File: //opt/cpanel/ea-php54/root/usr/share/pear/RVSeagullMod/modules/authweb/classes/UserActivateMgr.php
<?php
##copyright##
require_once SGL_MOD_DIR . '/user/classes/UserDAO.php';
require_once SGL_CORE_DIR . '/Observer.php';
require_once SGL_CORE_DIR . '/Emailer.php';
require_once SGL_MOD_DIR . '/user/classes/encrype.php';
require_once 'DB/DataObject.php';
/**
* UserActivateMgr
*
* @package seagull
* @author RV Global Soft Team <bus@webexperts.co.th>
*/
class UserActivateMgr extends SGL_Manager
{
function UserActivateMgr()
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
parent::SGL_Manager();
$this->_aActionsMapping = array(
'update' => array('update'),
'view' => array('view'),
);
}
function validate($req, &$input)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$this->validated = true;
$input->error = array();
$input->masterTemplate = $this->masterTemplate;
$input->action = ($req->get('action')) ? $req->get('action') : 'view';
$input->pageTitle = $this->pageTitle . ' :: ' . $input->action;
$input->template = $this->template;
$input->key = $req->get('key');
################ Start validate ###############
$aErrors = array();
switch ($input->action) {
case "update":
$input->template = 'authPage.html';
$this->_validateUpdate($input, $aErrors);
break;
}
// if errors have occured
if (count($aErrors) > 0) {
$input->error = $aErrors;
$this->validated = false;
}
}
function _validateUpdate(&$input, &$aErrors)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$c = SGL_Config::singleton();
$conf = $c->getAll();
if (!$input->key) {
array_push($aErrors, SGL_String::translate('Invalid activation key.'));
SGL::raiseMsg('Invalid activation key.', true, SGL_MESSAGE_ERROR);
return;
}
// ตรวจสอบ key กับฐานข้อมูล
$query = "
SELECT `usr_id`
FROM {$conf['table']['user_auth_hash']}
WHERE `hash` = " . $this->dbh->quoteSmart($input->key) . "
";
$userId = $this->dbh->getOne($query);
if (!$userId) {
array_push($aErrors, SGL_String::translate('Invalid activation key.'));
SGL::raiseMsg('Invalid activation key.', true, SGL_MESSAGE_ERROR);
return;
} else {
$input->userId = $userId;
$da = UserDAO::singleton();
$input->oUser = $da->getUserById();
}
}
function _cmd_update(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$c = SGL_Config::singleton();
$conf = $c->getAll();
$c->replace($conf);
$con = $c->ensureModuleConfigLoaded($moduleName = 'user');
$con = $c->ensureModuleCustomConfigLoaded($moduleName = 'user');
$conf = $c->getAll();
// ลบ key ออกจากฐานข้อมูล
$query = "
DELETE FROM {$conf['table']['user_auth_hash']}
WHERE `usr_id` = '{$input->userId}'
";
$this->dbh->query($query);
if ($conf['RegisterMgr']['autoEnable'] == 1) {
//autoEnable
$query = "
UPDATE
{$conf['table']['user']}
SET
is_acct_active = '1'
WHERE
`usr_id` = '{$input->userId}'
";
$res = $this->dbh->query($query);
}
SGL::logMessage('_cmd_update' . $query, PEAR_LOG_DEBUG);
if ($conf['RegisterMgr']['autoEnable'] == 0) {
$output->adminApprove = SGL_String::translate('Your registration is being reviewed, you will be notified shortly');
}
$addUser = new UserActivate_DoObserve($input, $output);
$aObservers = explode(',', $conf['RegisterMgr']['observers']);
foreach ($aObservers as $observer) {
$path = SGL_MOD_DIR . "/user/classes/observers/$observer.php";
SGL::logMessage($path, PEAR_LOG_DEBUG);
if (is_file($path)) {
require_once $path;
$addUser->attach(new $observer());
}
}
$addUser->run();
$output->delete_auth_hash = true;
/**
* TODO: auto login after enter valid key to confirm email
* we may modify LoginMgr->_doLogin to allow login using only key but not sure on the security
*
if ($userModulesConf['RegisterMgr']['autoLogin'] && $userModulesConf['RegisterMgr']['autoEnable']) {
// $input->key
$input->username = '?????';
$input->password = '??????';
$input->action = "login";
$oLogin = new LoginMgr();
$oLogin->_cmd_login($input, $output);
}
*/
SGL::raiseMsg('User activate successfully.', true, SGL_MESSAGE_INFO);
}
function _cmd_view(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$output->template = 'authPage.html';
}
}
class UserActivate_DoObserve extends SGL_Observable
{
var $oUser;
function UserActivate_DoObserve(&$input, &$output)
{
$this->input = $input;
$this->output = $output;
}
function &_getDb()
{
$locator = SGL_ServiceLocator::singleton();
$dbh = $locator->get('DB');
if (!$dbh) {
$dbh = SGL_DB::singleton();
$locator->register('DB', $dbh);
}
return $dbh;
}
function run()
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$crypt = new encryption_class;
$this->conf = $this->input->getConfig();
$this->dbh = $this->_getDb();
$da = UserDAO::singleton();
$oUser = $da->getUserById();
// make user object available to observers
$this->oUser = $oUser;
$query = "
SELECT *
FROM {$this->conf['table']['user']}
WHERE usr_id = '{$this->input->userId}'
";
$oUserA = $this->dbh->getrow($query);
$query = "
SELECT *
FROM {$this->conf['table']['usr_tmp']}
WHERE usr_id = '{$this->input->userId}'
";
$oUserB = $this->dbh->getrow($query);
$oUser->setFrom($oUserA);
$key = $this->input->userId;
$password = $oUserB->passwd;
$oUser->passwdClear = $crypt->decrypt($key, $password);
$this->input->user = $oUserA;
$this->input->user->passwd = $oUser->passwdClear;
// invoke observers
$this->notify();
}
}
?>