summaryrefslogtreecommitdiffstats
path: root/application/controllers/user.php
AgeCommit message (Collapse)AuthorFilesLines
2014-09-18User controller queries built dynamicallyRafael Bodill1-74/+72
2014-09-18Query builder in user login and controllerRafael Bodill1-5/+7
2014-07-23Move migration code to CLI callable functionFlorian Pritz1-0/+5
This is necessary to prevent migrations from running multiple times in parallel. A git hook can be used to run this after checkout so impact should be fairly low. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-04-12Add foreign keys to databaseFlorian Pritz1-1/+1
Changing the referrer value for the root admin from 0 to NULL to make the foreign key check work. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-02-23user/create_apikey: Use empty comment if unsetFlorian Pritz1-0/+1
False gets converted to "0" when being stored in the DB which we don't want. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-02-21Implement multiple access levels for api keysFlorian Pritz1-4/+13
This allows to use an api key to write a completly standalone client. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-10-22Remove unnecessary TODOFlorian Pritz1-1/+0
It's fine if users can invite an unlimited amount of people. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-22Move user_logged_in check to controller constructorFlorian Pritz1-2/+0
TL;DR: Allows us to show a proper error page if encryption_key is missing from the config. muser->logged_in() can load the session class which will die if encryption_key is not set in the config causing an error to be displayed. Because the header is also loaded when we display an error loading the class will be tried again. CI maintains an array with information which classes have been tried to be loaded and will simply return true without loading again. muser->logged_in() will then try to access $this->session which doesn't exist. Since all of this happens when we are already in the header the error message appears in the navigation being hard to read. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-08user/create_apikey: Add JSON supportFlorian Pritz1-0/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Remove left over var_dump()Florian Pritz1-2/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Remove unneeded "as" in sql queryFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Generalize request_type() to static_storage()Florian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Provide json output for api functionsFlorian Pritz1-0/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Display domain of email address when resetting passwordFlorian Pritz1-1/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Deduplicate initialisation code in controllersFlorian Pritz1-15/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-12apikeys: allow any chars in commentFlorian Pritz1-3/+2
No real point in restricting those, just leads to people wanting to use special chars that don't work. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11Allow more chars in apikey commentFlorian Pritz1-2/+2
"fb-client user@host" will be used by fb-client so this should work... Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11Add API key supportFlorian Pritz1-0/+65
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-15user/test_login: Allow clients to test login credentialsFlorian Pritz1-0/+12
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-14Add sucess alert when saving profileFlorian Pritz1-2/+11
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-13Switch to bootstrap div form code instead of tablesFlorian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-13Add profile page to allow changing the upload id limitsFlorian Pritz1-0/+59
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-02-13Change license to AGPLFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-01-30Modularize authentication systemFlorian Pritz1-0/+4
This allows to easily add LDAP and other support. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-01-25Refactor querying action tableFlorian Pritz1-21/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-01-24Add password reset function/pages/linksFlorian Pritz1-0/+131
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-01-24Repurpose invitations table to actionsFlorian Pritz1-12/+15
This can be used to track data for all kinds of one-time actions like invitations and password resets. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-01-09Fix some indentation issuesFlorian Pritz1-5/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-01-09Fix copyright informationFlorian Pritz1-0/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-12-16c/user: register() prevent DB error if username is non-asciiFlorian Pritz1-4/+4
The DB col is set to ascii_general_ci so if the username doesn't pass the charset check we shouldn't even bother query the db because that can trigger a collation error (utf-8 vs ascii). Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-10-22switch design to bootstrap; minor fixes along the wayFlorian Pritz1-17/+17
Initial-work-by: Oliver Mader <b52@reaktor42.de> Additional-work-by: Markus Cisler <mrkscslr@gmail.com> Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-08-28Only create new sessions when the are really neededFlorian Pritz1-0/+1
Most sessions are just people viewing a paste. Those don't need a session until they want to log in so we don't have to pollute the database and waste resources. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-07-12Add cron function for user controllerFlorian Pritz1-0/+14
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-07-12c/user: improve error messagesFlorian Pritz1-6/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-07-12u/register: improve error message for invalid usernameFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-07-12Explicitly select fields in db queriesFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-07-12Display nice error message if username exists alreadyFlorian Pritz1-0/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-12fix missing object initialization and properly declare class variablesFlorian Pritz1-0/+6
var is deprecated since ages and in strict mode we have to initialize $this->var as a generic object before using it. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-03user/hash_password: add form to support normal browsersFlorian Pritz1-2/+16
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-11Show confirmation after loginFlorian Pritz1-0/+4
Some users might expect confirmation emails, but we don't send those (yet?). Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09user/register: restrict username to max 32 charsFlorian Pritz1-1/+1
The db field is 32 chars long. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09user/register: restrict username to a-z0-9Florian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09add register functionFlorian Pritz1-0/+73
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09random_id() -> random_alphanum(); allow single argumentFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Implement simple referral systemFlorian Pritz1-0/+49
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Move is_cli_client() and random_id() to helperFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Redirect to / if log in successfulFlorian Pritz1-4/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09more user changesFlorian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09start working on usersFlorian Pritz1-0/+74
Signed-off-by: Florian Pritz <bluewind@xinu.at>