projects
/
timetracker.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Added file_key field to tt_files table.
[timetracker.git]
/
WEB-INF
/
lib
/
ttRegistrator.class.php
diff --git
a/WEB-INF/lib/ttRegistrator.class.php
b/WEB-INF/lib/ttRegistrator.class.php
index
48f4b0a
..
1664461
100644
(file)
--- a/
WEB-INF/lib/ttRegistrator.class.php
+++ b/
WEB-INF/lib/ttRegistrator.class.php
@@
-26,6
+26,9
@@
// | https://www.anuko.com/time_tracker/credits.htm
// +----------------------------------------------------------------------+
// | https://www.anuko.com/time_tracker/credits.htm
// +----------------------------------------------------------------------+
+import('ttUserHelper');
+import('ttRoleHelper');
+
// ttRegistrator class is used to register a user in Time Tracker.
class ttRegistrator {
var $user_name = null; // User name.
// ttRegistrator class is used to register a user in Time Tracker.
class ttRegistrator {
var $user_name = null; // User name.
@@
-35,7
+38,12
@@
class ttRegistrator {
var $group_name = null; // Group name.
var $currency = null; // Currency.
var $lang = null; // Language.
var $group_name = null; // Group name.
var $currency = null; // Currency.
var $lang = null; // Language.
+ var $created_by_id = null; // User, who uses the instance.
+ // Currently, there are 2 possibilities:
+ // 1) Self-registration, or null here.
+ // 2) Registration by admin with a user_id.
var $group_id = null; // Group id, set after we create a group.
var $group_id = null; // Group id, set after we create a group.
+ var $org_id = null; // Organization id, the same as group_id (top group in org).
var $role_id = null; // Role id for top managers.
var $user_id = null; // User id after registration.
var $err = null; // Error object, passed to us as reference.
var $role_id = null; // Role id for top managers.
var $user_id = null; // User id after registration.
var $err = null; // Error object, passed to us as reference.
@@
-52,6
+60,7
@@
class ttRegistrator {
$this->currency = $fields['currency'];
$this->lang = $fields['lang'];
if (!$this->lang) $this->lang = 'en';
$this->currency = $fields['currency'];
$this->lang = $fields['lang'];
if (!$this->lang) $this->lang = 'en';
+ $this->created_by_id = (int) $fields['created_by_id'];
$this->err = $err;
// Validate passed in parameters.
$this->err = $err;
// Validate passed in parameters.
@@
-61,7
+70,7
@@
class ttRegistrator {
function validate() {
global $i18n;
function validate() {
global $i18n;
- if (!ttValidString($this->group_name
, true
))
+ if (!ttValidString($this->group_name))
$this->err->add($i18n->get('error.field'), $i18n->get('label.group_name'));
if (!ttValidString($this->currency, true))
$this->err->add($i18n->get('error.field'), $i18n->get('label.currency'));
$this->err->add($i18n->get('error.field'), $i18n->get('label.group_name'));
if (!ttValidString($this->currency, true))
$this->err->add($i18n->get('error.field'), $i18n->get('label.currency'));
@@
-77,6
+86,8
@@
class ttRegistrator {
$this->err->add($i18n->get('error.not_equal'), $i18n->get('label.password'), $i18n->get('label.confirm_password'));
if (!ttValidEmail($this->email, true))
$this->err->add($i18n->get('error.field'), $i18n->get('label.email'));
$this->err->add($i18n->get('error.not_equal'), $i18n->get('label.password'), $i18n->get('label.confirm_password'));
if (!ttValidEmail($this->email, true))
$this->err->add($i18n->get('error.field'), $i18n->get('label.email'));
+ if (!ttUserHelper::canAdd())
+ $this->err->add($i18n->get('error.user_count'));
}
// The register function registers a user in Time Tracker.
}
// The register function registers a user in Time Tracker.
@@
-84,11
+95,14
@@
class ttRegistrator {
if ($this->err->yes()) return false; // There are errors, do not proceed.
global $i18n;
if ($this->err->yes()) return false; // There are errors, do not proceed.
global $i18n;
-
- // Protection fom too many recent bot registrations from user IP.
- if ($this->registeredRecently()) {
- $this->err->add($i18n->get('error.access_denied'));
- return false;
+ global $user;
+
+ // Protection from too many recent bot registrations from user IP.
+ if (!$this->created_by_id) { // No problems for logged in user (site admin).
+ if ($this->registeredRecently()) {
+ $this->err->add($i18n->get('error.access_denied'));
+ return false;
+ }
}
import('ttUserHelper');
}
import('ttUserHelper');
@@
-100,12
+114,12
@@
class ttRegistrator {
// Create a new group.
$this->group_id = $this->createGroup();
// Create a new group.
$this->group_id = $this->createGroup();
+ $this->org_id = $this->group_id;
if (!$this->group_id) {
$this->err->add($i18n->get('error.db'));
return false;
}
if (!$this->group_id) {
$this->err->add($i18n->get('error.db'));
return false;
}
- import('ttRoleHelper');
if (!ttRoleHelper::createPredefinedRoles($this->group_id, $this->lang)) {
$err->add($i18n->get('error.db'));
return false;
if (!ttRoleHelper::createPredefinedRoles($this->group_id, $this->lang)) {
$err->add($i18n->get('error.db'));
return false;
@@
-114,11
+128,13
@@
class ttRegistrator {
$this->user_id = $this->createUser();
if (!$this->user_id) {
$this->user_id = $this->createUser();
if (!$this->user_id) {
- $err->add($i18n->get('error.db'));
+ $
this->
err->add($i18n->get('error.db'));
return false;
}
return false;
}
- if (!$this->setCreatedBy($this->user_id))
+ // Set created_by appropriately.
+ $created_by = $this->created_by_id ? $this->created_by_id : $this->user_id;
+ if (!$this->setCreatedBy($created_by))
return false;
return true;
return false;
return true;
@@
-159,9
+175,9
@@
class ttRegistrator {
$email = $mdb2->quote($this->email);
$created = 'now()';
$created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']);
$email = $mdb2->quote($this->email);
$created = 'now()';
$created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']);
- $values = "values($login, $password, $name, $this->group_id, $this->role_id, $email, $created, $created_ip)";
+ $values = "values($login, $password, $name, $this->group_id, $this->
org_id, $this->
role_id, $email, $created, $created_ip)";
- $sql = 'insert into tt_users (login, password, name, group_id, role_id, email, created, created_ip) '.$values;
+ $sql = 'insert into tt_users (login, password, name, group_id,
org_id,
role_id, email, created, created_ip) '.$values;
$affected = $mdb2->exec($sql);
if (!is_a($affected, 'PEAR_Error')) {
$user_id = $mdb2->lastInsertID('tt_users', 'id');
$affected = $mdb2->exec($sql);
if (!is_a($affected, 'PEAR_Error')) {
$user_id = $mdb2->lastInsertID('tt_users', 'id');
@@
-171,14
+187,14
@@
class ttRegistrator {
}
// The setCreatedBy sets created_by field for both group and user to passed in user_id.
}
// The setCreatedBy sets created_by field for both group and user to passed in user_id.
- function setCreatedBy($user_id) {
+
private
function setCreatedBy($user_id) {
if ($this->err->yes()) return false; // There are errors, do not proceed.
global $i18n;
$mdb2 = getConnection();
// Update group.
if ($this->err->yes()) return false; // There are errors, do not proceed.
global $i18n;
$mdb2 = getConnection();
// Update group.
- $sql = "update tt_groups set created_by = $user_id where id = $this->group_id";
+ $sql = "update tt_groups set created_by = $user_id where id = $this->group_id
and org_id = $this->org_id
";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error')) {
$this->err->add($i18n->get('error.db'));
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error')) {
$this->err->add($i18n->get('error.db'));
@@
-186,7
+202,7
@@
class ttRegistrator {
}
// Update top manager.
}
// Update top manager.
- $sql = "update tt_users set created_by = $user_id where id = $
user_id and group_id = $this->group
_id";
+ $sql = "update tt_users set created_by = $user_id where id = $
this->user_id and group_id = $this->group_id and org_id = $this->org
_id";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error')) {
$this->err->add($i18n->get('error.db'));
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error')) {
$this->err->add($i18n->get('error.db'));