public function indexAction() { $auth_error = false; //Если авторизован отпровляем в админку if (K_Access::acl()->isAllowed(K_Auth::getRoles(), 'admin')) { K_Request::redirect("/admin"); } if (isset($_POST['btnauth'])) { $login = K_Arr::get($_POST, 'login', false); if ($login and strlen($login) < 100) { $password = K_Arr::get($_POST, 'password', false); if ($password) { $password_hash = md5(md5($password . K_Registry::get('Configure.salt'))); $user_model = new Admin_Model_User(); $user_arr = $user_model->find(K_Db_Select::create()->fields('user_id, user_name, user_login , user_email')->where(array('and' => array('user_login' => $login, "user_password" => $password_hash)))->limit(1)); if (is_array($user_arr) && count($user_arr)) { $user = $user_arr[0]->toArray(); $user_role = new Admin_Model_UserRole(); // находим все роли пользователя $user_roles_arr = $user_role->fetchAssoc('role_acl_key', 'SELECT r.role_acl_key FROM (`users_roles`)inner join `role` as r on usrol_role_id=r.role_id WHERE usrol_user_id = "' . $user['user_id'] . '"'); foreach ($user_roles_arr as $v) { $user_roles[] = $v["role_acl_key"]; } //Загружаем роли в класc авторизации // var_dump ($user); //даже если у пользователя нет ролей даём ему роль guests if (!isset($user_roles)) { $user_roles = array('guests'); } K_Auth::authorize($user, $user_roles); K_Request::redirect("/admin"); } else { $auth_error = true; } } else { $auth_error = true; } } else { $auth_error = true; } } $this->view->error_msg = ''; if ($auth_error) { $this->view->error_msg = "Ошибка авторизации, неверный логин или пароль"; } }
public function saveAction() { if (!K_Request::isPost()) { $this->putAjax('ERROR'); } if (!K_Auth::isLogin()) { $this->putAjax('ERROR'); } $validate = array('user_password' => array('required' => true, 'userTruePass'), 'user_email' => array('required' => true, 'lengthTest', 'email', 'userExists')); $userSettings = new Admin_Model_UserSettings(); $oldPassword = K_Arr::get($_POST, 'oldpassword', ''); $data = array('user_password' => trim($_POST['user_password']), 'user_email' => trim($_POST['user_email']), 'password1' => trim($_POST['password1']), 'password2' => trim($_POST['password2'])); if (strlen($data['password1']) > 0 || strlen($data['password2']) > 0) { $validate['password1'] = array('required' => true, 'pwdTest'); } if ($userSettings->isValidRow($data, $validate)) { unset($data['user_password']); if (strlen($data['password1']) > 0) { $data['user_password'] = md5(md5($data['password1'] . K_Registry::get('Configure.salt'))); } unset($data['password1']); unset($data['password2']); /* if (! strlen($data['user_email']) > 0) { unset($data['user_email']); }*/ if (count($data)) { $data['user_id'] = K_Auth::getUserInfo('user_id'); $userSettings->save($data); K_Auth::mergeUserInfo($data); } $returnJson['error'] = false; $returnJson['msg'] = "<strong>OK:</strong>Настройки удачно сохранены"; } else { $returnJson['error'] = true; $returnJson['msg'] = $userSettings->getErrorsD($this->dictionary); } $this->putJSON($returnJson); }