UsersController
- Type
- Class
- Namespace
- Craft
- Inherits
- Craft\UsersController » Craft\BaseController » CController (opens new window) » CBaseController (opens new window) » CComponent (opens new window)
- Since
- 1.0
The UsersController class is a controller that handles various user account related tasks such as logging-in, impersonating a user, logging out, forgetting passwords, setting passwords, validating accounts, activating accounts, creating users, saving users, processing user avatars, deleting, suspending and un-suspending users.
Note that all actions in the controller, except {@link actionLogin}, {@link actionLogout}, {@link actionGetAuthTimeout}, {@link actionSendPasswordResetEmail}, {@link actionSetPassword}, {@link actionVerifyEmail} and {@link actionSaveUser} require an authenticated Craft session via {@link BaseController::allowAnonymous}.
See also http://craftcms.com
View source (opens new window)
# Public Properties
| Property | Description |
|---|---|
| $defaultAction (opens new window) | string (opens new window) – The name of the default action. |
| $layout (opens new window) | mixed – The name of the layout to be applied to this controller's views. |
# Protected Properties
| Property | Description |
|---|---|
| $allowAnonymous | boolean (opens new window) |
# $allowAnonymous
Signature
protected boolean $allowAnonymous = ['actionLogin', 'actionLogout', 'actionGetAuthTimeout', 'actionForgotPassword', 'actionSendPasswordResetEmail', 'actionSendActivationEmail', 'actionSaveUser', 'actionSetPassword', 'actionVerifyEmail']
# Public Methods
| Method | Description |
|---|---|
| __call() (opens new window) | Calls the named method which is not a class method. |
| __construct() (opens new window) | |
| __get() (opens new window) | Returns a property value, an event handler list or a behavior based on its name. |
| __isset() (opens new window) | Checks if a property value is null. |
| __set() (opens new window) | Sets value of a component property. |
| __unset() (opens new window) | Sets a component property to be null. |
| accessRules() (opens new window) | Returns the access rules for this controller. |
| actionActivateUser() | Manually activates a user account. Only admins have access. |
| actionCropUserPhoto() | Crop user photo. |
| actionDeleteUser() | Deletes a user. |
| actionDeleteUserPhoto() | Delete all the photos for current user. |
| actionEditUser() | Edit a user account. |
| actionForgotPassword() | Sends a Forgot Password email. |
| actionGetAuthTimeout() | Returns how many seconds are left in the current user session. |
| actionGetElevatedSessionTimeout() | Returns how many seconds are left in the current elevated user session. |
| actionGetPasswordResetUrl() | Generates a new verification code for a given user, and returns its URL. |
| actionImpersonate() | Logs a user in for impersonation. Requires you to be an administrator. |
| actionLogin() | Displays the login template, and handles login post requests. |
| actionLogout() | |
| actionSaveFieldLayout() | Saves the user field layout. |
| actionSaveProfile() | Saves a user's profile. |
| actionSaveUser() | Provides an endpoint for saving a user account. |
| actionSendActivationEmail() | Sends a new activation email to a user. |
| actionSendPasswordResetEmail() | Sends a password reset email. |
| actionSetPassword() | Sets a user's password once they've verified they have access to their email. |
| actionStartElevatedSession() | Starts an elevated user session. |
| actionSuspendUser() | Suspends a user. |
| actionUnlockUser() | Unlocks a user, bypassing the cooldown phase. |
| actionUnsuspendUser() | Unsuspends a user. |
| actionUploadUserPhoto() | Upload a user photo. |
| actionValidate() | Verifies that a user has access to an email address. |
| actionVerifyEmail() | Verifies that a user has access to an email address. |
| actionVerifyPassword() | Verifies a password for a user. |
| actions() (opens new window) | Returns a list of external action classes. |
| asa() (opens new window) | Returns the named behavior object. |
| attachBehavior() (opens new window) | Attaches a behavior to this component. |
| attachBehaviors() (opens new window) | Attaches a list of behaviors to the component. |
| attachEventHandler() (opens new window) | Attaches an event handler to an event. |
| beforeAction() | Checks if a controller has overridden allowAnonymous either as an array with actions to allow anonymous access to or as a bool that applies to all actions. |
| beginCache() (opens new window) | Begins fragment caching. |
| beginClip() (opens new window) | Begins recording a clip. |
| beginContent() (opens new window) | Begins the rendering of content that is to be decorated by the specified view. |
| beginWidget() (opens new window) | Creates a widget and executes it. |
| behaviors() (opens new window) | Returns a list of behaviors that this controller should behave as. |
| canGetProperty() (opens new window) | Determines whether a property can be read. |
| canSetProperty() (opens new window) | Determines whether a property can be set. |
| clearPageStates() (opens new window) | Removes all page states. |
| createAbsoluteUrl() (opens new window) | Creates an absolute URL for the specified action defined in this controller. |
| createAction() (opens new window) | Creates the action instance based on the action name. |
| createUrl() (opens new window) | Creates a relative URL for the specified action defined in this controller. |
| createWidget() (opens new window) | Creates a widget and initializes it. |
| detachBehavior() (opens new window) | Detaches a behavior from the component. |
| detachBehaviors() (opens new window) | Detaches all behaviors from the component. |
| detachEventHandler() (opens new window) | Detaches an existing event handler. |
| disableBehavior() (opens new window) | Disables an attached behavior. |
| disableBehaviors() (opens new window) | Disables all behaviors attached to this component. |
| enableBehavior() (opens new window) | Enables an attached behavior. |
| enableBehaviors() (opens new window) | Enables all behaviors attached to this component. |
| endCache() (opens new window) | Ends fragment caching. |
| endClip() (opens new window) | Ends recording a clip. |
| endContent() (opens new window) | Ends the rendering of content. |
| endWidget() (opens new window) | Ends the execution of the named widget. |
| evaluateExpression() (opens new window) | Evaluates a PHP expression or callback under the context of this component. |
| filterAccessControl() (opens new window) | The filter method for 'accessControl' filter. |
| filterAjaxOnly() (opens new window) | The filter method for 'ajaxOnly' filter. |
| filterPostOnly() (opens new window) | The filter method for 'postOnly' filter. |
| filters() (opens new window) | Returns the filter configurations. |
| forward() (opens new window) | Processes the request using another controller action. |
| getAction() (opens new window) | |
| getActionParams() | Returns the request parameters that will be used for action parameter binding. |
| getCachingStack() (opens new window) | |
| getClips() (opens new window) | Returns the list of clips. |
| getEventHandlers() (opens new window) | Returns the list of attached event handlers for an event. |
| getId() (opens new window) | |
| getLayoutFile() (opens new window) | Looks for the layout view script based on the layout name. |
| getModule() (opens new window) | |
| getPageState() (opens new window) | Returns a persistent page state value. |
| getPageTitle() (opens new window) | |
| getRoute() (opens new window) | |
| getUniqueId() (opens new window) | |
| getViewFile() (opens new window) | Returns the view script file according to the specified view name. |
| getViewPath() (opens new window) | Returns the directory containing view files for this controller. |
| hasEvent() (opens new window) | Determines whether an event is defined. |
| hasEventHandler() (opens new window) | Checks whether the named event has attached handlers. |
| hasProperty() (opens new window) | Determines whether a property is defined. |
| init() (opens new window) | Initializes the controller. |
| invalidActionParams() (opens new window) | This method is invoked when the request parameters do not satisfy the requirement of the specified action. |
| isCachingStackEmpty() (opens new window) | Returns whether the caching stack is empty. |
| missingAction() (opens new window) | Handles the request whose action is not recognized. |
| processDynamicOutput() (opens new window) | Postprocesses the dynamic output. |
| processOutput() (opens new window) | Postprocesses the output generated by {@link render()}. |
| raiseEvent() (opens new window) | Raises an event. |
| recordCachingAction() (opens new window) | Records a method call when an output cache is in effect. |
| redirect() | Redirects the browser to a given URL. |
| redirectToPostedUrl() | Redirects to the URI specified in the POST. |
| refresh() (opens new window) | Refreshes the current page. |
| render() (opens new window) | Renders a view with a layout. |
| renderClip() (opens new window) | Renders a named clip with the supplied parameters. |
| renderDynamic() (opens new window) | Renders dynamic content returned by the specified callback. |
| renderDynamicInternal() (opens new window) | This method is internally used. |
| renderFile() (opens new window) | Renders a view file. |
| renderInternal() (opens new window) | Renders a view file. |
| renderPartial() (opens new window) | Renders a view. |
| renderTemplate() | Renders a template, and either outputs or returns it. |
| renderText() (opens new window) | Renders a static text string. |
| requireAdmin() | Throws a 403 error if the current user is not an admin. |
| requireAjaxRequest() | Throws a 400 error if this isn’t an Ajax request. |
| requireElevatedSession() | Requires that the user has an elevated session. |
| requireLogin() | Redirects the user to the login template if they're not logged in. |
| requirePostRequest() | Throws a 400 error if this isn’t a POST request |
| requireToken() | Throws a 400 error if the current request doesn’t have a valid token. |
| resolveViewFile() (opens new window) | Finds a view file based on its name. |
| returnErrorJson() | Responds to the request with a JSON error message. |
| returnJson() | Responds to the request with JSON. |
| run() (opens new window) | Runs the named action. |
| runAction() (opens new window) | Runs the action after passing through all filters. |
| runActionWithFilters() (opens new window) | Runs an action with the specified filters. |
| setAction() (opens new window) | |
| setPageState() (opens new window) | Saves a persistent page state value. |
| setPageTitle() (opens new window) | |
| widget() (opens new window) | Creates a widget and executes it. |
# actionActivateUser()
Signature
public null actionActivateUser ( )
# actionCropUserPhoto()
Signature
public null actionCropUserPhoto ( )
# actionDeleteUser()
Signature
public null actionDeleteUser ( )
# actionDeleteUserPhoto()
Signature
public null actionDeleteUserPhoto ( )
# actionEditUser()
Edit a user account.
View source (opens new window)
Arguments
$variables(array (opens new window))$account(string (opens new window), null (opens new window))
Returns
Throws
Signature
public null actionEditUser ( array $variables = [], $account = null )
# actionForgotPassword()
DEPRECATED
Deprecated Deprecated in 2.3. Use {@link actionSendPasswordResetEmail()} instead.
Sends a Forgot Password email.
View source (opens new window)
Returns
Signature
public null actionForgotPassword ( )
# actionGetAuthTimeout()
Returns how many seconds are left in the current user session.
View source (opens new window)
Returns
Signature
public null actionGetAuthTimeout ( )
# actionGetElevatedSessionTimeout()
Returns how many seconds are left in the current elevated user session.
View source (opens new window)
Returns
Signature
public null actionGetElevatedSessionTimeout ( )
# actionGetPasswordResetUrl()
Generates a new verification code for a given user, and returns its URL.
View source (opens new window)
Returns
Throws
\Craft\HttpException|\Craft\Exception
Signature
public null actionGetPasswordResetUrl ( )
# actionImpersonate()
Logs a user in for impersonation. Requires you to be an administrator.
View source (opens new window)
Returns
Signature
public null actionImpersonate ( )
# actionLogin()
Displays the login template, and handles login post requests.
View source (opens new window)
Returns
Signature
public null actionLogin ( )
# actionLogout()
Signature
public null actionLogout ( )
# actionSaveFieldLayout()
Signature
public null actionSaveFieldLayout ( )
# actionSaveProfile()
DEPRECATED
Deprecated Deprecated in 2.0. Use {@link UsersController::saveUser()} instead.
Saves a user's profile.
View source (opens new window)
Returns
Signature
public null actionSaveProfile ( )
# actionSaveUser()
Provides an endpoint for saving a user account. This action accounts for the following scenarios:
- An admin registering a new user account.
- An admin editing an existing user account.
- A normal user with user-administration permissions registering a new user account.
- A normal user with user-administration permissions editing an existing user account.
- A guest registering a new user account ("public registration").
This action behaves the same regardless of whether it was requested from the Control Panel or the front-end site.
View source (opens new window)
Returns
Throws
\Craft\HttpException|\Craft\Exception
Signature
public null actionSaveUser ( )
# actionSendActivationEmail()
Signature
public null actionSendActivationEmail ( )
# actionSendPasswordResetEmail()
Signature
public null actionSendPasswordResetEmail ( )
# actionSetPassword()
Sets a user's password once they've verified they have access to their email.
View source (opens new window)
Returns
Throws
\Craft\HttpException|\Craft\Exception
Signature
public null actionSetPassword ( )
# actionStartElevatedSession()
Signature
public null actionStartElevatedSession ( )
# actionSuspendUser()
Signature
public null actionSuspendUser ( )
# actionUnlockUser()
Signature
public null actionUnlockUser ( )
# actionUnsuspendUser()
Signature
public null actionUnsuspendUser ( )
# actionUploadUserPhoto()
Signature
public null actionUploadUserPhoto ( )
# actionValidate()
DEPRECATED
Deprecated Deprecated in 2.3. Use {@link UsersController::actionVerifyEmail()} instead.
Verifies that a user has access to an email address.
View source (opens new window)
Returns
Signature
public null actionValidate ( )
# actionVerifyEmail()
Signature
public null actionVerifyEmail ( )
# actionVerifyPassword()
Signature
public boolean actionVerifyPassword ( )
# Protected Methods
| Method | Description |
|---|---|
| afterAction() (opens new window) | This method is invoked right after an action is executed. |
| afterRender() (opens new window) | This method is invoked after the specified view is rendered by calling {@link render()}. |
| beforeRender() (opens new window) | This method is invoked at the beginning of {@link render()}. |
| createActionFromMap() (opens new window) | Creates the action instance based on the action map. |
| loadPageStates() (opens new window) | Loads page states from a hidden input. |
| replaceDynamicOutput() (opens new window) | Replaces the dynamic content placeholders with actual content. |
| savePageStates() (opens new window) | Saves page states as a base64 string. |
# Constants
| Constant | Description |
|---|---|
STATE_INPUT_NAME | Name of the hidden field storing persistent page states. |