public function authenticate()
{
if ($this->type && $this->identity_id) {
$user = Login::model()->with('user')->find('type = :type AND identity_id = :identity_id', array(':type' => $this->type, ':identity_id' => $this->identity_id));
if ($user === NULL || $user->user === NULL) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($user->user->status == User::STATUS_BLOCK) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
$time = time();
$this->_id = $user->user->id;
$this->access_level = $user->user->access_level;
$this->nick_name = $user->user->nick_name;
$this->loginTime = $time;
// для админа в сессию запишем еще несколько значений
if ($user->user->access_level == User::ACCESS_LEVEL_ADMIN) {
Yii::app()->user->setState('loginAdmTime', $time);
Yii::app()->user->setState('isAdmin', $user->user->access_level);
}
// зафиксируем время входа
$user->user->last_visit = new CDbExpression('NOW()');
$user->user->update(array('last_visit'));
$this->errorCode = self::ERROR_NONE;
}
}
}
return $this->errorCode == self::ERROR_NONE;
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
/*$users=array(
// username => password
'demo'=>'demo',
'admin'=>'admin',
);*/
$users = array();
if ($this->usertype == "registration") {
//echo "<pre>";print_r($_REQUEST);die;
if ($_POST['LoginForm']['logintype'] == 'company') {
$users = Login::model()->findByAttributes(array('email' => $this->username));
// Yii::app()->session['loggedId'] =$users->id;
$users = $users->attributes;
}
//echo "<pre>";print_r($users['password']);die;
}
// code for company
if (empty($users)) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} elseif (!empty($users['password']) && $users['password'] !== md5($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} elseif (!empty($users['status']) && $users['status'] !== 1) {
$this->errorCode = self::STATUS_NOT_ACTIVE;
} else {
$this->_id = $users->id;
$this->errorCode = self::ERROR_NONE;
}
return !$this->errorCode;
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer the ID of the model to be loaded
*/
public function loadModel($id)
{
$model = Login::model()->findByPk((int) $id);
if ($model === null) {
throw new CHttpException(404, Yii::t('social', 'Запрошенная страница не найдена!'));
}
return $model;
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param integer the ID of the model to be loaded
*/
public function loadModel($id)
{
$model = Login::model()->findByPk((int) $id);
if ($model === null) {
throw new CHttpException(404, 'The requested page does not exist.');
}
return $model;
}
/**
* Deletes a particular model.
* If deletion is successful, the browser will be redirected to the 'admin' page.
* @param integer $id the ID of the model to be deleted
*/
public function actionDelete($id)
{
$this->loadModel($id)->delete();
$model = Login::model()->find("id=?", array($id));
$model->delete();
// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
if (!isset($_GET['ajax'])) {
$this->redirect(isset($_POST['returnUrl']) ? $_POST['returnUrl'] : array('admin'));
}
}
public function actionSetNewPassword($id_Patrocinador, $passwd, $newpasswd)
{
$password_array = 'error';
if (!empty($id_Patrocinador) && !empty($passwd) && !empty($newpasswd)) {
//$model=$this->loadModel($idPatrocinador);
$avatar = Login::model()->findByAttributes(array('password' => $passwd));
if (!empty($avatar)) {
$avatar->attributes = array('password' => $newpasswd);
$avatar->save();
$password_array = 'success';
}
}
echo json_encode($password_array);
}
public function deleteLogin($id)
{
$model=Login::model()->findByPk($id);
if($model===null)
throw new CHttpException(404,'The requested page does not exist.');
$model->status = 0;
return $model->save();
}
public function actionTest()
{
$id = 50;
$model = Login::model()->find("id=?", array($id));
$model->delete();
var_dump($model);
}
<a href='http:\\{--homep--}'><p class='logo'>P.R.O.T.O.1</p></a>
<p class='login'>Log in</p>
</div>
<div id='nav'>
<div id='navlinks'>
<ul>
<li>Home page
<li>Admin page
<li>News
<li>About us
</ul>
</div>
<div id='login'>
<? $st=new Login();
$st->model();
?>
</div>
</div>
<div id='content'>
<div id='tools'>
</div>
<div id='all'>
<?php
if (!empty($routes[1])) {
new autol($routes[1]);
}
?>
</div>
</div>
/**
* Displays the login page
*/
public function actionLogin()
{
$this->pageTitle = 'Login | ' . Yii::app()->name;
$this->layout = '//layouts/accession';
$LoginForm = new LoginForm();
// if it is ajax validation request
if (isset($_POST['ajax']) && $_POST['ajax'] === 'login-form') {
echo CActiveForm::validate($LoginForm);
Yii::app()->end();
}
// collect user input data
if (isset($_POST['LoginForm'])) {
if (Login::model()->IPBanned()) {
// this IP is banned
$LoginForm->addError('email', Yii::app()->params['ipBanMessage']);
} else {
$LoginForm->attributes = $_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if ($LoginForm->validate() && $LoginForm->login()) {
$User = User::model()->getUser();
if (!is_null($User)) {
// Admin user
$User->reset_hash = null;
$User->save();
$login = new Login();
$login->success = 1;
$login->user_id = $User->id;
$login->date = date('Y-m-d H:i:s');
$login->ip = $_SERVER['REMOTE_ADDR'];
$login->save();
$this->redirect(array('site/dashboard'));
} else {
// Accession user
// Go straight to their details page
$this->redirect(array('accession/updateDetails'));
}
} else {
// Failed login
$login = new Login();
$login->success = 0;
$login->date = date('Y-m-d H:i:s');
$login->ip = $_SERVER['REMOTE_ADDR'];
// See if we can find the user
$User = User::model()->findByAttributes(array('email' => $_POST['LoginForm']['email']));
if ($User) {
$login->user_id = $User->id;
}
$login->save();
// Check how many failed logins we have in last hour
// If 5, we ban the IP
if (!in_array($_SERVER['REMOTE_ADDR'], Yii::app()->params['ipWhiteList'])) {
$criteria = new CDbCriteria();
$criteria->condition = "date > :date AND success = 0 AND ip = :ip";
$criteria->params = array(':ip' => $_SERVER['REMOTE_ADDR'], ':date' => date('Y-m-d H:i:s', strtotime('1 hour ago')));
$logins = Login::model()->findAll($criteria);
if (sizeof($logins) >= 5 && !in_array($_SERVER['REMOTE_ADDR'], Yii::app()->params['ipWhiteList'])) {
// Ban the ip
$ipBan = new IpBan();
$ipBan->ip = $_SERVER['REMOTE_ADDR'];
$ipBan->save();
$LoginForm->clearErrors();
$LoginForm->addError('email', 'Your IP has been banned for repeated failed login attempts. Please contact the site administrator.');
} elseif (sizeof($logins) == 4) {
// Show warning
$LoginForm->addError('password', 'You only have 1 login attempt remaining in this hour period. Another failed attempt within an hour and your IP will be banned.');
}
}
}
}
}
// display the login form
$this->render('login', array('LoginForm' => $LoginForm));
}
static function getLoginIdByUserName($user)
{
return Login::model()->find("[User]='" . $user->user . "'");
}