diff --git a/sites/default/users/users.json b/sites/default/users/users.json
index 4781ac7..df7a5f9 100755
--- a/sites/default/users/users.json
+++ b/sites/default/users/users.json
@@ -6,7 +6,7 @@
"phone": "+628986818780",
"id": 1422957127,
"username": "toni haryanto",
- "password": "$2y$08$6D0EKSfGuwPzKJFZlOaGpe7fAOQlCv1NxrrHTLxEWW5n8SE6xPKQe",
+ "password": "$2y$08$m412nWKLJFmcCBgwxgctpetJFk5nCUXJ2vLNU129IpzVXF38vgjlK",
"salt": null,
"email": "toha.samba@gmail.com",
"ip_address": "127.0.0.1",
@@ -14,9 +14,9 @@
"last_login": 1422957127,
"active": 1,
"groups": [
- "1",
"2"
- ]
+ ],
+ "activation_code": null
},
{
"id": 1,
@@ -30,7 +30,7 @@
"forgotten_password_time": null,
"remember_code": null,
"created_on": 1268889823,
- "last_login": 1422961929,
+ "last_login": 1423011804,
"active": 1,
"groups": [
"1",
diff --git a/system/application/modules/users/controllers/Auth.php b/system/application/modules/users/controllers/Auth.php
index ff0eadb..9f4499c 100644
--- a/system/application/modules/users/controllers/Auth.php
+++ b/system/application/modules/users/controllers/Auth.php
@@ -6,19 +6,25 @@ function __construct()
{
parent::__construct();
- $this->load->database();
+ if(! $this->config->item('filebased', 'ion_auth'))
+ $this->load->database();
$this->form_validation->set_error_delimiters($this->config->item('error_start_delimiter', 'ion_auth'), $this->config->item('error_end_delimiter', 'ion_auth'));
$this->lang->load('users/auth');
$this->load->helper('language');
+
+ if(! is_writable(SITE_PATH.'users/users.json') || ! is_writable(SITE_PATH.'users/groups.json'))
+ show_error('Files users.json and groups.json in folder '.SITE_PATH.'users/ must be writable.');
}
//redirect if needed, otherwise display the user list
function index()
{
-
- $this->login();
+ if (!$this->ion_auth->logged_in())
+ redirect('users/auth/login');
+ else
+ redirect('panel/users');
}
//log the user in
@@ -102,7 +108,11 @@ function change_password()
redirect('users/auth/login', 'refresh');
}
- $user = $this->ion_auth->user()->row();
+ if($this->config->item('filebased', 'ion_auth')){
+ $user = $this->ion_auth->user();
+ } else {
+ $user = $this->ion_auth->user()->row_array();
+ }
if ($this->form_validation->run() == false)
{
@@ -132,7 +142,7 @@ function change_password()
'name' => 'user_id',
'id' => 'user_id',
'type' => 'hidden',
- 'value' => $user->id,
+ 'value' => $user['id'],
);
//render
@@ -185,20 +195,29 @@ function forgot_password()
{
// get identity from username or email
if ( $this->config->item('identity', 'ion_auth') == 'username' ){
- $identity = $this->ion_auth->where('username', strtolower($this->input->post('email')))->users()->row();
+ if($this->config->item('filebased', 'ion_auth')){
+ $identity = $this->ion_auth->user_where('username', strtolower($this->input->post('email')));
+ } else {
+ $identity = $this->ion_auth->where('username', strtolower($this->input->post('email')))->users()->row_array();
+ }
}
else
{
- $identity = $this->ion_auth->where('email', strtolower($this->input->post('email')))->users()->row();
+ if($this->config->item('filebased', 'ion_auth')){
+ $identity = $this->ion_auth->user_where('email', strtolower($this->input->post('email')));
+ } else {
+ $identity = $this->ion_auth->where('email', strtolower($this->input->post('email')))->users()->row_array();
+ }
+ }
+
+ if(empty($identity)) {
+ $this->ion_auth->set_message('forgot_password_email_not_found');
+ $this->session->set_flashdata('message', $this->ion_auth->messages());
+ redirect("users/auth/forgot_password", 'refresh');
}
- if(empty($identity)) {
- $this->ion_auth->set_message('forgot_password_email_not_found');
- $this->session->set_flashdata('message', $this->ion_auth->messages());
- redirect("users/auth/forgot_password", 'refresh');
- }
//run the forgotten password method to email an activation code to the user
- $forgotten = $this->ion_auth->forgotten_password($identity->{$this->config->item('identity', 'ion_auth')});
+ $forgotten = $this->ion_auth->forgotten_password($identity[$this->config->item('identity', 'ion_auth')]);
if ($forgotten)
{
@@ -255,7 +274,7 @@ public function reset_password($code = NULL)
'name' => 'user_id',
'id' => 'user_id',
'type' => 'hidden',
- 'value' => $user->id,
+ 'value' => $user['id'],
);
$this->data['csrf'] = $this->_get_csrf_nonce();
$this->data['code'] = $code;
@@ -266,7 +285,7 @@ public function reset_password($code = NULL)
else
{
// do we have a valid request?
- if ($this->_valid_csrf_nonce() === FALSE || $user->id != $this->input->post('user_id'))
+ if ($this->_valid_csrf_nonce() === FALSE || $user['id'] != $this->input->post('user_id'))
{
//something fishy might be up
@@ -278,7 +297,7 @@ public function reset_password($code = NULL)
else
{
// finally change the password
- $identity = $user->{$this->config->item('identity', 'ion_auth')};
+ $identity = $user[$this->config->item('identity', 'ion_auth')];
$change = $this->ion_auth->reset_password($identity, $this->input->post('new'));
@@ -344,7 +363,11 @@ function deactivate($id = NULL)
{
// insert csrf check
$this->data['csrf'] = $this->_get_csrf_nonce();
- $this->data['user'] = $this->ion_auth->user($id)->row();
+
+ if($this->config->item('filebased', 'ion_auth'))
+ $this->data['user'] = $this->ion_auth->user($id);
+ else
+ $this->data['user'] = $this->ion_auth->user($id)->row_array();
$this->_render_page('users/deactivate_user', $this->data);
}
diff --git a/system/application/modules/users/controllers/Panel.php b/system/application/modules/users/controllers/Panel.php
index 120897c..9c3d138 100644
--- a/system/application/modules/users/controllers/Panel.php
+++ b/system/application/modules/users/controllers/Panel.php
@@ -6,12 +6,17 @@ function __construct()
{
parent::__construct();
- $this->load->database();
+ if(! $this->config->item('filebased', 'ion_auth'))
+ $this->load->database();
$this->form_validation->set_error_delimiters($this->config->item('error_start_delimiter', 'ion_auth'), $this->config->item('error_end_delimiter', 'ion_auth'));
$this->lang->load('auth');
$this->load->helper('language');
+
+ if(! is_writable(SITE_PATH.'users/users.json') || ! is_writable(SITE_PATH.'users/groups.json'))
+ show_error('Files users.json and groups.json in folder '.SITE_PATH.'users/ must be writable.');
+
}
//redirect if needed, otherwise display the user list
@@ -23,11 +28,11 @@ function index()
//redirect them to the login page
redirect('panel/login', 'refresh');
}
- // elseif (!$this->ion_auth->is_admin()) //remove this elseif if you want to enable this for non-admins
- // {
- // //redirect them to the home page because they must be an administrator to view this
- // return show_error('You must be an administrator to view this page.');
- // }
+ elseif (!$this->ion_auth->is_admin()) //remove this elseif if you want to enable this for non-admins
+ {
+ //redirect them to the home page because they must be an administrator to view this
+ return show_error('You must be an administrator to view this page.');
+ }
else
{
//set the flash data error message if there is one
@@ -78,13 +83,13 @@ function create_user()
//validate form input
$this->form_validation->set_rules('first_name', $this->lang->line('create_user_validation_fname_label'), 'required');
$this->form_validation->set_rules('last_name', $this->lang->line('create_user_validation_lname_label'), 'required');
- $this->form_validation->set_rules('email', $this->lang->line('create_user_validation_email_label'), 'required|valid_email');
+ $this->form_validation->set_rules('email', $this->lang->line('create_user_validation_email_label'), 'required|valid_email|callback_email_exist');
$this->form_validation->set_rules('phone', $this->lang->line('create_user_validation_phone_label'), 'required');
$this->form_validation->set_rules('company', $this->lang->line('create_user_validation_company_label'), 'required');
$this->form_validation->set_rules('password', $this->lang->line('create_user_validation_password_label'), 'required|min_length[' . $this->config->item('min_password_length', 'ion_auth') . ']|max_length[' . $this->config->item('max_password_length', 'ion_auth') . ']|matches[password_confirm]');
$this->form_validation->set_rules('password_confirm', $this->lang->line('create_user_validation_password_confirm_label'), 'required');
- if ($this->form_validation->run() == true)
+ if ($this->form_validation->run($this) == true)
{
$username = strtolower($this->input->post('first_name')) . ' ' . strtolower($this->input->post('last_name'));
$email = strtolower($this->input->post('email'));
@@ -169,10 +174,6 @@ function edit_user($id)
{
$this->data['title'] = "Edit User";
- if (!$this->ion_auth->logged_in() || (!$this->ion_auth->is_admin() && !($this->ion_auth->user()->row()->id == $id)))
- {
- redirect('panel/users', 'refresh');
- }
$tables = $this->config->item('tables','ion_auth');
@@ -187,6 +188,11 @@ function edit_user($id)
$currentGroups = $this->ion_auth->get_users_groups($id);
}
+ if (!$this->ion_auth->logged_in() || (!$this->ion_auth->is_admin() && !($user['id'] == $id)))
+ {
+ redirect('panel/users', 'refresh');
+ }
+
//validate form input
$this->form_validation->set_rules('first_name', $this->lang->line('edit_user_validation_fname_label'), 'required');
$this->form_validation->set_rules('last_name', $this->lang->line('edit_user_validation_lname_label'), 'required');
@@ -245,12 +251,12 @@ function edit_user($id)
if($user['email'] != $this->input->post('email'))
{
- $this->form_validation->set_rules('email', $this->lang->line('create_user_validation_email_label'), 'required|valid_email|is_unique['.$tables['users'].'.email]');
+ $this->form_validation->set_rules('email', $this->lang->line('create_user_validation_email_label'), 'required|valid_email|callback_email_exist');
$data['email'] = $this->input->post('email');
}
- if ($this->form_validation->run() === TRUE)
+ if ($this->form_validation->run($this) === TRUE)
{
$this->ion_auth->update($user['id'], $data);
@@ -337,153 +343,159 @@ function delete_user($id)
if (!$this->ion_auth->logged_in() || !$this->ion_auth->is_admin())
$this->session->set_flashdata('error', "You don't have permission to delete user.");
+ elseif($this->ion_auth->delete_user($id))
+ $this->session->set_flashdata('success', $this->ion_auth->messages());
else
+ $this->session->set_flashdata('error', $this->ion_auth->errors());
- if($this->ion_auth->delete_user($id))
- $this->session->set_flashdata('success', $this->ion_auth->messages());
- else
- $this->session->set_flashdata('error', $this->ion_auth->errors());
-
- redirect('panel/users');
- }
+ redirect('panel/users');
+ }
// create a new group
- function create_group()
- {
- $this->data['title'] = $this->lang->line('create_group_title');
+ function create_group()
+ {
+ $this->data['title'] = $this->lang->line('create_group_title');
- if (!$this->ion_auth->logged_in() || !$this->ion_auth->is_admin())
- {
- redirect('panel/users', 'refresh');
- }
+ if (!$this->ion_auth->logged_in() || !$this->ion_auth->is_admin())
+ {
+ redirect('panel/users', 'refresh');
+ }
//validate form input
- $this->form_validation->set_rules('group_name', $this->lang->line('create_group_validation_name_label'), 'required|alpha_dash');
- $this->form_validation->set_rules('group_description', $this->lang->line('create_group_validation_desc_label'), 'required');
+ $this->form_validation->set_rules('group_name', $this->lang->line('create_group_validation_name_label'), 'required|alpha_dash');
+ $this->form_validation->set_rules('group_description', $this->lang->line('create_group_validation_desc_label'), 'required');
- if ($this->form_validation->run() == TRUE)
+ if ($this->form_validation->run() == TRUE)
+ {
+ $new_group_id = $this->ion_auth->create_group($this->input->post('group_name'), $this->input->post('group_description'));
+ if($new_group_id)
{
- $new_group_id = $this->ion_auth->create_group($this->input->post('group_name'), $this->input->post('group_description'));
- if($new_group_id)
- {
// check to see if we are creating the group
// redirect them back to the admin page
- $this->session->set_flashdata('success', $this->ion_auth->messages());
- redirect("panel/users", 'refresh');
- }
+ $this->session->set_flashdata('success', $this->ion_auth->messages());
+ redirect("panel/users", 'refresh');
}
- else
- {
+ }
+ else
+ {
//display the create group form
//set the flash data error message if there is one
- $this->data['message'] = (validation_errors() ? validation_errors() : ($this->ion_auth->errors() ? $this->ion_auth->errors() : $this->session->flashdata('message')));
+ $this->data['message'] = (validation_errors() ? validation_errors() : ($this->ion_auth->errors() ? $this->ion_auth->errors() : $this->session->flashdata('message')));
- $this->session->set_flashdata('error', $this->data['message']);
- redirect("panel/users", 'refresh');
- }
+ $this->session->set_flashdata('error', $this->data['message']);
+ redirect("panel/users", 'refresh');
}
+ }
//edit a group
- function edit_group($id)
- {
+ function edit_group($id)
+ {
// bail if no group id given
- if(!$id || empty($id))
- {
- redirect('panel/users', 'refresh');
- }
+ if(!$id || empty($id))
+ {
+ redirect('panel/users', 'refresh');
+ }
- $this->data['title'] = $this->lang->line('edit_group_title');
+ $this->data['title'] = $this->lang->line('edit_group_title');
- if (!$this->ion_auth->logged_in() || !$this->ion_auth->is_admin())
- {
- redirect('panel/users', 'refresh');
- }
+ if (!$this->ion_auth->logged_in() || !$this->ion_auth->is_admin())
+ {
+ redirect('panel/users', 'refresh');
+ }
- $group = $this->ion_auth->group($id)->row();
+ $group = $this->ion_auth->group($id)->row();
//validate form input
- $this->form_validation->set_rules('group_name', $this->lang->line('edit_group_validation_name_label'), 'required|alpha_dash');
- $this->form_validation->set_rules('group_description', $this->lang->line('edit_group_validation_desc_label'), 'required');
+ $this->form_validation->set_rules('group_name', $this->lang->line('edit_group_validation_name_label'), 'required|alpha_dash');
+ $this->form_validation->set_rules('group_description', $this->lang->line('edit_group_validation_desc_label'), 'required');
- if (isset($_POST) && !empty($_POST))
+ if (isset($_POST) && !empty($_POST))
+ {
+ if ($this->form_validation->run() === TRUE)
{
- if ($this->form_validation->run() === TRUE)
+ $group_update = $this->ion_auth->update_group($id, $_POST['group_name'], $_POST['group_description']);
+
+ if($group_update)
{
- $group_update = $this->ion_auth->update_group($id, $_POST['group_name'], $_POST['group_description']);
-
- if($group_update)
- {
- $this->session->set_flashdata('success', $this->lang->line('edit_group_saved'));
- }
- else
- {
- $this->session->set_flashdata('error', $this->ion_auth->errors());
- }
- redirect("panel/users", 'refresh');
+ $this->session->set_flashdata('success', $this->lang->line('edit_group_saved'));
}
+ else
+ {
+ $this->session->set_flashdata('error', $this->ion_auth->errors());
+ }
+ redirect("panel/users", 'refresh');
}
+ }
//set the flash data error message if there is one
- $this->data['message'] = (validation_errors() ? validation_errors() : ($this->ion_auth->errors() ? $this->ion_auth->errors() : $this->session->flashdata('message')));
+ $this->data['message'] = (validation_errors() ? validation_errors() : ($this->ion_auth->errors() ? $this->ion_auth->errors() : $this->session->flashdata('message')));
- $this->session->set_flashdata('error', $this->data['message']);
- redirect("panel/users", 'refresh');
- }
+ $this->session->set_flashdata('error', $this->data['message']);
+ redirect("panel/users", 'refresh');
+ }
- function delete_group($id)
- {
- if(!$id)
- show_404();
+ function delete_group($id)
+ {
+ if(!$id)
+ show_404();
- if($id == 1)
- $this->session->set_flashdata('error', "Sorry, we don't recommend to delete admin group.");
- else
+ if($id == 1)
+ $this->session->set_flashdata('error', "Sorry, we don't recommend to delete admin group.");
- if (!$this->ion_auth->logged_in() || !$this->ion_auth->is_admin())
- $this->session->set_flashdata('error', "You don't have permission to delete the group.");
- else
+ elseif (!$this->ion_auth->logged_in() || !$this->ion_auth->is_admin())
+ $this->session->set_flashdata('error', "You don't have permission to delete the group.");
- if($this->ion_auth->delete_group($id))
- $this->session->set_flashdata('success', $this->ion_auth->messages());
- else
- $this->session->set_flashdata('error', $this->ion_auth->errors());
+ elseif($this->ion_auth->delete_group($id))
+ $this->session->set_flashdata('success', $this->ion_auth->messages());
+ else
+ $this->session->set_flashdata('error', $this->ion_auth->errors());
- redirect('panel/users');
- }
+ redirect('panel/users');
+ }
- function _get_csrf_nonce()
- {
- $this->load->helper('string');
- $key = random_string('alnum', 8);
- $value = random_string('alnum', 20);
- $this->session->set_flashdata('csrfkey', $key);
- $this->session->set_flashdata('csrfvalue', $value);
+ function _get_csrf_nonce()
+ {
+ $this->load->helper('string');
+ $key = random_string('alnum', 8);
+ $value = random_string('alnum', 20);
+ $this->session->set_flashdata('csrfkey', $key);
+ $this->session->set_flashdata('csrfvalue', $value);
- return array($key => $value);
- }
+ return array($key => $value);
+ }
- function _valid_csrf_nonce()
- {
- if ($this->input->post($this->session->flashdata('csrfkey')) !== FALSE &&
- $this->input->post($this->session->flashdata('csrfkey')) == $this->session->flashdata('csrfvalue'))
- {
- return TRUE;
- }
- else
- {
- return FALSE;
- }
- }
+ function _valid_csrf_nonce()
+ {
+ if ($this->input->post($this->session->flashdata('csrfkey')) !== FALSE &&
+ $this->input->post($this->session->flashdata('csrfkey')) == $this->session->flashdata('csrfvalue'))
+ {
+ return TRUE;
+ }
+ else
+ {
+ return FALSE;
+ }
+ }
- function _render_page($view, $data=null, $render=false)
- {
+ function _render_page($view, $data=null, $render=false)
+ {
- $this->viewdata = (empty($data)) ? $this->data: $data;
+ $this->viewdata = (empty($data)) ? $this->data: $data;
- $view_html = $this->template->view($view, $this->viewdata, $render);
+ $view_html = $this->template->view($view, $this->viewdata, $render);
- if (!$render) return $view_html;
- }
+ if (!$render) return $view_html;
+ }
- }
+ function email_exist($email)
+ {
+ if($this->ion_auth->email_check($email)){
+ $this->form_validation->set_message('email_exist', 'Email already exist.');
+ return false;
+ }
+
+ return true;
+ }
+
+}
\ No newline at end of file
diff --git a/system/application/modules/users/libraries/Ion_auth.php b/system/application/modules/users/libraries/Ion_auth.php
index 96002f6..0d79511 100644
--- a/system/application/modules/users/libraries/Ion_auth.php
+++ b/system/application/modules/users/libraries/Ion_auth.php
@@ -257,7 +257,10 @@ public function forgotten_password_complete($code)
**/
public function forgotten_password_check($code)
{
- $profile = $this->where('forgotten_password_code', $code)->users()->row(); //pass the code to profile
+ if($this->config->item('filebased', 'ion_auth'))
+ $profile = $this->user_where('forgotten_password_code', $code); //pass the code to profile
+ else
+ $profile = $this->where('forgotten_password_code', $code)->users()->row_array(); //pass the code to profile
if (!is_object($profile))
{
@@ -269,7 +272,7 @@ public function forgotten_password_check($code)
if ($this->config->item('forgot_password_expiration', 'ion_auth') > 0) {
//Make sure it isn't expired
$expiration = $this->config->item('forgot_password_expiration', 'ion_auth');
- if (time() - $profile->forgotten_password_time > $expiration) {
+ if (time() - $profile['forgotten_password_time'] > $expiration) {
//it has expired
$this->clear_forgotten_password_code($code);
$this->set_error('password_change_unsuccessful');
diff --git a/system/application/modules/users/models/Ion_auth_json_model.php b/system/application/modules/users/models/Ion_auth_json_model.php
index ddf696a..e79e3cf 100644
--- a/system/application/modules/users/models/Ion_auth_json_model.php
+++ b/system/application/modules/users/models/Ion_auth_json_model.php
@@ -73,6 +73,269 @@ public function user($id = NULL)
return $result;
}
+ /**
+ * user_where
+ *
+ * @return object
+ * @author Ben Edmunds
+ **/
+ public function user_where($key, $value)
+ {
+ $this->trigger_events('user');
+
+ $this->db->setTable('users');
+ $result = $this->db->select($key, $value);
+
+ return $result;
+ }
+
+ public function clear_forgotten_password_code($code) {
+
+ if (empty($code))
+ {
+ return FALSE;
+ }
+
+ $this->db->setTable('users');
+ $user = $this->db->select('forgotten_password_code', $code);
+
+ if (count($user) > 0)
+ {
+ $data = array(
+ 'forgotten_password_code' => NULL,
+ 'forgotten_password_time' => NULL
+ );
+
+ $data = array_merge($user, $data);
+
+ $this->db->update('forgotten_password_code', $code, $data);
+
+ return TRUE;
+ }
+
+ return FALSE;
+ }
+
+ /**
+ * reset password
+ *
+ * @return bool
+ * @author Mathew
+ **/
+ public function reset_password($identity, $new) {
+ $this->trigger_events('pre_change_password');
+
+ if (!$this->identity_check($identity)) {
+ $this->trigger_events(array('post_change_password', 'post_change_password_unsuccessful'));
+ return FALSE;
+ }
+
+ $this->db->setTable('users');
+ $query = $this->db->select($this->identity_column, $identity);
+
+ if (count($query) !== 1)
+ {
+ $this->trigger_events(array('post_change_password', 'post_change_password_unsuccessful'));
+ $this->set_error('password_change_unsuccessful');
+ return FALSE;
+ }
+
+ $result = $query;
+
+ $new = $this->hash_password($new, $result['salt']);
+
+ //store the new password and reset the remember code so all remembered instances have to re-login
+ //also clear the forgotten password code
+ $data = array(
+ 'password' => $new,
+ 'remember_code' => NULL,
+ 'forgotten_password_code' => NULL,
+ 'forgotten_password_time' => NULL,
+ );
+
+ $data = array_merge($user, $data);
+
+ $return = $this->db->update($this->identity_column, $identity, $data);
+
+ if ($return)
+ {
+ $this->trigger_events(array('post_change_password', 'post_change_password_successful'));
+ $this->set_message('password_change_successful');
+ }
+ else
+ {
+ $this->trigger_events(array('post_change_password', 'post_change_password_unsuccessful'));
+ $this->set_error('password_change_unsuccessful');
+ }
+
+ return $return;
+ }
+
+ /**
+ * Activation functions
+ *
+ * Activate : Validates and removes activation code.
+ * Deactivae : Updates a users row with an activation code.
+ *
+ * @author Mathew
+ */
+
+ /**
+ * activate
+ *
+ * @return void
+ * @author Mathew
+ **/
+ public function activate($id, $code = false)
+ {
+ $this->trigger_events('pre_activate');
+
+ $this->db->setTable('users');
+
+ if ($code !== FALSE)
+ {
+ $result = $this->db->select('activation_code', $code);
+
+ if (count($result) !== 1)
+ {
+ $this->trigger_events(array('post_activate', 'post_activate_unsuccessful'));
+ $this->set_error('activate_unsuccessful');
+ return FALSE;
+ }
+
+ $data = array(
+ 'activation_code' => NULL,
+ 'active' => 1
+ );
+
+ $data = array_merge($result, $data);
+
+ $return = $this->db->update('id', $id, $data);
+ }
+ else
+ {
+ $result = $this->db->select('id', $id);
+
+ $data = array(
+ 'activation_code' => NULL,
+ 'active' => 1
+ );
+
+ $data = array_merge($result, $data);
+
+ $return = $this->db->update('id', $id, $data);
+ }
+
+ if ($return)
+ {
+ $this->trigger_events(array('post_activate', 'post_activate_successful'));
+ $this->set_message('activate_successful');
+ }
+ else
+ {
+ $this->trigger_events(array('post_activate', 'post_activate_unsuccessful'));
+ $this->set_error('activate_unsuccessful');
+ }
+
+
+ return $return;
+ }
+
+
+ /**
+ * Deactivate
+ *
+ * @return void
+ * @author Mathew
+ **/
+ public function deactivate($id = NULL)
+ {
+ $this->trigger_events('deactivate');
+
+ if (!isset($id))
+ {
+ $this->set_error('deactivate_unsuccessful');
+ return FALSE;
+ }
+
+ $activation_code = sha1(md5(microtime()));
+ $this->activation_code = $activation_code;
+
+ $data = array(
+ 'activation_code' => $activation_code,
+ 'active' => 0
+ );
+
+ $this->db->setTable('users');
+ $user = $this->db->select('id', $id);
+ $data = array_merge($user, $data);
+ $return = $this->db->update('id', $id, $data);
+
+ if ($return)
+ $this->set_message('deactivate_successful');
+ else
+ $this->set_error('deactivate_unsuccessful');
+
+ return $return;
+ }
+
+ /**
+ * Insert a forgotten password key.
+ *
+ * @return bool
+ * @author Mathew
+ * @updated Ryan
+ * @updated 52aa456eef8b60ad6754b31fbdcc77bb
+ **/
+ public function forgotten_password($identity)
+ {
+ if (empty($identity))
+ {
+ $this->trigger_events(array('post_forgotten_password', 'post_forgotten_password_unsuccessful'));
+ return FALSE;
+ }
+
+ //All some more randomness
+ $activation_code_part = "";
+ if(function_exists("openssl_random_pseudo_bytes")) {
+ $activation_code_part = openssl_random_pseudo_bytes(128);
+ }
+
+ for($i=0;$i<1024;$i++) {
+ $activation_code_part = sha1($activation_code_part . mt_rand() . microtime());
+ }
+
+ $key = $this->hash_code($activation_code_part.$identity);
+
+ // If enable query strings is set, then we need to replace any unsafe characters so that the code can still work
+ if ($key != '' && $this->config->item('permitted_uri_chars') != '' && $this->config->item('enable_query_strings') == FALSE)
+ {
+ // preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
+ // compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
+ if ( ! preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->config->item('permitted_uri_chars'), '-'))."]+$|i", $key))
+ {
+ $key = preg_replace("/[^".$this->config->item('permitted_uri_chars')."]+/i", "-", $key);
+ }
+ }
+
+ $this->forgotten_password_code = $key;
+
+ $update = array(
+ 'forgotten_password_code' => $key,
+ 'forgotten_password_time' => time()
+ );
+
+ $this->db->setTable('users');
+ $return = $this->db->update($this->identity_column, $identity, $update);
+
+ if ($return)
+ $this->trigger_events(array('post_forgotten_password', 'post_forgotten_password_successful'));
+ else
+ $this->trigger_events(array('post_forgotten_password', 'post_forgotten_password_unsuccessful'));
+
+ return $return;
+ }
+
/**
* update
*
@@ -111,8 +374,6 @@ public function update($id, array $data)
}
}
- $this->trigger_events('extra_where');
-
$this->db->setTable('users');
if (! $this->db->update('id', $user['id'], $data))
@@ -143,8 +404,6 @@ public function login($identity, $password, $remember=FALSE)
return FALSE;
}
- $this->trigger_events('extra_where');
-
$this->db->setTable('users');
$query = $this->db->select($this->identity_column, $identity);
@@ -301,8 +560,6 @@ public function update_last_login($id)
$this->load->helper('date');
- $this->trigger_events('extra_where');
-
$this->db->setTable('users');
$user = $this->db->select('id', $id);
$user = array_merge($user, array('last_login' => time()));
@@ -323,8 +580,6 @@ public function hash_password_db($id, $password, $use_sha1_override=FALSE)
return FALSE;
}
- $this->trigger_events('extra_where');
-
$query = $this->db->select('id', $id);
$hash_password_db = $query;
@@ -610,6 +865,60 @@ public function delete_group($group_id = FALSE)
return TRUE;
}
+ /**
+ * change password
+ *
+ * @return bool
+ * @author Mathew
+ **/
+ public function change_password($identity, $old, $new)
+ {
+ $this->trigger_events('pre_change_password');
+
+ $this->db->setTable('users');
+ $query = $this->db->select($this->identity_column, $identity);
+
+ if (count($query) !== 1)
+ {
+ $this->trigger_events(array('post_change_password', 'post_change_password_unsuccessful'));
+ $this->set_error('password_change_unsuccessful');
+ return FALSE;
+ }
+
+ $user = $query;
+
+ $old_password_matches = $this->hash_password_db($user['id'], $old);
+
+ if ($old_password_matches === TRUE)
+ {
+ //store the new password and reset the remember code so all remembered instances have to re-login
+ $hashed_new_password = $this->hash_password($new, $user['salt']);
+ $data = array(
+ 'password' => $hashed_new_password,
+ 'remember_code' => NULL,
+ );
+
+ $data = array_merge($user, $data);
+
+ $successfully_changed_password_in_db = $this->db->update($this->identity_column, $identity, $data);
+ if ($successfully_changed_password_in_db)
+ {
+ $this->trigger_events(array('post_change_password', 'post_change_password_successful'));
+ $this->set_message('password_change_successful');
+ }
+ else
+ {
+ $this->trigger_events(array('post_change_password', 'post_change_password_unsuccessful'));
+ $this->set_error('password_change_unsuccessful');
+ }
+
+ return $successfully_changed_password_in_db;
+ }
+
+ $this->set_error('password_change_unsuccessful');
+ return FALSE;
+ }
+
/**
* Checks username
*
diff --git a/system/application/modules/users/views/deactivate_user.php b/system/application/modules/users/views/deactivate_user.php
index 67cb8cf..9467693 100755
--- a/system/application/modules/users/views/deactivate_user.php
+++ b/system/application/modules/users/views/deactivate_user.php
@@ -1,7 +1,7 @@
-username);?>
+
-id);?>
+
@@ -11,7 +11,7 @@
- $user->id)); ?>
+ $user['id'])); ?>
diff --git a/system/application/modules/users/views/index.php b/system/application/modules/users/views/index.php
index 471bbde..54180da 100755
--- a/system/application/modules/users/views/index.php
+++ b/system/application/modules/users/views/index.php
@@ -40,7 +40,9 @@
|
-
+ session->userdata('id') != $user['id']): ?>
+
+
session->userdata('id') != $user['id']) echo anchor("panel/users/delete_user/".$user['id'], 'Delete', 'class="btn delete remove btn-xs btn-primary"') ;?>
|