo $user->getId(); ?>/manage/access"><i
- class="icon-lock"></i> Manage Account Access</a></li>
+ <?php
+ if ($user->getAccount()) {
+ if (!$user->getAccount()->isConfirmed()) {
+ ?>
+ <li><a class="confirm-action" href="#confirmlink"><i
+ class="icon-envelope"></i> Send Activation Email</a></li>
+ <?php
+ } else { ?>
+ <li><a class="confirm-action" href="#pwreset"><i
+ class="icon-envelope"></i> Send Password Reset Email</a></li>
+ <?php
+ } ?>
+ <li><a class="user-action"
+ href="#users/<?php echo $user->getId(); ?>/manage/access"><i
+ class="icon-lock"></i> Manage Account Access</a></li>
+ <?php
+
+ } ?>
</ul>
</div>
</td>
diff --git a/scp/users.php b/scp/users.php
index 74b55668ddcc6508f079fff4c6b7f094dc80c542..3020a91f19fceb60517d817382d28a1cdfb1e2e2 100644
--- a/scp/users.php
+++ b/scp/users.php
@@ -42,10 +42,22 @@ if ($_POST) {
}
break;
case 'confirmlink':
- $errors['err'] = "Send Confirmation Link: Coming soon!";
+ if (!$user || !$user->getAccount())
+ $errors['err'] = 'Unknown or invalid user account';
+ elseif ($user->getAccount()->isConfirmed())
+ $errors['err'] = 'Account is already confirmed';
+ elseif ($user->getAccount()->sendConfirmEmail())
+ $msg = 'Account activation email sent to '.$user->getEmail();
+ else
+ $errors['err'] = 'Unable to send account activation email - try again!';
break;
case 'pwreset':
- $errors['err'] = "Send Password Reset Link: Coming soon!";
+ if (!$user || !$user->getAccount())
+ $errors['err'] = 'Unknown or invalid user account';
+ elseif ($user->getAccount()->sendResetEmail())
+ $msg = 'Account password reset email sent to '.$user->getEmail();
+ else
+ $errors['err'] = 'Unable to send account password reset email - try again!';
break;
case 'mass_process':
if (!$_POST['ids'] || !is_array($_POST['ids']) || !count($_POST['ids'])) {