func (this *RegistrationController) Register(login, password, email, role string) (result string, regId int) {
result = "ok"
salt := strconv.Itoa(int(time.Now().Unix()))
pass := utils.GetMD5Hash(password + salt)
passHasInvalidChars := false
for i := 0; i < len(password); i++ {
if strconv.IsPrint(rune(password[i])) == false {
passHasInvalidChars = true
break
}
}
if db.IsExists("users", []string{"login"}, []interface{}{login}) == true {
result = "loginExists"
} else if !utils.MatchRegexp("^[a-zA-Z0-9]{2,36}$", login) {
result = "badLogin"
} else if !utils.MatchRegexp("^.{6,36}$", password) || passHasInvalidChars {
result = "badPassword"
// } else if bad email {
} else {
token := utils.GetRandSeq(HASH_SIZE)
if !mailer.SendConfirmEmail(login, email, token) {
return "badEmail", -1
}
var userId int
this.GetModel("users").
LoadModelData(map[string]interface{}{
"login": login,
"pass": pass,
"salt": salt,
"role": role,
"token": token,
"enabled": false}).
QueryInsert("RETURNING id").
Scan(&userId)
var faceId int
this.GetModel("faces").
LoadModelData(map[string]interface{}{"user_id": userId}).
QueryInsert("RETURNING id").
Scan(&faceId)
this.GetModel("registrations").
LoadModelData(map[string]interface{}{"face_id": faceId, "event_id": 1, "status": false}).
QueryInsert("RETURNING id").
Scan(®Id)
return result, regId
}
return result, -1
}
func (this *RegistrationController) InsertUserParams(userId, regId int, data []interface{}) (err error) {
var paramValueIds []string
date := time.Now().Format("2006-01-02T15:04:05Z00:00")
for _, element := range data {
paramId, err := strconv.Atoi(element.(map[string]interface{})["id"].(string))
if err != nil {
continue
}
if paramId == 1 || paramId == 2 || paramId == 3 {
continue
}
query := `SELECT params.name, params.required, params.editable
FROM params
WHERE params.id = $1;`
result := db.Query(query, []interface{}{paramId})
name := result[0].(map[string]interface{})["name"].(string)
required := result[0].(map[string]interface{})["required"].(bool)
editable := result[0].(map[string]interface{})["editable"].(bool)
value := element.(map[string]interface{})["value"].(string)
if required && utils.MatchRegexp("^[ \t\v\r\n\f]{0,}$", value) {
db.QueryDeleteByIds("param_vals", strings.Join(paramValueIds, ", "))
db.QueryDeleteByIds("registrations", strconv.Itoa(regId))
return errors.New("Заполните параметр '" + name + "'.")
}
if !editable {
value = " "
}
var paramValId int
err = this.GetModel("param_values").
LoadModelData(map[string]interface{}{
"param_id": paramId,
"value": value,
"date": date,
"user_id": userId,
"reg_id": regId}).
QueryInsert("RETURNING id").
Scan(¶mValId)
if err, ok := err.(*pq.Error); ok {
log.Println(err.Code.Name())
}
paramValueIds = append(paramValueIds, strconv.Itoa(paramValId))
}
return nil
}
//-----------------------------------------------------------------------------
func (this *BlankController) EditParams() {
userId, err := this.CheckSid()
if err != nil {
http.Redirect(this.Response, this.Request, "/", http.StatusUnauthorized)
return
}
request, err := utils.ParseJS(this.Request, this.Response)
if err != nil {
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
date := time.Now().Format("2006-01-02T15:04:05Z00:00")
for _, v := range request["data"].([]interface{}) {
paramValId, err := strconv.Atoi(v.(map[string]interface{})["param_val_id"].(string))
if err != nil {
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
query := `SELECT params.name, params.required, params.editable
FROM params
INNER JOIN param_values ON param_values.param_id = params.id
WHERE param_values.id = $1;`
result := db.Query(query, []interface{}{paramValId})
name := result[0].(map[string]interface{})["name"].(string)
required := result[0].(map[string]interface{})["required"].(bool)
editable := result[0].(map[string]interface{})["editable"].(bool)
value := v.(map[string]interface{})["value"].(string)
if required && utils.MatchRegexp("^[ \t\v\r\n\f]{0,}$", value) {
utils.SendJSReply(map[string]interface{}{"result": "Заполните параметр '" + name + "'"}, this.Response)
return
}
if !this.isAdmin() && !editable {
continue
}
if value == "" {
value = " "
}
params := map[string]interface{}{"value": value, "date": date, "user_id": userId}
where := map[string]interface{}{"id": paramValId}
this.GetModel("param_values").Update(this.isAdmin(), userId, params, where)
}
utils.SendJSReply(map[string]interface{}{"result": "Изменения сохранены"}, this.Response)
}
func (this *UserController) ResetPassword() {
userId, err := this.CheckSid()
if err != nil {
http.Redirect(this.Response, this.Request, "/", http.StatusUnauthorized)
return
}
request, err := utils.ParseJS(this.Request, this.Response)
if err != nil {
utils.SendJSReply(err.Error(), this.Response)
return
}
pass := request["pass"].(string)
if !utils.MatchRegexp("^.{6,36}$", pass) {
utils.SendJSReply(map[string]interface{}{"result": "badPassword"}, this.Response)
return
}
var id int
if request["id"] == nil {
id = userId
} else {
id, err = strconv.Atoi(request["id"].(string))
if utils.HandleErr("[UserController::ResetPassword] strconv.Atoi: ", err, this.Response) {
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
}
var enabled bool
salt := strconv.Itoa(int(time.Now().Unix()))
where := map[string]interface{}{"id": id}
user := this.GetModel("users")
user.LoadWherePart(where).
SelectRow([]string{"enabled"}).
Scan(&enabled)
params := map[string]interface{}{"enabled": enabled, "salt": salt, "pass": utils.GetMD5Hash(pass + salt)}
user.Update(this.isAdmin(), id, params, where)
utils.SendJSReply(map[string]interface{}{"result": "ok"}, this.Response)
}
func (this *RegistrationController) EventRegisterAction() {
var result string
var regId int
data, err := utils.ParseJS(this.Request, this.Response)
if err != nil {
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
eventId := int(data["event_id"].(float64))
if eventId == 1 && sessions.CheckSession(this.Response, this.Request) {
utils.SendJSReply(map[string]interface{}{"result": "authorized"}, this.Response)
return
}
if sessions.CheckSession(this.Response, this.Request) {
userId, err := this.CheckSid()
if err != nil {
utils.SendJSReply(map[string]interface{}{"result": "Unauthorized"}, this.Response)
return
}
var faceId int
query := `SELECT faces.id FROM faces
INNER JOIN registrations ON registrations.face_id = faces.id
INNER JOIN events ON events.id = registrations.event_id
INNER JOIN users ON users.id = faces.user_id
WHERE users.id = $1 AND events.id = 1;`
err = db.QueryRow(query, []interface{}{userId}).Scan(&faceId)
if err != nil {
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
this.GetModel("registrations").
LoadModelData(map[string]interface{}{"face_id": faceId, "event_id": eventId, "status": false}).
QueryInsert("RETURNING id").
Scan(®Id)
if err = this.InsertUserParams(userId, regId, data["data"].([]interface{})); err != nil {
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
} else if eventId == 1 {
userLogin, userPass, email, flag := "", "", "", 0
for _, element := range data["data"].([]interface{}) {
paramId, err := strconv.Atoi(element.(map[string]interface{})["id"].(string))
if err != nil {
continue
}
value := element.(map[string]interface{})["value"].(string)
if paramId == 1 {
if utils.MatchRegexp("^[ \t\v\r\n\f]{0,}$", value) {
utils.SendJSReply(map[string]interface{}{"result": "Заполните параметр 'Логин'."}, this.Response)
return
}
userLogin = value
flag += 1
continue
} else if paramId == 2 || paramId == 3 {
if utils.MatchRegexp("^[ \t\v\r\n\f]{0,}$", value) {
utils.SendJSReply(map[string]interface{}{"result": "Заполните параметр 'Пароль/Подтвердите пароль'."}, this.Response)
return
}
userPass = value
flag += 1
continue
} else if paramId == 4 {
if utils.MatchRegexp("^[ \t\v\r\n\f]{0,}$", value) {
utils.SendJSReply(map[string]interface{}{"result": "Заполните параметр 'Email'."}, this.Response)
return
}
email = value
flag += 1
continue
} else if flag > 3 {
break
}
}
result, regId = this.Register(userLogin, userPass, email, "user")
if result != "ok" && regId == -1 {
utils.SendJSReply(map[string]interface{}{"result": result}, this.Response)
return
}
query := `SELECT users.id
FROM users
INNER JOIN faces ON faces.user_id = users.id
INNER JOIN registrations ON registrations.face_id = faces.id
WHERE registrations.id = $1;`
userId := db.Query(query, []interface{}{regId})[0].(map[string]interface{})["id"].(int)
err = this.InsertUserParams(userId, regId, data["data"].([]interface{}))
if err != nil {
db.QueryDeleteByIds("users", strconv.Itoa(userId))
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
} else {
utils.SendJSReply(map[string]interface{}{"result": "Unauthorized"}, this.Response)
return
}
utils.SendJSReply(map[string]interface{}{"result": "ok"}, this.Response)
}
func (this *GroupController) AddPerson() {
userId, err := this.CheckSid()
if err != nil {
utils.SendJSReply(map[string]interface{}{"result": "Unauthorized"}, this.Response)
return
}
request, err := utils.ParseJS(this.Request, this.Response)
if err != nil {
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
groupId, err := strconv.Atoi(request["group_id"].(string))
if err != nil {
utils.SendJSReply(map[string]interface{}{"result": err.Error()}, this.Response)
return
}
var groupName string
db.QueryRow("SELECT name FROM groups WHERE id = $1;", []interface{}{groupId}).Scan(&groupName)
date := time.Now().Format("2006-01-02T15:04:05Z00:00")
token := utils.GetRandSeq(HASH_SIZE)
to, address, headName := "", "", ""
query := `SELECT param_values.value
FROM param_values
INNER JOIN registrations ON registrations.id = param_values.reg_id
INNER JOIN params ON params.id = param_values.param_id
INNER JOIN events ON events.id = registrations.event_id
INNER JOIN faces ON faces.id = registrations.face_id
INNER JOIN users ON users.id = faces.user_id
WHERE params.id in (5, 6, 7) AND users.id = $1 AND events.id = 1 ORDER BY params.id;`
data := db.Query(query, []interface{}{userId})
if len(data) < 3 {
utils.SendJSReply(map[string]interface{}{"result": "Данные о руководителе группы отсутсвуют"}, this.Response)
return
} else {
headName = data[0].(map[string]interface{})["value"].(string)
headName += " " + data[1].(map[string]interface{})["value"].(string)
headName += " " + data[2].(map[string]interface{})["value"].(string)
}
var faceId int
this.GetModel("faces").QueryInsert("RETURNING id").Scan(&faceId)
this.GetModel("persons").
LoadModelData(map[string]interface{}{"face_id": faceId, "group_id": groupId, "status": false, "token": token}).
QueryInsert("").
Scan()
var regId int
this.GetModel("registrations").
LoadModelData(map[string]interface{}{"face_id": faceId, "event_id": 1, "status": false}).
QueryInsert("RETURNING id").
Scan(®Id)
var paramValueIds []string
for _, element := range request["data"].([]interface{}) {
paramId, err := strconv.Atoi(element.(map[string]interface{})["id"].(string))
if err != nil {
log.Println(err.Error())
continue
}
query := `SELECT params.name FROM params WHERE params.id = $1;`
res := db.Query(query, []interface{}{paramId})
name := res[0].(map[string]interface{})["name"].(string)
value := element.(map[string]interface{})["value"].(string)
if utils.MatchRegexp("^[ \t\v\r\n\f]{0,}$", value) {
db.QueryDeleteByIds("param_vals", strings.Join(paramValueIds, ", "))
db.QueryDeleteByIds("registrations", strconv.Itoa(regId))
db.QueryDeleteByIds("faces", strconv.Itoa(faceId))
utils.SendJSReply(map[string]interface{}{"result": "Заполните параметр '" + name + "'."}, this.Response)
return
}
var paramValId int
paramValues := this.GetModel("param_values")
err = paramValues.LoadModelData(map[string]interface{}{
"param_id": paramId,
"value": value,
"date": date,
"user_id": userId,
"reg_id": regId}).
QueryInsert("RETURNING id").
Scan(¶mValId)
if err, ok := err.(*pq.Error); ok {
log.Println(err.Code.Name())
}
paramValueIds = append(paramValueIds, strconv.Itoa(paramValId))
if paramId == 4 {
address = value
} else if paramId == 5 || paramId == 6 || paramId == 7 {
to += value + " "
}
}
if !mailer.InviteToGroup(to, address, token, headName, groupName) {
utils.SendJSReply(
map[string]interface{}{
"result": "Вы указали неправильный email, отправить письмо-приглашенине невозможно"},
this.Response)
return
}
utils.SendJSReply(map[string]interface{}{"result": "ok"}, this.Response)
}