6 * @package TRPG Data Bank
8 * @author Cake <cake_67@users.sourceforge.jp>
9 * @license http://www.opensource.org/licenses/mit-license.php The MIT License
10 * @link http://trpgtools-onweb.sourceforge.jp/
12 class UsersController extends AppController {
21 var $components = array(
25 var $disableTokenActions = array('add');
27 // listView用のpagenate設定
28 var $paginate = array(
29 'conditions' => array(
48 var $search_cols = array('User.name');
50 function beforeFilter() {
52 parent::beforeFilter();
55 $this->cacheAction = array(
56 'view' => Configure::read('Cache.expire'),
57 'listview' => Configure::read('Cache.expire'),
61 $this->AuthPlus->allow('index');
62 $this->AuthPlus->allow('view');
63 $this->AuthPlus->allow('add');
64 $this->AuthPlus->allow('regist_end');
65 $this->AuthPlus->allow('logout');
66 $this->AuthPlus->allow('get_user');
72 $this->AuthPlus->deleteAuth();
74 $this->set('title_for_layout', " - ". __('Login', true));
81 function regist_end() {
82 $this->set('title_for_layout', " - ". __('Regist Mail', true));
86 $mycharacters = array();
87 if (empty($this->site_configs['Site.myHome']['value']) && $this->params['url']['url'] == '/') {
88 // $this->redirect(array('controller' => 'characters', 'action'=>'mycharacter'));
89 $mycharacters = $this->requestAction(
90 array('controller' => 'characters', 'action' => 'mycharacter'),
95 if ($this->AuthPlus->user()) {
96 $name = $this->user['User']['name'];
99 $name = __('Guest', true);
101 $this->set('title_for_layout', " - ". sprintf(__("%s's Home", true), $name));
104 self::_view($this->user_id);
107 $this->set('news', $this->get_news());
110 $this->set('mycharacters', $mycharacters);
113 function view($id = null) {
114 if ($id && $id == $this->AuthPlus->user("id")) {
115 $this->redirect(array('action'=>'index'));
118 $user = $this->getUser($id);
120 $this->redirect(array('action'=>'listview'));
122 $this->set('target_user', $user);
123 $this->set('title_for_layout', " - ". sprintf(__("%s's Home", true), $user['User']['name']));
125 $this->set('isOwner', false);
130 function listview() {
137 self::_search(false);
140 function add($code = null) {
142 if (!$this->site_configs['User.newUserRegist']['value']) {
143 $this->Session->setFlash(__('Unavailable Now.', true));
144 $this->redirect(array('action'=>'index'));
148 if ($this->site_configs['User.registMail']['value']) {
150 $this->redirect(array('controller' => 'regist_mails', 'action'=>'add'));
153 $registData = $this->{$this->modelClass}->getRegistData4code($code);
154 // $codeに該当するデータなし、user_idに紐づいている
155 if (empty($registData) || !empty($registData['RegistMail']['user_id'])) {
156 $this->Session->setFlash(__('Invalid URL.', true));
157 $this->redirect(array('controller' => 'users', 'action'=>'login'));
161 if (!empty($this->data)) {
162 self::_add($registData);
165 $this->set('code', $code);
166 $this->set('idLength', Configure::read('User.UserId.Length'));
167 $this->set('passwordLength', Configure::read('User.Password.Length'));
169 $this->set('title_for_layout', " - ". __('Add New User', true));
174 $this->_check_demo();
176 $id = $this->AuthPlus->user("id");
180 $this->set('title_for_layout', " - ". __('Edit User', true));
183 function edit_image() {
184 $id = $this->AuthPlus->user("id");
185 $user = $this->getUser($id);
187 if (!empty($this->data)) {
189 if (count($this->data['Attachment']) > 2) {
190 $this->Session->setFlash(__('Invalid data.', true));
191 $this->redirect(array('action'=>'edit_image'));
194 if (count($user['Attachment']) == 1) {
195 if (!empty($this->data['Attachment'][0])) {
196 $this->Session->setFlash(__('Invalid data.', true));
197 $this->redirect(array('action'=>'edit_image'));
201 $this->data['User']['id'] = $id;
216 if ($this->User->saveAll($this->data, array(
217 'validate' => 'first',
218 'fieldList' => $fieldList
220 $this->Session->setFlash(__('The User image has been saved', true));
221 $this->redirect(array('action'=>'edit_image'));
223 $this->Session->setFlash(__('The data could not be saved. Please, try again.', true));
224 $this->data['User']['id'] = $id;
230 $this->set('title_for_layout', " - ". __('Edit Image', true));
233 function edit_mail($code = null) {
235 $this->Session->setFlash(__('Invalid URL.', true));
236 $this->redirect(array('controller' => 'users', 'action'=>'login'));
239 $registData = $this->{$this->modelClass}->getRegistData4code($code);
241 // $codeに該当するデータなし、user_idが異なる
242 if (empty($registData) || empty($registData['RegistMail']['user_id']) || $registData['RegistMail']['user_id'] != $this->user_id) {
243 $this->Session->setFlash(__('Invalid URL.', true));
244 $this->redirect(array('controller' => 'users', 'action'=>'login'));
247 $this->set('title_for_layout', " - ". __('Regist Mail', true));
248 self::_edit_mail($registData);
251 function change_password() {
253 $this->_check_demo();
255 $id = $this->AuthPlus->user("id");
256 self::_change_password($id);
258 $this->set('passwordLength', Configure::read('User.Password.Length'));
260 $this->set('title_for_layout', " - ". __('Change Password', true));
265 $this->_check_demo();
267 $id = $this->AuthPlus->user("id");
269 $this->set('title_for_layout', " - ". __('Delete Your Account', true));
275 function admin_index() {
276 $this->redirect(array('controller' => 'users', 'action'=>'admin_listview'));
279 function admin_listview() {
280 $this->paginate['fields'] = array_merge($this->paginate['fields'], array(
290 unset($this->User->hasMany['Character']['conditions']['Character.public_flag']);
293 $this->paginate['conditions']['User.group_id'] = array(
294 Configure::read('Group.admin'),
295 Configure::read('Group.subadmin'),
296 Configure::read('Group.watcher'),
297 Configure::read('Group.member'),
298 Configure::read('Group.locked'),
299 Configure::read('Group.pre'),
302 self::_listview(true);
306 function admin_search() {
307 $this->search_cols = array_merge($this->search_cols, array('User.notes', 'User.useragent', 'User.host'));
312 function admin_view($id = null) {
314 $this->Session->setFlash(__('Invalid User.', true));
315 $this->redirect(array('controller' => 'users', 'action'=>'index'));
318 $user = $this->getUser($id, true);
320 $this->redirect(array('action'=>'listview'));
322 $user['User'] = $this->decrypt_mail($user['User']);
324 $this->set('target_user', $user);
326 $this->set('title_for_layout', " - ". $user['User']['name']);
329 function admin_add() {
330 if (!empty($this->data)) {
334 $this->set('idLength', Configure::read('User.UserId.Length'));
335 $this->set('passwordLength', Configure::read('User.Password.Length'));
337 $this->set('title_for_layout', " - ". __('Add New User', true));
340 function admin_change_password($id = null) {
342 if (!$id && empty($this->data)) {
343 $this->Session->setFlash(__('Invalid Id.', true));
344 $this->redirect(array('controller' => 'users', 'action'=>'index'));
346 if (!empty($this->data)) {
347 $result = self::_exe_change_password($id);
349 $this->Session->setFlash(__('The password has been changed.', true));
350 $this->redirect(array('controller' => 'users', 'action'=>'index'));
353 if (empty($this->data)) {
354 $this->data = $this->User->read(null, $id);
357 $this->set('passwordLength', Configure::read('User.Password.Length'));
358 $this->set('target_user', $this->User->read(null, $id));
360 $this->set('title_for_layout', " - ". __('Change Password', true));
363 function admin_delete($id = null) {
365 $this->Session->setFlash(__('Invalid Id.', true));
366 $this->redirect(array('controller' => 'users', 'action'=>'index'));
369 $result = self::_exe_delete($id, true);
371 $this->redirect(array('controller' => 'users', 'action'=>'index'));
375 $user = $this->getUser($id, true, true);
377 $this->Session->setFlash(__('No User', true));
378 $this->redirect(array('controller' => 'users', 'action'=>'listview'));
380 $this->set('target_user', $user);
382 $this->data['User']['id'] = $id;
384 $this->set('title_for_layout', " - ". __('Delete User', true));
390 $this->User->deleteCache4User();
392 $this->Session->setFlash(__('Logout.', true));
393 $this->redirect($this->AuthPlus->logout());
398 $this->set('target_user', $user);
400 $this->set('isOwner', true);
403 function _view($id = null) {
406 $target_user_characters = array();
409 $target_user_characters = $this->_get_characters_list4user_id($id, array(), 5, array(), array('System'));
411 $this->set('target_user_characters', $target_user_characters);
414 $public_characters = array();
415 if (empty($id) || ($id == $this->user_id)) {
417 $public_characters = $this->_get_characters_list4user_id(null, array(), 5, array(), array('System', 'User'));
419 $this->set('public_characters', $public_characters);
421 $this->set_public_flag4view();
424 function _listview($isAdmin = false) {
426 $this->paginate['fields'] = array_merge($this->paginate['fields'], array(
437 unset($this->User->hasMany['Character']['conditions']['Character.public_flag']);
440 $this->paginate['conditions']['User.group_id'] = array(
441 Configure::read('Group.admin'),
442 Configure::read('Group.subadmin'),
443 Configure::read('Group.watcher'),
444 Configure::read('Group.member'),
445 Configure::read('Group.locked'),
446 Configure::read('Group.pre'),
450 $this->paginate['conditions']['User.group_id'] = array(
451 Configure::read('Group.admin'),
452 Configure::read('Group.subadmin'),
453 Configure::read('Group.watcher'),
454 Configure::read('Group.member'),
455 Configure::read('Group.locked'),
459 $users = $this->paginate();
461 if (!empty($users)) {
462 foreach ($users as $k => $v) {
464 if (isset($v['User']['pcmail']) && !empty($v['User']['pcmail'])) {
465 $users[$k]['User']['pcmail'] = $this->Crypt->decrypt($v['User']['pcmail']);
469 if (empty($v['Character'])) {
471 $users[$k]['User']['character_num'] = 0;
473 $users[$k]['User']['character_num'] = $this->User->Character->find('count', array(
474 'conditions' => array_merge($this->User->hasMany['Character']['conditions'],
475 array('Character.user_id' => $v['User']['id'])),
481 $users = $this->HtmlEscape->nl_unescape($users);
483 $this->set('users', $users);
485 $this->set('title_for_layout', " - ". __('Users List', true));
488 function _search($isAdmin = false) {
492 if (isset($this->params['url']['keyword'])) {
493 $keywords = rawurldecode($this->params['url']['keyword']);
498 if (!empty($keywords)) {
499 $searchwords = explode(",", $keywords);
501 $conditions = array();
502 foreach ($this->search_cols as $k1 => $search_col) {
503 foreach ($searchwords as $k2 => $searchword) {
505 $conditions[$k1] .= ' '. $type. ' ';
507 $conditions[$k1] = '';
510 $conditions[$k1] .= $search_col. ' LIKE '. '\'%'. $searchword. '%\'';
514 $this->paginate['conditions']['OR'] = $conditions;
516 $searchwords['keywords'] = $keywords;
518 $searchwords['keywords'] = null;
520 $this->set('searchwords', $searchwords);
522 self::_listview($isAdmin);
524 if (isset($keywords)) {
525 $this->set('title_for_layout', " - ". $keywords. ' '. __('Search Result', true));
527 $this->set('title_for_layout', " - ". __('Search', true));
530 function _add($registData = array()) {
531 if (!$this->isAdmin) {
532 $this->data['User']['group_id'] = Configure::read('Group.member');
533 $this->AuthPlus->logout();
537 if ($this->site_configs['User.registMail']['value'] && !$this->isAdmin) {
538 if (empty($registData)) {
539 $this->redirect(array('controller' => 'regist_mails', 'action'=>'add'));
542 if (!empty($registData)) {
543 $this->data['User']['pcmail'] = $this->Crypt->decrypt($registData['RegistMail']['mail']);
548 $this->User->set($this->data);
549 if ($this->User->validates()) {
550 $fieldList = $this->User->fields['add'];
552 // ACL設定(デフォルト:一般ユーザ)
553 if (!isset($this->data['User']['group_id'])) {
554 $this->data['User']['group_id'] = Configure::read('Group.member');
558 $this->data['User']['password'] = $this->AuthPlus->password($this->data['User']['password1']);
561 $fieldList = array_merge($fieldList, array('pcmail'));
562 $this->data['User']['pcmail'] = $this->Crypt->crypt($this->data['User']['pcmail']);
565 if (!$this->isAdmin) {
566 $this->data['User']['useragent'] = $_SERVER["HTTP_USER_AGENT"];
567 $this->data['User']['host'] = gethostbyaddr($_SERVER["REMOTE_ADDR"]);
571 $this->User->create();
572 if ($this->User->save($this->data, array('fieldList' => $fieldList, 'validate' => false))) {
573 if (!$this->isAdmin) {
574 if ($this->site_configs['User.registMail']['value']) {
575 if (!empty($registData)) {
576 $this->{$this->modelClass}->deleteRegistData4mail($registData['RegistMail']['mail']);
580 $this->Session->setFlash(__('The User has been saved. Please Login.', true));
581 $this->redirect(array('controller' => 'users', 'action'=>'index'));
583 $this->Session->setFlash(__('The User has been saved', true));
585 $this->redirect(array('controller' => 'users', 'action'=>'view', $this->User->id));
588 $this->Session->setFlash(__('The User cannot be saved.', true));
591 if (isset($this->User->validationErrors['pcmail'])) {
592 $this->Session->setFlash($this->validationErrors['pcmail']);
593 if (!empty($registData)) {
594 $this->{$this->modelClass}->deleteRegistData4mail($registData['RegistMail']['mail']);
597 $this->redirect(array('controller' => 'users', 'action'=>'index'));
601 function _edit($id) {
602 if (!empty($this->data)) {
603 $this->data['User']['id'] = $id;
604 if ($this->User->save($this->data)) {
605 $this->Session->setFlash(__('The User has been saved', true));
606 $this->redirect(array('action'=>'index'));
608 $this->Session->setFlash(__('The data could not be saved. Please, try again.', true));
611 if (empty($this->data)) {
612 $this->data = $this->User->read(null, $id);
614 $this->data['User'] = $this->_restore_html_user($this->data['User'], true);
618 function _edit_mail($registData = array()) {
619 $data['User']['pcmail'] = $registData['RegistMail']['mail'];
620 $fields = array('pcmail');
623 $data['User']['id'] = $this->user_id;
624 if ($this->User->save($data, array('fieldList' => $fields, 'validate' => false))) {
625 $this->{$this->modelClass}->deleteRegistData4mail($registData['RegistMail']['mail']);
627 $this->Session->setFlash(__('The User has been saved', true));
628 $this->redirect(array('action'=>'index'));
631 $this->Session->setFlash(__('The data could not be saved. Please, try again.', true));
632 $this->redirect(array('action'=>'index'));
635 function _change_password($id) {
636 if (!empty($this->data)) {
637 $data = $this->User->read('password', $id);
638 if ($data['User']['password'] != $this->AuthPlus->password($this->data['User']['password'])) {
639 $this->Session->setFlash(__('Old Password is wrong.', true));
641 $result = self::_exe_change_password($id);
643 $this->Session->setFlash(__('The password has been changed. Please login at new password.', true));
644 $this->redirect($this->AuthPlus->logout());
649 function _exe_change_password($id) {
651 $this->User->set($this->data);
652 if ($this->User->validates()) {
653 $this->data['User']['id'] = $id;
656 $this->data[$this->AuthPlus->userModel]['password'] = $this->AuthPlus->password($this->data[$this->AuthPlus->userModel]['password1']);
658 if ($this->User->save($this->data, array('fieldList' => array('password')))) {
661 $this->Session->setFlash(__('The data could not be saved. Please, try again.', true));
667 function _delete($id) {
669 $data = $this->User->read('password', $id);
670 if ($data['User']['password'] != $this->AuthPlus->password($this->data['User']['password'])) {
671 $this->Session->setFlash(__('Password is wrong.', true));
673 $result = self::_exe_delete($id, false);
675 $this->redirect($this->AuthPlus->logout());
677 $this->redirect(array('action'=>'index'));
682 function _exe_delete($id, $isAdmin=false) {
683 $user = $this->getUser($id, $isAdmin, true);
687 if ($user['User']['group_id'] == Configure::read('Group.admin')) {
688 $this->Session->setFlash(__('Super Administrator can not be deleted.', true));
693 $this->data['User']['id'] = $id;
694 $this->data['User']['group_id'] = Configure::read('Group.deleted');
696 $this->User->create();
697 $result = $this->User->save(
701 'fieldList' => array(
707 $result = $this->User->delete($id);
711 if (!empty($user['Character'])) {
712 App::import('Controller', 'Characters');
713 $this->CharactersController = new CharactersController;
714 $this->CharactersController->Character = CorePlus::set_model('Character');
715 $this->CharactersController->Session = new SessionComponent;
716 $this->CharactersController->data['Character'] = $this->data['Character'];
718 foreach ($user['Character'] as $character) {
719 $this->CharactersController->_delete($character['id'], array(), true);
722 $this->Session->setFlash(sprintf(__('%s was deleted.', true), $user['User']['name']));
725 $this->Session->setFlash(__('The account could not be deleted.', true));
731 function get_user() {