2 class UsersController extends ModuleController {
11 var $actionMapPlus = array(
13 'change_password' => 'update',
14 'edit_image' => 'update',
17 var $disableTokenActions = array('add','mobile_add');
19 function beforeFilter() {
21 parent::beforeFilter();
24 $this->AuthPlus->allow('index');
25 $this->AuthPlus->allow('view');
26 $this->AuthPlus->allow('add'); //todo:メール認証etc
27 $this->AuthPlus->allow('logout');
28 $this->AuthPlus->allow('to_login');
29 $this->AuthPlus->allow('mobile_login');
30 $this->AuthPlus->allow('mobile_add'); //todo:メール認証etc
31 $this->AuthPlus->allow('mobile_logout');
32 $this->AuthPlus->allow('mobile_to_login');
39 $this->AuthPlus->deleteAuth();
46 function to_login($refresh = 3)
49 $this->AuthPlus->logout();
51 $this->set('refresh', array('time' => $refresh, 'url' => Router::url(array('controller' => 'characters', 'action' => 'index'), false)));
56 if ($this->AuthPlus->user()) {
57 $this->set('isOwner', true);
58 $this->pageTitle = $this->AuthPlus->user('name'). __("'s Home", true);
62 $this->pageTitle = __('Guest', true). __("'s Home", true);
65 self::_view($this->user_id);
68 function view($id = null) {
69 if ($id && $id == $this->AuthPlus->user("id")) {
70 $this->redirect(array('action'=>'index'));
73 $user = $this->getUser($id);
75 $this->redirect(array('action'=>'listview'));
77 $this->set('target_user', $user);
79 if (!empty($this->user_id) && $this->user_id == $id) {
80 $this->set('isOwner', true);
82 $this->set('isOwner', false);
94 if (!empty($this->data)) {
98 $this->set('idLength', Configure::read('User.UserId.Length'));
99 $this->set('passwordLength', Configure::read('User.Password.Length'));
103 $id = $this->AuthPlus->user("id");
108 function edit_image() {
109 $id = $this->AuthPlus->user("id");
110 $user = $this->getUser($id);
112 if (!empty($this->data)) {
114 if (count($this->data['Attachment']) > 2) {
115 $this->Session->setFlash(__('Invalid data.', true));
116 $this->redirect(array('action'=>'edit_image'));
118 if (count($user['Attachment']) == 1) {
119 if (!empty($this->data['Attachment'][0])) {
120 $this->Session->setFlash(__('Invalid data.', true));
121 $this->redirect(array('action'=>'edit_image'));
125 $this->data['User']['id'] = $id;
140 if ($this->User->saveAll($this->data, array(
141 'validate' => 'first',
142 'fieldList' => $fieldList
144 $this->Session->setFlash(__('The User image has been saved', true));
145 $this->redirect(array('action'=>'edit_image'));
147 $this->Session->setFlash(__('The User image could not be saved. Please, try again.', true));
148 $this->data['User']['id'] = $id;
156 function change_password() {
157 $id = $this->AuthPlus->user("id");
158 self::_change_password($id);
160 $this->set('passwordLength', Configure::read('User.Password.Length'));
164 $id = $this->AuthPlus->user("id");
170 function mobile_login() {
172 $this->AuthPlus->deleteAuth();
175 function mobile_logout() {
179 function mobile_index() {
181 if ($this->AuthPlus->user()) {
182 $this->set('isOwner', true);
183 $this->pageTitle = $this->AuthPlus->user('name'). __("'s Home", true);
187 $this->pageTitle = __('Guest', true). __("'s Home", true);
190 function mobile_view($id = null) {
191 $user = $this->getUser($id);
193 $this->redirect(array('action'=>'listview'));
195 $this->set('target_user', $user);
200 function mobile_listview() {
205 function mobile_add() {
206 if (!empty($this->data)) {
210 $this->set('idLength', Configure::read('User.UserId.Length'));
211 $this->set('passwordLength', Configure::read('User.Password.Length'));
214 function mobile_edit() {
215 $id = $this->AuthPlus->user("id");
220 function mobile_change_password() {
221 $id = $this->AuthPlus->user("id");
223 self::_change_password($id);
225 $this->set('passwordLength', Configure::read('User.Password.Length'));
228 function mobile_delete() {
229 $id = $this->AuthPlus->user("id");
235 function admin_index() {
236 $this->redirect(array('controller' => 'users', 'action'=>'admin_listview'));
239 function admin_listview() {
242 $this->User->contain();
244 $searchword = array();
245 if (!empty($this->data)) {
246 if (isset($this->data['User']['name'])) {
247 $name = $this->data['User']['name'];
250 if (isset($this->passedArgs['name'])) {
251 $name = urldecode($this->passedArgs['name']);
257 $this->data['User']['name'] = $name;
258 $contain["User.name LIKE"] = "%".Sanitize::html($name)."%";
259 $searchword['name'] = urlencode($name);
261 $this->set('searchword', $searchword);
263 $this->set('users', $this->paginate('User', $contain));
267 function admin_view($id = null) {
269 $this->Session->setFlash(__('Invalid User.', true));
270 $this->redirect(array('controller' => 'users', 'action'=>'index'));
273 $user = $this->getUser($id);
275 $this->redirect(array('action'=>'listview'));
277 $this->set('target_user', $user);
279 $this->set('target_user', $this->User->read(null, $id));
282 function admin_add() {
283 if (!empty($this->data)) {
287 $this->set('idLength', Configure::read('User.UserId.Length'));
288 $this->set('passwordLength', Configure::read('User.Password.Length'));
291 function admin_change_password($id = null) {
293 if (!$id && empty($this->data)) {
294 $this->Session->setFlash(__('No ID', true));
295 $this->redirect(array('controller' => 'users', 'action'=>'index'));
297 if (!empty($this->data)) {
298 $result = self::_exe_change_password($id);
300 $this->Session->setFlash(__('The password has been changed.', true));
301 $this->redirect(array('controller' => 'users', 'action'=>'index'));
304 if (empty($this->data)) {
305 $this->data = $this->User->read(null, $id);
308 $this->set('passwordLength', Configure::read('User.Password.Length'));
309 $this->set('target_user', $this->User->read(null, $id));
312 function admin_delete($id = null) {
314 $this->Session->setFlash(__('No ID', true));
315 $this->redirect(array('controller' => 'users', 'action'=>'index'));
318 $result = self::_exe_delete($id);
320 $this->redirect(array('controller' => 'users', 'action'=>'index'));
324 $user = $this->getUser($id);
326 $this->Session->setFlash(__('No Member', true));
327 $this->redirect(array('controller' => 'users', 'action'=>'listview'));
329 $this->set('target_user', $user);
331 $this->data['User']['id'] = $id;
336 $this->Session->setFlash(__('Logout.', true));
337 $this->redirect($this->AuthPlus->logout());
342 $this->User->id = $this->AuthPlus->user('id');
343 $this->User->save(array(
344 'useragent' => $_SERVER["HTTP_USER_AGENT"],
345 'host' => gethostbyaddr($_SERVER["REMOTE_ADDR"]),
349 $user = $this->getUser($this->User->id);
350 $this->set('target_user', $user);
353 function _view($id) {
356 $this->Character = CorePlus::set_model('Character');
357 $public_characters = $this->Character->find('all', array(
358 'conditions' => array(
359 'Character.public_flag' => 'public',
360 'Character.deleted' => 0,
368 'order' => array('Character.modified' => 'DESC'),
371 $this->set('public_characters', $public_characters);
374 function _listview() {
375 $this->User->recursive = -1;
376 $this->set('users', $this->paginate());
380 if (!$this->isAdmin) {
381 unset($this->data['User']['group_id']);
384 $this->User->set($this->data);
385 if ($this->User->validates()) {
387 // ACL設定(デフォルト:一般ユーザ)
388 if (!isset($this->data['User']['group_id'])) {
389 $this->data['User']['group_id'] = Configure::read('Group.member');
393 $this->data['User']['password'] = $this->AuthPlus->password($this->data['User']['password1']);
396 if (!$this->isAdmin) {
397 $this->data['User']['useragent'] = $_SERVER["HTTP_USER_AGENT"];
398 $this->data['User']['host'] = gethostbyaddr($_SERVER["REMOTE_ADDR"]);
402 $this->User->create();
403 if ($this->User->save($this->data, array('fieldList' => $this->User->fields['add']))) {
404 $this->Session->setFlash(__('The User has been saved', true));
405 if (!$this->isAdmin) {
406 $this->redirect($this->AuthPlus->logoutRedirect);
408 $this->redirect(array('controller' => 'users', 'action'=>'listview'));
411 $this->Session->setFlash(__('The User cannot be saved.', true));
416 function _edit($id) {
417 if (!empty($this->data)) {
418 $this->data['User']['id'] = $id;
419 if ($this->User->save($this->data)) {
420 $this->Session->setFlash(__('The User has been saved', true));
422 $this->redirect(array('action'=>'index'));
424 $this->Session->setFlash(__('The User could not be saved. Please, try again.', true));
427 if (empty($this->data)) {
428 $this->data = $this->User->read(null, $id);
430 $this->data['User']['name'] = $this->User->restore_html($this->data['User']['name'], false);
434 function _change_password($id) {
435 if (!empty($this->data)) {
436 $data = $this->User->read('password', $id);
437 if ($data['User']['password'] != $this->AuthPlus->password($this->data['User']['password'])) {
438 $this->Session->setFlash(__('Old Password is wrong.', true));
440 $result = self::_exe_change_password($id);
442 $this->Session->setFlash(__('The password has been changed. Please login at new password.', true));
443 $this->redirect($this->AuthPlus->logout());
448 function _exe_change_password($id) {
450 $this->User->set($this->data);
451 if ($this->User->validates()) {
452 $this->data['User']['id'] = $id;
455 $this->data[$this->AuthPlus->userModel]['password'] = $this->AuthPlus->password($this->data[$this->AuthPlus->userModel]['password1']);
457 if ($this->User->save($this->data, array('fieldList' => array('password')))) {
460 $this->Session->setFlash(__('The User could not be saved. Please, try again.', true));
466 function _delete($id) {
468 $data = $this->User->read('password', $id);
469 if ($data['User']['password'] != $this->AuthPlus->password($this->data['User']['password'])) {
470 $this->Session->setFlash(__('Password is wrong.', true));
472 $result = self::_exe_delete($id);
474 $this->redirect($this->AuthPlus->logout());
476 $this->redirect(array('action'=>'index'));
481 function _exe_delete($id) {
482 $user = $this->getUser($id);
486 if ($user['User']['group_id'] == 1) {
487 $this->Session->setFlash(__('Super Administrator can not be deleted.', true));
490 if ($this->User->del($id)) {
491 $this->Session->setFlash(sprintf(__('%s was deleted.', true), $user['User']['name']));
494 $this->Session->setFlash(__('The account could not be deleted.', true));