├── Lib └── empty ├── Vendor └── empty ├── Test ├── Fixture │ └── empty └── Case │ ├── View │ └── Helper │ │ └── empty │ ├── Model │ └── Behavior │ │ └── empty │ └── Controller │ └── Component │ └── empty ├── Model ├── Behavior │ └── empty ├── Datasource │ └── empty ├── UserMgmtAppModel.php ├── UserGroupPermission.php ├── UserGroup.php └── User.php ├── webroot ├── img │ ├── edit.png │ ├── view.png │ ├── approve.png │ ├── delete.png │ ├── loading.gif │ └── password.png ├── js │ └── umupdate.js └── css │ └── umstyle.css ├── Controller ├── UserMgmtAppController.php ├── UserGroupsController.php ├── Component │ ├── ControllerListComponent.php │ └── UserAuthComponent.php ├── UserGroupPermissionsController.php └── UsersController.php ├── View ├── Users │ ├── access_denied.ctp │ ├── forgot_password.ctp │ ├── change_user_password.ctp │ ├── change_password.ctp │ ├── dashboard.ctp │ ├── activate_password.ctp │ ├── view_user.ctp │ ├── myprofile.ctp │ ├── login.ctp │ ├── add_user.ctp │ ├── edit_user.ctp │ ├── register.ctp │ └── index.ctp ├── Helper │ └── UserAuthHelper.php ├── Elements │ └── dashboard.ctp ├── UserGroups │ ├── edit_group.ctp │ ├── add_group.ctp │ └── index.ctp └── UserGroupPermissions │ └── index.ctp ├── README └── Config ├── bootstrap.php ├── routes.php └── Schema └── usermgmt.sql /Lib/empty: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Vendor/empty: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Test/Fixture/empty: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Model/Behavior/empty: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Model/Datasource/empty: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Test/Case/View/Helper/empty: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Test/Case/Model/Behavior/empty: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Test/Case/Controller/Component/empty: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /webroot/img/edit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/srs81/CakePHP-Usermgmt/master/webroot/img/edit.png -------------------------------------------------------------------------------- /webroot/img/view.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/srs81/CakePHP-Usermgmt/master/webroot/img/view.png -------------------------------------------------------------------------------- /webroot/img/approve.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/srs81/CakePHP-Usermgmt/master/webroot/img/approve.png -------------------------------------------------------------------------------- /webroot/img/delete.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/srs81/CakePHP-Usermgmt/master/webroot/img/delete.png -------------------------------------------------------------------------------- /webroot/img/loading.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/srs81/CakePHP-Usermgmt/master/webroot/img/loading.gif -------------------------------------------------------------------------------- /webroot/img/password.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/srs81/CakePHP-Usermgmt/master/webroot/img/password.png -------------------------------------------------------------------------------- /Model/UserMgmtAppModel.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | App::uses('AppModel', 'Model'); 21 | class UserMgmtAppModel extends AppModel { 22 | 23 | } -------------------------------------------------------------------------------- /Controller/UserMgmtAppController.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | class UserMgmtAppController extends AppController { 21 | public $components = array('Session'); 22 | 23 | public function beforeFilter() { 24 | parent::beforeFilter(); 25 | } 26 | } -------------------------------------------------------------------------------- /Model/UserGroupPermission.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | App::uses('UserMgmtAppModel', 'Usermgmt.Model'); 21 | App::uses('CakeEmail', 'Network/Email'); 22 | class UserGroupPermission extends UserMgmtAppModel { 23 | var $belongsTo = array('Usermgmt.UserGroup'); 24 | } -------------------------------------------------------------------------------- /webroot/js/umupdate.js: -------------------------------------------------------------------------------- 1 | function update_fields(value) { 2 | var url=document.getElementById("BASE_URL").value; 3 | document.getElementById("updateDiv"+value).innerHTML=""; 4 | controller=document.getElementById("controller"+value).value; 5 | action=document.getElementById("action"+value).value; 6 | groups=document.getElementById("groups").value; 7 | groupsArr=groups.split(','); 8 | qstr = 'controller='+controller+'&action='+action; 9 | var j=3; 10 | for (var i=0; i. 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 |
24 |
25 |
26 |
27 | 28 | Html->link(__("Home",true),"/") ?> 29 |
30 |
31 |
32 |
33 |
34 | Sorry, You don't have permission to view that page. go to Html->link(__("Dashboard",true),"/user_dashboard") ?>

35 |

36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 | -------------------------------------------------------------------------------- /View/Helper/UserAuthHelper.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | class UserAuthHelper extends AppHelper { 21 | 22 | /** 23 | * This helper uses following helpers 24 | * 25 | * @var array 26 | */ 27 | var $helpers = array('Session'); 28 | /** 29 | * Used to check whether user is logged in or not 30 | * 31 | * @access public 32 | * @return boolean 33 | */ 34 | public function isLogged() { 35 | return ($this->getUserId() !== null); 36 | } 37 | /** 38 | * Used to get user from session 39 | * 40 | * @access public 41 | * @return array 42 | */ 43 | public function getUser() { 44 | return $this->Session->read('UserAuth'); 45 | } 46 | /** 47 | * Used to get user id from session 48 | * 49 | * @access public 50 | * @return integer 51 | */ 52 | public function getUserId() { 53 | return $this->Session->read('UserAuth.User.id'); 54 | } 55 | /** 56 | * Used to get group id from session 57 | * 58 | * @access public 59 | * @return integer 60 | */ 61 | public function getGroupId() { 62 | return $this->Session->read('UserAuth.User.user_group_id'); 63 | } 64 | /** 65 | * Used to get group name from session 66 | * 67 | * @access public 68 | * @return string 69 | */ 70 | public function getGroupName() { 71 | return $this->Session->read('UserAuth.UserGroup.alias_name'); 72 | } 73 | } -------------------------------------------------------------------------------- /View/Users/forgot_password.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 |
24 |
25 |
26 |
27 | 28 | Html->link(__("Home",true),"/") ?> 29 |
30 |
31 |
32 |
33 |
34 | Form->create('User', array('action' => 'forgotPassword')); ?> 35 |
36 |
37 |
Form->input("email" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
38 |
39 |
40 |
41 |
42 |
Form->Submit(__('Send Email'));?>
43 |
44 |
45 | Form->end(); ?> 46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 | -------------------------------------------------------------------------------- /View/Elements/dashboard.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 |
Html->link(__("Dashboard",true),"/user_dashboard") ?>
23 | UserAuth->getGroupName()=='Admin') { ?> 24 |
Html->link(__("Add User",true),"/addUser") ?>
25 |
Html->link(__("All Users",true),"/allUsers") ?>
26 |
Html->link(__("Add Group",true),"/addGroup") ?>
27 |
Html->link(__("All Groups",true),"/allGroups") ?>
28 |
Html->link(__("Permissions",true),"/permissions") ?>
29 |
Html->link(__("Profile",true),"/viewUser/".$this->UserAuth->getUserId()) ?>
30 |
Html->link(__("Edit Profile",true),"/editUser/".$this->UserAuth->getUserId()) ?>
31 | 32 |
Html->link(__("Profile",true),"/myprofile") ?>
33 | 34 |
Html->link(__("Change Password",true),"/changePassword") ?>
35 |
Html->link(__("Sign Out",true),"/logout") ?>
36 |
37 |
38 | -------------------------------------------------------------------------------- /View/Users/change_user_password.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 |
35 | Form->create('User'); ?> 36 |
37 |
38 |
Form->input("password" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
39 |
40 |
41 |
42 |
43 |
Form->input("cpassword" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
44 |
45 |
46 |
47 |
48 |
Form->Submit(__('Change'));?>
49 |
50 |
51 | Form->end(); ?> 52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 | -------------------------------------------------------------------------------- /View/Users/change_password.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 |
35 | Form->create('User', array('action' => 'changePassword')); ?> 36 |
37 |
38 |
Form->input("password" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
39 |
40 |
41 |
42 |
43 |
Form->input("cpassword" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
44 |
45 |
46 |
47 |
48 |
Form->Submit(__('Change'));?>
49 |
50 |
51 | Form->end(); ?> 52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 | -------------------------------------------------------------------------------- /README: -------------------------------------------------------------------------------- 1 | This is a fork of the original UserMgmt CakePHP plugin with the following changes: 2 | - /dashboard changed to /user_dashboard 3 | - "first_name" and "last_name" fields merged into "name" field, to make it easier for models associated with "users" table and for CakePHP's displayField auto-magic to work. 4 | 5 | ==================== 6 | 7 | UserMgmt is a User Management Plugin for cakephp 2.0 or 2.1 8 | Plugin version 1.0 (Stable) 9 | 10 | Hey wanna Demo ??? http://usermgmt.ektasoftwares.com/ 11 | Main Features- 12 | 1. Clean code with formatting 13 | 2. Login 14 | 3. Registration 15 | 4. Cookie login/ Remember me functionality 16 | 5. Add/Edit/Delete User By Admin 17 | 6. Add/Edit/Delete Group By Admin 18 | 7. Change Password 19 | 8. Forgot Password 20 | 9. Change User Password by Admin 21 | 10. List of all Users 22 | 11. List of all Groups 23 | 12. Manage site Permissions using Ajax updation, Permission caching functionality for fast checking 24 | 13. User's Email Verification 25 | 14. User Profile View 26 | 15. User activation by Admin 27 | 16. Routing long urls to small urls 28 | 29 | 30 | It's based on jedt/SparkPlug plugin 31 | 32 | INSTALLATION 33 | ------------ 34 | 35 | 1. Download the latest version or use git to keep the plugin up to date 36 | https://github.com/chetanvarshney/User-Management-Plugin-for-Cakephp-2.x 37 | go to yourapp/app/Plugin 38 | extract here 39 | name it Usermgmt 40 | 41 | 2. Schema import (use your favorite sql tool to import the schema) 42 | 43 | yourapp/app/Plugin/Usermgmt/Config/Schema/usermgmt.sql 44 | 45 | 3. Configure your AppController class 46 | 47 | Your yourapp/app/Controller/AppController.php should look like this: 48 | 49 | userAuth(); 56 | } 57 | private function userAuth(){ 58 | $this->UserAuth->beforeFilter($this); 59 | } 60 | } 61 | ?> 62 | 63 | 4. Enable Plugin in your bootstrap.php 64 | 65 | yourapp/app/Config/bootstrap.php should include this line 66 | 67 | // load Usermgmt plugin and apply plugin routes. Keep all the other plugins you are using here 68 | CakePlugin::loadAll(array( 69 | 'Usermgmt' => array('routes' => true, 'bootstrap' => true), 70 | )); 71 | 72 | 5. Add plugin css in your layout file 73 | for example yourapp/app/View/Layouts/default.ctp 74 | echo $this->Html->css('/usermgmt/css/umstyle'); 75 | 76 | 6. Adjust plugin configuration 77 | 78 | Change /app/Plugin/Usermgmt/Config/bootstrap.php (parameters are explained there) to suit your needs. 79 | 80 | 7. Default user name password 81 | username- admin 82 | password- 123456 83 | 84 | ALL DONE ! 85 | -------------------------------------------------------------------------------- /View/Users/dashboard.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 |
35 | Hello 36 |

37 | UserAuth->getGroupName()=='Admin') { ?> 38 | Html->link(__("Add User",true),"/addUser") ?>

39 | Html->link(__("All Users",true),"/allUsers") ?>

40 | Html->link(__("Add Group",true),"/addGroup") ?>

41 | Html->link(__("All Groups",true),"/allGroups") ?>

42 | Html->link(__("Permissions",true),"/permissions") ?>

43 | Html->link(__("Profile",true),"/viewUser/".$this->UserAuth->getUserId()) ?>

44 | Html->link(__("Edit Profile",true),"/editUser/".$this->UserAuth->getUserId()) ?>

45 | 46 | Html->link(__("Change Password",true),"/changePassword") ?>

47 | Html->link(__("Profile",true),"/myprofile") ?>

48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 | -------------------------------------------------------------------------------- /View/Users/activate_password.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 |
24 |
25 |
26 |
27 | 28 | Html->link(__("Home",true),"/") ?> 29 |
30 |
31 |
32 |
33 |
34 | Form->create('User', array('action' => 'activatePassword')); ?> 35 |
36 |
37 |
Form->input("password" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
38 |
39 |
40 |
41 |
42 |
Form->input("cpassword" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
43 |
44 |
45 |
46 |
47 |
48 | 54 | Form->hidden('ident',array('value'=>$ident))?> 55 | Form->hidden('activate',array('value'=>$activate))?> 56 | Form->Submit(__('Reset'));?>
57 |
58 |
59 | Form->end(); ?> 60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 | -------------------------------------------------------------------------------- /View/UserGroups/edit_group.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 | Form->create('UserGroup'); ?> 35 | Form->hidden('id')?> 36 |
37 |
*
38 |
Form->input("name" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
39 |
for ex. Business User
40 |
41 |
42 |
43 |
*
44 |
Form->input("alias_name" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
45 |
for ex. Business_User (Must not contain space) (Recomond: do not edit)
46 |
47 |
48 |
49 |
50 |
Form->input("allowRegistration" ,array("type"=>"checkbox",'label' => false))?>
51 |
52 |
53 |
54 |
55 |
Form->Submit(__('Update Group'));?>
56 |
57 |
58 | Form->end(); ?> 59 |
60 |
61 |
62 |
63 |
64 | -------------------------------------------------------------------------------- /View/Users/view_user.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 66 | 67 | 68 | 69 | 70 | 71 | "; 73 | } ?> 74 | 75 |
65 |


No Data
76 |
77 |
78 |
79 |
80 |
81 | -------------------------------------------------------------------------------- /View/Users/myprofile.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 67 | 68 | 69 | 70 | 71 | 72 | "; 74 | } 75 | ?> 76 | 77 |
66 |


No Data
78 |
79 |
80 |
81 |
82 |
83 | -------------------------------------------------------------------------------- /Controller/UserGroupsController.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | App::uses('UserMgmtAppController', 'Usermgmt.Controller'); 21 | class UserGroupsController extends UserMgmtAppController { 22 | public $uses = array('Usermgmt.UserGroup'); 23 | /** 24 | * Used to view all groups by Admin 25 | * 26 | * @access public 27 | * @return array 28 | */ 29 | public function index() { 30 | $this->UserGroup->unbindModel( array('hasMany' => array('UserGroupPermission'))); 31 | $userGroups=$this->UserGroup->find('all', array('order'=>'UserGroup.id')); 32 | $this->set('userGroups', $userGroups); 33 | } 34 | /** 35 | * Used to add group on the site by Admin 36 | * 37 | * @access public 38 | * @return void 39 | */ 40 | public function addGroup() { 41 | if ($this->request -> isPost()) { 42 | $this->UserGroup->set($this->data); 43 | if ($this->UserGroup->addValidate()) { 44 | $this->UserGroup->save($this->request->data,false); 45 | $this->Session->setFlash(__('The group is successfully added')); 46 | $this->redirect('/addGroup'); 47 | } 48 | } 49 | } 50 | /** 51 | * Used to edit group on the site by Admin 52 | * 53 | * @access public 54 | * @param integer $groupId group id 55 | * @return void 56 | */ 57 | public function editGroup($groupId=null) { 58 | if (!empty($groupId)) { 59 | if ($this->request -> isPut()) { 60 | $this->UserGroup->set($this->data); 61 | if ($this->UserGroup->addValidate()) { 62 | $this->UserGroup->save($this->request->data,false); 63 | $this->Session->setFlash(__('The group is successfully updated')); 64 | $this->redirect('/allGroups'); 65 | } 66 | } else { 67 | $this->request->data = $this->UserGroup->read(null, $groupId); 68 | } 69 | } else { 70 | $this->redirect('/allGroups'); 71 | } 72 | } 73 | /** 74 | * Used to delete group on the site by Admin 75 | * 76 | * @access public 77 | * @param integer $userId group id 78 | * @return void 79 | */ 80 | public function deleteGroup($groupId = null) { 81 | if (!empty($groupId)) { 82 | if ($this->request -> isPost()) { 83 | if ($this->UserGroup->delete($groupId, false)) { 84 | $this->Session->setFlash(__('Group is successfully deleted')); 85 | } 86 | } 87 | $this->redirect('/allGroups'); 88 | } else { 89 | $this->redirect('/allGroups'); 90 | } 91 | } 92 | } -------------------------------------------------------------------------------- /Config/bootstrap.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | function UsermgmtInIt(&$controller) { 21 | /* 22 | setting default time zone for your site 23 | */ 24 | date_default_timezone_set ("America/New_York"); 25 | 26 | 27 | App::import('Helper', 'Html'); 28 | $html = new HtmlHelper(new View(null)); 29 | 30 | /* 31 | setting site url 32 | do not edit it 33 | if you want to edit then for example 34 | define("SITE_URL", "http://example.com/"); 35 | */ 36 | define("SITE_URL", $html->url('/', true)); 37 | 38 | 39 | /* 40 | set true if new registrations are allowed 41 | */ 42 | define("siteRegistration", true); 43 | 44 | /* 45 | set true if you want send registration mail to user 46 | */ 47 | define("sendRegistrationMail", true); 48 | 49 | /* 50 | set true if you want verify user's email id, site will send email confirmation link to user's email id 51 | sett false you do not want verify user's email id, in this case user becomes active after registration with out email verification 52 | */ 53 | define("emailVerification", true); 54 | 55 | 56 | /* 57 | set email address for sending emails 58 | */ 59 | define("emailFromAddress", 'example@example.com'); 60 | 61 | /* 62 | set site name for sending emails 63 | */ 64 | define("emailFromName", 'User Management Plugin'); 65 | 66 | /* 67 | set login redirect url, it means when user gets logged in then site will redirect to this url. 68 | */ 69 | define("loginRedirectUrl", '/user_dashboard'); 70 | 71 | /* 72 | set logout redirect url, it means when user gets logged out then site will redirect to this url. 73 | */ 74 | define("logoutRedirectUrl", '/login'); 75 | 76 | /* 77 | set true if you want to enable permissions on your site 78 | */ 79 | define("PERMISSIONS", true); 80 | 81 | /* 82 | set true if you want to check permissions for admin also 83 | */ 84 | define("ADMIN_PERMISSIONS", false); 85 | 86 | /* 87 | set default group id here for registration 88 | */ 89 | define("defaultGroupId", 2); 90 | 91 | /* 92 | set Admin group id here 93 | */ 94 | define("ADMIN_GROUP_ID", 1); 95 | 96 | /* 97 | set Guest group id here 98 | */ 99 | define("GUEST_GROUP_ID", 3); 100 | 101 | Cache::config('UserMgmt', array( 102 | 'engine' => 'File', 103 | 'duration'=> '+3 months', 104 | 'path' => CACHE, 105 | 'prefix' => 'UserMgmt_' 106 | )); 107 | } 108 | -------------------------------------------------------------------------------- /View/UserGroups/add_group.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 | Form->create('UserGroup', array('action' => 'addGroup')); ?> 35 |
36 |
*
37 |
Form->input("name" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
38 |
for ex. Business User
39 |
40 |
41 |
42 |
*
43 |
Form->input("alias_name" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
44 |
for ex. Business_User (Must not contain space)
45 |
46 |
47 |
48 | request->data['UserGroup']['allowRegistration'])) { 49 | $this->request->data['UserGroup']['allowRegistration']=true; 50 | } ?> 51 |
52 |
Form->input("allowRegistration" ,array("type"=>"checkbox",'label' => false))?>
53 |
54 |
55 |
56 |
57 |
Form->Submit(__('Add Group'));?>
58 |
59 |
60 |
Note: If you add a new group then you should give permissions to this newly created Group.
61 | Form->end(); ?> 62 |
63 |
64 |
65 |
66 |
67 | -------------------------------------------------------------------------------- /View/Users/login.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 |
24 |
25 |
26 |
27 | 28 | Html->link(__("Sign Up",true),"/register") ?> 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 |
35 | Form->create('User', array('action' => 'login')); ?> 36 |
37 |
38 |
Form->input("email" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
39 |
40 |
41 |
42 |
43 |
Form->input("password" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
44 |
45 |
46 |
47 | request->data['User']['remember'])) 48 | $this->request->data['User']['remember']=true; 49 | ?> 50 |
51 |
Form->input("remember" ,array("type"=>"checkbox",'label' => false))?>
52 |
53 |
54 |
55 |
56 |
Form->Submit(__('Sign In'));?>
57 |
58 |
59 | Form->end(); ?> 60 |
Html->link(__("Forgot Password?",true),"/forgotPassword",array("class"=>"style30")) ?>
61 |
62 |
63 | 64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 | -------------------------------------------------------------------------------- /View/UserGroups/index.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | "; 49 | echo ""; 50 | echo ""; 51 | echo ""; 52 | echo ""; 59 | echo ""; 60 | echo ""; 66 | echo ""; 67 | } 68 | } else { 69 | echo ""; 70 | } ?> 71 | 72 |
".$row['UserGroup']['id']."".h($row['UserGroup']['name'])."".h($row['UserGroup']['alias_name']).""; 53 | if ($row['UserGroup']['allowRegistration']) { 54 | echo "Yes"; 55 | } else { 56 | echo "No"; 57 | } 58 | echo"".date('d-M-Y',strtotime($row['UserGroup']['created'])).""; 61 | echo "Edit"; 62 | if ($row['UserGroup']['id']!=1) { 63 | echo $this->Form->postLink($this->Html->image(SITE_URL.'usermgmt/img/delete.png', array("alt" => __('Delete'), "title" => __('Delete'))), array('action' => 'deleteGroup', $row['UserGroup']['id']), array('escape' => false, 'confirm' => __('Are you sure you want to delete this group? Delete it your own risk'))); 64 | } 65 | echo "


No Data
73 |
74 |
75 |
76 |
77 |
-------------------------------------------------------------------------------- /Config/routes.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | 21 | // Routes for standard actions 22 | 23 | Router::connect('/login', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'login')); 24 | Router::connect('/logout', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'logout')); 25 | Router::connect('/forgotPassword', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'forgotPassword')); 26 | Router::connect('/activatePassword/*', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'activatePassword')); 27 | Router::connect('/register', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'register')); 28 | Router::connect('/changePassword', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'changePassword')); 29 | Router::connect('/changeUserPassword/*', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'changeUserPassword')); 30 | Router::connect('/addUser', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'addUser')); 31 | Router::connect('/editUser/*', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'editUser')); 32 | Router::connect('/deleteUser/*', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'deleteUser')); 33 | Router::connect('/viewUser/*', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'viewUser')); 34 | Router::connect('/userVerification/*', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'userVerification')); 35 | Router::connect('/allUsers', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'index')); 36 | Router::connect('/user_dashboard', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'dashboard')); 37 | Router::connect('/permissions', array('plugin' => 'usermgmt', 'controller' => 'user_group_permissions', 'action' => 'index')); 38 | Router::connect('/update_permission', array('plugin' => 'usermgmt', 'controller' => 'user_group_permissions', 'action' => 'update')); 39 | Router::connect('/accessDenied', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'accessDenied')); 40 | Router::connect('/myprofile', array('plugin' => 'usermgmt', 'controller' => 'users', 'action' => 'myprofile')); 41 | Router::connect('/allGroups', array('plugin' => 'usermgmt', 'controller' => 'user_groups', 'action' => 'index')); 42 | Router::connect('/addGroup', array('plugin' => 'usermgmt', 'controller' => 'user_groups', 'action' => 'addGroup')); 43 | Router::connect('/editGroup/*', array('plugin' => 'usermgmt', 'controller' => 'user_groups', 'action' => 'editGroup')); 44 | Router::connect('/deleteGroup/*', array('plugin' => 'usermgmt', 'controller' => 'user_groups', 'action' => 'deleteGroup')); 45 | 46 | 47 | -------------------------------------------------------------------------------- /View/UserGroupPermissions/index.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | echo $this->Html->script('/usermgmt/js/umupdate'); 21 | ?> 22 |
23 | Session->flash(); ?> 24 | element('dashboard'); ?> 25 |
26 |
27 |
28 |
29 |
30 |
31 | Form->input("controller",array('type'=>'select','div'=>false,'options'=>$allControllers,'selected'=>$c,'label'=>false,"onchange"=>"window.location='".SITE_URL."permissions/?c='+(this).value"))?> 32 |
33 |
34 |
35 |
36 |
37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | $value) { 51 | if (!empty($value)) { 52 | for ($i=0; $iForm->create(); 56 | echo $this->Form->hidden('controller',array('id'=>'controller'.$k,'value'=>$key)); 57 | echo $this->Form->hidden('action',array('id'=>'action'.$k,'value'=>$action)); 58 | echo ""; 59 | echo ""; 60 | echo ""; 61 | echo ""; 72 | echo ""; 76 | echo ""; 77 | echo $this->Form->end(); 78 | $k++; 79 | } 80 | } 81 | } 82 | } ?> 83 |
".$key."".$action.""; 62 | for ($j=0; $jForm->input($ugname,array('id'=>$ugname.$k,'type'=>'checkbox','checked'=>$checked)); 70 | } 71 | echo ""; 73 | echo $this->Form->button('Update', array('type'=>'button','id'=>'mybutton123','name'=>$k,'onClick'=>'javascript:update_fields('.$k.');', 'class'=>'umbtn')); 74 | echo "
 
"; 75 | echo "
84 | 85 |
86 |
87 |
88 |
89 |
-------------------------------------------------------------------------------- /View/Users/add_user.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 |
35 | Form->create('User', array('action' => 'addUser')); ?> 36 | 2) { ?> 37 |
38 |
*
39 |
Form->input("user_group_id" ,array('type' => 'select', 'label' => false,'div' => false,'class'=>"umstyle5" ))?>
40 |
41 |
42 | 43 |
44 |
*
45 |
Form->input("username" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
46 |
47 |
48 |
49 |
*
50 |
Form->input("name" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
51 |
52 |
53 |
54 |
*
55 |
Form->input("email" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
56 |
57 |
58 |
59 |
*
60 |
Form->input("password" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
61 |
62 |
63 |
64 |
*
65 |
Form->input("cpassword" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
66 |
67 |
68 |
69 |
70 |
Form->Submit(__('Add User'));?>
71 |
72 |
73 | Form->end(); ?> 74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 | 85 | -------------------------------------------------------------------------------- /View/Users/edit_user.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 |
35 | Form->create('User'); ?> 36 | Form->input("id" ,array('type' => 'hidden', 'label' => false,'div' => false))?> 37 | 2) { ?> 38 |
39 |
*
40 |
Form->input("user_group_id" ,array('type' => 'select', 'label' => false,'div' => false,'class'=>"umstyle5" ))?>
41 |
42 |
43 | 44 |
45 |
*
46 |
Form->input("username" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
47 |
48 |
49 |
50 |
*
51 |
Form->input("name" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
52 |
53 |
54 |
55 |
*
56 |
Form->input("email" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
57 |
58 |
59 |
60 |
61 |
Form->input("password" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
62 |
63 |
64 |
65 |
66 |
Form->input("cpassword" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
67 |
68 |
69 |
70 |
71 |
Form->Submit(__('Update User'));?>
72 |
73 |
74 | Form->end(); ?> 75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 | 86 | -------------------------------------------------------------------------------- /View/Users/register.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 |
24 |
25 |
26 |
27 | 28 | Html->link(__("Sign In",true),"/login") ?> 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 |
35 | Form->create('User', array('action' => 'register')); ?> 36 | 2) { ?> 37 |
38 |
*
39 |
Form->input("user_group_id" ,array('type' => 'select', 'label' => false,'div' => false,'class'=>"umstyle5" ))?>
40 |
41 |
42 | 43 |
44 |
*
45 |
Form->input("username" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
46 |
47 |
48 |
49 |
*
50 |
Form->input("name" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
51 |
52 |
53 |
54 |
*
55 |
Form->input("email" ,array('label' => false,'div' => false,'class'=>"umstyle5" ))?>
56 |
57 |
58 |
59 |
*
60 |
Form->input("password" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
61 |
62 |
63 |
64 |
*
65 |
Form->input("cpassword" ,array("type"=>"password",'label' => false,'div' => false,'class'=>"umstyle5" ))?>
66 |
67 |
68 |
69 |
70 |
Form->Submit(__('Sign Up'));?>
71 |
72 |
73 | Form->end(); ?> 74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 | 85 | -------------------------------------------------------------------------------- /View/Users/index.ctp: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | ?> 21 |
22 | Session->flash(); ?> 23 | element('dashboard'); ?> 24 |
25 |
26 |
27 |
28 | 29 | Html->link(__("Home",true),"/") ?> 30 |
31 |
32 |
33 |
34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | "; 53 | echo ""; 54 | echo ""; 55 | echo ""; 56 | echo ""; 57 | echo ""; 58 | echo ""; 65 | echo ""; 66 | echo ""; 77 | echo ""; 78 | } 79 | } else { 80 | echo ""; 81 | } ?> 82 | 83 |
".$sl."".h($row['User']['name'])."".h($row['User']['username'])."".h($row['User']['email'])."".h($row['UserGroup']['name']).""; 59 | if ($row['User']['active']==1) { 60 | echo "Active"; 61 | } else { 62 | echo "Inactive"; 63 | } 64 | echo"".date('d-M-Y',strtotime($row['User']['created'])).""; 67 | echo "View"; 68 | echo "Edit"; 69 | echo "Change Password"; 70 | if ($row['User']['active']==0) { 71 | echo "Make Active"; 72 | } 73 | if ($row['User']['id']!=1 && $row['User']['username']!='Admin') { 74 | echo $this->Form->postLink($this->Html->image(SITE_URL.'usermgmt/img/delete.png', array("alt" => __('Delete'), "title" => __('Delete'))), array('action' => 'deleteUser', $row['User']['id']), array('escape' => false, 'confirm' => __('Are you sure you want to delete this user?'))); 75 | } 76 | echo "


No Data
84 |
85 |
86 |
87 |
88 |
89 | -------------------------------------------------------------------------------- /Controller/Component/ControllerListComponent.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | class ControllerListComponent extends Component { 21 | /** 22 | * Used to get all controllers with all methods for permissions 23 | * 24 | * @access public 25 | * @return array 26 | */ 27 | public function get() { 28 | $controllerClasses = App::objects('Controller'); 29 | $superParentActions = get_class_methods('Controller'); 30 | $parentActions = get_class_methods('AppController'); 31 | $parentActionsDefined=$this->_removePrivateActions($parentActions); 32 | $parentActionsDefined = array_diff($parentActionsDefined, $superParentActions); 33 | $controllers= array(); 34 | foreach ($controllerClasses as $controller) { 35 | $controllername=str_replace('Controller', '',$controller); 36 | $actions= $this->__getControllerMethods($controllername, $superParentActions, $parentActions); 37 | if (!empty($actions)) { 38 | $controllers[$controllername] = $actions; 39 | } 40 | } 41 | $plugins = App::objects('plugins'); 42 | foreach ($plugins as $p) { 43 | $pluginControllerClasses = App::objects($p.'.Controller'); 44 | foreach ($pluginControllerClasses as $controller) { 45 | $controllername=str_replace('Controller', '',$controller); 46 | $actions= $this->__getControllerMethods($controllername, $superParentActions, $parentActions, $p); 47 | if (!empty($actions)) { 48 | $controllers[$controllername] = $actions; 49 | } 50 | } 51 | } 52 | return $controllers; 53 | } 54 | /** 55 | * Used to delete private actions from list of controller's methods 56 | * 57 | * @access private 58 | * @param array $actions Controller's action 59 | * @return array 60 | */ 61 | private function _removePrivateActions($actions) { 62 | foreach ($actions as $k => $v) { 63 | if ($v{0} == '_') { 64 | unset($actions[$k]); 65 | } 66 | } 67 | return $actions; 68 | } 69 | /** 70 | * Used to get methods of controller 71 | * 72 | * @access private 73 | * @param string $controllername Controller name 74 | * @param array $superParentActions Controller class methods 75 | * @param array $parentActions App Controller class methods 76 | * @param string $p plugin name 77 | * @return array 78 | */ 79 | private function __getControllerMethods($controllername, $superParentActions, $parentActions, $p=null) { 80 | if (empty($p)) { 81 | App::import('Controller', $controllername); 82 | } else { 83 | App::import('Controller', $p.'.'.$controllername); 84 | } 85 | $actions = get_class_methods($controllername."Controller"); 86 | if (!empty($actions)) { 87 | $actions=$this->_removePrivateActions($actions); 88 | $actions= ($controllername=='App') ? array_diff($actions, $superParentActions) : array_diff($actions, $parentActions); 89 | } 90 | return $actions; 91 | } 92 | /** 93 | * Used to get controller's list 94 | * 95 | * @access public 96 | * @return array 97 | */ 98 | public function getControllers() { 99 | $controllerClasses = App::objects('Controller'); 100 | foreach ($controllerClasses as $key=>$value) { 101 | $controllerClasses[$key]=str_replace('Controller', '',$value); 102 | } 103 | $controllerClasses[-2]="Select Controller"; 104 | $controllerClasses[-1]="All"; 105 | $plugins = App::objects('plugins'); 106 | foreach ($plugins as $p) { 107 | $pluginControllerClasses = App::objects($p.'.Controller'); 108 | foreach ($pluginControllerClasses as $controller) { 109 | $controllerClasses[]=str_replace('Controller', '',$controller); 110 | } 111 | } 112 | ksort($controllerClasses); 113 | return $controllerClasses; 114 | } 115 | } -------------------------------------------------------------------------------- /Controller/UserGroupPermissionsController.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | App::uses('UserMgmtAppController', 'Usermgmt.Controller'); 21 | class UserGroupPermissionsController extends UserMgmtAppController { 22 | 23 | var $uses = array('Usermgmt.UserGroupPermission','Usermgmt.UserGroup'); 24 | var $components=array('Usermgmt.ControllerList','RequestHandler'); 25 | /** 26 | * Used to display all permissions of site by Admin 27 | * 28 | * @access public 29 | * @return array 30 | */ 31 | public function index() { 32 | $c=-2; 33 | if (isset($_GET['c']) && $_GET['c'] !='') { 34 | $c=$_GET['c']; 35 | } 36 | $this->set('c',$c); 37 | $allControllers=$this->ControllerList->getControllers(); 38 | $this->set('allControllers',$allControllers); 39 | if ($c >-2) { 40 | $con=array(); 41 | $conAll=$this->ControllerList->get(); 42 | if ($c ==-1) { 43 | $con=$conAll; 44 | $user_group_permissions=$this->UserGroupPermission->find('all', array('order'=>array('controller', 'action'))); 45 | } else { 46 | $user_group_permissions=$this->UserGroupPermission->find('all', array('order'=>array('controller', 'action'), 'conditions'=>array('controller'=>$allControllers[$c]))); 47 | $con[$allControllers[$c]]= (isset($conAll[$allControllers[$c]])) ? $conAll[$allControllers[$c]] : array(); 48 | } 49 | foreach ($user_group_permissions as $row) { 50 | $cont=$row['UserGroupPermission']['controller']; 51 | $act=$row['UserGroupPermission']['action']; 52 | $ugname=$row['UserGroup']['name']; 53 | $allowed=$row['UserGroupPermission']['allowed']; 54 | $con[$cont][$act][$ugname]=$allowed; 55 | } 56 | $this->set('controllers',$con); 57 | $result=$this->UserGroup->getGroupNames(); 58 | $groups=''; 59 | for ($i=0; $iset('user_groups',$result); 63 | $this->set('groups',$groups); 64 | } 65 | } 66 | /** 67 | * Used to update permissions of site using Ajax by Admin 68 | * 69 | * @access public 70 | * @return integer 71 | */ 72 | public function update() { 73 | $this->autoRender = false; 74 | $controller=$this->params['data']['controller']; 75 | $action=$this->params['data']['action']; 76 | $result=$this->UserGroup->getGroupNamesAndIds(); 77 | $success=0; 78 | foreach ($result as $row) { 79 | if (isset($this->params['data'][$row['name']])) { 80 | $res=$this->UserGroupPermission->find('first',array('conditions' => array('controller'=>$controller,'action'=>$action,'user_group_id'=>$row['id']))); 81 | if (empty($res)) { 82 | $data=array(); 83 | $data['UserGroupPermission']['user_group_id']=$row['id']; 84 | $data['UserGroupPermission']['controller']=$controller; 85 | $data['UserGroupPermission']['action']=$action; 86 | $data['UserGroupPermission']['allowed']=$this->params['data'][$row['name']]; 87 | $data['UserGroupPermission']['id']=null; 88 | $rtn=$this->UserGroupPermission->save($data); 89 | if ($rtn) { 90 | $success=1; 91 | } 92 | } else { 93 | if ($this->params['data'][$row['name']] !=$res['UserGroupPermission']['allowed']) { 94 | $data=array(); 95 | $data['UserGroupPermission']['allowed']=$this->params['data'][$row['name']]; 96 | $data['UserGroupPermission']['id']=$res['UserGroupPermission']['id']; 97 | $rtn=$this->UserGroupPermission->save($data); 98 | if ($rtn) { 99 | $success=1; 100 | } 101 | } else { 102 | $success=1; 103 | } 104 | } 105 | } 106 | } 107 | echo $success; 108 | $this->__deleteCache(); 109 | } 110 | /** 111 | * Used to delete cache of permissions and used when any permission gets changed by Admin 112 | * 113 | * @access private 114 | * @return void 115 | */ 116 | private function __deleteCache() { 117 | $iterator = new RecursiveDirectoryIterator(CACHE); 118 | foreach (new RecursiveIteratorIterator($iterator, RecursiveIteratorIterator::CHILD_FIRST) as $file) { 119 | $path_info = pathinfo($file); 120 | if ($path_info['dirname']==ROOT.DS."app".DS."tmp".DS."cache" && $path_info['basename']!='.svn') { 121 | if (!is_dir($file->getPathname())) { 122 | unlink($file->getPathname()); 123 | } 124 | } 125 | } 126 | } 127 | } -------------------------------------------------------------------------------- /Config/Schema/usermgmt.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE IF NOT EXISTS `login_tokens` ( 2 | `id` int(11) NOT NULL AUTO_INCREMENT, 3 | `user_id` int(11) NOT NULL, 4 | `token` char(32) NOT NULL, 5 | `duration` varchar(32) NOT NULL, 6 | `used` tinyint(1) NOT NULL DEFAULT '0', 7 | `created` datetime NOT NULL, 8 | `expires` datetime NOT NULL, 9 | PRIMARY KEY (`id`) 10 | ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; 11 | 12 | 13 | CREATE TABLE IF NOT EXISTS `users` ( 14 | `id` int(11) NOT NULL AUTO_INCREMENT, 15 | `user_group_id` int(11) unsigned DEFAULT NULL, 16 | `username` varchar(100) DEFAULT NULL, 17 | `password` varchar(255) DEFAULT NULL, 18 | `email` varchar(100) DEFAULT NULL, 19 | `name` varchar(100) DEFAULT NULL, 20 | `active` varchar(3) DEFAULT '0', 21 | `created` datetime DEFAULT NULL, 22 | `modified` datetime DEFAULT NULL, 23 | PRIMARY KEY (`id`), 24 | KEY `user` (`username`), 25 | KEY `mail` (`email`), 26 | KEY `users_FKIndex1` (`user_group_id`) 27 | ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ; 28 | 29 | 30 | INSERT INTO `users` (`id`, `user_group_id`, `username`, `password`, `email`, `name`, `active`, `created`, `modified`) VALUES 31 | (1, 1, 'admin', 'e10adc3949ba59abbe56e057f20f883e', 'admin@admin.com', 'Admin', '1', now(), now()); 32 | 33 | 34 | CREATE TABLE IF NOT EXISTS `user_groups` ( 35 | `id` int(11) NOT NULL AUTO_INCREMENT, 36 | `name` varchar(100) DEFAULT NULL, 37 | `alias_name` varchar(100) DEFAULT NULL, 38 | `allowRegistration` int(1) NOT NULL DEFAULT '1', 39 | `created` datetime DEFAULT NULL, 40 | `modified` datetime DEFAULT NULL, 41 | PRIMARY KEY (`id`) 42 | ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=4 ; 43 | 44 | INSERT INTO `user_groups` (`id`, `name`, `alias_name`, `allowRegistration`, `created`, `modified`) VALUES 45 | (1, 'Admin', 'Admin', 0, now(), now()), 46 | (2, 'User', 'User', 1, now(), now()), 47 | (3, 'Guest', 'Guest', 0, now(), now()); 48 | 49 | CREATE TABLE IF NOT EXISTS `user_group_permissions` ( 50 | `id` int(10) unsigned NOT NULL AUTO_INCREMENT, 51 | `user_group_id` int(10) unsigned NOT NULL, 52 | `controller` varchar(50) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL, 53 | `action` varchar(100) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL, 54 | `allowed` tinyint(1) unsigned NOT NULL DEFAULT '1', 55 | PRIMARY KEY (`id`) 56 | ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=70 ; 57 | 58 | INSERT INTO `user_group_permissions` (`id`, `user_group_id`, `controller`, `action`, `allowed`) VALUES 59 | (1, 1, 'Pages', 'display', 1), 60 | (2, 2, 'Pages', 'display', 1), 61 | (3, 3, 'Pages', 'display', 1), 62 | (4, 1, 'UserGroupPermissions', 'index', 1), 63 | (5, 2, 'UserGroupPermissions', 'index', 0), 64 | (6, 3, 'UserGroupPermissions', 'index', 0), 65 | (7, 1, 'UserGroupPermissions', 'update', 1), 66 | (8, 2, 'UserGroupPermissions', 'update', 0), 67 | (9, 3, 'UserGroupPermissions', 'update', 0), 68 | (10, 1, 'UserGroups', 'index', 1), 69 | (11, 2, 'UserGroups', 'index', 0), 70 | (12, 3, 'UserGroups', 'index', 0), 71 | (13, 1, 'UserGroups', 'addGroup', 1), 72 | (14, 2, 'UserGroups', 'addGroup', 0), 73 | (15, 3, 'UserGroups', 'addGroup', 0), 74 | (16, 1, 'UserGroups', 'editGroup', 1), 75 | (17, 2, 'UserGroups', 'editGroup', 0), 76 | (18, 3, 'UserGroups', 'editGroup', 0), 77 | (19, 1, 'UserGroups', 'deleteGroup', 1), 78 | (20, 2, 'UserGroups', 'deleteGroup', 0), 79 | (21, 3, 'UserGroups', 'deleteGroup', 0), 80 | (22, 1, 'Users', 'index', 1), 81 | (23, 2, 'Users', 'index', 0), 82 | (24, 3, 'Users', 'index', 0), 83 | (25, 1, 'Users', 'viewUser', 1), 84 | (26, 2, 'Users', 'viewUser', 0), 85 | (27, 3, 'Users', 'viewUser', 0), 86 | (28, 1, 'Users', 'myprofile', 1), 87 | (29, 2, 'Users', 'myprofile', 1), 88 | (30, 3, 'Users', 'myprofile', 0), 89 | (31, 1, 'Users', 'login', 1), 90 | (32, 2, 'Users', 'login', 1), 91 | (33, 3, 'Users', 'login', 1), 92 | (34, 1, 'Users', 'logout', 1), 93 | (35, 2, 'Users', 'logout', 1), 94 | (36, 3, 'Users', 'logout', 1), 95 | (37, 1, 'Users', 'register', 1), 96 | (38, 2, 'Users', 'register', 1), 97 | (39, 3, 'Users', 'register', 1), 98 | (40, 1, 'Users', 'changePassword', 1), 99 | (41, 2, 'Users', 'changePassword', 1), 100 | (42, 3, 'Users', 'changePassword', 0), 101 | (43, 1, 'Users', 'changeUserPassword', 1), 102 | (44, 2, 'Users', 'changeUserPassword', 0), 103 | (45, 3, 'Users', 'changeUserPassword', 0), 104 | (46, 1, 'Users', 'addUser', 1), 105 | (47, 2, 'Users', 'addUser', 0), 106 | (48, 3, 'Users', 'addUser', 0), 107 | (49, 1, 'Users', 'editUser', 1), 108 | (50, 2, 'Users', 'editUser', 0), 109 | (51, 3, 'Users', 'editUser', 0), 110 | (52, 1, 'Users', 'dashboard', 1), 111 | (53, 2, 'Users', 'dashboard', 1), 112 | (54, 3, 'Users', 'dashboard', 0), 113 | (55, 1, 'Users', 'deleteUser', 1), 114 | (56, 2, 'Users', 'deleteUser', 0), 115 | (57, 3, 'Users', 'deleteUser', 0), 116 | (58, 1, 'Users', 'makeActive', 1), 117 | (59, 2, 'Users', 'makeActive', 0), 118 | (60, 3, 'Users', 'makeActive', 0), 119 | (61, 1, 'Users', 'accessDenied', 1), 120 | (62, 2, 'Users', 'accessDenied', 1), 121 | (63, 3, 'Users', 'accessDenied', 1), 122 | (64, 1, 'Users', 'userVerification', 1), 123 | (65, 2, 'Users', 'userVerification', 1), 124 | (66, 3, 'Users', 'userVerification', 1), 125 | (67, 1, 'Users', 'forgotPassword', 1), 126 | (68, 2, 'Users', 'forgotPassword', 1), 127 | (69, 3, 'Users', 'forgotPassword', 1); 128 | -------------------------------------------------------------------------------- /webroot/css/umstyle.css: -------------------------------------------------------------------------------- 1 | /* 2 | This file is part of UserMgmt. 3 | 4 | Author: Chetan Varshney (http://ektasoftwares.com) 5 | 6 | UserMgmt is free software: you can redistribute it and/or modify 7 | it under the terms of the GNU General Public License as published by 8 | the Free Software Foundation, either version 3 of the License, or 9 | (at your option) any later version. 10 | 11 | UserMgmt is distributed in the hope that it will be useful, 12 | but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | GNU General Public License for more details. 15 | 16 | You should have received a copy of the GNU General Public License 17 | along with Foobar. If not, see . 18 | */ 19 | .um_box_mid form { 20 | padding:0 !important; 21 | margin:0 !important; 22 | width: auto !important; 23 | } 24 | .um_box_mid form div { 25 | padding:0; 26 | margin:0 ; 27 | width: auto ; 28 | clear:none; 29 | } 30 | .umtop { 31 | padding:20px; 32 | } 33 | .um_box_up { 34 | -webkit-border-top-left-radius: 5px; 35 | -webkit-border-top-right-radius: 5px; 36 | -moz-border-radius-topleft: 5px; 37 | -moz-border-radius-topright: 5px; 38 | border-top-left-radius: 5px; 39 | border-top-right-radius: 5px; 40 | background-color: #E9EAEE; 41 | height:10px; 42 | } 43 | .um_box_mid { 44 | background-color: #E9EAEE; 45 | height:auto; 46 | } 47 | .um_box_mid_content { 48 | padding-left:20px; 49 | padding-right:20px; 50 | } 51 | .um_box_mid_content_top { 52 | text-align:left; 53 | } 54 | .um_box_mid_content_mid { 55 | padding-top:10px; 56 | } 57 | .um_box_mid_content_mid_left { 58 | float:left; 59 | width:600px; 60 | } 61 | .um_box_mid_content_mid_right { 62 | float:left; 63 | width:300px; 64 | } 65 | .um_box_down { 66 | -webkit-border-bottom-right-radius: 5px; 67 | -webkit-border-bottom-left-radius: 5px; 68 | -moz-border-radius-bottomright: 5px; 69 | -moz-border-radius-bottomleft: 5px; 70 | border-bottom-right-radius: 5px; 71 | border-bottom-left-radius: 5px; 72 | background-color: #E9EAEE; 73 | height:10px; 74 | } 75 | .umstyle1 { 76 | font-size:20px; 77 | color:#235A81; 78 | } 79 | .umstyle2 { 80 | font-size:20px; 81 | color:#F88017; 82 | } 83 | .umstyle2 a { 84 | font-size:20px; 85 | color:#F88017; 86 | } 87 | .umhr { 88 | border-bottom:#2485b2 solid 1px; 89 | height:10px; 90 | } 91 | .umstyle3 { 92 | font-size:12px; 93 | } 94 | .umstyle4 { 95 | font-size:12px; 96 | } 97 | .umstyle5 { 98 | border:#999999 solid 1px; 99 | font-size: 100%; 100 | width: 200px; 101 | } 102 | .umstyle6 a { 103 | font-size:16px; 104 | } 105 | input[type="submit"] { 106 | cursor:pointer; 107 | } 108 | #login .umstyle3 { 109 | float:left; 110 | width:150px; 111 | padding-bottom:10px; 112 | } 113 | #login .umstyle4 { 114 | float:left; 115 | width:400px; 116 | padding-bottom:10px; 117 | } 118 | #register .umstyle3 { 119 | float:left; 120 | width:150px; 121 | padding-bottom:10px; 122 | } 123 | #register .umstyle4 { 124 | float:left; 125 | width:400px; 126 | padding-bottom:10px; 127 | } 128 | #forgot .umstyle3 { 129 | float:left; 130 | width:200px; 131 | padding-bottom:10px; 132 | } 133 | #forgot .umstyle4 { 134 | float:left; 135 | width:400px; 136 | padding-bottom:10px; 137 | } 138 | #addgroup .umstyle3 { 139 | float:left; 140 | width:150px; 141 | padding-bottom:10px; 142 | } 143 | #addgroup .umstyle4 { 144 | float:left; 145 | width:230px; 146 | padding-bottom:10px; 147 | } 148 | #addgroup .umstyle7 { 149 | float:left; 150 | width:auto; 151 | padding-bottom:10px; 152 | font-style:italic; 153 | font-size:10px 154 | } 155 | .umbtn { 156 | cursor: pointer; 157 | display: inline-block; 158 | background-color: #e77f02; 159 | background-repeat: no-repeat; 160 | background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#ff8b00), color-stop(0.25, #ff8b00), to(#e77f02)); 161 | background-image: -webkit-linear-gradient(#ff8b00, #ff8b00 0.25, #e77f02); 162 | background-image: -moz-linear-gradient(#ff8b00, #ff8b00 0.25, #e77f02); 163 | background-image: -ms-linear-gradient(#ff8b00, #ff8b00 0.25, #e77f02); 164 | background-image: -o-linear-gradient(#ff8b00, #ff8b00 0.25, #e77f02); 165 | background-image: linear-gradient(#ff8b00, #ff8b00 0.25, #e77f02); 166 | padding: 4px 14px; 167 | text-shadow: 0 1px 1px rgba(190, 105, 0, 0.95); 168 | color: #fff; 169 | font-size: 18px; 170 | text-transform: uppercase; 171 | line-height: 18px; 172 | border: 1px solid #e77f02; 173 | border-bottom-color: #e77f02; 174 | -webkit-border-radius: 4px; 175 | -moz-border-radius: 4px; 176 | border-radius: 4px; 177 | -webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05); 178 | -moz-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05); 179 | box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05); 180 | -webkit-transition: 0.1s linear all; 181 | -moz-transition: 0.1s linear all; 182 | transition: 0.1s linear all; 183 | } 184 | .umbtn:hover { 185 | background-position: 0 -15px; 186 | color: #fff; 187 | text-decoration: none; 188 | } 189 | #dashboard { 190 | -webkit-border-radius: 5px; 191 | -moz-border-radius: 5px; 192 | border-radius: 5px; 193 | background-color: #E9EAEE; 194 | height:auto; 195 | padding:5px 10px; 196 | margin-bottom:5px; 197 | } 198 | .icon { 199 | padding-right:5px; 200 | } 201 | table { 202 | margin-bottom: 0px; 203 | } -------------------------------------------------------------------------------- /Model/UserGroup.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | App::uses('UserMgmtAppModel', 'Usermgmt.Model'); 21 | App::uses('CakeEmail', 'Network/Email'); 22 | class UserGroup extends UserMgmtAppModel { 23 | 24 | /** 25 | * This model has following models 26 | * 27 | * @var array 28 | */ 29 | var $hasMany = array('Usermgmt.UserGroupPermission'); 30 | /** 31 | * model validation array 32 | * 33 | * @var array 34 | */ 35 | var $validate = array(); 36 | /** 37 | * model validation array 38 | * 39 | * @var array 40 | */ 41 | function addValidate() { 42 | $validate1 = array( 43 | 'name'=> array( 44 | 'mustNotEmpty'=>array( 45 | 'rule' => 'notEmpty', 46 | 'message'=> 'Please enter group name', 47 | 'last'=>true), 48 | 'mustUnique'=>array( 49 | 'rule' =>'isUnique', 50 | 'message' =>'This group name already added', 51 | 'on'=>'create', 52 | 'last'=>true), 53 | ), 54 | 'alias_name'=> array( 55 | 'mustNotEmpty'=>array( 56 | 'rule' => 'notEmpty', 57 | 'message'=> 'Please enter alias group name', 58 | 'last'=>true), 59 | 'mustUnique'=>array( 60 | 'rule' =>'isUnique', 61 | 'message' =>'This alias group name already added', 62 | 'on'=>'create', 63 | 'last'=>true), 64 | ), 65 | ); 66 | $this->validate=$validate1; 67 | return $this->validates(); 68 | } 69 | /** 70 | * Used to check permissions of group 71 | * 72 | * @access public 73 | * @param string $controller controller name 74 | * @param string $action action name 75 | * @param integer $userGroupID group id 76 | * @return boolean 77 | */ 78 | public function isUserGroupAccess($controller, $action, $userGroupID) { 79 | $includeGuestPermission=false; 80 | if (!PERMISSIONS) { 81 | return true; 82 | } 83 | if ($userGroupID==ADMIN_GROUP_ID && !ADMIN_PERMISSIONS) { 84 | return true; 85 | } 86 | 87 | $permissions = $this->getPermissions($userGroupID,$includeGuestPermission); 88 | $access =str_replace(' ','',ucwords(str_replace('_',' ',$controller))).'/'.$action; 89 | if (in_array($access, $permissions)) { 90 | return true; 91 | } 92 | return false; 93 | } 94 | /** 95 | * Used to check permissions of guest group 96 | * 97 | * @access public 98 | * @param string $controller controller name 99 | * @param string $action action name 100 | * @return boolean 101 | */ 102 | public function isGuestAccess($controller, $action) { 103 | if (PERMISSIONS) { 104 | return $this->isUserGroupAccess($controller, $action, GUEST_GROUP_ID); 105 | } else { 106 | return true; 107 | } 108 | } 109 | /** 110 | * Used to get permissions from cache or database of a group 111 | * 112 | * @access public 113 | * @param integer $userGroupID group id 114 | * @return array 115 | */ 116 | public function getPermissions($userGroupID) { 117 | $permissions = array(); 118 | // using the cake cache to store rules 119 | $cacheKey = 'rules_for_group_'.$userGroupID; 120 | $actions = Cache::read($cacheKey, 'UserMgmt'); 121 | if ($actions === false) { 122 | $actions = $this->UserGroupPermission->find('all',array('conditions'=>'UserGroupPermission.user_group_id = '.$userGroupID.' AND UserGroupPermission.allowed = 1')); 123 | Cache::write($cacheKey, $actions, 'UserMgmt'); 124 | } 125 | foreach ($actions as $action) { 126 | $permissions[] = $action['UserGroupPermission']['controller'].'/'.$action['UserGroupPermission']['action']; 127 | } 128 | return $permissions; 129 | } 130 | /** 131 | * Used to get group names 132 | * 133 | * @access public 134 | * @return array 135 | */ 136 | public function getGroupNames() { 137 | $this->unbindModel(array('hasMany' => array('UserGroupPermission'))); 138 | $result=$this->find("all", array("order"=>"id")); 139 | $i=0; 140 | $user_groups=array(); 141 | foreach ($result as $row) { 142 | $user_groups[$i]=$row['UserGroup']['name']; 143 | $i++; 144 | } 145 | return $user_groups; 146 | } 147 | /** 148 | * Used to get group names with ids 149 | * 150 | * @access public 151 | * @return array 152 | */ 153 | public function getGroupNamesAndIds() { 154 | $this->unbindModel(array('hasMany' => array('UserGroupPermission'))); 155 | $result=$this->find("all", array("order"=>"id")); 156 | $i=0; 157 | foreach ($result as $row) { 158 | $data['id']=$row['UserGroup']['id']; 159 | $data['name']=$row['UserGroup']['name']; 160 | $user_groups[$i]=$data; 161 | $i++; 162 | } 163 | return $user_groups; 164 | } 165 | /** 166 | * Used to get group names with ids without guest group 167 | * 168 | * @access public 169 | * @return array 170 | */ 171 | public function getGroups() { 172 | $this->unbindModel(array('hasMany' => array('UserGroupPermission'))); 173 | $result=$this->find("all", array("order"=>"id", "conditions"=>array('name !='=>"Guest"))); 174 | $user_groups=array(); 175 | $user_groups[0]='Select'; 176 | foreach ($result as $row) { 177 | $user_groups[$row['UserGroup']['id']]=$row['UserGroup']['name']; 178 | } 179 | return $user_groups; 180 | } 181 | /** 182 | * Used to get group names with ids for registration 183 | * 184 | * @access public 185 | * @return array 186 | */ 187 | public function getGroupsForRegistration() { 188 | $this->unbindModel(array('hasMany' => array('UserGroupPermission'))); 189 | $result=$this->find("all", array("order"=>"id", "conditions"=>array('allowRegistration'=>1))); 190 | $user_groups=array(); 191 | $user_groups[0]='Select'; 192 | foreach ($result as $row) { 193 | $user_groups[$row['UserGroup']['id']]=$row['UserGroup']['name']; 194 | } 195 | return $user_groups; 196 | } 197 | /** 198 | * Used to check group is available for registration 199 | * 200 | * @access public 201 | * @param integer $groupId group id 202 | * @return boolean 203 | */ 204 | function isAllowedForRegistration($groupId) { 205 | $result=$this->findById($groupId); 206 | if (!empty($result)) { 207 | if($result['UserGroup']['allowRegistration']==1) 208 | return true; 209 | } 210 | return false; 211 | } 212 | } -------------------------------------------------------------------------------- /Controller/Component/UserAuthComponent.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | class UserAuthComponent extends Component { 21 | /** 22 | * This component uses following components 23 | * 24 | * @var array 25 | */ 26 | var $components = array('Session', 'Cookie', 'RequestHandler'); 27 | /** 28 | * configur key 29 | * 30 | * @var string 31 | */ 32 | var $configureKey='User'; 33 | 34 | function initialize($controller) { 35 | 36 | } 37 | 38 | function __construct(ComponentCollection $collection, $settings = array()) { 39 | parent::__construct($collection, $settings); 40 | } 41 | 42 | function startup(&$controller = null) { 43 | 44 | } 45 | /** 46 | * Called before the controller action. You can use this method to configure and customize components 47 | * or perform logic that needs to happen before each controller action. 48 | * 49 | * @param object $c current controller object 50 | * @return void 51 | */ 52 | function beforeFilter(&$c) { 53 | $user = $this->__getActiveUser(); 54 | UsermgmtInIt($this); 55 | $pageRedirect = $c->Session->read('permission_error_redirect'); 56 | $c->Session->delete('permission_error_redirect'); 57 | $controller = $c->params['controller']; 58 | $action = $c->params['action']; 59 | $actionUrl = $controller.'/'.$action; 60 | $requested= (isset($controller->params['requested']) && $controller->params['requested']==1) ? true : false; 61 | $permissionFree=array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied'); 62 | if ((empty($pageRedirect) || $actionUrl!='users/login') && !$requested && !in_array($actionUrl, $permissionFree)) { 63 | App::import("Model", "Usermgmt.UserGroup"); 64 | $userGroupModel = new UserGroup; 65 | if (!$this->isLogged()) { 66 | if (!$userGroupModel->isGuestAccess($controller, $action)) { 67 | $c->log('permission: actionUrl-'.$actionUrl, LOG_DEBUG); 68 | $c->Session->write('permission_error_redirect','/users/login'); 69 | $c->Session->setFlash('You need to be signed in to view this page.'); 70 | $c->Session->write('Usermgmt.OriginAfterLogin', '/'.$c->params->url); 71 | $c->redirect('/login'); 72 | } 73 | } else { 74 | if (!$userGroupModel->isUserGroupAccess($controller, $action, $this->getGroupId())) { 75 | $c->log('permission: actionUrl-'.$actionUrl, LOG_DEBUG); 76 | $c->Session->write('permission_error_redirect','/users/login'); 77 | $c->redirect('/accessDenied'); 78 | } 79 | } 80 | } 81 | } 82 | /** 83 | * Used to check whether user is logged in or not 84 | * 85 | * @access public 86 | * @return boolean 87 | */ 88 | public function isLogged() { 89 | return ($this->getUserId() !== null); 90 | } 91 | /** 92 | * Used to get user from session 93 | * 94 | * @access public 95 | * @return array 96 | */ 97 | public function getUser() { 98 | return $this->Session->read('UserAuth'); 99 | } 100 | /** 101 | * Used to get user id from session 102 | * 103 | * @access public 104 | * @return integer 105 | */ 106 | public function getUserId() { 107 | return $this->Session->read('UserAuth.User.id'); 108 | } 109 | /** 110 | * Used to get group id from session 111 | * 112 | * @access public 113 | * @return integer 114 | */ 115 | public function getGroupId() { 116 | return $this->Session->read('UserAuth.User.user_group_id'); 117 | } 118 | /** 119 | * Used to get group name from session 120 | * 121 | * @access public 122 | * @return string 123 | */ 124 | public function getGroupName() { 125 | return $this->Session->read('UserAuth.UserGroup.alias_name'); 126 | } 127 | /** 128 | * Used to make password in hash format 129 | * 130 | * @access public 131 | * @param string $pass password of user 132 | * @return hash 133 | */ 134 | public function makePassword($pass) { 135 | return md5($pass); 136 | } 137 | /** 138 | * Used to maintain login session of user 139 | * 140 | * @access public 141 | * @param mixed $type possible values 'guest', 'cookie', user array 142 | * @param string $credentials credentials of cookie, default null 143 | * @return array 144 | */ 145 | public function login($type = 'guest', $credentials = null) { 146 | $user=array(); 147 | if (is_string($type) && ($type=='guest' || $type=='cookie')) { 148 | App::import("Model", "Usermgmt.User"); 149 | $userModel = new User; 150 | $user = $userModel->authsomeLogin($type, $credentials); 151 | } elseif (is_array($type)) { 152 | $user =$type; 153 | } 154 | Configure::write($this->configureKey, $user); 155 | $this->Session->write('UserAuth', $user); 156 | return $user; 157 | } 158 | /** 159 | * Used to delete user session and cookie 160 | * 161 | * @access public 162 | * @return void 163 | */ 164 | public function logout() { 165 | $this->Session->delete('UserAuth'); 166 | Configure::write($this->configureKey, array()); 167 | $this->Cookie->delete('UsermgmtCookie'); 168 | } 169 | /** 170 | * Used to persist cookie for remember me functionality 171 | * 172 | * @access public 173 | * @param string $duration duration of cookie life time on user's machine 174 | * @return boolean 175 | */ 176 | public function persist($duration = '2 weeks') { 177 | App::import("Model", "Usermgmt.User"); 178 | $userModel = new User; 179 | $token = $userModel->authsomePersist($this->getUserId(), $duration); 180 | $token = $token.':'.$duration; 181 | return $this->Cookie->write( 182 | 'UsermgmtCookie', 183 | $token, 184 | true, // encrypt = true 185 | $duration 186 | ); 187 | } 188 | /** 189 | * Used to check user's session if user's session is not available then it tries to get login from cookie if it exist 190 | * 191 | * @access private 192 | * @return array 193 | */ 194 | private function __getActiveUser() { 195 | $user = Configure::read($this->configureKey); 196 | if (!empty($user)) { 197 | return $user; 198 | } 199 | 200 | $this->__useSession() || $this->__useCookieToken() || $this->__useGuestAccount(); 201 | 202 | $user = Configure::read($this->configureKey); 203 | if (is_null($user)) { 204 | throw new Exception( 205 | 'Unable to initilize user' 206 | ); 207 | } 208 | return $user; 209 | } 210 | /** 211 | * Used to get user from session 212 | * 213 | * @access private 214 | * @return boolean 215 | */ 216 | private function __useSession() { 217 | $user = $this->getUser(); 218 | if (!$user) { 219 | return false; 220 | } 221 | Configure::write($this->configureKey, $user); 222 | return true; 223 | } 224 | /** 225 | * Used to get login from cookie 226 | * 227 | * @access private 228 | * @return boolean 229 | */ 230 | private function __useCookieToken() { 231 | $token = $this->Cookie->read('UsermgmtCookie'); 232 | if (!$token) { 233 | return false; 234 | } 235 | 236 | // Extract the duration appendix from the token 237 | $tokenParts = split(':', $token); 238 | $duration = array_pop($tokenParts); 239 | $token = join(':', $tokenParts); 240 | $user = $this->login('cookie', compact('token', 'duration')); 241 | // Delete the cookie once its been used 242 | $this->Cookie->delete('UsermgmtCookie'); 243 | if (!$user) { 244 | return; 245 | } 246 | $this->persist($duration); 247 | return (bool)$user; 248 | } 249 | /** 250 | * Used to get login as guest 251 | * 252 | * @access private 253 | * @return array 254 | */ 255 | private function __useGuestAccount() { 256 | return $this->login('guest'); 257 | } 258 | } -------------------------------------------------------------------------------- /Model/User.php: -------------------------------------------------------------------------------- 1 | . 20 | */ 21 | App::uses('UserMgmtAppModel', 'Usermgmt.Model'); 22 | App::uses('CakeEmail', 'Network/Email'); 23 | 24 | class User extends UserMgmtAppModel { 25 | 26 | /** 27 | * This model belongs to following models 28 | * 29 | * @var array 30 | */ 31 | var $belongsTo = array('Usermgmt.UserGroup'); 32 | /** 33 | * This model has following models 34 | * 35 | * @var array 36 | */ 37 | var $hasMany = array('LoginToken'=>array('className'=>'Usermgmt.LoginToken','limit' =>1)); 38 | /** 39 | * model validation array 40 | * 41 | * @var array 42 | */ 43 | var $validate = array(); 44 | /** 45 | * model validation array 46 | * 47 | * @var array 48 | */ 49 | function LoginValidate() { 50 | $validate1 = array( 51 | 'email'=> array( 52 | 'mustNotEmpty'=>array( 53 | 'rule' => 'notEmpty', 54 | 'message'=> 'Please enter email or username') 55 | ), 56 | 'password'=>array( 57 | 'mustNotEmpty'=>array( 58 | 'rule' => 'notEmpty', 59 | 'message'=> 'Please enter password') 60 | ) 61 | ); 62 | $this->validate=$validate1; 63 | return $this->validates(); 64 | } 65 | /** 66 | * model validation array 67 | * 68 | * @var array 69 | */ 70 | function RegisterValidate() { 71 | $validate1 = array( 72 | "user_group_id" => array( 73 | 'rule' => array('comparison', '!=', 0), 74 | 'message'=> 'Please select group'), 75 | 'username'=> array( 76 | 'mustNotEmpty'=>array( 77 | 'rule' => 'notEmpty', 78 | 'message'=> 'Please enter username', 79 | 'last'=>true), 80 | 'mustUnique'=>array( 81 | 'rule' =>'isUnique', 82 | 'message' =>'This username already taken', 83 | 'last'=>true), 84 | 'mustBeLonger'=>array( 85 | 'rule' => array('minLength', 4), 86 | 'message'=> 'Username must be greater than 3 characters', 87 | 'last'=>true), 88 | ), 89 | 'name'=> array( 90 | 'mustNotEmpty'=>array( 91 | 'rule' => 'notEmpty', 92 | 'message'=> 'Please enter full name') 93 | ), 94 | 'email'=> array( 95 | 'mustNotEmpty'=>array( 96 | 'rule' => 'notEmpty', 97 | 'message'=> 'Please enter email', 98 | 'last'=>true), 99 | 'mustBeEmail'=> array( 100 | 'rule' => array('email'), 101 | 'message' => 'Please enter valid email', 102 | 'last'=>true), 103 | 'mustUnique'=>array( 104 | 'rule' =>'isUnique', 105 | 'message' =>'This email is already registered', 106 | ) 107 | ), 108 | 'password'=>array( 109 | 'mustNotEmpty'=>array( 110 | 'rule' => 'notEmpty', 111 | 'message'=> 'Please enter password', 112 | 'on' => 'create', 113 | 'last'=>true), 114 | 'mustBeLonger'=>array( 115 | 'rule' => array('minLength', 6), 116 | 'message'=> 'Password must be greater than 5 characters', 117 | 'on' => 'create', 118 | 'last'=>true), 119 | 'mustMatch'=>array( 120 | 'rule' => array('verifies'), 121 | 'message' => 'Both passwords must match'), 122 | //'on' => 'create' 123 | ) 124 | ); 125 | $this->validate=$validate1; 126 | return $this->validates(); 127 | } 128 | /** 129 | * Used to match passwords 130 | * 131 | * @access protected 132 | * @return boolean 133 | */ 134 | protected function verifies() { 135 | return ($this->data['User']['password']===$this->data['User']['cpassword']); 136 | } 137 | /** 138 | * Used to send registration mail to user 139 | * 140 | * @access public 141 | * @param array $user user detail array 142 | * @return void 143 | */ 144 | public function sendRegistrationMail($user) { 145 | // send email to newly created user 146 | $userId=$user['User']['id']; 147 | $email = new CakeEmail(); 148 | $fromConfig = emailFromAddress; 149 | $fromNameConfig = emailFromName; 150 | $email->from(array( $fromConfig => $fromNameConfig)); 151 | $email->sender(array( $fromConfig => $fromNameConfig)); 152 | $email->to($user['User']['email']); 153 | $email->subject('Your registration is complete'); 154 | //$email->transport('Debug'); 155 | $body="Welcome ".$user['User']['name'].", Thank you for your registration on ".SITE_URL." \n\n Thanks,\n".emailFromName; 156 | try{ 157 | $result = $email->send($body); 158 | } catch (Exception $ex) { 159 | // we could not send the email, ignore it 160 | $result="Could not send registration email to userid-".$userId; 161 | } 162 | $this->log($result, LOG_DEBUG); 163 | } 164 | /** 165 | * Used to send email verification mail to user 166 | * 167 | * @access public 168 | * @param array $user user detail array 169 | * @return void 170 | */ 171 | public function sendVerificationMail($user) { 172 | $userId=$user['User']['id']; 173 | $email = new CakeEmail(); 174 | $fromConfig = emailFromAddress; 175 | $fromNameConfig = emailFromName; 176 | $email->from(array( $fromConfig => $fromNameConfig)); 177 | $email->sender(array( $fromConfig => $fromNameConfig)); 178 | $email->to($user['User']['email']); 179 | $email->subject('Email Verification Mail'); 180 | $activate_key = $this->getActivationKey($user['User']['password']); 181 | $link = Router::url("/userVerification?ident=$userId&activate=$activate_key",true); 182 | $body="Hi ".$user['User']['name'].", Click the link below to complete your registration \n\n ".$link; 183 | try{ 184 | $result = $email->send($body); 185 | } catch (Exception $ex){ 186 | // we could not send the email, ignore it 187 | $result="Could not send verification email to userid-".$userId; 188 | } 189 | $this->log($result, LOG_DEBUG); 190 | } 191 | /** 192 | * Used to generate activation key 193 | * 194 | * @access public 195 | * @param string $password user password 196 | * @return hash 197 | */ 198 | public function getActivationKey($password) { 199 | $salt = Configure::read ( "Security.salt" ); 200 | return md5(md5($password).$salt); 201 | } 202 | /** 203 | * Used to send forgot password mail to user 204 | * 205 | * @access public 206 | * @param array $user user detail 207 | * @return void 208 | */ 209 | public function forgotPassword($user) { 210 | $userId=$user['User']['id']; 211 | $email = new CakeEmail(); 212 | $fromConfig = emailFromAddress; 213 | $fromNameConfig = emailFromName; 214 | $email->from(array( $fromConfig => $fromNameConfig)); 215 | $email->sender(array( $fromConfig => $fromNameConfig)); 216 | $email->to($user['User']['email']); 217 | $email->subject(emailFromName.': Request to Reset Your Password'); 218 | $activate_key = $this->getActivationKey($user['User']['password']); 219 | $link = Router::url("/activatePassword?ident=$userId&activate=$activate_key",true); 220 | $body= "Welcome ".$user['User']['name'].", let's help you get signed in 221 | 222 | You have requested to have your password reset on ".emailFromName.". Please click the link below to reset your password now : 223 | 224 | ".$link." 225 | 226 | 227 | If above link does not work please copy and paste the URL link (above) into your browser address bar to get to the Page to reset password 228 | 229 | Choose a password you can remember and please keep it secure. 230 | 231 | Thanks,\n". 232 | 233 | emailFromName; 234 | try{ 235 | $result = $email->send($body); 236 | } catch (Exception $ex){ 237 | // we could not send the email, ignore it 238 | $result="Could not send forgot password email to userid-".$userId; 239 | } 240 | $this->log($result, LOG_DEBUG); 241 | } 242 | /** 243 | * Used to mark cookie used 244 | * 245 | * @access public 246 | * @param string $type 247 | * @param string $credentials 248 | * @return array 249 | */ 250 | public function authsomeLogin($type, $credentials = array()) { 251 | switch ($type) { 252 | case 'guest': 253 | // You can return any non-null value here, if you don't 254 | // have a guest account, just return an empty array 255 | return array(); 256 | case 'cookie': 257 | list($token, $userId) = split(':', $credentials['token']); 258 | $duration = $credentials['duration']; 259 | 260 | $loginToken = $this->LoginToken->find('first', array( 261 | 'conditions' => array( 262 | 'user_id' => $userId, 263 | 'token' => $token, 264 | 'duration' => $duration, 265 | 'used' => false, 266 | 'expires <=' => date('Y-m-d H:i:s', strtotime($duration)), 267 | ), 268 | 'contain' => false 269 | )); 270 | if (!$loginToken) { 271 | return false; 272 | } 273 | $loginToken['LoginToken']['used'] = true; 274 | $this->LoginToken->save($loginToken); 275 | 276 | $conditions = array( 277 | 'User.id' => $loginToken['LoginToken']['user_id'] 278 | ); 279 | break; 280 | default: 281 | return array(); 282 | } 283 | return $this->find('first', compact('conditions')); 284 | } 285 | /** 286 | * Used to generate cookie token 287 | * 288 | * @access public 289 | * @param integer $userId user id 290 | * @param string $duration cookie persist life time 291 | * @return string 292 | */ 293 | public function authsomePersist($userId, $duration) { 294 | $token = md5(uniqid(mt_rand(), true)); 295 | $this->LoginToken->create(array( 296 | 'user_id' => $userId, 297 | 'token' => $token, 298 | 'duration' => $duration, 299 | 'expires' => date('Y-m-d H:i:s', strtotime($duration)), 300 | )); 301 | $this->LoginToken->save(); 302 | return "${token}:${userId}"; 303 | } 304 | /** 305 | * Used to get name by user id 306 | * 307 | * @access public 308 | * @param integer $userId user id 309 | * @return string 310 | */ 311 | public function getNameById($userId) { 312 | $res = $this->findById($userId); 313 | $name=(!empty($res)) ? $res['User']['name'] : ''; 314 | return $name; 315 | } 316 | } 317 | -------------------------------------------------------------------------------- /Controller/UsersController.php: -------------------------------------------------------------------------------- 1 | . 19 | */ 20 | 21 | App::uses('UserMgmtAppController', 'Usermgmt.Controller'); 22 | 23 | class UsersController extends UserMgmtAppController { 24 | /** 25 | * This controller uses following models 26 | * 27 | * @var array 28 | */ 29 | public $uses = array('Usermgmt.User', 'Usermgmt.UserGroup'); 30 | /** 31 | * Called before the controller action. You can use this method to configure and customize components 32 | * or perform logic that needs to happen before each controller action. 33 | * 34 | * @return void 35 | */ 36 | public function beforeFilter() { 37 | parent::beforeFilter(); 38 | } 39 | /** 40 | * Used to display all users by Admin 41 | * 42 | * @access public 43 | * @return array 44 | */ 45 | public function index() { 46 | $this->User->unbindModel( array('hasMany' => array('LoginToken'))); 47 | $users=$this->User->find('all', array('order'=>'User.id desc')); 48 | $this->set('users', $users); 49 | } 50 | /** 51 | * Used to display detail of user by Admin 52 | * 53 | * @access public 54 | * @param integer $userId user id of user 55 | * @return array 56 | */ 57 | public function viewUser($userId=null) { 58 | if (!empty($userId)) { 59 | $user = $this->User->read(null, $userId); 60 | $this->set('user', $user); 61 | } else { 62 | $this->redirect('/allUsers'); 63 | } 64 | } 65 | /** 66 | * Used to display detail of user by user 67 | * 68 | * @access public 69 | * @return array 70 | */ 71 | public function myprofile() { 72 | $userId = $this->UserAuth->getUserId(); 73 | $user = $this->User->read(null, $userId); 74 | $this->set('user', $user); 75 | } 76 | /** 77 | * Used to logged in the site 78 | * 79 | * @access public 80 | * @return void 81 | */ 82 | public function login() { 83 | if ($this->request -> isPost()) { 84 | $this->User->set($this->data); 85 | if($this->User->LoginValidate()) { 86 | $email = $this->data['User']['email']; 87 | $password = $this->data['User']['password']; 88 | 89 | $user = $this->User->findByUsername($email); 90 | if (empty($user)) { 91 | $user = $this->User->findByEmail($email); 92 | if (empty($user)) { 93 | $this->Session->setFlash(__('Incorrect Email/Username or Password')); 94 | return; 95 | } 96 | } 97 | // check for inactive account 98 | if ($user['User']['id'] != 1 and $user['User']['active']==0) { 99 | $this->Session->setFlash(__('Your registration has not been confirmed please verify your email or contact to Administrator')); 100 | return; 101 | } 102 | $hashed = md5($password); 103 | if ($user['User']['password'] === $hashed) { 104 | $this->UserAuth->login($user); 105 | $remember = (!empty($this->data['User']['remember'])); 106 | if ($remember) { 107 | $this->UserAuth->persist('2 weeks'); 108 | } 109 | $OriginAfterLogin=$this->Session->read('Usermgmt.OriginAfterLogin'); 110 | $this->Session->delete('Usermgmt.OriginAfterLogin'); 111 | $redirect = (!empty($OriginAfterLogin)) ? $OriginAfterLogin : loginRedirectUrl; 112 | $this->redirect($redirect); 113 | } else { 114 | $this->Session->setFlash(__('Incorrect Email/Username or Password')); 115 | return; 116 | } 117 | } 118 | } 119 | } 120 | /** 121 | * Used to logged out from the site 122 | * 123 | * @access public 124 | * @return void 125 | */ 126 | public function logout() { 127 | $this->UserAuth->logout(); 128 | $this->Session->setFlash(__('You are successfully signed out')); 129 | $this->redirect('/login'); 130 | } 131 | /** 132 | * Used to register on the site 133 | * 134 | * @access public 135 | * @return void 136 | */ 137 | public function register() { 138 | $userId = $this->UserAuth->getUserId(); 139 | if ($userId) { 140 | $this->redirect("/user_dashboard"); 141 | } 142 | if (siteRegistration) { 143 | $userGroups=$this->UserGroup->getGroupsForRegistration(); 144 | $this->set('userGroups', $userGroups); 145 | if ($this->request -> isPost()) { 146 | $this->User->set($this->data); 147 | if ($this->User->RegisterValidate()) { 148 | if (!isset($this->data['User']['user_group_id'])) { 149 | $this->request->data['User']['user_group_id']=defaultGroupId; 150 | } elseif (!$this->UserGroup->isAllowedForRegistration($this->data['User']['user_group_id'])) { 151 | $this->Session->setFlash(__('Please select correct register as')); 152 | return; 153 | } 154 | if (!emailVerification) { 155 | $this->request->data['User']['active']=1; 156 | } 157 | $this->request->data['User']['password'] = $this->UserAuth->makePassword($this->request->data['User']['password']); 158 | $this->User->save($this->request->data,false); 159 | $userId=$this->User->getLastInsertID(); 160 | $user = $this->User->findById($userId); 161 | if (sendRegistrationMail && !emailVerification) { 162 | $this->User->sendRegistrationMail($user); 163 | } 164 | if (emailVerification) { 165 | $this->User->sendVerificationMail($user); 166 | } 167 | if (isset($this->request->data['User']['active']) && $this->request->data['User']['active']) { 168 | $this->UserAuth->login($user); 169 | $this->redirect('/'); 170 | } else { 171 | $this->Session->setFlash(__('Please check your mail and confirm your registration')); 172 | $this->redirect('/register'); 173 | } 174 | } 175 | } 176 | } else { 177 | $this->Session->setFlash(__('Sorry new registration is currently disabled, please try again later')); 178 | $this->redirect('/login'); 179 | } 180 | } 181 | /** 182 | * Used to change the password by user 183 | * 184 | * @access public 185 | * @return void 186 | */ 187 | public function changePassword() { 188 | $userId = $this->UserAuth->getUserId(); 189 | if ($this->request -> isPost()) { 190 | $this->User->set($this->data); 191 | if ($this->User->RegisterValidate()) { 192 | $this->User->id=$userId; 193 | $this->request->data['User']['password'] = $this->UserAuth->makePassword($this->request->data['User']['password']); 194 | $this->User->save($this->request->data,false); 195 | $this->Session->setFlash(__('Password changed successfully')); 196 | $this->redirect('/user_dashboard'); 197 | } 198 | } 199 | } 200 | /** 201 | * Used to change the user password by Admin 202 | * 203 | * @access public 204 | * @param integer $userId user id of user 205 | * @return void 206 | */ 207 | public function changeUserPassword($userId=null) { 208 | if (!empty($userId)) { 209 | $name=$this->User->getNameById($userId); 210 | $this->set('name', $name); 211 | if ($this->request -> isPost()) { 212 | $this->User->set($this->data); 213 | if($this->User->RegisterValidate()) { 214 | $this->User->id=$userId; 215 | $this->request->data['User']['password'] = $this->UserAuth->makePassword($this->request->data['User']['password']); 216 | $this->User->save($this->request->data,false); 217 | $this->Session->setFlash(__('Password for %s changed successfully', $name)); 218 | $this->redirect('/allUsers'); 219 | } 220 | } 221 | } else { 222 | $this->redirect('/allUsers'); 223 | } 224 | } 225 | /** 226 | * Used to add user on the site by Admin 227 | * 228 | * @access public 229 | * @return void 230 | */ 231 | public function addUser() { 232 | $userGroups=$this->UserGroup->getGroups(); 233 | $this->set('userGroups', $userGroups); 234 | if ($this->request -> isPost()) { 235 | $this->User->set($this->data); 236 | if ($this->User->RegisterValidate()) { 237 | $this->request->data['User']['active']=1; 238 | $this->request->data['User']['password'] = $this->UserAuth->makePassword($this->request->data['User']['password']); 239 | $this->User->save($this->request->data,false); 240 | $this->Session->setFlash(__('The user is successfully added')); 241 | $this->redirect('/addUser'); 242 | } 243 | } 244 | } 245 | /** 246 | * Used to edit user on the site by Admin 247 | * 248 | * @access public 249 | * @param integer $userId user id of user 250 | * @return void 251 | */ 252 | public function editUser($userId=null) { 253 | if (!empty($userId)) { 254 | $userGroups=$this->UserGroup->getGroups(); 255 | $this->set('userGroups', $userGroups); 256 | if ($this->request -> isPut()) { 257 | $this->User->set($this->data); 258 | if ($this->User->RegisterValidate()) { 259 | if (empty($this->request->data['User']['password'])) { 260 | unset($this->request->data['User']['password']); 261 | } else { 262 | $this->request->data['User']['password'] = $this->UserAuth->makePassword($this->request->data['User']['password']); 263 | } 264 | $this->User->create(); 265 | $this->User->save($this->request->data,false); 266 | $this->Session->setFlash(__('The user is successfully updated')); 267 | $this->redirect('/allUsers'); 268 | } 269 | } else { 270 | $user = $this->User->read(null, $userId); 271 | $this->request->data=null; 272 | if (!empty($user)) { 273 | $user['User']['password']=''; 274 | $this->request->data = $user; 275 | } 276 | } 277 | } else { 278 | $this->redirect('/allUsers'); 279 | } 280 | } 281 | /** 282 | * Used to delete the user by Admin 283 | * 284 | * @access public 285 | * @param integer $userId user id of user 286 | * @return void 287 | */ 288 | public function deleteUser($userId = null) { 289 | if (!empty($userId)) { 290 | if ($this->request -> isPost()) { 291 | if ($this->User->delete($userId, false)) { 292 | $this->Session->setFlash(__('User is successfully deleted')); 293 | } 294 | } 295 | $this->redirect('/allUsers'); 296 | } else { 297 | $this->redirect('/allUsers'); 298 | } 299 | } 300 | /** 301 | * Used to show dashboard of the user 302 | * 303 | * @access public 304 | * @return array 305 | */ 306 | public function dashboard() { 307 | $userId=$this->UserAuth->getUserId(); 308 | $user = $this->User->findById($userId); 309 | $this->set('user', $user); 310 | } 311 | /** 312 | * Used to activate user by Admin 313 | * 314 | * @access public 315 | * @param integer $userId user id of user 316 | * @return void 317 | */ 318 | public function makeActive($userId = null) { 319 | if (!empty($userId)) { 320 | $user=array(); 321 | $user['User']['id']=$userId; 322 | $user['User']['active']=1; 323 | $this->User->save($user,false); 324 | $this->Session->setFlash(__('User is successfully activated')); 325 | } 326 | $this->redirect('/allUsers'); 327 | } 328 | /** 329 | * Used to show access denied page if user want to view the page without permission 330 | * 331 | * @access public 332 | * @return void 333 | */ 334 | public function accessDenied() { 335 | 336 | } 337 | /** 338 | * Used to verify user's email address 339 | * 340 | * @access public 341 | * @return void 342 | */ 343 | public function userVerification() { 344 | if (isset($_GET['ident']) && isset($_GET['activate'])) { 345 | $userId= $_GET['ident']; 346 | $activateKey= $_GET['activate']; 347 | $user = $this->User->read(null, $userId); 348 | if (!empty($user)) { 349 | if (!$user['User']['active']) { 350 | $password = $user['User']['password']; 351 | $theKey = $this->User->getActivationKey($password); 352 | if ($activateKey==$theKey) { 353 | $user['User']['active']=1; 354 | $this->User->save($user,false); 355 | if (sendRegistrationMail && emailVerification) { 356 | $this->User->sendRegistrationMail($user); 357 | } 358 | $this->Session->setFlash(__('Thank you, your account is activated now')); 359 | } 360 | } else { 361 | $this->Session->setFlash(__('Thank you, your account is already activated')); 362 | } 363 | } else { 364 | $this->Session->setFlash(__('Sorry something went wrong, please click on the link again')); 365 | } 366 | } else { 367 | $this->Session->setFlash(__('Sorry something went wrong, please click on the link again')); 368 | } 369 | $this->redirect('/login'); 370 | } 371 | /** 372 | * Used to send forgot password email to user 373 | * 374 | * @access public 375 | * @return void 376 | */ 377 | public function forgotPassword() { 378 | if ($this->request -> isPost()) { 379 | $this->User->set($this->data); 380 | if ($this->User->LoginValidate()) { 381 | $email = $this->data['User']['email']; 382 | $user = $this->User->findByUsername($email); 383 | if (empty($user)) { 384 | $user = $this->User->findByEmail($email); 385 | if (empty($user)) { 386 | $this->Session->setFlash(__('Incorrect Email/Username or Password')); 387 | return; 388 | } 389 | } 390 | // check for inactive account 391 | if ($user['User']['id'] != 1 and $user['User']['active']==0) { 392 | $this->Session->setFlash(__('Your registration has not been confirmed yet please verify your email before reset password')); 393 | return; 394 | } 395 | $this->User->forgotPassword($user); 396 | $this->Session->setFlash(__('Please check your mail for reset your password')); 397 | $this->redirect('/login'); 398 | } 399 | } 400 | } 401 | /** 402 | * Used to reset password when user comes on the by clicking the password reset link from their email. 403 | * 404 | * @access public 405 | * @return void 406 | */ 407 | public function activatePassword() { 408 | if ($this->request -> isPost()) { 409 | if (!empty($this->data['User']['ident']) && !empty($this->data['User']['activate'])) { 410 | $this->set('ident',$this->data['User']['ident']); 411 | $this->set('activate',$this->data['User']['activate']); 412 | $this->User->set($this->data); 413 | if ($this->User->RegisterValidate()) { 414 | $userId= $this->data['User']['ident']; 415 | $activateKey= $this->data['User']['activate']; 416 | $user = $this->User->read(null, $userId); 417 | if (!empty($user)) { 418 | $password = $user['User']['password']; 419 | $thekey =$this->User->getActivationKey($password); 420 | if ($thekey==$activateKey) { 421 | $user['User']['password']=$this->data['User']['password']; 422 | $user['User']['password'] = $this->UserAuth->makePassword($user['User']['password']); 423 | $this->User->save($user,false); 424 | $this->Session->setFlash(__('Your password has been reset successfully')); 425 | $this->redirect('/login'); 426 | } else { 427 | $this->Session->setFlash(__('Something went wrong, please send password reset link again')); 428 | } 429 | } else { 430 | $this->Session->setFlash(__('Something went wrong, please click again on the link in email')); 431 | } 432 | } 433 | } else { 434 | $this->Session->setFlash(__('Something went wrong, please click again on the link in email')); 435 | } 436 | } else { 437 | if (isset($_GET['ident']) && isset($_GET['activate'])) { 438 | $this->set('ident',$_GET['ident']); 439 | $this->set('activate',$_GET['activate']); 440 | } 441 | } 442 | } 443 | } 444 | --------------------------------------------------------------------------------