diff --git a/include/class.staff.php b/include/class.staff.php
index 819c68d2814dc4c834255d891dd765d361ddbffd..9ab47f6b4e4bbdfb14f939535ebbb8cf7d852420 100644
--- a/include/class.staff.php
+++ b/include/class.staff.php
@@ -721,8 +721,11 @@ class Staff extends AuthenticatedUser {
}
function create($vars, &$errors) {
- if(($id=self::save(0, $vars, $errors)) && $vars['teams'] && ($staff=Staff::lookup($id))) {
- $staff->updateTeams($vars['teams']);
+ if(($id=self::save(0, $vars, $errors)) && ($staff=Staff::lookup($id))) {
+ if ($vars['teams'])
+ $staff->updateTeams($vars['teams']);
+ if ($vars['welcome_email'])
+ $staff->sendResetEmail('registration-staff');
Signal::send('model.created', $staff);
}
@@ -738,27 +741,28 @@ class Staff extends AuthenticatedUser {
unset($_SESSION['_staff']['reset-token']);
}
- function sendResetEmail() {
+ function sendResetEmail($template='pwreset-staff') {
global $ost, $cfg;
- if(!($tpl = $this->getDept()->getTemplate()))
- $tpl= $ost->getConfig()->getDefaultTemplate();
-
+ $content = Page::lookup(Page::getIdByType($template));
$token = Misc::randCode(48); // 290-bits
- if (!($template = $tpl->getMsgTemplate('staff.pwreset')))
+
+ if (!$content)
return new Error('Unable to retrieve password reset email template');
$vars = array(
'url' => $ost->getConfig()->getBaseUrl(),
'token' => $token,
'staff' => $this,
+ 'recipient' => $this,
'reset_link' => sprintf(
"%s/scp/pwreset.php?token=%s",
$ost->getConfig()->getBaseUrl(),
$token),
);
+ $vars['link'] = &$vars['reset_link'];
- if(!($email=$cfg->getAlertEmail()))
+ if (!($email = $cfg->getAlertEmail()))
$email = $cfg->getDefaultEmail();
$info = array('email' => $email, 'vars' => &$vars, 'log'=>true);
@@ -778,12 +782,16 @@ class Staff extends AuthenticatedUser {
$email->getEmail()
), false);
- $msg = $ost->replaceTemplateVariables($template->asArray(), $vars);
+ $msg = $ost->replaceTemplateVariables(array(
+ 'subj' => $content->getName(),
+ 'body' => $content->getBody(),
+ ), $vars);
$_config = new Config('pwreset');
$_config->set($vars['token'], $this->getId());
- $email->send($this->getEmail(), $msg['subj'], $msg['body']);
+ $email->send($this->getEmail(), Format::stripTags($msg['subj']),
+ $msg['body']);
}
function save($id, $vars, &$errors) {
@@ -823,7 +831,7 @@ class Staff extends AuthenticatedUser {
if($vars['passwd1'] && strcmp($vars['passwd1'], $vars['passwd2'])) {
$errors['passwd2']='Password(s) do not match';
}
- elseif ($vars['backend'] != 'local') {
+ elseif ($vars['backend'] != 'local' || $vars['welcome_email']) {
// Password can be omitted
}
elseif(!$vars['passwd1'] && !$id) {
diff --git a/include/staff/staff.inc.php b/include/staff/staff.inc.php
index 55351fbee7864581e1294a72e56d758d2d068c48..35a0671d21131e67c40455600bfdac8dda8f81cb 100644
--- a/include/staff/staff.inc.php
+++ b/include/staff/staff.inc.php
@@ -20,6 +20,7 @@ if($staff && $_REQUEST['a']!='add'){
$passwd_text='Temporary password required only for "Local" authenication';
//Some defaults for new staff.
$info['change_passwd']=1;
+ $info['welcome_email']=1;
$info['isactive']=1;
$info['isvisible']=1;
$info['isadmin']=0;
@@ -106,6 +107,22 @@ $info=Format::htmlchars(($errors && $_POST)?$_POST:$info);
<span class="error"> <?php echo $errors['mobile']; ?></span>
</td>
</tr>
+<?php if (!$staff) { ?>
+ <tr>
+ <td width="180">Welcome Email</td>
+ <td><input type="checkbox" name="welcome_email" id="welcome-email" <?php
+ if ($info['welcome_email']) echo 'checked="checked"';
+ ?> onchange="javascript:
+ var sbk = $('#backend-selection');
+ if ($(this).is(':checked'))
+ $('#password-fields').hide();
+ else if (sbk.val() == '' || sbk.val() == 'local')
+ $('#password-fields').show();
+ " />
+ Send staff welcome email with account access link
+ </td>
+ </tr>
+<?php } ?>
<tr>
<th colspan="2">
<em><strong>Authentication</strong>: <?php echo $passwd_text; ?> <span class="error"> <?php echo $errors['temppasswd']; ?></span></em>
@@ -114,10 +131,10 @@ $info=Format::htmlchars(($errors && $_POST)?$_POST:$info);
<tr>
<td>Authentication Backend</td>
<td>
- <select name="backend" onchange="javascript:
+ <select name="backend" id="backend-selection" onchange="javascript:
if (this.value != '' && this.value != 'local')
$('#password-fields').hide();
- else
+ else if (!$('#welcome-email').is(':checked'))
$('#password-fields').show();
">
<option value="">— Use any available backend —</option>
@@ -131,8 +148,9 @@ $info=Format::htmlchars(($errors && $_POST)?$_POST:$info);
</select>
</td>
</tr>
- </tbody>
- <tbody id="password-fields" style="<?php if ($info['backend'] && $info['backend'] != 'local')
+ </tbody>
+ <tbody id="password-fields" style="<?php
+ if ($info['welcome_email'] || ($info['backend'] && $info['backend'] != 'local'))
echo 'display:none;'; ?>">
<tr>
<td width="180">
diff --git a/scp/pwreset.php b/scp/pwreset.php
index b2826014c9b46b27572d3de6f3c6801c89183a6d..f5eed25fc0ed98e37cfa4d18dfc098c858bffe77 100644
--- a/scp/pwreset.php
+++ b/scp/pwreset.php
@@ -62,10 +62,11 @@ if($_POST) {
}
}
elseif ($_GET['token']) {
- $msg = 'Re-enter your username or email';
+ $msg = 'Please enter your username or email';
$_config = new Config('pwreset');
if (($id = $_config->get($_GET['token']))
&& ($staff = Staff::lookup($id)))
+ // TODO: Detect staff confirmation (for welcome email)
$tpl = 'pwreset.login.php';
else
header('Location: index.php');