Skip to content

Commit 8fbc14f

Browse files
xcompassxcompass
committed
Merge branch 'hotfix'
2 parents b1fa541 + 673fec8 commit 8fbc14f

35 files changed

+328
-413
lines changed

app/app_controller.php

+51-29
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,17 @@ public function beforeFilter()
6969
// set default language for now
7070
Configure::write('Config.language', 'eng');
7171

72+
// if we have a session transfered to us
73+
if ($this->_hasSessionTransferData()) {
74+
if ($this->_authenticateWithSessionTransferData()) {
75+
if (method_exists($this, '_afterLogin')) {
76+
$this->_afterLogin(false);
77+
}
78+
} else {
79+
$this->Session->setFlash($this->Auth->loginError, $this->Auth->flashElement, array(), 'auth');
80+
}
81+
}
82+
7283
// store user in the singleton for global access
7384
User::store($this->Auth->user());
7485

@@ -144,58 +155,55 @@ public function _extractModel($model,$array,$field)
144155
*/
145156
protected function _sendEmail($content, $subject, $from, $toAddress, $templateName = 'default', $ccAddress = array(), $bcc= array())
146157
{
147-
$this->SysParameter->reload();
148-
$smtp['port'] = $this->SysParameter->get('email.port');
149-
$smtp['host'] = $this->SysParameter->get('email.host');
150-
$smtp['username'] = $this->SysParameter->get('email.username');
151-
$smtp['password'] = $this->SysParameter->get('email.password');
152-
$smtp['timeout'] = 30;
153158
$this->Email->reset();
154159

155-
$this->Email->smtpOptions = $smtp;
156-
$this->Email->delivery = 'smtp';
160+
$smtpHost = $this->SysParameter->get('email.host');
161+
if (!empty($smtpHost)) {
162+
$smtp['port'] = $this->SysParameter->get('email.port');
163+
$smtp['host'] = $this->SysParameter->get('email.host');
164+
$smtp['username'] = $this->SysParameter->get('email.username');
165+
$smtp['password'] = $this->SysParameter->get('email.password');
166+
$smtp['timeout'] = 30;
167+
$this->Email->delivery = 'smtp';
168+
$this->Email->smtpOptions = $smtp;
169+
} else {
170+
$this->Email->delivery = 'mail';
171+
}
172+
157173
$this->Email->to = $toAddress;
158174
$this->Email->cc = $ccAddress;
159175
$this->Email->bcc = $bcc;
160176
$this->Email->subject = $subject;
161-
$this->Email->from = $from;
177+
$this->Email->from = ($from == null ? $this->SysParameter->get('display.contact_info') : $from);
162178
$this->Email->template = $templateName;
163179
$this->Email->sendAs = 'both';
180+
//$this->Email->delivery = 'debug';
164181

165182
return $this->Email->send($content);
166183
}
167184

168185
/**
169-
* beforeLogin callback, called every time in auth compoment
186+
* beforeLogin callback, called every time in auth compoment if user is not
187+
* logged in yet
170188
*
171189
* @access public
172190
* @return void
173191
*/
174192
public function _beforeLogin()
175193
{
176-
// if we have a session transfered to us
177-
if ($this->_hasSessionTransferData()) {
178-
if ($this->_authenticateWithSessionTransferData()) {
179-
if (method_exists($this, '_afterLogin')) {
180-
$this->_afterLogin();
181-
}
182-
return true;
183-
} else {
184-
$this->Session->setFlash($this->Auth->loginError, $this->Auth->flashElement, array(), 'auth');
185-
return false;
186-
}
187-
}
188194
$this->set('loginHeader', $this->SysParameter->get('display.login.header'));
189195
$this->set('loginFooter', $this->SysParameter->get('display.login.footer'));
190196
}
191197

192198
/**
193199
* afterLogin callback, called when logging in successfully
194200
*
201+
* @param bool $isRedirect whether redirecting
202+
*
195203
* @access public
196204
* @return void
197205
*/
198-
public function _afterLogin()
206+
public function _afterLogin($isRedirect = true)
199207
{
200208
if ($this->Auth->isAuthorized()) {
201209
User::getInstance($this->Auth->user());
@@ -205,11 +213,16 @@ public function _afterLogin()
205213
//TODO logging!
206214
}
207215

216+
if (!$isRedirect) {
217+
return;
218+
}
219+
208220
$redirect = $this->Auth->redirect();
209221
if (isset($this->params['url']['redirect'])) {
210222
$redirect = $this->params['url']['redirect'];
211223
}
212224

225+
$this->log('redirecting to '.$redirect, 'debug');
213226
$this->redirect($redirect);
214227
}
215228

@@ -251,16 +264,25 @@ function _hasSessionTransferData()
251264
*/
252265
function _authenticateWithSessionTransferData()
253266
{
267+
// valid signature first
254268
$message = $this->sessionTransferData['username'].$this->sessionTransferData['timestamp'].$this->sessionTransferData['token'];
255269
$secret = $this->OauthToken->getTokenSecret($this->sessionTransferData['token']);
256270
$signature = base64_encode(hash_hmac('sha1', $message, $secret, true));
257-
if ($signature == $this->sessionTransferData['signature']) {
258-
$user = $this->User->findByUsername($this->sessionTransferData['username']);
259-
$this->Session->write($this->Auth->sessionKey, $user['User']);
260-
return true;
271+
if ($signature != $this->sessionTransferData['signature']) {
272+
$this->log('Invalid signature! Expect '.$signature.', Got '.$this->sessionTransferData['signature']);
273+
274+
return false;
261275
}
262276

263-
$this->log('Invalid signature! Expect '.$signature.', Got '.$this->sessionTransferData['signature']);
264-
return false;
277+
// find the userId by username and use it to login
278+
$userId = $this->User->field('id', array('username' => $this->sessionTransferData['username']));
279+
if (!$this->Auth->login($userId)) {
280+
$this->log('Invalid username '.$this->sessionTransferData['username'].' from session transfer.', 'debug');
281+
return false;
282+
}
283+
284+
$this->log('User '.$this->sessionTransferData['username'].' is logged in with session transfer.', 'debug');
285+
286+
return true;
265287
}
266288
}

app/config/core.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -342,7 +342,7 @@
342342
$CWL['applicationID'] = '';
343343
$CWL['applicationPassword'] = '';
344344

345-
define('IPEER_VERSION', '3.0.1');
345+
define('IPEER_VERSION', '3.0.2');
346346

347347

348348
/**

app/controllers/components/evaluation.php

+7-8
Original file line numberDiff line numberDiff line change
@@ -1250,18 +1250,17 @@ function saveNGetEvalutionMixevalDetail($evalMixevalId, $mixeval, $targetEvaluat
12501250
/**
12511251
* getMixevalResultDetail
12521252
*
1253-
* @param mixed $event event
1253+
* @param mixed $groupEventId group event id
12541254
* @param mixed $groupMembers group members
12551255
*
12561256
* @access public
12571257
* @return void
12581258
*/
1259-
function getMixevalResultDetail ($groupEventId, $groupMembers)
1259+
function getMixevalResultDetail($groupEventId, $groupMembers)
12601260
{
12611261
$pos = 0;
12621262
$this->EvaluationSubmission = ClassRegistry::init('EvaluationSubmission');
12631263
$this->EvaluationMixeval = ClassRegistry::init('EvaluationMixeval');
1264-
$this->EvaluationMixevalDetail = ClassRegistry::init('EvaluationMixevalDetail');
12651264
$mixevalResultDetail = array();
12661265
$memberScoreSummary = array();
12671266
$inCompletedMembers = array();
@@ -1573,11 +1572,11 @@ function formatMixevalEvaluationResult($event, $displayFormat='', $studentView=0
15731572
//Get Members for this evaluation
15741573
if ($studentView) {
15751574

1576-
$this->User->id = $this->Auth->user('id');
1577-
1578-
$this->User->recursive = -1;
1579-
$user = $this->User->read();
1580-
$mixevalResultDetail = $this->getMixevalResultDetail($event['GroupEvent']['id'], $user);
1575+
$user = $this->User->find('first', array(
1576+
'conditions' => array('id' => User::get('id')),
1577+
'contain' => array('Role'),
1578+
));
1579+
$mixevalResultDetail = $this->getMixevalResultDetail($event['GroupEvent']['id'], array($user));
15811580
$groupMembers = $this->GroupsMembers->getEventGroupMembers(
15821581
$event['Group']['id'], $event['Event']['self_eval'], $currentUser['id']);
15831582
$groupMembersNoTutors = $this->GroupsMembers->getEventGroupMembersNoTutors(

app/controllers/components/template_email.php

+14-8
Original file line numberDiff line numberDiff line change
@@ -41,13 +41,20 @@ public function startup(&$controller)
4141
*/
4242
public function initParameters()
4343
{
44-
$smtp['port'] = $this->SysParameter->get('email.port');
45-
$smtp['host'] = $this->SysParameter->get('email.host');
46-
$smtp['username'] = $this->SysParameter->get('email.username');
47-
$smtp['password'] = $this->SysParameter->get('email.password');
48-
$smtp['timeout'] = 30;
49-
$this->smtpOptions = $smtp;
50-
$this->delivery = 'smtp';
44+
$this->Email->reset();
45+
46+
$smtpHost = $this->SysParameter->get('email.host');
47+
if (!empty($smtpHost)) {
48+
$smtp['port'] = $this->SysParameter->get('email.port');
49+
$smtp['host'] = $this->SysParameter->get('email.host');
50+
$smtp['username'] = $this->SysParameter->get('email.username');
51+
$smtp['password'] = $this->SysParameter->get('email.password');
52+
$smtp['timeout'] = 30;
53+
$this->delivery = 'smtp';
54+
$this->smtpOptions = $smtp;
55+
} else {
56+
$this->delivery = 'mail';
57+
}
5158
}
5259

5360
/**
@@ -146,7 +153,6 @@ public function merge($userIds, $string)
146153
$patterns = array();
147154
$replacements = array();
148155

149-
var_dump($merges);
150156
foreach ($users as $user) {
151157
foreach ($matches[0] as $key => $match) {
152158
$patterns[$key] = '/'.$match[0].'/';

app/controllers/emailtemplates_controller.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -213,7 +213,7 @@ function add()
213213
* @access public
214214
* @return void
215215
*/
216-
function edit ($id)
216+
function edit ($id = null)
217217
{
218218
if (!User::hasPermission('controllers/emailtemplates/edit')) {
219219
$this->Session->setFlash(__('Error: You do not have permission to edit email templates.', true));

app/controllers/evaluations_controller.php

+9-7
Original file line numberDiff line numberDiff line change
@@ -348,16 +348,15 @@ function makeEvaluation($eventId, $objectId = null) {
348348

349349
function _sendConfirmationEmail()
350350
{
351-
$this->SysParameter->reload();
352351
$email = User::get('email');
353352
if (empty($email)) {
354353
return;
355354
}
356355

357-
if (!$this->TemplateEmail->send(array(User::get('id') => $email), 'Submission Confirmation')) {
358-
$this->log('Sending email to '.$email.' failed.'. $this->Email->smtpError);
356+
/*if (!$this->TemplateEmail->send(array(User::get('id') => $email), 'Submission Confirmation')) {
357+
$this->log('Sending email to '.$email.' failed.'. $this->TemplateEmail->smtpError);
359358
$this->Session->setFlash('Sending confirmation email failed!');
360-
}
359+
}*/
361360
}
362361

363362
/**
@@ -1103,20 +1102,24 @@ function studentViewEvaluationResult($eventId, $groupId = null)
11031102

11041103
$this->Session->setFlash(__('Error: Invalid id or you do not have permission to access this event.', true));
11051104
$this->redirect('/home/index');
1105+
return;
11061106
}
11071107

11081108
if ('3' != $event['Event']['event_template_type_id']) {
11091109
// not survey, we need group
11101110
if (!is_numeric($groupId) ||
1111-
!($group = $this->Group->getGroupByGroupIdEventIdMemberId($groupId, $eventId, User::get('id')))) {
1111+
//!($group = $this->Group->getGroupByGroupIdEventIdMemberId($groupId, $eventId, User::get('id')))) {
1112+
!($group = $this->Group->getGroupWithMemberRoleByGroupIdEventId($groupId, $eventId))) {
11121113

11131114
$this->Session->setFlash(__('Error: Invalid group id or you are not in this group.', true));
11141115
$this->redirect('/home/index');
1115-
}
1116+
return;
1117+
}
11161118

11171119
if (!$event['Event']['is_result_released']) {
11181120
$this->Session->setFlash(__('Error: The results are not released.', true));
11191121
$this->redirect('/home/index');
1122+
return;
11201123
}
11211124
$event = array_merge($event, $group);
11221125
}
@@ -1189,7 +1192,6 @@ function studentViewEvaluationResult($eventId, $groupId = null)
11891192
if (isset($formattedResult['mixevalQuestion'])) {
11901193
$this->set('mixevalQuestion', $formattedResult['mixevalQuestion']);
11911194
}
1192-
$this->set('allMembersCompleted', $formattedResult['allMembersCompleted']);
11931195
$this->set('inCompletedMembers', $formattedResult['inCompletedMembers']);
11941196
$this->set('scoreRecords', $formattedResult['scoreRecords']);
11951197
$this->set('memberScoreSummary', $formattedResult['memberScoreSummary']);

app/controllers/groups_controller.php

+6-6
Original file line numberDiff line numberDiff line change
@@ -119,10 +119,10 @@ function setUpAjaxList ()
119119
*/
120120
function index($courseId)
121121
{
122-
$course = $this->Course->getAccessibleCourseById($courseId, User::get('id'), User::getCourseFilterPermission());
123-
if (!$course) {
122+
if (empty($courseId) || !$course = $this->Course->getAccessibleCourseById($courseId, User::get('id'), User::getCourseFilterPermission())) {
124123
$this->Session->setFlash(__('Error: Course does not exist or you do not have permission to view this course.', true));
125-
$this->redirect('index');
124+
$this->redirect('/courses');
125+
return;
126126
}
127127

128128
$this->set('breadcrumb', $this->breadcrumb->push(array('course' => $course['Course']))->push(__('Groups', true)));
@@ -327,10 +327,10 @@ function delete ($groupId = null)
327327
*/
328328
function import($courseId)
329329
{
330-
$course = $this->Course->getAccessibleCourseById($courseId, User::get('id'), User::getCourseFilterPermission());
331-
if (!$course) {
330+
if (empty($courseId) || !$course = $this->Course->getAccessibleCourseById($courseId, User::get('id'), User::getCourseFilterPermission())) {
332331
$this->Session->setFlash(__('Error: Course does not exist or you do not have permission to view this course.', true));
333-
$this->redirect('index');
332+
$this->redirect('/courses');
333+
return;
334334
}
335335
$this->breadcrumb->push(array('course' => $course['Course']));
336336

app/controllers/users_controller.php

+22-13
Original file line numberDiff line numberDiff line change
@@ -44,9 +44,14 @@ function beforeFilter()
4444
{
4545
parent::beforeFilter();
4646

47+
$allowTypes = array(
48+
'text/plain', 'text/csv', 'application/csv',
49+
'application/csv.ms-excel', 'application/octet-stream',
50+
'text/comma-separated-values', 'text/anytext');
4751
$this->FileUpload->allowedTypes(array(
48-
'txt' => array('text/plain'),
49-
'csv' => array('text/csv', 'application/csv')));
52+
'txt' => null,
53+
'csv' => null,
54+
));
5055
$this->FileUpload->uploadDir('../tmp');
5156
$this->FileUpload->fileModel(null);
5257
$this->FileUpload->attr('required', true);
@@ -705,7 +710,8 @@ function editProfile()
705710
$this->data['User']['id'] = $id;
706711

707712
if (!empty($this->data['User']['tmp_password'])) {
708-
if (md5($this->data['User']['old_password']==$this->Auth->user('password'))) {
713+
$user = $this->User->findUserByidWithFields($id, array('password'));
714+
if (md5($this->data['User']['old_password'])==$user['password']) {
709715
if ($this->data['User']['tmp_password']==$this->data['User']['confirm_password']) {
710716
$this->data['User']['password'] = md5($this->data['User']['tmp_password']);
711717
} else {
@@ -864,7 +870,10 @@ function resetPassword($user_id, $courseId = null)
864870
}
865871

866872
// Read the user
867-
$user_data = $this->User->findById($user_id, array('contain' => false));
873+
$user_data = $this->User->find('first', array(
874+
'conditions' => array('id' => $user_id),
875+
'contain' => false
876+
));
868877

869878
if (empty($user_data)) {
870879
$this->Session->setFlash(__('User Not Found!', true));
@@ -905,19 +914,19 @@ function resetPassword($user_id, $courseId = null)
905914

906915
//Save Data
907916
if ($this->User->save($user_data, true, array('password'))) {
908-
$message = sprintf(__("Password successfully reset. The new password is %s.\n", true), $tmp_password);
917+
$message = sprintf(__("Password successfully reset. The new password is %s.", true).'<br />', $tmp_password);
909918
$this->User->set('id', $user_id);
910919

911920
// send email to user
912921
$this->set('user_data', $user_data);
913-
if ($this->_sendEmail('', 'Reset Password', $this->Auth->user('email'), $user_data['User']['email'], 'resetPassword')) {
914-
//if ($this->_sendEmail( $to, $from, $subject, $email_msg )) {
915-
$message .= __("Email has been sent. ", true);
916-
} else {
917-
if (!isset($user_data['User']['email']) || strlen($user_data['User']['email']) < 1) {
918-
$message .= __('No destination email address. ', true);
922+
if (!empty($user_data['User']['email'])) {
923+
if ($this->_sendEmail('', 'Reset Password', null, $user_data['User']['email'], 'resetPassword')) {
924+
$message .= __("Email has been sent. ", true);
925+
} else {
926+
$message .= __("Email was <u>not</u> sent to the user. ", true) . $this->Email->smtpError;
919927
}
920-
$message .= __("Email was <u>not</u> sent to the user. ", true) . $this->Email->smtpError;
928+
} else {
929+
$message .= __('No email has been sent. User does not have email address.', true);
921930
}
922931
$this->Session->setFlash($message, 'good');
923932
$this->redirect($this->referer());
@@ -1081,7 +1090,7 @@ private function _sendAddUserEmail($user, $password, $enrolments) {
10811090
$from = $this->Auth->user('email');
10821091
$to = $user['User']['email'];
10831092
$username = $user['User']['username'];
1084-
$name = $user['User']['full_name'];
1093+
$name = $user['User']['first_name'].' '.$user['User']['last_name'];
10851094

10861095
// this means only students will get a list of courses they're
10871096
// enrolled in, since instructors are stored in another array

0 commit comments

Comments
 (0)