/**
* Executes the login using the username and password provided on login form.
*
* If it works fine, redirect the user to homepage,
* if not, show the error message.
*
* Keep the hash for redirect the user after the login.
*
* OPTIONAL request parameters:
* <pre>
* - string <b>username</b> Username for login.
* - string <b>password</b> Password for login.
* - string <b>hash</b> Hash URL for redirect after the login.
* - string <b>keepLogged</b> 1 if the user clicks on the checkbox.
* </pre>
*
* @return void
*/
public function loginAction()
{
$username = Cleaner::sanitize('xss', $this->getRequest()->getParam('username', null));
$password = Cleaner::sanitize('xss', $this->getRequest()->getParam('password', null));
$hash = Cleaner::sanitize('xss', $this->getRequest()->getParam('hash', null));
$keepLogged = (int) $this->getRequest()->getParam('keepLogged', 0);
$keepLogged = $keepLogged == 1 ? true : false;
$loginServer = $this->getRequest()->getParam('domain', null);
$this->view->compressedDojo = (bool) Phprojekt::getInstance()->getConfig()->compressedDojo;
try {
$success = Phprojekt_Auth::login($username, $password, array('keepLogged' => $keepLogged, 'loginServer' => $loginServer));
if ($success === true) {
$config = Phprojekt::getInstance()->getConfig();
$frontendMessage = new Phprojekt_Notification();
$frontendMessage->setControllProcess(Phprojekt_Notification::LAST_ACTION_LOGIN);
$frontendMessage->saveFrontendMessage();
Default_Helpers_Upload::cleanUnusedFiles();
$this->_redirect('../../index.php' . $hash);
die;
}
} catch (Phprojekt_Auth_Exception $error) {
$this->view->message = $error->getMessage();
$this->view->username = $username;
$this->view->hash = $hash;
$this->render('login');
}
}
/**
* Called when the user creates a new file in this directory.
*/
public function createFile($name, $data = NULL)
{
$hash = md5(mt_rand() . time());
$newPath = Phprojekt::getInstance()->getConfig()->uploadPath . '/' . $hash;
Default_Helpers_Upload::addFilesToUnusedFileList(array(array('md5' => $hash)));
if (false === file_put_contents($newPath, $data)) {
throw new Phprojekt_Exception_IOException('saving failed');
}
if (!empty($this->_filemanager->files)) {
$this->_filemanager->files .= '||';
}
$this->_filemanager->files .= $hash . '|' . $name;
$this->_filemanager->save();
Default_Helpers_Upload::removeFilesFromUnusedFileList(array(array('md5' => $hash)));
}
/**
* Delete all the files uploaded in the upload fields.
*
* @return void
*/
public function deleteUploadFiles()
{
// If there is any upload file -> delete the files from the server
$fields = $this->getInformation()->getInfo(Phprojekt_ModelInformation_Default::ORDERING_FORM, Phprojekt_DatabaseManager::COLUMN_NAME);
foreach ($fields as $field) {
$field = Phprojekt_ActiveRecord_Abstract::convertVarFromSql($field);
if ($this->getInformation()->getType($field) == 'upload') {
$filesField = $this->{$field};
$files = Default_Helpers_Upload::parseModelValues($filesField);
Default_Helpers_Upload::deleteFiles($files);
}
}
}
/**
* Renders the upload.phtml template for display an upload field.
*
* This function draws the upload field in the form.
* All the uploaded files are displayed with a cross for delete it and a link for download it.
*
* @param integer $itemId Current item id.
* @param string $field Name of the field in the module.
* @param string $value Value of the field.
*
* @return void
*/
private function _fileRenderView($itemId, $field, $files)
{
$this->getResponse()->clearHeaders();
$this->getResponse()->clearBody();
$sessionName = 'Phprojekt_CsrfToken';
$csrfNamespace = new Zend_Session_Namespace($sessionName);
$config = Phprojekt::getInstance()->getConfig();
$linkBegin = 'index.php/' . $this->getModuleName() . '/index/';
$fieldId = $this->getRequest()->getParam('fieldId', '');
// Add all the extra parameters that have the original URL
$linkData = '';
$removeParams = array('module', 'controller', 'field', 'id', 'csrfToken', 'action', 'MAX_FILE_SIZE', 'order');
foreach ($this->getRequest()->getParams() as $paramName => $paramValue) {
if (!in_array($paramName, $removeParams)) {
$linkData .= $paramName . '/' . $paramValue . '/';
}
}
$this->view->compressedDojo = (bool) $config->compressedDojo;
$this->view->formPath = $linkBegin . 'fileUpload/' . $linkData;
$this->view->downloadLink = '';
$this->view->fileName = null;
$this->view->itemId = $itemId;
$this->view->field = $field;
$this->view->fieldId = $fieldId;
$this->view->csrfToken = $csrfNamespace->token;
$this->view->maxUploadSize = isset($config->maxUploadSize) ? (int) $config->maxUploadSize : Phprojekt::DEFAULT_MAX_UPLOAD_SIZE;
$model = $this->getModelObject();
$model->find($itemId);
$filesForView = array();
$hasDownloadRight = $model->hasRight(Phprojekt_Auth_Proxy::getEffectiveUserId(), Phprojekt_Acl::DOWNLOAD);
$hasWriteRight = $model->hasRight(Phprojekt_Auth_Proxy::getEffectiveUserId(), Phprojekt_Acl::WRITE);
$this->view->disabled = !$hasWriteRight;
// Is there any file?
if (!empty($files)) {
$i = 0;
foreach ($files as $file) {
$fileName = $file['name'];
$fileHash = $file['md5'];
$fileData = 'id/' . $itemId . '/field/' . $field . '/hash/' . $fileHash . '/csrfToken/' . $csrfNamespace->token;
$filesForView[$i] = array('fileName' => $fileName, 'hash' => $fileHash);
if ($hasDownloadRight) {
$filesForView[$i]['downloadLink'] = $linkBegin . 'fileDownload/' . $linkData . $fileData;
}
$fileinfo = Default_Helpers_Upload::getInfosFromFile($file);
$filesForView[$i]['size'] = $fileinfo['size'];
$filesForView[$i]['ctime'] = $fileinfo['ctime'];
$i++;
}
}
if (isset($this->view->errorMessage) && !empty($this->view->errorMessage)) {
$filesForView[] = array();
}
$this->view->files = $filesForView;
$this->render('upload');
}