Beispiel #1
0
 public function action_lock()
 {
     $post = $this->request->post();
     if (isset($post['action']) && $post['action'] == 'unlock') {
         if (!empty($post['password'])) {
             if (Auth_ORM::instance()->check_password($post['password'])) {
                 jsonReturn(1001);
             } else {
                 jsonReturn(4444, '密码错误,请重试!');
             }
         } else {
             jsonReturn(4444, '参数错误');
         }
     } else {
         Session::instance()->set('lockScreen', TRUE);
         jsonReturn(1001);
     }
 }
Beispiel #2
0
 public function action_login()
 {
     $this->auto_render = FALSE;
     if ($this->request->is_ajax()) {
         $post = $this->request->post();
         $success = Auth_ORM::instance()->login($post['username'], $post['password']);
         if ($success) {
             $loginHistory = ORM::factory('User_LoginHistory');
             $loginHistory->uid = $success;
             $loginHistory->ip = clientIP();
             $loginHistory->userAgent = $_SERVER['HTTP_USER_AGENT'];
             $loginHistory->created = time();
             $loginHistory->updated = time();
             $loginHistory->save();
             jsonReturn(1001, '登陆成功', '/manage/dashboard/index');
         } else {
             jsonReturn(1800);
         }
     }
     $this->response->body(View::factory($this->theme . 'login', array('registerUrl' => '/register', 'findPasswordUrl' => '/findPassword')));
 }
Beispiel #3
0
 public function before()
 {
     if (Auth_ORM::instance()->logged_in()) {
         # USER INFO
         $this->user = Auth_ORM::instance()->get_user()->as_array();
         # SITE ID
         $siteId = Session::instance()->get('siteId');
         $this->siteId = empty($siteId) ? ORM::factory('Site')->getSiteId($this->user['id']) : $siteId;
         # IF HAVE NOT SITE
         $count = ORM::factory('site', array('uid' => $this->user['id']))->count_all();
         if (empty($count) && $this->request->action() != 'step1') {
             $this->redirect('/manage/create/step1');
         }
         # CATEGORY
         $category = Kohana::$config->load('category');
         foreach ($category as $k => $v) {
             if (isset($category[$k]['subCategory'])) {
                 foreach ($category[$k]['subCategory'] as $k2 => $c) {
                     $category[$k]['route'][] = $c['route'];
                     $category[$k]['subCategory'][$k2]['subRoute'][] = $c['route'];
                     if (isset($c['subCategory'])) {
                         foreach ($c['subCategory'] as $k3 => $d) {
                             $category[$k]['route'][] = $d['route'];
                             $category[$k]['subCategory'][$k2]['subRoute'][] = $d['route'];
                         }
                     }
                 }
             }
         }
         $this->category = $category;
         $this->route = $this->request->controller() . '::' . $this->request->action();
         $data = array('siteTitle' => '简站(Simple-Site)', 'keywords' => '免费建站、微信网站、免费微信网站', 'siteUrl' => 'http://www.simple-site.cn', 'copyright' => 'Copyright © 2015 Simple-Site. All Rights Reserved', 'user' => $this->user, 'route' => $this->route, 'controller' => $this->request->controller(), 'action' => $this->request->action(), 'category' => $this->category);
         foreach ($data as $key => $value) {
             View::bind_global($key, $data[$key]);
         }
     } else {
         $this->redirect('/login');
     }
 }
Beispiel #4
0
			}*/
            $content = $content->find();
            if ((bool) $content->loaded()) {
                return $content;
            }
Beispiel #5
0
 public function filters()
 {
     if ($this->validation_required()) {
         return array('password' => array(array(array(Auth_ORM::instance(), 'hash'))), 'username' => array(array('Security::xss_clean', array(':value'))), 'email' => array(array('Security::xss_clean', array(':value'))), 'bio' => array(array('Security::xss_clean', array(':value'))), 'website' => array(array('Security::xss_clean', array(':value'))), 'theme' => array(array('Security::xss_clean', array(':value'))));
     } else {
         return array('username' => array(array('Security::xss_clean', array(':value'))), 'bio' => array(array('Security::xss_clean', array(':value'))), 'website' => array(array('Security::xss_clean', array(':value'))));
     }
 }
Beispiel #6
0
 public static function logout()
 {
     return Auth_ORM::instance()->logout();
 }
 /**
  * Allow the user to login using Facebook
  */
 function action_fb_login()
 {
     // Facebook login must be enabled in config/useradmin.php
     if (!Kohana::config('useradmin')->facebook) {
         Message::add('error', 'Facebook login is not enabled. Please register below.');
         Request::instance()->redirect('user/register');
     }
     include Kohana::find_file('vendor', 'facebook/src/facebook');
     // Create our Facebook SDK instance.
     $facebook = new Facebook(array('appId' => Kohana::config('facebook')->app_id, 'secret' => Kohana::config('facebook')->secret, 'cookie' => true));
     $me = null;
     // Session based API call.
     if ($facebook->getSession()) {
         try {
             $uid = $facebook->getUser();
             // read user info as array from Graph API
             $me = $facebook->api('/me');
         } catch (FacebookApiException $e) {
             // do nothing
         }
     }
     // check if user is logged in
     $user = ORM::factory('user')->where('facebook_user_id', '=', $facebook->getUser())->find();
     if (is_numeric($user->id) && $user->id != '0') {
         // found, log user in
         Auth_ORM::instance()->force_login($user);
         // redirect to the user account
         Request::instance()->redirect('user/profile');
         return;
     }
     // associated user not found; register the user
     // retrieve user email from Facebook
     if ($me != NULL && Validate::email($me['email'], TRUE)) {
         // search for existing user using email
         $user = ORM::factory('user')->where('email', '=', $me['email'])->find();
         if (is_numeric($user->id) && $user->id != '0') {
             // Note: there is minor security issue here - we trust the email supplied by Facebook
             // They do perform a verification check for email addresses... and the data is signed.
             // Hence this is not really a problem; I bet most of the implementations do trust Facebook.
             // If you want, you can ask the user to enter their password to confirm, but it's
             // a bit clunky - and adds more special cases like what if they don't remember the password?
             // Then you have to allow them to reset the password using their email ....
             Message::add('success', __('We found an existing account using your email address.'));
             // found: "merge" with the existing user
             $user->facebook_user_id = $facebook->getUser();
             $user->save();
             // force login
             Auth_ORM::instance()->force_login($user);
             // redirect to the user account
             Request::instance()->redirect('user/profile');
             return;
         }
     }
     // not found: create a new user for real
     if ($me != NULL) {
         // Instantiate a new user
         $user = ORM::factory('user');
         // fill in values
         // generate long random password (maximum that passes validation is 42 characters)
         $password = $user->generate_password(42);
         $values = array('username' => $user->generate_username($me['first_name'] . '.' . $me['last_name']), 'facebook_user_id' => $facebook->getUser(), 'password' => $password, 'password_confirm' => $password);
         if (Validate::email($me['email'], TRUE)) {
             $values['email'] = $me['email'];
         }
         $user->values($values);
         // If the post data validates using the rules setup in the user model
         if ($user->check()) {
             // create the account
             $user->save();
             // Add the login role to the user (add a row to the db)
             $login_role = new Model_Role(array('name' => 'login'));
             $user->add('roles', $login_role);
             // sign the user in
             Auth::instance()->login($values['username'], $password);
             // redirect to the user account
             Request::instance()->redirect('user/profile');
         } else {
             // in case the data for some reason fails, the user will still see something sensible:
             // the normal registration form.
             // Load the view
             $view = View::factory('user/register');
             // Note how the first param is the path to the message file (e.g. /messages/register.php)
             $view->errors = $user->validate()->errors('register');
             // Pass on the old form values
             $values['password'] = $values['password_confirm'] = '';
             $view->set('defaults', $values);
             $this->template->content = $view;
         }
     } else {
         Message::add('error', 'Retrieving information from Facebook failed. Please register below.');
         Request::instance()->redirect('user/register');
     }
 }