diff options
Diffstat (limited to 'modules/user')
| -rw-r--r-- | modules/user/controllers/admin_users.php | 293 | ||||
| -rw-r--r-- | modules/user/controllers/login.php | 82 | ||||
| -rw-r--r-- | modules/user/controllers/logout.php | 38 | ||||
| -rw-r--r-- | modules/user/controllers/password.php | 138 | ||||
| -rw-r--r-- | modules/user/controllers/users.php | 68 | ||||
| -rw-r--r-- | modules/user/helpers/group.php | 108 | ||||
| -rw-r--r-- | modules/user/helpers/user.php | 360 | ||||
| -rw-r--r-- | modules/user/helpers/user_block.php | 46 | ||||
| -rw-r--r-- | modules/user/helpers/user_event.php | 53 | ||||
| -rw-r--r-- | modules/user/helpers/user_theme.php | 36 | ||||
| -rw-r--r-- | modules/user/libraries/drivers/Identity/Gallery.php | 317 | ||||
| -rw-r--r-- | modules/user/models/user.php | 21 | ||||
| -rw-r--r-- | modules/user/views/admin_users.html.php | 128 | ||||
| -rw-r--r-- | modules/user/views/admin_users_group.html.php | 38 | ||||
| -rw-r--r-- | modules/user/views/login.html.php | 22 | ||||
| -rw-r--r-- | modules/user/views/login_ajax.html.php | 43 | ||||
| -rw-r--r-- | modules/user/views/reset_password.html.php | 17 | ||||
| -rw-r--r-- | modules/user/views/user_languages_block.html.php | 19 |
18 files changed, 318 insertions, 1509 deletions
diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php deleted file mode 100644 index 0b748955..00000000 --- a/modules/user/controllers/admin_users.php +++ /dev/null @@ -1,293 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ -class Admin_Users_Controller extends Admin_Controller { - public function index() { - $view = new Admin_View("admin.html"); - $view->content = new View("admin_users.html"); - $view->content->users = ORM::factory("user")->orderby("name")->find_all(); - $view->content->groups = ORM::factory("group")->orderby("name")->find_all(); - print $view; - } - - public function add_user() { - access::verify_csrf(); - - $form = user::get_add_form_admin(); - $valid = $form->validate(); - $name = $form->add_user->inputs["name"]->value; - $user = ORM::factory("user")->where("name", $name)->find(); - if ($user->loaded) { - $form->add_user->inputs["name"]->add_error("in_use", 1); - $valid = false; - } - - if ($valid) { - $user = user::create( - $name, $form->add_user->full_name->value, $form->add_user->password->value); - $user->email = $form->add_user->email->value; - $user->admin = $form->add_user->admin->checked; - - if ($form->add_user->locale) { - $desired_locale = $form->add_user->locale->value; - $user->locale = $desired_locale == "none" ? null : $desired_locale; - } - $user->save(); - module::event("user_add_form_admin_completed", $user, $form); - - message::success(t("Created user %user_name", array("user_name" => $user->name))); - print json_encode(array("result" => "success")); - } else { - print json_encode(array("result" => "error", - "form" => $form->__toString())); - } - } - - public function add_user_form() { - print user::get_add_form_admin(); - } - - public function delete_user($id) { - access::verify_csrf(); - - if ($id == user::active()->id || $id == user::guest()->id) { - access::forbidden(); - } - - $user = ORM::factory("user", $id); - if (!$user->loaded) { - kohana::show_404(); - } - - $form = user::get_delete_form_admin($user); - if($form->validate()) { - $name = $user->name; - $user->delete(); - } else { - print json_encode(array("result" => "error", - "form" => $form->__toString())); - } - - $message = t("Deleted user %user_name", array("user_name" => $name)); - log::success("user", $message); - message::success($message); - print json_encode(array("result" => "success")); - } - - public function delete_user_form($id) { - $user = ORM::factory("user", $id); - if (!$user->loaded) { - kohana::show_404(); - } - print user::get_delete_form_admin($user); - } - - public function edit_user($id) { - access::verify_csrf(); - - $user = ORM::factory("user", $id); - if (!$user->loaded) { - kohana::show_404(); - } - - $form = user::get_edit_form_admin($user); - $valid = $form->validate(); - if ($valid) { - $new_name = $form->edit_user->inputs["name"]->value; - if ($new_name != $user->name && - ORM::factory("user") - ->where("name", $new_name) - ->where("id !=", $user->id) - ->find() - ->loaded) { - $form->edit_user->inputs["name"]->add_error("in_use", 1); - $valid = false; - } else { - $user->name = $new_name; - } - } - - if ($valid) { - $user->full_name = $form->edit_user->full_name->value; - if ($form->edit_user->password->value) { - $user->password = $form->edit_user->password->value; - } - $user->email = $form->edit_user->email->value; - $user->url = $form->edit_user->url->value; - if ($form->edit_user->locale) { - $desired_locale = $form->edit_user->locale->value; - $user->locale = $desired_locale == "none" ? null : $desired_locale; - } - - // An admin can change the admin status for any user but themselves - if ($user->id != user::active()->id) { - $user->admin = $form->edit_user->admin->checked; - } - $user->save(); - module::event("user_edit_form_admin_completed", $user, $form); - - message::success(t("Changed user %user_name", array("user_name" => $user->name))); - print json_encode(array("result" => "success")); - } else { - print json_encode(array("result" => "error", - "form" => $form->__toString())); - } - } - - public function edit_user_form($id) { - $user = ORM::factory("user", $id); - if (!$user->loaded) { - kohana::show_404(); - } - - $form = user::get_edit_form_admin($user); - // Don't allow the user to control their own admin bit, else you can lock yourself out - if ($user->id == user::active()->id) { - $form->edit_user->admin->disabled(1); - } - print $form; - } - - public function add_user_to_group($user_id, $group_id) { - access::verify_csrf(); - $group = ORM::factory("group", $group_id); - $user = ORM::factory("user", $user_id); - $group->add($user); - $group->save(); - } - - public function remove_user_from_group($user_id, $group_id) { - access::verify_csrf(); - $group = ORM::factory("group", $group_id); - $user = ORM::factory("user", $user_id); - $group->remove($user); - $group->save(); - } - - public function group($group_id) { - $view = new View("admin_users_group.html"); - $view->group = ORM::factory("group", $group_id); - print $view; - } - - public function add_group() { - access::verify_csrf(); - - $form = group::get_add_form_admin(); - $valid = $form->validate(); - if ($valid) { - $new_name = $form->add_group->inputs["name"]->value; - $group = ORM::factory("group")->where("name", $new_name)->find(); - if ($group->loaded) { - $form->add_group->inputs["name"]->add_error("in_use", 1); - $valid = false; - } - } - - if ($valid) { - $group = group::create($new_name); - $group->save(); - message::success( - t("Created group %group_name", array("group_name" => $group->name))); - print json_encode(array("result" => "success")); - } else { - print json_encode(array("result" => "error", - "form" => $form->__toString())); - } - } - - public function add_group_form() { - print group::get_add_form_admin(); - } - - public function delete_group($id) { - access::verify_csrf(); - - $group = ORM::factory("group", $id); - if (!$group->loaded) { - kohana::show_404(); - } - - $form = group::get_delete_form_admin($group); - if ($form->validate()) { - $name = $group->name; - $group->delete(); - } else { - print json_encode(array("result" => "error", - "form" => $form->__toString())); - } - - $message = t("Deleted group %group_name", array("group_name" => $name)); - log::success("group", $message); - message::success($message); - print json_encode(array("result" => "success")); - } - - public function delete_group_form($id) { - $group = ORM::factory("group", $id); - if (!$group->loaded) { - kohana::show_404(); - } - print group::get_delete_form_admin($group); - } - - public function edit_group($id) { - access::verify_csrf(); - - $group = ORM::factory("group", $id); - if (!$group->loaded) { - kohana::show_404(); - } - - $form = group::get_edit_form_admin($group); - $valid = $form->validate(); - - if ($valid) { - $new_name = $form->edit_group->inputs["name"]->value; - $group = ORM::factory("group")->where("name", $new_name)->find(); - if ($group->loaded) { - $form->edit_group->inputs["name"]->add_error("in_use", 1); - $valid = false; - } - } - - if ($valid) { - $group->name = $form->edit_group->inputs["name"]->value; - $group->save(); - message::success( - t("Changed group %group_name", array("group_name" => $group->name))); - print json_encode(array("result" => "success")); - } else { - message::error( - t("Failed to change group %group_name", array("group_name" => $group->name))); - print json_encode(array("result" => "error", - "form" => $form->__toString())); - } - } - - public function edit_group_form($id) { - $group = ORM::factory("group", $id); - if (!$group->loaded) { - kohana::show_404(); - } - - print group::get_edit_form_admin($group); - } - -} diff --git a/modules/user/controllers/login.php b/modules/user/controllers/login.php deleted file mode 100644 index 8bee7db5..00000000 --- a/modules/user/controllers/login.php +++ /dev/null @@ -1,82 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ -class Login_Controller extends Controller { - - public function ajax() { - $view = new View("login_ajax.html"); - $view->form = user::get_login_form("login/auth_ajax"); - print $view; - } - - public function auth_ajax() { - access::verify_csrf(); - - list ($valid, $form) = $this->_auth("login/auth_ajax"); - if ($valid) { - print json_encode( - array("result" => "success")); - } else { - print json_encode( - array("result" => "error", - "form" => $form->__toString())); - } - } - - public function html() { - print user::get_login_form("login/auth_html"); - } - - public function auth_html() { - access::verify_csrf(); - - list ($valid, $form) = $this->_auth("login/auth_html"); - if ($valid) { - url::redirect(item::root()->abs_url()); - } else { - print $form; - } - } - - private function _auth($url) { - $form = user::get_login_form($url); - $valid = $form->validate(); - if ($valid) { - $user = ORM::factory("user")->where("name", $form->login->inputs["name"]->value)->find(); - if (!$user->loaded || !user::is_correct_password($user, $form->login->password->value)) { - log::warning( - "user", - t("Failed login for %name", - array("name" => $form->login->inputs["name"]->value))); - $form->login->inputs["name"]->add_error("invalid_login", 1); - $valid = false; - } - } - - if ($valid) { - user::login($user); - log::info("user", t("User %name logged in", array("name" => $user->name))); - } - - // Either way, regenerate the session id to avoid session trapping - Session::instance()->regenerate(); - - return array($valid, $form); - } -}
\ No newline at end of file diff --git a/modules/user/controllers/logout.php b/modules/user/controllers/logout.php deleted file mode 100644 index 45d397ad..00000000 --- a/modules/user/controllers/logout.php +++ /dev/null @@ -1,38 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ -class Logout_Controller extends Controller { - public function index() { - //access::verify_csrf(); - - $user = user::active(); - user::logout(); - log::info("user", t("User %name logged out", array("name" => $user->name)), - html::anchor("user/$user->id", html::clean($user->name))); - if ($continue_url = $this->input->get("continue")) { - $item = url::get_item_from_uri($continue_url); - if (access::can("view", $item)) { - // Don't use url::redirect() because it'll call url::site() and munge the continue url. - header("Location: $continue_url"); - } else { - url::redirect(item::root()->abs_url()); - } - } - } -}
\ No newline at end of file diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php deleted file mode 100644 index 4629bbf2..00000000 --- a/modules/user/controllers/password.php +++ /dev/null @@ -1,138 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ -class Password_Controller extends Controller { - public function reset() { - if (request::method() == "post") { - // @todo separate the post from get parts of this function - access::verify_csrf(); - $this->_send_reset(); - } else { - print $this->_reset_form(); - } - } - - public function do_reset() { - if (request::method() == "post") { - $this->_change_password(); - } else { - $user = ORM::factory("user") - ->where("hash", Input::instance()->get("key")) - ->find(); - if ($user->loaded) { - print $this->_new_password_form($user->hash); - } else { - throw new Exception("@todo FORBIDDEN", 503); - } - } - } - - private function _send_reset() { - $form = $this->_reset_form(); - - $valid = $form->validate(); - if ($valid) { - $user = ORM::factory("user")->where("name", $form->reset->inputs["name"]->value)->find(); - if (!$user->loaded || empty($user->email)) { - $form->reset->inputs["name"]->add_error("no_email", 1); - $valid = false; - } - } - - if ($valid) { - $user->hash = md5(rand()); - $user->save(); - $message = new View("reset_password.html"); - $message->confirm_url = url::abs_site("password/do_reset?key=$user->hash"); - $message->user = $user; - - Sendmail::factory() - ->to($user->email) - ->subject(t("Password Reset Request")) - ->header("Mime-Version", "1.0") - ->header("Content-type", "text/html; charset=iso-8859-1") - ->message($message->render()) - ->send(); - - log::success( - "user", - t("Password reset email sent for user %name", array("name" => $user->name))); - } else { - // Don't include the username here until you're sure that it's XSS safe - log::warning( - "user", "Password reset email requested for bogus user"); - } - - message::success(t("Password reset email sent")); - print json_encode( - array("result" => "success")); - } - - private function _reset_form() { - $form = new Forge(url::current(true), "", "post", array("id" => "g-reset-form")); - $group = $form->group("reset")->label(t("Reset Password")); - $group->input("name")->label(t("Username"))->id("g-name")->class(null)->rules("required"); - $group->inputs["name"]->error_messages("no_email", t("No email, unable to reset password")); - $group->submit("")->value(t("Reset")); - - return $form; - } - - private function _new_password_form($hash=null) { - $template = new Theme_View("page.html", "reset"); - - $form = new Forge("password/do_reset", "", "post", array("id" => "g-change-password-form")); - $group = $form->group("reset")->label(t("Change Password")); - $hidden = $group->hidden("hash"); - if (!empty($hash)) { - $hidden->value($hash); - } - $group->password("password")->label(t("Password"))->id("g-password") - ->rules("required|length[1,40]"); - $group->password("password2")->label(t("Confirm Password"))->id("g-password2") - ->matches($group->password); - $group->inputs["password2"]->error_messages( - "mistyped", t("The password and the confirm password must match")); - $group->submit("")->value(t("Update")); - - $template->content = $form; - return $template; - } - - private function _change_password() { - $view = $this->_new_password_form(); - if ($view->content->validate()) { - $user = ORM::factory("user") - ->where("hash", $view->content->reset->hash->value) - ->find(); - - if (!$user->loaded) { - throw new Exception("@todo FORBIDDEN", 503); - } - - $user->password = $view->content->reset->password->value; - $user->hash = null; - $user->save(); - message::success(t("Password reset successfully")); - url::redirect(item::root()->abs_url()); - } else { - print $view; - } - } -}
\ No newline at end of file diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php deleted file mode 100644 index 07c5a457..00000000 --- a/modules/user/controllers/users.php +++ /dev/null @@ -1,68 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ -class Users_Controller extends Controller { - public function update($id) { - $user = user::lookup($id); - - if ($user->guest || $user->id != user::active()->id) { - access::forbidden(); - } - - $form = user::get_edit_form($user); - $valid = $form->validate(); - if ($valid) { - $user->full_name = $form->edit_user->full_name->value; - if ($form->edit_user->password->value) { - $user->password = $form->edit_user->password->value; - } - $user->email = $form->edit_user->email->value; - $user->url = $form->edit_user->url->value; - if ($form->edit_user->locale) { - $desired_locale = $form->edit_user->locale->value; - $new_locale = $desired_locale == "none" ? null : $desired_locale; - if ($new_locale != $user->locale) { - // Delete the session based locale preference - setcookie("g_locale", "", time() - 24 * 3600, "/"); - } - $user->locale = $new_locale; - } - $user->save(); - module::event("user_edit_form_completed", $user, $form); - - message::success(t("User information updated.")); - print json_encode( - array("result" => "success", - "resource" => url::site("users/{$user->id}"))); - } else { - print json_encode( - array("result" => "error", - "form" => $form->__toString())); - } - } - - public function form_edit($id) { - $user = user::lookup($id); - if ($user->guest || $user->id != user::active()->id) { - access::forbidden(); - } - - print user::get_edit_form($user); - } -} diff --git a/modules/user/helpers/group.php b/modules/user/helpers/group.php deleted file mode 100644 index b13895bc..00000000 --- a/modules/user/helpers/group.php +++ /dev/null @@ -1,108 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ - -/** - * This is the API for handling groups. - * - * Note: by design, this class does not do any permission checking. - */ -class group_Core { - /** - * Create a new group. - * - * @param string $name - * @return Group_Model - */ - static function create($name) { - $group = ORM::factory("group")->where("name", $name)->find(); - if ($group->loaded) { - throw new Exception("@todo GROUP_ALREADY_EXISTS $name"); - } - - $group->name = $name; - $group->save(); - - return $group; - } - - /** - * The group of all possible visitors. This includes the guest user. - * - * @return Group_Model - */ - static function everybody() { - return model_cache::get("group", 1); - } - - /** - * The group of all logged-in visitors. This does not include guest users. - * - * @return Group_Model - */ - static function registered_users() { - return model_cache::get("group", 2); - } - - /** - * Look up a group by name. - * @param integer $id the group name - * @return Group_Model the group object, or null if the name was invalid. - */ - static function lookup_by_name($name) { - $group = model_cache::get("group", $name, "name"); - if ($group->loaded) { - return $group; - } - return null; - } - - static function get_edit_form_admin($group) { - $form = new Forge("admin/users/edit_group/$group->id", "", "post", array("id" => "g-edit-group-form")); - $form_group = $form->group("edit_group")->label(t("Edit Group")); - $form_group->input("name")->label(t("Name"))->id("g-name")->value($group->name); - $form_group->inputs["name"]->error_messages( - "in_use", t("There is already a group with that name")); - $form_group->submit("")->value(t("Save")); - $form->add_rules_from($group); - return $form; - } - - static function get_add_form_admin() { - $form = new Forge("admin/users/add_group", "", "post", array("id" => "g-add-group-form")); - $form->set_attr('class', "g-narrow"); - $form_group = $form->group("add_group")->label(t("Add Group")); - $form_group->input("name")->label(t("Name"))->id("g-name"); - $form_group->inputs["name"]->error_messages( - "in_use", t("There is already a group with that name")); - $form_group->submit("")->value(t("Add Group")); - $group = ORM::factory("group"); - $form->add_rules_from($group); - return $form; - } - - static function get_delete_form_admin($group) { - $form = new Forge("admin/users/delete_group/$group->id", "", "post", - array("id" => "g-delete-group-form")); - $form_group = $form->group("delete_group")->label( - t("Are you sure you want to delete group %group_name?", array("group_name" => $group->name))); - $form_group->submit("")->value(t("Delete")); - return $form; - } -} diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php deleted file mode 100644 index 432994d6..00000000 --- a/modules/user/helpers/user.php +++ /dev/null @@ -1,360 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ - -/** - * This is the API for handling users. - * - * Note: by design, this class does not do any permission checking. - */ -class user_Core { - static function get_edit_form($user) { - $form = new Forge("users/update/$user->id", "", "post", array("id" => "g-edit-user-form")); - $form->set_attr("class", "g-narrow"); - $group = $form->group("edit_user")->label(t("Edit User: %name", array("name" => $user->name))); - $group->input("full_name")->label(t("Full Name"))->id("g-fullname")->value($user->full_name); - self::_add_locale_dropdown($group, $user); - $group->password("password")->label(t("Password"))->id("g-password"); - $group->password("password2")->label(t("Confirm Password"))->id("g-password2") - ->matches($group->password); - $group->input("email")->label(t("Email"))->id("g-email")->value($user->email); - $group->input("url")->label(t("URL"))->id("g-url")->value($user->url); - $form->add_rules_from($user); - - module::event("user_edit_form", $user, $form); - $group->submit("")->value(t("Save")); - return $form; - } - - static function get_edit_form_admin($user) { - $form = new Forge( - "admin/users/edit_user/$user->id", "", "post", array("id" => "g-edit-user-form")); - $group = $form->group("edit_user")->label(t("Edit User")); - $group->input("name")->label(t("Username"))->id("g-username")->value($user->name); - $group->inputs["name"]->error_messages( - "in_use", t("There is already a user with that username")); - $group->input("full_name")->label(t("Full Name"))->id("g-fullname")->value($user->full_name); - self::_add_locale_dropdown($group, $user); - $group->password("password")->label(t("Password"))->id("g-password"); - $group->password("password2")->label(t("Confirm Password"))->id("g-password2") - ->matches($group->password); - $group->input("email")->label(t("Email"))->id("g-email")->value($user->email); - $group->input("url")->label(t("URL"))->id("g-url")->value($user->url); - $group->checkbox("admin")->label(t("Admin"))->id("g-admin")->checked($user->admin); - $form->add_rules_from($user); - $form->edit_user->password->rules("-required"); - - module::event("user_edit_form_admin", $user, $form); - $group->submit("")->value(t("Modify User")); - return $form; - } - - static function get_add_form_admin() { - $form = new Forge("admin/users/add_user", "", "post", array("id" => "g-add-user-form")); - $form->set_attr('class', "g-narrow"); - $group = $form->group("add_user")->label(t("Add User")); - $group->input("name")->label(t("Username"))->id("g-username") - ->error_messages("in_use", t("There is already a user with that username")); - $group->input("full_name")->label(t("Full Name"))->id("g-fullname"); - $group->password("password")->label(t("Password"))->id("g-password"); - $group->password("password2")->label(t("Confirm Password"))->id("g-password2") - ->matches($group->password); - $group->input("email")->label(t("Email"))->id("g-email"); - $group->input("url")->label(t("URL"))->id("g-url"); - self::_add_locale_dropdown($group); - $group->checkbox("admin")->label(t("Admin"))->id("g-admin"); - $user = ORM::factory("user"); - $form->add_rules_from($user); - - module::event("user_add_form_admin", $user, $form); - $group->submit("")->value(t("Add User")); - return $form; - } - - private static function _add_locale_dropdown(&$form, $user=null) { - $locales = locales::installed(); - foreach ($locales as $locale => $display_name) { - $locales[$locale] = SafeString::of_safe_html($display_name); - } - if (count($locales) > 1) { - // Put "none" at the first position in the array - $locales = array_merge(array("" => t("« none »")), $locales); - $selected_locale = ($user && $user->locale) ? $user->locale : ""; - $form->dropdown("locale") - ->label(t("Language Preference")) - ->options($locales) - ->selected($selected_locale); - } - } - - static function get_delete_form_admin($user) { - $form = new Forge("admin/users/delete_user/$user->id", "", "post", - array("id" => "g-delete-user-form")); - $group = $form->group("delete_user")->label( - t("Are you sure you want to delete user %name?", array("name" => $user->name))); - $group->submit("")->value(t("Delete user %name", array("name" => $user->name))); - return $form; - } - - static function get_login_form($url) { - $form = new Forge($url, "", "post", array("id" => "g-login-form")); - $form->set_attr('class', "g-narrow"); - $group = $form->group("login")->label(t("Login")); - $group->input("name")->label(t("Username"))->id("g-username")->class(null); - $group->password("password")->label(t("Password"))->id("g-password")->class(null); - $group->inputs["name"]->error_messages("invalid_login", t("Invalid name or password")); - $group->submit("")->value(t("Login")); - return $form; - } - - /** - * Make sure that we have a session and group_ids cached in the session. - */ - static function load_user() { - $session = Session::instance(); - if (!($user = $session->get("user"))) { - $session->set("user", $user = user::guest()); - } - - // The installer cannot set a user into the session, so it just sets an id which we should - // upconvert into a user. - if ($user === 2) { - $user = model_cache::get("user", 2); - user::login($user); - $session->set("user", $user); - } - - if (!$session->get("group_ids")) { - $ids = array(); - foreach ($user->groups as $group) { - $ids[] = $group->id; - } - $session->set("group_ids", $ids); - } - } - - /** - * Return the array of group ids this user belongs to - * - * @return array - */ - static function group_ids() { - return Session::instance()->get("group_ids", array(1)); - } - - /** - * Return the active user. If there's no active user, return the guest user. - * - * @return User_Model - */ - static function active() { - // @todo (maybe) cache this object so we're not always doing session lookups. - $user = Session::instance()->get("user", null); - if (!isset($user)) { - // Don't do this as a fallback in the Session::get() call because it can trigger unnecessary - // work. - $user = user::guest(); - } - return $user; - } - - /** - * Return the guest user. - * - * @todo consider caching - * - * @return User_Model - */ - static function guest() { - return model_cache::get("user", 1); - } - - /** - * Change the active user. - * - * @return User_Model - */ - static function set_active($user) { - $session = Session::instance(); - $session->set("user", $user); - $session->delete("group_ids"); - self::load_user(); - } - - /** - * Create a new user. - * - * @param string $name - * @param string $full_name - * @param string $password - * @return User_Model - */ - static function create($name, $full_name, $password) { - $user = ORM::factory("user")->where("name", $name)->find(); - if ($user->loaded) { - throw new Exception("@todo USER_ALREADY_EXISTS $name"); - } - - $user->name = $name; - $user->full_name = $full_name; - $user->password = $password; - - // Required groups - $user->add(group::everybody()); - $user->add(group::registered_users()); - - $user->save(); - return $user; - } - - /** - * Is the password provided correct? - * - * @param user User Model - * @param string $password a plaintext password - * @return boolean true if the password is correct - */ - static function is_correct_password($user, $password) { - $valid = $user->password; - - // Try phpass first, since that's what we generate. - if (strlen($valid) == 34) { - require_once(MODPATH . "user/lib/PasswordHash.php"); - $hashGenerator = new PasswordHash(10, true); - return $hashGenerator->CheckPassword($password, $valid); - } - - $salt = substr($valid, 0, 4); - // Support both old (G1 thru 1.4.0; G2 thru alpha-4) and new password schemes: - $guess = (strlen($valid) == 32) ? md5($password) : ($salt . md5($salt . $password)); - if (!strcmp($guess, $valid)) { - return true; - } - - // Passwords with <&"> created by G2 prior to 2.1 were hashed with entities - $sanitizedPassword = html::specialchars($password, false); - $guess = (strlen($valid) == 32) ? md5($sanitizedPassword) - : ($salt . md5($salt . $sanitizedPassword)); - if (!strcmp($guess, $valid)) { - return true; - } - - return false; - } - - /** - * Create the hashed passwords. - * @param string $password a plaintext password - * @return string hashed password - */ - static function hash_password($password) { - require_once(MODPATH . "user/lib/PasswordHash.php"); - $hashGenerator = new PasswordHash(10, true); - return $hashGenerator->HashPassword($password); - } - - /** - * Log in as a given user. - * @param object $user the user object. - */ - static function login($user) { - $user->login_count += 1; - $user->last_login = time(); - $user->save(); - - user::set_active($user); - module::event("user_login", $user); - } - - /** - * Log out the active user and destroy the session. - * @param object $user the user object. - */ - static function logout() { - $user = user::active(); - if (!$user->guest) { - try { - Session::instance()->destroy(); - } catch (Exception $e) { - Kohana::log("error", $e); - } - module::event("user_logout", $user); - } - } - - /** - * Look up a user by id. - * @param integer $id the user id - * @return User_Model the user object, or null if the id was invalid. - */ - static function lookup($id) { - $user = model_cache::get("user", $id); - if ($user->loaded) { - return $user; - } - return null; - } - - /** - * Look up a user by name. - * @param integer $id the user name - * @return User_Model the user object, or null if the name was invalid. - */ - static function lookup_by_name($name) { - $user = model_cache::get("user", $name, "name"); - if ($user->loaded) { - return $user; - } - return null; - } - - /** - * Create a hashed password using md5 plus salt. - * @param string $password plaintext password - * @param string $salt (optional) salt or hash containing salt (randomly generated if omitted) - * @return string hashed password - */ - private static function _md5Salt($password, $salt="") { - if (empty($salt)) { - for ($i = 0; $i < 4; $i++) { - $char = mt_rand(48, 109); - $char += ($char > 90) ? 13 : ($char > 57) ? 7 : 0; - $salt .= chr($char); - } - } else { - $salt = substr($salt, 0, 4); - } - return $salt . md5($salt . $password); - } - - static function cookie_locale() { - $cookie_data = Input::instance()->cookie("g_locale"); - $locale = null; - if ($cookie_data) { - if (preg_match("/^([a-z]{2,3}(?:_[A-Z]{2})?)$/", trim($cookie_data), $matches)) { - $requested_locale = $matches[1]; - $installed_locales = locales::installed(); - if (isset($installed_locales[$requested_locale])) { - $locale = $requested_locale; - } - } - } - return $locale; - } -}
\ No newline at end of file diff --git a/modules/user/helpers/user_block.php b/modules/user/helpers/user_block.php deleted file mode 100644 index f920b4c5..00000000 --- a/modules/user/helpers/user_block.php +++ /dev/null @@ -1,46 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ -class user_block_Core { - static function get_site_list() { - return array("language" => t("Language Preference")); - } - - static function get($block_id, $theme) { - $block = ""; - switch ($block_id) { - case "language": - $locales = locales::installed(); - foreach ($locales as $locale => $display_name) { - $locales[$locale] = SafeString::of_safe_html($display_name); - } - if (count($locales) > 1) { - $block = new Block(); - $block->css_id = "g-user-language-block"; - $block->title = t("Language Preference"); - $block->content = new View("user_languages_block.html"); - $block->content->installed_locales = - array_merge(array("" => t("« none »")), $locales); - $block->content->selected = (string) user::cookie_locale(); - } - break; - } - return $block; - } -}
\ No newline at end of file diff --git a/modules/user/helpers/user_event.php b/modules/user/helpers/user_event.php deleted file mode 100644 index ede4e515..00000000 --- a/modules/user/helpers/user_event.php +++ /dev/null @@ -1,53 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ -class user_event_Core { - /** - * Initialization. - */ - static function gallery_ready() { - user::load_user(); - self::set_request_locale(); - } - - static function admin_menu($menu, $theme) { - $menu->add_after("appearance_menu", - Menu::factory("link") - ->id("users_groups") - ->label(t("Users/Groups")) - ->url(url::site("admin/users"))); - } - - static function set_request_locale() { - // 1. Check the session specific preference (cookie) - $locale = user::cookie_locale(); - // 2. Check the user's preference - if (!$locale) { - $locale = user::active()->locale; - } - // 3. Check the browser's / OS' preference - if (!$locale) { - $locale = locales::locale_from_http_request(); - } - // If we have any preference, override the site's default locale - if ($locale) { - I18n::instance()->locale($locale); - } - } -} diff --git a/modules/user/helpers/user_theme.php b/modules/user/helpers/user_theme.php deleted file mode 100644 index 69d63eaf..00000000 --- a/modules/user/helpers/user_theme.php +++ /dev/null @@ -1,36 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ -class user_theme_Core { - static function head($theme) { - if (count(locales::installed())) { - // Needed by the languages block - $theme->script("jquery.cookie.js"); - } - return ""; - } - - static function header_top($theme) { - if ($theme->page_type != "login") { - $view = new View("login.html"); - $view->user = user::active(); - return $view->render(); - } - } -} diff --git a/modules/user/libraries/drivers/Identity/Gallery.php b/modules/user/libraries/drivers/Identity/Gallery.php new file mode 100644 index 00000000..f8816644 --- /dev/null +++ b/modules/user/libraries/drivers/Identity/Gallery.php @@ -0,0 +1,317 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +/* + * Based on the Cache_Sqlite_Driver developed by the Kohana Team + */ +class Identity_Gallery_Driver implements Identity_Driver { + /** + * Return the guest user. + * + * @todo consider caching + * + * @return User_Model + */ + public function guest() { + return new Gallery_User(model_cache::get("user", 1)); + } + + /** + * Create a new user. + * + * @param string $name + * @param string $full_name + * @param string $password + * @return User_Model + */ + public function create_user($name, $full_name, $password) { + $user = ORM::factory("user")->where("name", $name)->find(); + if ($user->loaded) { + throw new Exception("@todo USER_ALREADY_EXISTS $name"); + } + + $user->name = $name; + $user->full_name = $full_name; + $user->password = $password; + + // Required groups + $user->add($this->everybody()->uncloaked()); + $user->add($this->registered_users()->uncloaked()); + + $user->save(); + return new Gallery_User($user); + } + + /** + * Is the password provided correct? + * + * @param user User Model + * @param string $password a plaintext password + * @return boolean true if the password is correct + */ + public function is_correct_password($user, $password) { + $valid = $user->password; + + // Try phpass first, since that's what we generate. + if (strlen($valid) == 34) { + require_once(MODPATH . "user/lib/PasswordHash.php"); + $hashGenerator = new PasswordHash(10, true); + return $hashGenerator->CheckPassword($password, $valid); + } + + $salt = substr($valid, 0, 4); + // Support both old (G1 thru 1.4.0; G2 thru alpha-4) and new password schemes: + $guess = (strlen($valid) == 32) ? md5($password) : ($salt . md5($salt . $password)); + if (!strcmp($guess, $valid)) { + return true; + } + + // Passwords with <&"> created by G2 prior to 2.1 were hashed with entities + $sanitizedPassword = html::specialchars($password, false); + $guess = (strlen($valid) == 32) ? md5($sanitizedPassword) + : ($salt . md5($salt . $sanitizedPassword)); + if (!strcmp($guess, $valid)) { + return true; + } + + return false; + } + + /** + * Create the hashed passwords. + * @param string $password a plaintext password + * @return string hashed password + */ + public function hash_password($password) { + require_once(MODPATH . "user/lib/PasswordHash.php"); + $hashGenerator = new PasswordHash(10, true); + return $hashGenerator->HashPassword($password); + } + + /** + * Look up a user by id. + * @param integer $id the user id + * @return User_Model the user object, or null if the id was invalid. + */ + public function lookup_user($id) { + $user = model_cache::get("user", $id); + if ($user->loaded) { + return new Gallery_User($user); + } + return null; + } + + /** + * Look up a user by field value. + * @param string search field + * @param string search value + * @return User_Core the user object, or null if the name was invalid. + */ + public function lookup_user_by_field($field_name, $value) { + try { + $user = model_cache::get("user", $value, $field_name); + if ($user->loaded) { + return new Gallery_User($user); + } + } catch (Exception $e) { + if (strpos($e->getMessage(), "MISSING_MODEL") === false) { + throw $e; + } + } + return null; + } + + /** + * Create a new group. + * + * @param string $name + * @return Group_Model + */ + public function create_group($name) { + $group = ORM::factory("group")->where("name", $name)->find(); + if ($group->loaded) { + throw new Exception("@todo GROUP_ALREADY_EXISTS $name"); + } + + $group->name = $name; + $group->save(); + + return new Gallery_Group($group); + } + + /** + * The group of all possible visitors. This includes the guest user. + * + * @return Group_Model + */ + public function everybody() { + return new Gallery_Group(model_cache::get("group", 1)); + } + + /** + * The group of all logged-in visitors. This does not include guest users. + * + * @return Group_Model + */ + public function registered_users() { + return new Gallery_Group(model_cache::get("group", 2)); + } + + /** + * Look up a user by id. + * @param integer $id the user id + * @return User_Model the user object, or null if the id was invalid. + */ + public function lookup_group($id) { + $group = model_cache::get("group", $id); + if ($group->loaded) { + return new Gallery_Group($group); + } + return null; + } + + /** + * Look up a group by name. + * @param integer $id the group name + * @return Group_Model the group object, or null if the name was invalid. + */ + public function lookup_group_by_name($name) { + try { + $group = model_cache::get("group", $name, "name"); + if ($group->loaded) { + return new Gallery_Group($group); + } + } catch (Exception $e) { + if (strpos($e->getMessage(), "MISSING_MODEL") === false) { + throw $e; + } + } + return null; + } + + /** + * List the users + * @param mixed options to apply to the selection of the user + * @return array the group list. + */ + public function list_users($filter=array()) { + $results = $this->_do_search("user", $filter); + $users = array(); + foreach ($results->as_array() as $user) { + $users[] = new Gallery_User($user); + } + return $users; + } + + + /** + * List the groups + * @param mixed options to apply to the selection of the user + * @return array the group list. + */ + public function list_groups($filter=array()) { + $results = $this->_do_search("group", $filter); + $groups = array(); + foreach ($results->as_array() as $group) { + $groups[] = new Gallery_Group($group); + } + return $groups; + } + + /** + * Return the edit rules associated with an group. + * + * @param string $object_type to return rules for ("user"|"group") + * @return stdClass containing the rules + */ + public function get_edit_rules($object_type) { + return (object)ORM::factory($object_type)->rules; + } + + /** + * Build the query based on the supplied filters for the specified model. + * @param string $object_type to return rules for ("user"|"group") + * @param mixed $filters options to apply to the selection. + */ + private function _do_search($object_type, $filter) { + $object = ORM::factory($object_type); + + foreach ($filter as $method => $args) { + switch ($method) { + case "in": + $object->in($args[0], $args[1]); + break; + default: + $object->$method($args); + } + } + + return $object->find_all(); + } + +} // End Identity Gallery Driver + +/** + * User Data wrapper + */ +class Gallery_User extends User_Definition { + /* + * Not for general user, allows the back-end to easily create the interface object + */ + function __construct($user) { + $this->user = $user; + } + + public function save() { + $this->user->save(); + } + + public function delete() { + $this->user->delete(); + } + +} + +/** + * Group Data wrapper + */ +class Gallery_Group extends Group_Definition { + /* + * Not for general user, allows the back-end to easily create the interface object + */ + function __construct($group) { + $this->group = $group; + } + + public function save() { + $this->group->save(); + } + + public function delete() { + $this->group->delete(); + } + + public function add($user) { + $this->group->add($user->uncloaked()); + } + + public function remove($user) { + $this->group->remove($user->uncloaked()); + } +} diff --git a/modules/user/models/user.php b/modules/user/models/user.php index 55562f34..1993bd05 100644 --- a/modules/user/models/user.php +++ b/modules/user/models/user.php @@ -51,16 +51,6 @@ class User_Model extends ORM { module::event("user_deleted", $old); } - /** - * Return a url to the user's avatar image. - * @param integer $size the target size of the image (default 80px) - * @return string a url - */ - public function avatar_url($size=80, $default=null) { - return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s", - md5($this->email), $size, $default ? "&d=" . urlencode($default) : ""); - } - public function save() { if (!$this->loaded) { $created = 1; @@ -73,13 +63,4 @@ class User_Model extends ORM { } return $this; } - - /** - * Return the best version of the user's name. Either their specified full name, or fall back - * to the user name. - * @return string - */ - public function display_name() { - return empty($this->full_name) ? $this->name : $this->full_name; - } -}
\ No newline at end of file +} diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php deleted file mode 100644 index a127bc15..00000000 --- a/modules/user/views/admin_users.html.php +++ /dev/null @@ -1,128 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access.") ?> -<script type="text/javascript"> - var add_user_to_group_url = "<?= url::site("admin/users/add_user_to_group/__USERID__/__GROUPID__?csrf=$csrf") ?>"; - $(document).ready(function(){ - $("#g-user-admin-list .core-info").draggable({ - helper: "clone" - }); - $("#g-group-admin .g-group").droppable({ - accept: ".core-info", - hoverClass: "g-selected", - drop: function(ev, ui) { - var user_id = $(ui.draggable).attr("id").replace("user-", ""); - var group_id = $(this).attr("id").replace("group-", ""); - $.get(add_user_to_group_url.replace("__USERID__", user_id).replace("__GROUPID__", group_id), - {}, - function() { - reload_group(group_id); - }); - } - }); - $("#group-1").droppable("destroy"); - $("#group-2").droppable("destroy"); - }); - - var reload_group = function(group_id) { - var reload_group_url = "<?= url::site("admin/users/group/__GROUPID__") ?>"; - $.get(reload_group_url.replace("__GROUPID__", group_id), - {}, - function(data) { - $("#group-" + group_id).html(data); - $("#group-" + group_id + " .g-dialog-link").gallery_dialog(); - }); - } - - var remove_user = function(user_id, group_id) { - var remove_user_url = "<?= url::site("admin/users/remove_user_from_group/__USERID__/__GROUPID__?csrf=$csrf") ?>"; - $.get(remove_user_url.replace("__USERID__", user_id).replace("__GROUPID__", group_id), - {}, - function() { - reload_group(group_id); - }); - } -</script> -<div class="g-block"> - <a href="<?= url::site("admin/users/add_user_form") ?>" - class="g-dialog-link g-button g-right ui-icon-left ui-state-default ui-corner-all" - title="<?= t("Create a new user")->for_html_attr() ?>"> - <span class="ui-icon ui-icon-circle-plus"></span> - <?= t("Add a new user") ?> - </a> - - <h2> - <?= t("User Admin") ?> - </h2> - - <div class="g-block-content"> - <table id="g-user-admin-list"> - <tr> - <th><?= t("Username") ?></th> - <th><?= t("Full name") ?></th> - <th><?= t("Email") ?></th> - <th><?= t("Last login") ?></th> - <th><?= t("Actions") ?></th> - </tr> - - <? foreach ($users as $i => $user): ?> - <tr id="g-user-<?= $user->id ?>" class="<?= text::alternate("g-odd", "g-even") ?> user <?= $user->admin ? "admin" : "" ?>"> - <td id="user-<?= $user->id ?>" class="core-info g-draggable"> - <img src="<?= $user->avatar_url(20, $theme->url("images/avatar.jpg", true)) ?>" - title="<?= t("Drag user onto group below to add as a new member")->for_html_attr() ?>" - alt="<?= html::clean_attribute($user->name) ?>" - width="20" - height="20" /> - <?= html::clean($user->name) ?> - </td> - <td> - <?= html::clean($user->full_name) ?> - </td> - <td> - <?= html::clean($user->email) ?> - </td> - <td> - <?= ($user->last_login == 0) ? "" : gallery::date($user->last_login) ?> - </td> - <td class="g-actions"> - <a href="<?= url::site("admin/users/edit_user_form/$user->id") ?>" - open_text="<?= t("close") ?>" - class="g-panel-link g-button ui-state-default ui-corner-all ui-icon-left"> - <span class="ui-icon ui-icon-pencil"></span><span class="g-button-text"><?= t("edit") ?></span></a> - <? if (user::active()->id != $user->id && !$user->guest): ?> - <a href="<?= url::site("admin/users/delete_user_form/$user->id") ?>" - class="g-dialog-link g-button ui-state-default ui-corner-all ui-icon-left"> - <span class="ui-icon ui-icon-trash"></span><?= t("delete") ?></a> - <? else: ?> - <span title="<?= t("This user cannot be deleted")->for_html_attr() ?>" - class="g-button ui-state-disabled ui-corner-all ui-icon-left"> - <span class="ui-icon ui-icon-trash"></span><?= t("delete") ?></span> - <? endif ?> - </td> - </tr> - <? endforeach ?> - </table> - </div> -</div> - -<div id="g-group-admin" class="g-block g-clearfix"> - <a href="<?= url::site("admin/users/add_group_form") ?>" - class="g-dialog-link g-button g-right ui-icon-left ui-state-default ui-corner-all" - title="<?= t("Create a new group")->for_html_attr() ?>"> - <span class="ui-icon ui-icon-circle-plus"></span> - <?= t("Add a new group") ?> - </a> - - <h2> - <?= t("Group Admin") ?> - </h2> - - <div class="g-block-content"> - <ul> - <? foreach ($groups as $i => $group): ?> - <li id="group-<?= $group->id ?>" class="g-group <?= ($group->special ? "g-default-group" : "") ?>" /> - <? $v = new View("admin_users_group.html"); $v->group = $group; ?> - <?= $v ?> - </li> - <? endforeach ?> - </ul> - </div> -</div> diff --git a/modules/user/views/admin_users_group.html.php b/modules/user/views/admin_users_group.html.php deleted file mode 100644 index db3645a0..00000000 --- a/modules/user/views/admin_users_group.html.php +++ /dev/null @@ -1,38 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access.") ?> -<h4> - <?= html::clean($group->name) ?> - <? if (!$group->special): ?> - <a href="<?= url::site("admin/users/delete_group_form/$group->id") ?>" - title="<?= t("Delete the %name group", array("name" => $group->name))->for_html_attr() ?>" - class="g-dialog-link g-button ui-state-default ui-corner-all"> - <span class="ui-icon ui-icon-trash"><?= t("delete") ?></span></a> - <? else: ?> - <a title="<?= t("This default group cannot be deleted")->for_html_attr() ?>" - class="g-dialog-link g-button ui-state-disabled ui-corner-all ui-icon-left"> - <span class="ui-icon ui-icon-trash"><?= t("delete") ?></span></a> - <? endif ?> -</h4> - -<? if ($group->users->count() > 0): ?> -<ul> - <? foreach ($group->users as $i => $user): ?> - <li class="g-user"> - <?= html::clean($user->name) ?> - <? if (!$group->special): ?> - <a href="javascript:remove_user(<?= $user->id ?>, <?= $group->id ?>)" - class="g-button ui-state-default ui-corner-all ui-icon-left" - title="<?= t("Remove %user from %group group", - array("user" => $user->name, "group" => $group->name))->for_html_attr() ?>"> - <span class="ui-icon ui-icon-closethick"><?= t("remove") ?></span> - </a> - <? endif ?> - </li> - <? endforeach ?> -</ul> -<? else: ?> -<div> - <p> - <?= t("Drag & drop users from the User Admin above into this group box to add group members.") ?> - </p> -</div> -<? endif ?> diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php deleted file mode 100644 index 049ba043..00000000 --- a/modules/user/views/login.html.php +++ /dev/null @@ -1,22 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access.") ?> -<ul id="g-login-menu"> - <? if ($user->guest): ?> - <li class="first"> - <a href="<?= url::site("login/ajax") ?>" - title="<?= t("Login to Gallery")->for_html_attr() ?>" - id="g-login-link"><?= t("Login") ?></a> - </li> - <? else: ?> - <li class="first"> - <?= t('Logged in as %name', array('name' => html::mark_clean( - '<a href="' . url::site("form/edit/users/{$user->id}") . - '" title="' . t("Edit Your Profile")->for_html_attr() . - '" id="g-user-profile-link" class="g-dialog-link">' . - html::clean($user->display_name()) . '</a>'))) ?> - </li> - <li> - <a href="<?= url::site("logout?csrf=$csrf&continue=" . urlencode(url::current(true))) ?>" - id="g-logout-link"><?= t("Logout") ?></a> - </li> - <? endif ?> -</ul> diff --git a/modules/user/views/login_ajax.html.php b/modules/user/views/login_ajax.html.php deleted file mode 100644 index d3364b46..00000000 --- a/modules/user/views/login_ajax.html.php +++ /dev/null @@ -1,43 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access.") ?> -<script type="text/javascript"> - $("#g-login-form").ready(function() { - $("#g-password-reset").click(function() { - $.ajax({ - url: "<?= url::site("password/reset") ?>", - success: function(data) { - $("#g-login").html(data); - $("#ui-dialog-title-g-dialog").html(<?= t("Reset Password")->for_js() ?>); - $(".submit").addClass("g-button ui-state-default ui-corner-all"); - $(".submit").gallery_hover_init(); - ajaxify_login_reset_form(); - } - }); - }); - }); - - function ajaxify_login_reset_form() { - $("#g-login form").ajaxForm({ - dataType: "json", - success: function(data) { - if (data.form) { - $("#g-login form").replaceWith(data.form); - ajaxify_login_reset_form(); - } - if (data.result == "success") { - $("#g-dialog").dialog("close"); - window.location.reload(); - } - } - }); - }; -</script> -<div id="g-login"> - <ul> - <li id="g-login-form"> - <?= $form ?> - </li> - <li> - <a href="#" id="g-password-reset" class="g-right g-txt-small"><?= t("Forgot Your Password?") ?></a> - </li> - </ul> -</div> diff --git a/modules/user/views/reset_password.html.php b/modules/user/views/reset_password.html.php deleted file mode 100644 index 92ca4917..00000000 --- a/modules/user/views/reset_password.html.php +++ /dev/null @@ -1,17 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access.") ?> -<html> - <head> - <title><?= t("Password Reset Request") ?> </title> - </head> - <body> - <h2><?= t("Password Reset Request") ?> </h2> - <p> - <?= t("Hello, %name,", array("name" => $user->full_name ? $user->full_name : $user->name)) ?> - </p> - <p> - <?= t("We received a request to reset your password for <a href=\"%site_url\">%site_url</a>. If you made this request, you can confirm it by <a href=\"%confirm_url\">clicking this link</a>. If you didn't request this password reset, it's ok to ignore this mail.", - array("site_url" => html::mark_clean(url::base(false, "http")), - "confirm_url" => $confirm_url)) ?> - </p> - </body> -</html> diff --git a/modules/user/views/user_languages_block.html.php b/modules/user/views/user_languages_block.html.php deleted file mode 100644 index 89185967..00000000 --- a/modules/user/views/user_languages_block.html.php +++ /dev/null @@ -1,19 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access.") ?> -<?= form::dropdown("g-select-session-locale", $installed_locales, $selected) ?> -<script type="text/javascript"> - $("#g-select-session-locale").change(function() { - var old_locale_preference = <?= html::js_string($selected) ?>; - var locale = $(this).val(); - if (old_locale_preference == locale) { - return; - } - - var expires = -1; - if (locale) { - expires = 365; - } - $.cookie("g_locale", locale, {"expires": expires, "path": "/"}); - window.location.reload(true); - }); -</script> - |