diff --git a/app/controllers/LoginRegController.php b/app/controllers/LoginRegController.php
index 5659c1bb77..69a6fba1a6 100644
--- a/app/controllers/LoginRegController.php
+++ b/app/controllers/LoginRegController.php
@@ -69,7 +69,7 @@ function registerForm($t_user = "") {
$va_elements = array();
foreach($va_profile_prefs as $vs_pref) {
$va_pref_info = $t_user->getPreferenceInfo($vs_pref);
- $va_elements[$vs_pref] = array('element' => $t_user->preferenceHtmlFormElement($vs_pref), 'formatted_element' => $t_user->preferenceHtmlFormElement($vs_pref, "
".$va_pref_info['label']." ^ELEMENT
"), 'bs_formatted_element' => $t_user->preferenceHtmlFormElement($vs_pref, "".$va_pref_info['label']." ^ELEMENT
\n", array("classname" => "form-control")), 'info' => $va_pref_info, 'label' => $va_pref_info['label']);
+ $va_elements[$vs_pref] = array('element' => $t_user->preferenceHtmlFormElement($vs_pref), 'formatted_element' => $t_user->preferenceHtmlFormElement($vs_pref, "".$va_pref_info['label']." ^ELEMENT
"), 'bs_formatted_element' => $t_user->preferenceHtmlFormElement($vs_pref, "".$va_pref_info['label']." ^ELEMENT
\n", array("classname" => "form-control")), 'info' => $va_pref_info, 'label' => $va_pref_info['label']);
}
$this->view->setVar("profile_settings", $va_elements);
@@ -135,7 +135,9 @@ function profileSave() {
$ps_password = $this->request->getParameter("password", pString);
$ps_password2 = $this->request->getParameter("password2", pString);
$ps_security = $this->request->getParameter("security", pString);
- $va_errors = array();
+ $ps_group_code = $this->request->getParameter("group_code", pString);
+
+ $va_errors = [];
if (!caCheckEmailAddress($ps_email)) {
$va_errors["email"] = _t("E-mail address is not valid.");
@@ -187,6 +189,12 @@ function profileSave() {
$t_user->set("password", $ps_password);
}
}
+
+ $t_group_to_join = null;
+ if (strlen($ps_group_code) && !($t_group_to_join = $this->_validateGroup($ps_group_code))){
+ $va_errors["group_code"] = _t("Group code %1 is not valid", $ps_group_code);
+ }
+
// Check user profile responses
$va_profile_prefs = $t_user->getValidPreferences('profile');
if (is_array($va_profile_prefs) && sizeof($va_profile_prefs)) {
@@ -210,7 +218,19 @@ function profileSave() {
$va_errors["general"] = join("; ", $t_user->getErrors());
}else{
#success
- $this->notification->addNotification(_t("Updated profile"), __NOTIFICATION_TYPE_INFO__);
+
+ # User has provided a group code
+ if ($t_group_to_join && ($group_id = $t_group_to_join->getPrimaryKey())) {
+ if(!$t_user->inGroup($group_id)){
+ $t_user->addToGroups($group_id);
+ $vs_group_message = _t("You were added to group %1 ", $t_group_to_join->get('name'));
+ }else{
+ $vs_group_message = _t("You are already a member of group %1 ", $t_group_to_join->get('name'));
+ }
+ }
+
+
+ $this->notification->addNotification(_t("Updated profile").($vs_group_message ? " {$vs_group_message}" : ""), __NOTIFICATION_TYPE_INFO__);
// If we are editing the user record of the currently logged in user
// we have a problem: the request object flushes out changes to its own user object
// for the logged-in user at the end of the request overwriting any changes we've made.
@@ -239,14 +259,13 @@ function login() {
$this->loginForm();
} else {
# --- user is joining a user group from a supplied link
- if(Session::getVar("join_user_group_id")){
+ if(Session::getVar("join_user_group_id") && $this->_validateGroup(Session::getVar("join_user_group_id"))){
if(!$this->request->user->inGroup(Session::getVar("join_user_group_id"))){
$this->request->user->addToGroups(Session::getVar("join_user_group_id"));
- Session::setVar("join_user_group_id", "");
+ Session::setVar('join_user_group_id', '');
$vs_group_message = _t(" and added to the group");
}else{
- Session::setVar("join_user_group_id", "");
- $vs_group_message = _t(" you are already a member of the group");
+ Session::setVar('join_user_group_id', '');
}
}
if($this->request->isAjax()){
@@ -264,7 +283,7 @@ function login() {
$vs_action = 'Index';
}
$vs_url = caNavUrl($this->request, $vs_module_path, $vs_controller, $vs_action);
- $this->notification->addNotification(_t("You have been logged in").$vs_group_message, __NOTIFICATION_TYPE_INFO__);
+ $this->notification->addNotification(_t("You have been logged in").($vs_group_message ? " {$vs_group_message}" : ""), __NOTIFICATION_TYPE_INFO__);
$this->response->setRedirect($vs_url);
}
}
@@ -277,7 +296,7 @@ function logout() {
if (sizeof($va_tmp)) { $vs_controller = array_pop($va_tmp); }
if (sizeof($va_tmp)) { $vs_module_path = join('/', $va_tmp); }
} else {
- $vs_controller = 'Splash';
+ $vs_controller = 'Front';
$vs_action = 'Index';
}
$vs_url = caNavUrl($this->request, $vs_module_path, $vs_controller, $vs_action);
@@ -291,7 +310,7 @@ function logout() {
# -------------------------------------------------------
function register() {
if (!caValidateCSRFToken($this->request, null, ['notifications' => $this->notification])) {
- $this->register();
+ $this->registerForm();
return;
}
if (
@@ -318,6 +337,7 @@ function register() {
$ps_password2 = $this->request->getParameter("password2", pString);
$ps_security = $this->request->getParameter("security", pString);
$ps_captcha = $this->request->getParameter("g-recaptcha-response", pString);
+ $ps_group_code = $this->request->getParameter("group_code", pString);
$va_errors = array();
@@ -351,21 +371,21 @@ function register() {
}
$co_security = $this->request->config->get('registration_security');
if($co_security == 'captcha'){
- if(strlen($this->request->config->get('google_recaptcha_sitekey')) != 40 || strlen($this->request->config->get('google_recaptcha_secretkey')) != 40){
- // Then the captcha will not work and should not be implemenented.
- $co_security = 'equation_sum';
+ if(!(defined("__CA_GOOGLE_RECAPTCHA_SECRET_KEY__") && __CA_GOOGLE_RECAPTCHA_SECRET_KEY__) || !(defined("__CA_GOOGLE_RECAPTCHA_KEY__") && __CA_GOOGLE_RECAPTCHA_KEY__)){
+ //Then the captcha will not work and should not be implemenented.
+ $co_security = 'equation_sum';
}
}
if($co_security == 'captcha'){
if(!$ps_captcha){
- $va_errors["recaptcha"] = _t("Please complete the captcha");
+ $va_errors["recaptcha"] = _t("Please complete the captcha");
} else {
$va_request = curl_init();
curl_setopt($va_request, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify');
curl_setopt($va_request, CURLOPT_HEADER, 0);
curl_setopt($va_request, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($va_request, CURLOPT_POST, 1);
- $va_request_params = ['secret'=>$this->request->config->get('google_recaptcha_secretkey'), 'response'=>$ps_captcha];
+ $va_request_params = ['secret'=>__CA_GOOGLE_RECAPTCHA_SECRET_KEY__, 'response'=>$ps_captcha];
curl_setopt($va_request, CURLOPT_POSTFIELDS, $va_request_params);
$va_captcha_resp = curl_exec($va_request);
$captcha_json = json_decode($va_captcha_resp, true);
@@ -373,17 +393,28 @@ function register() {
$va_errors["recaptcha"] = _t("Your Captcha was rejected, please try again");
}
}
- } elseif (!$ps_security) {
- $va_errors["security"] = _t("Please answer the security question.");
- } elseif($ps_security != $_REQUEST["sum"]){
- $va_errors["security"] = _t("Your answer was incorrect, please try again");
+ } else {
+ if ((!$ps_security)) {
+ $va_errors["security"] = _t("Please answer the security question.");
+ }else{
+ if($ps_security != $_REQUEST["sum"]){
+ $va_errors["security"] = _t("Your answer was incorrect, please try again");
+ }
+ }
+ }
+
+ // check that group code exists if specified
+ $t_group_to_join = null;
+ if (strlen($ps_group_code) && !($t_group_to_join = $this->_validateGroup($ps_group_code))) {
+ $va_errors["group_code"] = _t("Group code %1 is not valid", $ps_group_code);
}
+
// Check user profile responses
$va_profile_prefs = $t_user->getValidPreferences('profile');
if (is_array($va_profile_prefs) && sizeof($va_profile_prefs)) {
foreach($va_profile_prefs as $vs_pref) {
$vs_pref_value = $this->request->getParameter('pref_'.$vs_pref, pString);
- if (!$t_user->isValidPreferenceValue($vs_pref, $vs_pref_value) && ($t_user->numErrors() > 0)) {
+ if (!$t_user->isValidPreferenceValue($vs_pref, $vs_pref_value)) {
$va_errors[$vs_pref] = join("; ", $t_user->getErrors());
$t_user->clearErrors();
@@ -448,7 +479,7 @@ function register() {
# -------------
}
}
- $t_user->set("registered_on",_t("now"));
+ $t_user->set("registered_on","now");
// Save user profile responses
if (is_array($va_profile_prefs) && sizeof($va_profile_prefs)) {
@@ -475,20 +506,31 @@ function register() {
$t_user->addRoles($va_default_roles);
}
# --- user is joining a user group from a supplied link
- if(Session::getVar("join_user_group_id")){
+ if(Session::getVar("join_user_group_id") && $this->_validateGroup(Session::getVar("join_user_group_id"))) {
if(!$t_user->inGroup(Session::getVar("join_user_group_id"))){
$t_user->addToGroups(Session::getVar("join_user_group_id"));
- Session::setVar("join_user_group_id", "");
+ Session::setVar('join_user_group_id', '');
$vs_group_message = _t(" You were added to the group");
}else{
- Session::setVar("join_user_group_id", "");
+ Session::setVar('join_user_group_id', '');
$vs_group_message = _t(" You are already a member of the group");
}
}
+
+ # User has provided a group code
+ if ($t_group_to_join && ($group_id = $t_group_to_join->getPrimaryKey())) {
+ if(!$t_user->inGroup($group_id)){
+ $t_user->addToGroups($group_id);
+ $vs_group_message = _t("You were added to group %1 ", $t_group_to_join->get('name'));
+ }else{
+ $vs_group_message = _t("You are already a member of group %1 ", $t_group_to_join->get('name'));
+ }
+ }
# --- send email confirmation
$o_view = new View($this->request, array($this->request->getViewsDirectoryPath()));
-
+ $o_view->setVar("t_user", $t_user);
+
# -- generate email subject line from template
$vs_subject_line = $o_view->render("mailTemplates/reg_conf_subject.tpl");
@@ -512,7 +554,6 @@ function register() {
caSendmail($this->request->config->get("ca_admin_email"), $this->request->config->get("ca_admin_email"), $vs_subject_line, $vs_mail_message_text, $vs_mail_message_html);
}
- #$t_user = new ca_users();
$vs_action = $vs_controller = $vs_module_path = '';
if ($vs_default_action = $this->request->config->get('default_action')) {
$va_tmp = explode('/', $vs_default_action);
@@ -561,26 +602,30 @@ function register() {
}
# -------------------------------------------------------
function joinGroup() {
- $t_user_group = new ca_user_groups();
- $pn_group_id = $this->request->getParameter("group_id", pInteger);
- if($pn_group_id){
+ $t_user_group = $this->_validateGroup($group_code = $this->request->getParameter("group_code", pString));
+
+ if (!$t_user_group) {
+ $this->view->setVar("message", _t("Group code %1 is not valid", $group_code));
+ return;
+ }
+ if($t_user_group){
+ $group_id = $t_user_group->getPrimaryKey();
+
if($this->request->isLoggedIn()){
- if(!$this->request->user->inGroup($pn_group_id)){
- $this->request->user->addToGroups($pn_group_id);
- Session::setVar("join_user_group_id", "");
- $vs_group_message = _t("You were added to the group");
+ if(!$this->request->user->inGroup($group_id)){
+ $this->request->user->addToGroups($group_id);
+ $group_message = _t("You were added to the group");
}else{
- Session::setVar("join_user_group_id", "");
- $vs_group_message = _t("You are already a member of the group");
+ $group_message = _t("You are already a member of the group");
}
- $this->notification->addNotification($vs_group_message, __NOTIFICATION_TYPE_INFO__);
- if(!$vs_controller = $this->request->getParameter("section", pString)){
- $vs_controller = "Lightbox";
+ Session::setVar('join_user_group_id', '');
+ $this->notification->addNotification($group_message, __NOTIFICATION_TYPE_INFO__);
+ if(!$controller = $this->request->getParameter("section", pString)){
+ $controller = "Lightbox";
}
- $this->response->setRedirect(caNavUrl($this->request, "", $vs_controller, "Index"));
- }else{
- $t_user_group->load($pn_group_id);
- Session::setVar("join_user_group_id", $pn_group_id);
+ $this->response->setRedirect(caNavUrl($this->request, "", $controller, "Index"));
+ } else {
+ Session::setVar('join_user_group_id', $group_id);
$this->view->setVar("message", _t("Login/Register to join \"%1\"", $t_user_group->get("name")));
$this->loginForm();
}
@@ -720,4 +765,25 @@ function resetSave(){
}
}
# -------------------------------------------------------
+ /**
+ *
+ */
+ private function _validateGroup(string $group) {
+ if(!strlen($group)) {
+ $this->view->setVar("message", _t("Group code is empty"));
+ return false;
+ }
+ $t_user_group = null;
+ if(is_numeric($group)) {
+ $t_user_group = ca_user_groups::find(['group_id' => (int)$group, 'for_public_use' => 1], ['returnAs' => 'firstModelInstance']);
+ } else {
+ $t_user_group = ca_user_groups::find(['code' => (string)$group, 'for_public_use' => 1], ['returnAs' => 'firstModelInstance']);
+ }
+ if (!$t_user_group) {
+ $this->view->setVar("message", _t("Group %1 is not valid", $group));
+ return false;
+ }
+ return $t_user_group;
+ }
+ # -------------------------------------------------------
}
diff --git a/themes/default/views/Classroom/list_html.php b/themes/default/views/Classroom/list_html.php
index 526d8e2a1a..14a0b76d88 100644
--- a/themes/default/views/Classroom/list_html.php
+++ b/themes/default/views/Classroom/list_html.php
@@ -155,7 +155,7 @@
if($va_user_group["description"]){
print ""._t("Description")." ".$va_user_group["description"]." ";
}
- print ""._t("Url to join group")." ";
+ print ""._t("Url to join group")." ";
print ""._t("Members")." ";
if(is_array($va_user_group["members"]) && sizeof($va_user_group["members"])){
print "";
@@ -216,4 +216,4 @@
});
});
-
\ No newline at end of file
+
diff --git a/themes/default/views/Lightbox/user_group_list_html.php b/themes/default/views/Lightbox/user_group_list_html.php
index 2239bdbf79..8264afca48 100644
--- a/themes/default/views/Lightbox/user_group_list_html.php
+++ b/themes/default/views/Lightbox/user_group_list_html.php
@@ -44,7 +44,7 @@
if($va_user_group["description"]){
print ""._t("Description")." ".$va_user_group["description"]." ";
}
- print ""._t("Url to join group")." ".$this->request->config->get('site_hostname').caNavUrl($this->request, "", "LoginReg", "joinGroup", array("group_id" => $va_user_group["group_id"]))." ";
+ print ""._t("Url to join group")." ".$this->request->config->get('site_hostname').caNavUrl($this->request, "", "LoginReg", "joinGroup", array("group_code" => $va_user_group["code"]))." ";
$va_group_users = $t_user_group->getGroupUsers();
print ""._t("Users")." ";
if(is_array($va_group_users) && sizeof($va_group_users)){
@@ -60,4 +60,4 @@
}else{
print _t("You have made no user groups");
}
-?>
\ No newline at end of file
+?>