8 * @author Cake <cake_67@users.sourceforge.jp>
9 * @license http://www.opensource.org/licenses/mit-license.php The MIT License
10 * @link http://trpgtools-onweb.sourceforge.jp/
12 class UsersController extends ModuleController {
21 var $components = array(
25 var $disableTokenActions = array('add','mobile_add');
27 // listView用のpagenate設定
28 var $paginate = array(
29 'conditions' => array(
47 function beforeFilter() {
49 parent::beforeFilter();
52 $this->cacheAction = array(
53 'view/' => Configure::read('Cache.expire'),
54 'listview' => Configure::read('Cache.expire'),
58 $this->AuthPlus->allow('index');
59 $this->AuthPlus->allow('view');
60 $this->AuthPlus->allow('add');
61 $this->AuthPlus->allow('regist_end');
62 $this->AuthPlus->allow('logout');
63 $this->AuthPlus->allow('mobile_login');
64 $this->AuthPlus->allow('mobile_add'); //todo:メール認証etc
65 $this->AuthPlus->allow('mobile_logout');
66 $this->AuthPlus->allow('get_user');
72 $this->AuthPlus->deleteAuth();
74 $this->pageTitle .= " - ". __('Login', true);
81 function regist_end() {
82 $this->pageTitle .= " - ". __('Regist Mail', true);
87 if ($this->AuthPlus->user()) {
88 $name = $this->user['User']['name'];
91 $name = __('Guest', true);
93 $this->pageTitle .= " - ". sprintf(__("%s's Home", true), $name);
96 self::_view($this->user_id);
99 function view($id = null) {
100 if ($id && $id == $this->AuthPlus->user("id")) {
101 $this->redirect(array('action'=>'index'));
104 $user = $this->getUser($id);
106 $this->redirect(array('action'=>'listview'));
108 $this->set('target_user', $user);
109 $this->pageTitle .= " - ". sprintf(__("%s's Home", true), $user['User']['name']);
111 if (!empty($this->user_id) && $this->user_id == $id) {
112 $this->set('isOwner', true);
114 $this->set('isOwner', false);
120 function listview() {
125 function add($code = null) {
127 if (!$this->site_configs['Site.newUserRegist']['value']) {
128 $this->Session->setFlash(__('NO AVAILABLE NOW.', true));
129 $this->redirect(array('action'=>'index'));
133 if ($this->site_configs['Site.registMail']['value']) {
135 $this->redirect(array('controller' => 'regist_mails', 'action'=>'add'));
138 $registData = $this->{$this->modelClass}->getRegistData4code($code);
139 // $codeに該当するデータなし、user_idに紐づいている
140 if (empty($registData) || !empty($registData['RegistMail']['user_id'])) {
141 $this->Session->setFlash(__('Invalid URL.', true));
142 $this->redirect(array('controller' => 'users', 'action'=>'login'));
146 if (!empty($this->data)) {
147 self::_add($registData);
150 $this->set('code', $code);
151 $this->set('idLength', Configure::read('User.UserId.Length'));
152 $this->set('passwordLength', Configure::read('User.Password.Length'));
154 $this->pageTitle .= " - ". __('Add New User', true);
159 $this->_check_demo();
161 $id = $this->AuthPlus->user("id");
165 $this->pageTitle .= " - ". __('Edit User', true);
168 function edit_image() {
169 $id = $this->AuthPlus->user("id");
170 $user = $this->getUser($id);
172 if (!empty($this->data)) {
174 if (count($this->data['Attachment']) > 2) {
175 $this->Session->setFlash(__('Invalid data.', true));
176 $this->redirect(array('action'=>'edit_image'));
178 if (count($user['Attachment']) == 1) {
179 if (!empty($this->data['Attachment'][0])) {
180 $this->Session->setFlash(__('Invalid data.', true));
181 $this->redirect(array('action'=>'edit_image'));
185 $this->data['User']['id'] = $id;
200 if ($this->User->saveAll($this->data, array(
201 'validate' => 'first',
202 'fieldList' => $fieldList
204 $this->Session->setFlash(__('The User image has been saved', true));
205 $this->redirect(array('action'=>'edit_image'));
207 $this->Session->setFlash(__('The data could not be saved. Please, try again.', true));
208 $this->data['User']['id'] = $id;
214 $this->pageTitle .= " - ". __('Edit Image', true);
217 function edit_mail($code = null) {
219 $this->Session->setFlash(__('Invalid URL.', true));
220 $this->redirect(array('controller' => 'users', 'action'=>'login'));
222 $registData = $this->{$this->modelClass}->getRegistData4code($code);
223 // $codeに該当するデータなし、user_idが異なる
224 if (empty($registData) || empty($registData['RegistMail']['user_id']) || $registData['RegistMail']['user_id'] != $this->user_id) {
225 $this->Session->setFlash(__('Invalid URL.', true));
226 $this->redirect(array('controller' => 'users', 'action'=>'login'));
229 $this->pageTitle .= " - ". __('Regist Mail', true);
230 self::_edit_mail($registData);
233 function change_password() {
235 $this->_check_demo();
237 $id = $this->AuthPlus->user("id");
238 self::_change_password($id);
240 $this->set('passwordLength', Configure::read('User.Password.Length'));
242 $this->pageTitle .= " - ". __('Change Password', true);
247 $this->_check_demo();
249 $id = $this->AuthPlus->user("id");
251 $this->pageTitle .= " - ". __('Delete Your Account', true);
257 function mobile_login() {
259 $this->AuthPlus->deleteAuth();
262 function mobile_logout() {
266 function mobile_index() {
268 if ($this->AuthPlus->user()) {
269 $name = $this->user['User']['name'];
273 $name = __('Guest', true);
275 $this->pageTitle .= " - ". sprintf(__("%s's Home", true), $name);
277 function mobile_view($id = null) {
278 $user = $this->getUser($id);
280 $this->redirect(array('action'=>'listview'));
282 $this->set('target_user', $user);
287 function mobile_listview() {
292 function mobile_add() {
293 if (!empty($this->data)) {
297 $this->set('idLength', Configure::read('User.UserId.Length'));
298 $this->set('passwordLength', Configure::read('User.Password.Length'));
301 function mobile_edit() {
302 $id = $this->AuthPlus->user("id");
307 function mobile_change_password() {
308 $id = $this->AuthPlus->user("id");
310 self::_change_password($id);
312 $this->set('passwordLength', Configure::read('User.Password.Length'));
315 function mobile_delete() {
316 $id = $this->AuthPlus->user("id");
322 function admin_index() {
323 $this->redirect(array('controller' => 'users', 'action'=>'admin_listview'));
326 function admin_listview() {
329 $searchword = array();
330 if (!empty($this->data)) {
331 if (isset($this->data['User']['name'])) {
332 $name = $this->data['User']['name'];
335 if (isset($this->passedArgs['name'])) {
336 $name = urldecode($this->passedArgs['name']);
341 $this->data['User']['name'] = $name;
342 $this->paginate['conditions']['User.name LIKE'] = '%'.Sanitize::html($name).'%';
343 $searchword['name'] = urlencode($name);
345 $this->set('searchword', $searchword);
348 unset($this->User->hasMany['Character']['conditions']['Character.public_flag']);
351 unset($this->User->hasMany['Character']['conditions']['Character.public_flag']);
353 $this->paginate['fields'] = array_merge($this->paginate['fields'], array(
363 self::_listview(true);
367 function admin_view($id = null) {
369 $this->Session->setFlash(__('Invalid User.', true));
370 $this->redirect(array('controller' => 'users', 'action'=>'index'));
373 $user = $this->getUser($id, true);
375 $this->redirect(array('action'=>'listview'));
377 $user['User'] = $this->decrypt_mail($user['User']);
379 $this->set('target_user', $user);
381 $this->pageTitle .= " - ". $user['User']['name'];
384 function admin_add() {
385 if (!empty($this->data)) {
389 $this->set('idLength', Configure::read('User.UserId.Length'));
390 $this->set('passwordLength', Configure::read('User.Password.Length'));
392 $this->pageTitle .= " - ". __('Add New User', true);
395 function admin_change_password($id = null) {
397 if (!$id && empty($this->data)) {
398 $this->Session->setFlash(__('Invalid Id.', true));
399 $this->redirect(array('controller' => 'users', 'action'=>'index'));
401 if (!empty($this->data)) {
402 $result = self::_exe_change_password($id);
404 $this->Session->setFlash(__('The password has been changed.', true));
405 $this->redirect(array('controller' => 'users', 'action'=>'index'));
408 if (empty($this->data)) {
409 $this->data = $this->User->read(null, $id);
412 $this->set('passwordLength', Configure::read('User.Password.Length'));
413 $this->set('target_user', $this->User->read(null, $id));
415 $this->pageTitle .= " - ". __('Change Password', true);
418 function admin_delete($id = null) {
420 $this->Session->setFlash(__('Invalid Id.', true));
421 $this->redirect(array('controller' => 'users', 'action'=>'index'));
424 $result = self::_exe_delete($id, true);
426 $this->redirect(array('controller' => 'users', 'action'=>'index'));
430 $user = $this->getUser($id, true, true);
432 $this->Session->setFlash(__('No User', true));
433 $this->redirect(array('controller' => 'users', 'action'=>'listview'));
435 $this->set('target_user', $user);
437 $this->data['User']['id'] = $id;
439 $this->pageTitle .= " - ". __('Delete User', true);
445 $this->User->deleteCache4User();
447 $this->Session->setFlash(__('Logout.', true));
448 $this->redirect($this->AuthPlus->logout());
452 $user = $this->getUser($this->User->id);
453 $this->set('target_user', $user);
456 function _view($id = null) {
459 $target_user_characters = array();
462 $target_user_characters = $this->_get_characters_list4user_id($id, array(), 5, array(), array('System'));
464 $this->set('target_user_characters', $target_user_characters);
467 $public_characters = array();
468 if (empty($id) || ($id == $this->user_id)) {
470 $public_characters = $this->_get_characters_list4user_id(null, array(), 5, array(), array('System', 'User'));
472 $this->set('public_characters', $public_characters);
474 $this->set_public_flag4view();
477 function _listview($isAdmin = false) {
478 if ($isAdmin === true) {
479 $this->paginate['conditions']['User.group_id'] = array(
480 Configure::read('Group.admin'),
481 Configure::read('Group.subadmin'),
482 Configure::read('Group.watcher'),
483 Configure::read('Group.member'),
484 Configure::read('Group.locked'),
485 Configure::read('Group.pre'),
488 $this->paginate['conditions']['User.group_id'] = array(
489 Configure::read('Group.admin'),
490 Configure::read('Group.subadmin'),
491 Configure::read('Group.watcher'),
492 Configure::read('Group.member'),
493 Configure::read('Group.locked'),
496 $users = $this->paginate();
498 if (!empty($users)) {
499 foreach ($users as $k => $v) {
501 if (isset($v['User']['pcmail']) && !empty($v['User']['pcmail'])) {
502 $users[$k]['User']['pcmail'] = $this->Crypt->decrypt($v['User']['pcmail']);
506 if (empty($v['Character'])) {
508 $users[$k]['User']['character_num'] = 0;
510 $users[$k]['User']['character_num'] = $this->User->Character->find('count', array(
511 'conditions' => array_merge($this->User->hasMany['Character']['conditions'],
512 array('Character.user_id' => $v['User']['id'])),
518 $users = $this->HtmlEscape->nl_unescape($users);
520 $this->set('users', $users);
522 $this->pageTitle .= " - ". __('List Users', true);
525 function _add($registData = array()) {
526 if (!$this->isAdmin) {
527 $this->data['User']['group_id'] = Configure::read('Group.member');
528 $this->AuthPlus->logout();
532 if ($this->site_configs['Site.registMail']['value'] && !$this->isAdmin) {
533 if (empty($registData)) {
534 $this->redirect(array('controller' => 'regist_mails', 'action'=>'add'));
537 if (!empty($registData)) {
538 $this->data['User']['pcmail'] = $this->Crypt->decrypt($registData['RegistMail']['mail']);
543 $this->User->set($this->data);
544 if ($this->User->validates()) {
545 $fieldList = $this->User->fields['add'];
547 // ACL設定(デフォルト:一般ユーザ)
548 if (!isset($this->data['User']['group_id'])) {
549 $this->data['User']['group_id'] = Configure::read('Group.member');
553 $this->data['User']['password'] = $this->AuthPlus->password($this->data['User']['password1']);
556 if (!$this->isMobile) {
557 $fieldList = array_merge($fieldList, array('pcmail'));
558 $this->data['User']['pcmail'] = $this->Crypt->crypt($this->data['User']['pcmail']);
562 if (!$this->isAdmin) {
563 $this->data['User']['useragent'] = $_SERVER["HTTP_USER_AGENT"];
564 $this->data['User']['host'] = gethostbyaddr($_SERVER["REMOTE_ADDR"]);
568 $this->User->create();
569 if ($this->User->save($this->data, array('fieldList' => $fieldList, 'validate' => false))) {
570 if (!$this->isAdmin) {
571 if ($this->site_configs['Site.registMail']['value']) {
572 if (!empty($registData)) {
573 $this->{$this->modelClass}->deleteRegistData4mail($registData['RegistMail']['mail']);
577 $this->Session->setFlash(__('The User has been saved. Please Login.', true));
578 $this->redirect(array('controller' => 'users', 'action'=>'index'));
580 $this->Session->setFlash(__('The User has been saved', true));
582 $this->redirect(array('controller' => 'users', 'action'=>'view', $this->User->id));
585 $this->Session->setFlash(__('The User cannot be saved.', true));
588 if (isset($this->User->validationErrors['pcmail'])) {
589 $this->Session->setFlash($this->validationErrors['pcmail']);
590 if (!empty($registData)) {
591 $this->{$this->modelClass}->deleteRegistData4mail($registData['RegistMail']['mail']);
595 $this->redirect(array('controller' => 'users', 'action'=>'index'));
599 function _edit($id) {
600 if (!empty($this->data)) {
601 $this->data['User']['id'] = $id;
602 if ($this->User->save($this->data)) {
603 $this->Session->setFlash(__('The User has been saved', true));
604 $this->redirect(array('action'=>'index'));
606 $this->Session->setFlash(__('The data could not be saved. Please, try again.', true));
609 if (empty($this->data)) {
610 $this->data = $this->User->read(null, $id);
612 $this->data['User'] = $this->_restore_html_user($this->data['User'], true);
616 function _edit_mail($registData = array()) {
617 if ($this->isMobile) {
620 $data['User']['pcmail'] = $registData['RegistMail']['mail'];
621 $fields = array('pcmail');
625 $data['User']['id'] = $this->user_id;
626 if ($this->User->save($data, array('fieldList' => $fields, 'validate' => false))) {
627 $this->{$this->modelClass}->deleteRegistData4mail($registData['RegistMail']['mail']);
629 $this->Session->setFlash(__('The User has been saved', true));
630 $this->redirect(array('action'=>'index'));
633 $this->Session->setFlash(__('The data could not be saved. Please, try again.', true));
634 $this->redirect(array('action'=>'index'));
637 function _change_password($id) {
638 if (!empty($this->data)) {
639 $data = $this->User->read('password', $id);
640 if ($data['User']['password'] != $this->AuthPlus->password($this->data['User']['password'])) {
641 $this->Session->setFlash(__('Old Password is wrong.', true));
643 $result = self::_exe_change_password($id);
645 $this->Session->setFlash(__('The password has been changed. Please login at new password.', true));
646 $this->redirect($this->AuthPlus->logout());
651 function _exe_change_password($id) {
653 $this->User->set($this->data);
654 if ($this->User->validates()) {
655 $this->data['User']['id'] = $id;
658 $this->data[$this->AuthPlus->userModel]['password'] = $this->AuthPlus->password($this->data[$this->AuthPlus->userModel]['password1']);
660 if ($this->User->save($this->data, array('fieldList' => array('password')))) {
663 $this->Session->setFlash(__('The data could not be saved. Please, try again.', true));
669 function _delete($id) {
671 $data = $this->User->read('password', $id);
672 if ($data['User']['password'] != $this->AuthPlus->password($this->data['User']['password'])) {
673 $this->Session->setFlash(__('Password is wrong.', true));
675 $result = self::_exe_delete($id, false);
677 $this->redirect($this->AuthPlus->logout());
679 $this->redirect(array('action'=>'index'));
684 function _exe_delete($id, $isAdmin=false) {
685 $user = $this->getUser($id, $isAdmin, true);
689 if ($user['User']['group_id'] == Configure::read('Group.admin')) {
690 $this->Session->setFlash(__('Super Administrator can not be deleted.', true));
695 $this->data['User']['id'] = $id;
696 $this->data['User']['group_id'] = Configure::read('Group.deleted');
698 $this->User->create();
699 $result = $this->User->save(
703 'fieldList' => array(
709 $result = $this->User->del($id);
713 if (!empty($user['Character'])) {
714 App::import('Controller', 'Characters');
715 $this->CharactersController = new CharactersController;
716 $this->CharactersController->Character = CorePlus::set_model('Character');
717 $this->CharactersController->Session = new SessionComponent;
718 $this->CharactersController->data['Character'] = $this->data['Character'];
720 foreach ($user['Character'] as $character) {
721 $this->CharactersController->_delete($character['id'], array(), true);
724 $this->Session->setFlash(sprintf(__('%s was deleted.', true), $user['User']['name']));
727 $this->Session->setFlash(__('The account could not be deleted.', true));
733 function get_user() {