public function authenticate()
{
$userIp = userIp();
$this->_user = Users::model()->with('profile')->find('login = :login AND role = :role', array('login' => $this->username, 'role' => Users::ROLE_ADMIN));
if ($this->_user === NULL) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif (Users::validatePassword($this->password, $this->_user->password) === FALSE) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
// Сохраняю неудачную попытку входа
UsersAuthLogs::model()->addErrorAuth($this->_user->getPrimaryKey());
} elseif ($this->_user->activated == Users::STATUS_INACTIVATED) {
$this->errorCode = self::ERROR_STATUS_INACTIVE;
} elseif ($this->_user->role == Users::ROLE_BANNED) {
$this->errorCode = self::ERROR_STATUS_BANNED;
} elseif ($this->_user->profile->protected_ip && !in_array($userIp, $this->_user->profile->protected_ip)) {
$this->errorCode = self::ERROR_STATUS_IP_NO_ACCESS;
} else {
$this->_id = $this->_user->getPrimaryKey();
$this->_user->auth_hash = Users::generateAuthHash();
$this->setState('auth_hash', $this->_user->auth_hash);
$this->_user->save(FALSE, array('auth_hash', 'updated_at'));
// Запись в лог
UsersAuthLogs::model()->addSuccessAuth($this->_user->getPrimaryKey());
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
public function actionIndex()
{
$model = new DepositForm();
if (isset($_POST['DepositForm']) && $this->gs->deposit_allow) {
$model->setAttributes($_POST['DepositForm']);
if ($model->validate()) {
try {
db()->createCommand()->insert('{{transactions}}', array('payment_system' => $this->gs->deposit_payment_system, 'user_id' => user()->getId(), 'sum' => $model->sum * $this->gs->deposit_course_payments, 'count' => $model->sum, 'status' => 0, 'user_ip' => userIp(), 'params' => NULL, 'gs_id' => user()->getGsId(), 'created_at' => date('Y-m-d H:i:s')));
app()->session['transaction_id'] = db()->getLastInsertID();
$this->redirect(array('/cabinet/deposit/processed'));
} catch (Exception $e) {
Yii::log($e->getMessage(), CLogger::LEVEL_ERROR, 'deposit');
user()->setFlash(FlashConst::MESSAGE_ERROR, Yii::t('main', 'Произошла ошибка! Попробуйте повторить позже.'));
$this->refresh();
}
}
}
$deposit = new Deposit();
$deposit->init($this->gs->deposit_payment_system);
$isSms = FALSE;
if ($this->gs->deposit_payment_system == Deposit::PAYMENT_SYSTEM_WAYTOPAY && config('waytopay.sms.allow')) {
$isSms = TRUE;
}
if ($isSms) {
$smsList = $deposit->getSmsNumbers();
$smsCountries = array();
foreach (array_keys($smsList) as $countryCode) {
$smsCountries[$countryCode] = app()->getLocale()->getTerritory($countryCode);
}
}
$this->render('//cabinet/deposit/index', array('model' => $model, 'isSms' => $isSms, 'deposit' => $deposit, 'smsList' => isset($smsList) ? $smsList : array(), 'smsCountries' => isset($smsCountries) ? $smsCountries : array()));
}
protected function beforeSave()
{
if ($this->getIsNewRecord()) {
$this->ip = userIp();
$this->user_agent = request()->getUserAgent();
}
return parent::beforeSave();
}
/**
* Создание админа
*/
public function actionStep4()
{
$model = new Step4Form();
if (isset($_POST['Step4Form'])) {
$model->setAttributes($_POST['Step4Form']);
if ($model->validate()) {
$transaction = db()->beginTransaction();
try {
db()->createCommand()->insert('{{users}}', array('login' => $model->login, 'password' => Users::hashPassword($model->password), 'email' => $model->email, 'activated' => Users::STATUS_ACTIVATED, 'referer' => Users::generateRefererCode(), 'role' => Users::ROLE_ADMIN, 'registration_ip' => userIp(), 'ls_id' => 1, 'created_at' => date('Y-m-d H:i:s')));
db()->createCommand()->insert('{{user_profiles}}', array('user_id' => db()->getLastInsertID(), 'balance' => 100500));
$transaction->commit();
$this->redirect(array('step5'));
} catch (Exception $e) {
$transaction->rollback();
user()->setFlash(FlashConst::MESSAGE_ERROR, $e->getMessage());
}
}
}
$this->render('step4', array('model' => $model));
}
public function actionIndex()
{
if (!user()->isGuest) {
// Если авторизирован
$this->redirect(array('/cabinet/default/index'));
}
$model = new ForgottenPasswordForm();
if (isset($_POST['ForgottenPasswordForm'])) {
$model->attributes = $_POST['ForgottenPasswordForm'];
if ($model->validate()) {
$cache = new CFileCache();
$cache->init();
$cacheData = array('hash' => md5(randomString(rand(10, 30)) . userIp() . time()), 'login' => $model->login, 'ls_id' => $model->gs_list[$model->gs_id]['login_id'], 'email' => $model->email);
$cache->set($this->_cacheName . $cacheData['hash'], $cacheData, (int) config('forgotten_password.cache_time') * 60);
notify()->forgottenPasswordStep1($model->email, array('hash' => $cacheData['hash']));
user()->setFlash(FlashConst::MESSAGE_SUCCESS, Yii::t('main', 'На Email <b>:email</b> отправлены инструкции по восстановлению пароля.', array(':email' => $model->email)));
$this->refresh();
}
}
$this->render('//forgotten-password', array('model' => $model));
}
public function authenticate()
{
$userIp = userIp();
$this->_user = Users::model()->with('profile')->find('login = :login AND ls_id = :ls_id', array('login' => $this->username, 'ls_id' => $this->_ls_id));
if ($this->_user === NULL) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif (!$this->_user->isActivated()) {
$this->errorCode = self::ERROR_STATUS_INACTIVE;
} elseif ($this->_user->isBanned()) {
$this->errorCode = self::ERROR_STATUS_BANNED;
} elseif ($this->_user->profile->protected_ip && !in_array($userIp, $this->_user->profile->protected_ip)) {
$this->errorCode = self::ERROR_STATUS_IP_NO_ACCESS;
} else {
$this->_id = $this->_user->getPrimaryKey();
$this->_user->auth_hash = Users::generateAuthHash();
$this->setState('auth_hash', $this->_user->auth_hash);
$this->setState('gs_id', $this->_gs_id);
$this->setState('ls_id', $this->_user->getLsId());
UsersAuthLogs::model()->addSuccessAuth($this->_id);
$this->_user->save(FALSE, array('auth_hash', 'updated_at'));
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
/**
* @var SecurityController $this
* @var UserProfiles $model
*/
$title__ = Yii::t('main', 'Безопасность');
$this->pageTitle = $title__;
$this->breadcrumbs = array($title__);
?>
<?php
$form = $this->beginWidget('ActiveForm', array('id' => 'security-form', 'htmlOptions' => array('class' => 'form-horizontal')));
?>
<div class="hint"><?php
echo Yii::t('main', 'Ваш текущий IP адрес: :ip', array(':ip' => '<b>' . userIp() . '</b>'));
?>
</div>
<div class="alert alert-info">
<?php
echo Yii::t('main', 'Вы можете привязать Ваш аккаунт на сайте к определенному IP адресу или нескольким IP адресам.');
?>
<br>
<span class="required">*</span> <?php
echo Yii::t('main', 'Пустое поле отключает привязку к IP');
?>
</div>
<?php
echo $form->errorSummary($model);
/**
* @return string
*/
private function getCacheName()
{
return 'count.failed.attempts' . userIp();
}
/**
* Генерация кода для активации Мастер аккаунта
*
* @return string
*/
public static function generateActivatedHash()
{
return md5(uniqid() . time() . userIp());
}
