/**
* @depends testDestroy
*/
public function testOverride()
{
// Initialize session
$result = $this->_handler->write($this->_id, $this->_data);
$this->assertEquals(true, $result);
$sess = $this->_findSession($this->_id);
// No update
$this->_handler->read($this->_id);
$this->_handler->write($this->_id, $this->_data);
$sess1 = $this->_findSession($this->_id);
$this->assertEquals($sess, $sess1);
// Wait
sleep(1);
// Update
$this->_handler->read($this->_id);
$this->_handler->write($this->_id, $this->_data . '3839');
$sess2 = $this->_findSession($this->_id);
$this->assertNotEquals($sess, $sess2);
$this->assertNotEquals($sess['metadata']['created'], $sess2['metadata']['created']);
$this->assertEquals($sess['metadata']['expire'], $sess2['metadata']['expire']);
// Wait
sleep(Zend_Session::getOptions('gc_maxlifetime') + 1);
// New one due to max lifetime
$this->_handler->read($this->_id);
$this->_handler->write($this->_id, $this->_data);
$sess3 = $this->_findSession($this->_id);
$this->assertNotEquals($sess, $sess3);
$this->assertNotEquals($sess['metadata']['created'], $sess3['metadata']['created']);
$this->assertNotEquals($sess['metadata']['expire'], $sess3['metadata']['expire']);
}
public function perioddialogAction()
{
$yearList = new Model_Year_List();
$this->view->assign("yearList", $yearList->getListView());
$this->view->assign("yearCurrent", Zend_Session::getOptions("yearId"));
$this->view->assign("filter", new Model_Abstract_Filter());
}
/**
*
*/
public function __construct($config = array())
{
if ($config instanceof Zend_Config) {
$config = $config->toArray();
} else {
if (!is_array($config)) {
/**
* @see Zend_Session_SaveHandler_Exception
*/
require_once 'Zend/Session/SaveHandler/Exception.php';
throw new Zend_Session_SaveHandler_Exception('$config must be an instance of Zend_Config or array of key/value pairs containing ' . 'configuration options for App_Session_SaveHandler_Cache.');
}
}
if (!isset($config['cache'])) {
throw new Zend_Session_SaveHandler_Exception('$config have to indicate the cachename.');
}
if (is_string($config['cache'])) {
$cacheMgr = isset($config['cacheManager']) ? $config['cacheManager'] : App::get('cacheManager');
$this->_cache = $cacheMgr->getCache($config['cache']);
} else {
$this->_cache = $config['cache'];
}
if (isset($config['prefix'])) {
$this->_prefix = (string) $config['prefix'];
}
$this->_maxLifeTime = Zend_Session::getOptions('gc_maxlifetime');
}
/**
* Returns the data to show in the index action
*
* Allows to easily add or modifiy the information at project level
*
* @return array
*/
protected function _getData()
{
$versions = $this->loader->getVersions();
$data[$this->_('Project name')] = $this->project->getName();
$data[$this->_('Project version')] = $versions->getProjectVersion();
$data[$this->_('Gems version')] = $versions->getGemsVersion();
$data[$this->_('Gems build')] = $versions->getBuild();
$data[$this->_('Gems project')] = GEMS_PROJECT_NAME;
$data[$this->_('Gems web directory')] = $this->getDirInfo(GEMS_WEB_DIR);
$data[$this->_('Gems root directory')] = $this->getDirInfo(GEMS_ROOT_DIR);
$data[$this->_('Gems code directory')] = $this->getDirInfo(GEMS_LIBRARY_DIR);
$data[$this->_('Gems variable directory')] = $this->getDirInfo(GEMS_ROOT_DIR . '/var');
$data[$this->_('MUtil version')] = \MUtil_Version::get();
$data[$this->_('Zend version')] = \Zend_Version::VERSION;
$data[$this->_('Application environment')] = APPLICATION_ENV;
$data[$this->_('Application baseuri')] = $this->loader->getUtil()->getCurrentURI();
$data[$this->_('Application directory')] = $this->getDirInfo(APPLICATION_PATH);
$data[$this->_('Application encoding')] = APPLICATION_ENCODING;
$data[$this->_('PHP version')] = phpversion();
$data[$this->_('Server Hostname')] = php_uname('n');
$data[$this->_('Server OS')] = php_uname('s');
$data[$this->_('Time on server')] = date('r');
$driveVars = array($this->_('Session directory') => \Zend_Session::getOptions('save_path'), $this->_('Temporary files directory') => realpath(getenv('TMP')));
if ($system = getenv('SystemDrive')) {
$driveVars[$this->_('System Drive')] = realpath($system);
}
foreach ($driveVars as $name => $drive) {
$data[$name] = $this->getDirInfo($drive);
}
return $data;
}
/**
*
*/
public function __construct($config = array())
{
if ($config instanceof Zend_Config) {
$config = $config->toArray();
} else {
if (!is_array($config)) {
/**
* @see Zend_Session_SaveHandler_Exception
*/
require_once 'Zend/Session/SaveHandler/Exception.php';
throw new Zend_Session_SaveHandler_Exception('$config must be an instance of Zend_Config or array of key/value pairs containing ' . 'configuration options for App_Session_SaveHandler_Cache.');
}
}
if (!isset($config['collection'])) {
throw new Zend_Session_SaveHandler_Exception('$config have to indicate the collection.');
}
try {
if (is_string($config['collection'])) {
$this->_connection = \App::get('mongo');
$this->_collection = $this->_connection->{$config['collection']};
} else {
$this->_collection = $config['collection'];
}
} catch (\Exception $e) {
if ($this->_connection) {
$this->_connection->close();
}
throw $e;
}
$this->_maxLifeTime = Zend_Session::getOptions('gc_maxlifetime');
}
public function testSetOptions()
{
Zend_Session::setOptions(array('use_only_cookies' => false, 'remember_me_seconds' => 3600));
$this->resource->setOptions(array('use_only_cookies' => true, 'remember_me_seconds' => 7200));
$this->resource->init();
$this->assertEquals(1, Zend_Session::getOptions('use_only_cookies'));
$this->assertEquals(7200, Zend_Session::getOptions('remember_me_seconds'));
}
public function __construct($namespace = self::NAMESPACE_DEFAULT, $member = self::MEMBER_DEFAULT)
{
$this->_namespace = $namespace;
$this->_member = $member;
$sessName = Zend_Session::getOptions('name');
if (isset($_COOKIE[$sessName])) {
$this->_session = new Zend_Session_Namespace($namespace);
}
}
/**
* @static
* @return void
*/
public static function initSession()
{
Zend_Session::setOptions(array("throw_startup_exceptions" => false, "gc_maxlifetime" => 7200, "name" => "pimcore_admin_sid", "strict" => false, "use_only_cookies" => false));
try {
try {
if (!Zend_Session::isStarted()) {
$sName = Zend_Session::getOptions("name");
// only set the session id if the cookie isn't present, otherwise Set-Cookie is always in the headers
if (array_key_exists($sName, $_REQUEST) && !empty($_REQUEST[$sName]) && (!array_key_exists($sName, $_COOKIE) || empty($_COOKIE[$sName]))) {
// get zend_session work with session-id via get (since SwfUpload doesn't support cookies)
Zend_Session::setId($_REQUEST[$sName]);
}
// register session
Zend_Session::start();
}
} catch (Exception $e) {
Logger::error("Problem while starting session");
Logger::error($e);
}
} catch (Exception $e) {
Logger::emergency("there is a problem with admin session");
die;
}
}
public function loginAction()
{
// Already logged in
if (Engine_Api::_()->user()->getViewer()->getIdentity()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('You are already signed in.');
if (null === $this->_helper->contextSwitch->getCurrentContext()) {
$this->_helper->redirector->gotoRoute(array(), 'default', true);
}
return;
}
// Make form
$this->view->form = $form = new User_Form_Login();
$form->setAction($this->view->url(array('return_url' => null)));
$form->populate(array('return_url' => $this->_getParam('return_url')));
// Facebook login
// if( User_Model_DbTable_Facebook::authenticate($form) ) {
// // Facebook login succeeded, redirect to home
// return $this->_helper->redirector->gotoRoute(array(), 'default', true);
// }
// Render
$this->_helper->content->setEnabled();
// Not a post
if (!$this->getRequest()->isPost()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken');
return;
}
// Form not valid
if (!$form->isValid($this->getRequest()->getPost())) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data');
return;
}
// Check login creds
extract($form->getValues());
// $email, $password, $remember
$user_table = Engine_Api::_()->getDbtable('users', 'user');
$user_select = $user_table->select()->where('email = ?', $email);
// If post exists
$user = $user_table->fetchRow($user_select);
// Get ip address
$db = Engine_Db_Table::getDefaultAdapter();
$ipObj = new Engine_IP();
$ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary())));
// Check if user exists
if (empty($user)) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.');
$form->addError(Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'));
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'no-member'));
return;
}
// Check if user is verified and enabled
if (!$user->enabled) {
if (!$user->verified) {
$this->view->status = false;
$resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true);
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('This account still requires either email verification.');
$error .= ' ';
$error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url);
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled'));
return;
} else {
if (!$user->approved) {
$this->view->status = false;
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('This account still requires admin approval.');
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled'));
return;
}
}
// Should be handled by hooks or payment
//return;
}
// Handle subscriptions
if (Engine_Api::_()->hasModuleBootstrap('payment')) {
// Check for the user's plan
$subscriptionsTable = Engine_Api::_()->getDbtable('subscriptions', 'payment');
if (!$subscriptionsTable->check($user)) {
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'unpaid'));
// Redirect to subscription page
$subscriptionSession = new Zend_Session_Namespace('Payment_Subscription');
$subscriptionSession->unsetAll();
$subscriptionSession->user_id = $user->getIdentity();
return $this->_helper->redirector->gotoRoute(array('module' => 'payment', 'controller' => 'subscription', 'action' => 'index'), 'default', true);
}
}
// Run pre login hook
$event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginBefore', $user);
foreach ((array) $event->getResponses() as $response) {
if (is_array($response)) {
if (!empty($response['error']) && !empty($response['message'])) {
$form->addError($response['message']);
} else {
if (!empty($response['redirect'])) {
$this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false));
} else {
continue;
}
}
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'third-party'));
// Return
return;
}
}
// Version 3 Import compatibility
if (empty($user->password)) {
$compat = Engine_Api::_()->getApi('settings', 'core')->getSetting('core.compatibility.password');
$migration = null;
try {
$migration = Engine_Db_Table::getDefaultAdapter()->select()->from('engine4_user_migration')->where('user_id = ?', $user->getIdentity())->limit(1)->query()->fetch();
} catch (Exception $e) {
$migration = null;
$compat = null;
}
if (!$migration) {
$compat = null;
}
if ($compat == 'import-version-3') {
// Version 3 authentication
$cryptedPassword = self::_version3PasswordCrypt($migration['user_password_method'], $migration['user_code'], $password);
if ($cryptedPassword === $migration['user_password']) {
// Regenerate the user password using the given password
$user->salt = (string) rand(1000000, 9999999);
$user->password = $password;
$user->save();
Engine_Api::_()->user()->getAuth()->getStorage()->write($user->getIdentity());
// @todo should we delete the old migration row?
} else {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
return;
}
// End Version 3 authentication
} else {
$form->addError('There appears to be a problem logging in. Please reset your password with the Forgot Password link.');
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'v3-migration'));
return;
}
} else {
$authResult = Engine_Api::_()->user()->authenticate($email, $password);
$authCode = $authResult->getCode();
Engine_Api::_()->user()->setViewer();
if ($authCode != Zend_Auth_Result::SUCCESS) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'bad-password'));
return;
}
}
// -- Success! --
// Register login
$loginTable = Engine_Api::_()->getDbtable('logins', 'user');
$loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true));
$_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId();
// Remember
if ($remember) {
$lifetime = 1209600;
// Two weeks
Zend_Session::getSaveHandler()->setLifetime($lifetime, true);
Zend_Session::rememberMe($lifetime);
}
// Increment sign-in count
Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins');
// Test activity @todo remove
$viewer = Engine_Api::_()->user()->getViewer();
if ($viewer->getIdentity()) {
$viewer->lastlogin_date = date("Y-m-d H:i:s");
if ('cli' !== PHP_SAPI) {
$viewer->lastlogin_ip = $ipExpr;
}
$viewer->save();
Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login');
}
// Assign sid to view for json context
$this->view->status = true;
$this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful');
$this->view->sid = Zend_Session::getId();
$this->view->sname = Zend_Session::getOptions('name');
// Run post login hook
$event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer);
// Do redirection only if normal context
if (null === $this->_helper->contextSwitch->getCurrentContext()) {
// Redirect by form
$uri = $form->getValue('return_url');
if ($uri) {
if (substr($uri, 0, 3) == '64-') {
$uri = base64_decode(substr($uri, 3));
}
return $this->_redirect($uri, array('prependBase' => false));
}
// Redirect by session
$session = new Zend_Session_Namespace('Redirect');
if (isset($session->uri)) {
$uri = $session->uri;
$opts = $session->options;
$session->unsetAll();
return $this->_redirect($uri, $opts);
} else {
if (isset($session->route)) {
$session->unsetAll();
return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
}
}
// Redirect by hook
foreach ((array) $event->getResponses() as $response) {
if (is_array($response)) {
if (!empty($response['error']) && !empty($response['message'])) {
return $form->addError($response['message']);
} else {
if (!empty($response['redirect'])) {
return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false));
}
}
}
}
// Just redirect to home
return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true);
}
}
public function indexAction()
{
// Already logged in
$viewer = Khcn_Api::_()->getViewer();
if ($viewer && $viewer->getIdentity()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Bạn đã đăng nhập.');
$this->_helper->redirector->gotoRoute(array(), 'default', true);
return;
}
// Make form
$this->view->form = $form = new Default_Form_Login();
$form->setAction($this->view->url(array('return_url' => null)));
$form->populate(array('return_url' => $this->_getParam('return_url')));
// Not a post
if (!$this->getRequest()->isPost()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken');
return;
}
// Form not valid
if (!$form->isValid($this->getRequest()->getPost())) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data');
return;
}
// Check login creds
extract($form->getValues());
// $Username, $Password, $Remember
$userTable = Khcn_Api::_()->getItemTable('default_nguoi_dung');
$userSelect = $userTable->select()->where('ten_dang_nhap = ?', $Username);
// If post exists
$user = $userTable->fetchRow($userSelect);
// Get ip address
$db = Khcn_Db_Table::getDefaultAdapter();
// Check if user exists
if (empty($user)) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.'));
return;
}
// Check if user is verified and enabled
if (!$user->enabled) {
if (!$user->verified) {
$this->view->status = false;
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('Vui lòng kích hoạt tài khoản thông qua email.');
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
return;
} else {
if (!$user->approved) {
$this->view->status = false;
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('Tài khoản của bạn cần được kích hoạt bởi admin.');
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
return;
}
}
// Should be handled by hooks or payment
//return;
}
// Version 3 Import compatibility
if (empty($user->mat_khau)) {
$form->addError('Mật khẩu không hợp lệ. Vui lòng reset lại mật khẩu.');
return;
} else {
$authResult = Khcn_Api::_()->authenticate($Username, $Password);
$authCode = $authResult->getCode();
Khcn_Api::_()->setViewer();
if ($authCode != Zend_Auth_Result::SUCCESS) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.'));
return;
}
}
// -- Success! --
// Remember
if (!empty($Remember)) {
$lifetime = 1209600;
// Two weeks
Zend_Session::getSaveHandler()->setLifetime($lifetime, true);
Zend_Session::rememberMe($lifetime);
}
// Test activity @todo remove
$viewer = Khcn_Api::_()->getViewer();
if ($viewer && $viewer->getIdentity()) {
$viewer->lan_dang_nhap_cuoi = date("Y-m-d H:i:s");
$viewer->save();
}
// Assign sid to view for json context
$this->view->status = true;
$this->view->message = Zend_Registry::get('Zend_Translate')->_('Đăng nhập thành công');
$this->view->sid = Zend_Session::getId();
$this->view->sname = Zend_Session::getOptions('name');
// Do redirection only if normal context
// Redirect by form
$uri = $form->getValue('return_url');
if ($uri) {
if (substr($uri, 0, 3) == '64-') {
$uri = base64_decode(substr($uri, 3));
}
return $this->_redirect($uri, array('prependBase' => false));
}
// Redirect by session
$session = new Zend_Session_Namespace('Redirect');
if (isset($session->uri)) {
$uri = $session->uri;
$opts = $session->options;
$session->unsetAll();
return $this->_redirect($uri, $opts);
} else {
if (isset($session->route)) {
$session->unsetAll();
return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
}
}
// Just redirect to home
return $this->_helper->redirector->gotoRoute(array(), null, true);
}
public function loginAction()
{
// Render
$this->_helper->content->setContentName('user_auth_login')->setEnabled();
$this->view->form = $form = new User_Form_Login();
$form->setAction(Zend_Controller_Front::getInstance()->getRouter()->assemble(array(), 'user_login', true));
$user_id = 0;
$email = "";
$skey = self::TEMPORAY_SESSION_LOGIN_ID;
if (isset($_SESSION[$skey])) {
$user_id = $_SESSION[$skey];
unset($_SESSION[$skey]);
}
// $email, $password, $remember
$user_table = Engine_Api::_()->getDbtable('users', 'user');
// If post exists
$user = $user_table->find($user_id)->current();
// Get ip address
$db = Engine_Db_Table::getDefaultAdapter();
$ipObj = new Engine_IP();
$ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary())));
// Check if user exists
if (empty($user)) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.');
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'no-member'));
return;
}
// Check if user is verified and enabled
if (!$user->enabled) {
if (!$user->verified) {
$this->view->status = false;
$resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true);
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('This account still requires either email verification.');
$error .= ' ';
$error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url);
$this->view->error = $error;
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled'));
return;
} else {
if (!$user->approved) {
$this->view->status = false;
$translate = Zend_Registry::get('Zend_Translate');
$this->view->error = $error = $translate->translate('This account still requires admin approval.');
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled'));
return;
}
}
// Should be handled by hooks or payment
}
// Handle subscriptions
if (Engine_Api::_()->hasModuleBootstrap('payment')) {
// Check for the user's plan
$subscriptionsTable = Engine_Api::_()->getDbtable('subscriptions', 'payment');
if (!$subscriptionsTable->check($user)) {
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'unpaid'));
// Redirect to subscription page
$subscriptionSession = new Zend_Session_Namespace('Payment_Subscription');
$subscriptionSession->unsetAll();
$subscriptionSession->user_id = $user->getIdentity();
return $this->_helper->redirector->gotoRoute(array('module' => 'payment', 'controller' => 'subscription', 'action' => 'index'), 'default', true);
}
}
// Register login
$auth = Zend_Auth::getInstance();
$auth->getStorage()->write($user->getIdentity());
// Run pre login hook
$event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginBefore', $user);
foreach ((array) $event->getResponses() as $response) {
if (is_array($response)) {
if (!empty($response['error']) && !empty($response['message'])) {
$form->addError($response['message']);
} else {
if (!empty($response['redirect'])) {
$this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false));
} else {
continue;
}
}
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'third-party'));
// Return
return;
}
}
// Register login
$loginTable = Engine_Api::_()->getDbtable('logins', 'user');
$loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true));
$_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId();
// Increment sign-in count
Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins');
// Test activity @todo remove
$viewer = Engine_Api::_()->user()->getViewer();
if ($viewer->getIdentity()) {
$viewer->lastlogin_date = date("Y-m-d H:i:s");
if ('cli' !== PHP_SAPI) {
$viewer->lastlogin_ip = $ipExpr;
}
$viewer->save();
Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login');
}
// Assign sid to view for json context
$this->view->status = true;
$this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful');
$this->view->sid = Zend_Session::getId();
$this->view->sname = Zend_Session::getOptions('name');
// Run post login hook
$event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer);
// Do redirection only if normal context
if (null === $this->_helper->contextSwitch->getCurrentContext()) {
// Redirect by session
$session = new Zend_Session_Namespace('Redirect');
if (isset($session->uri)) {
$uri = $session->uri;
$opts = $session->options;
$session->unsetAll();
return $this->_redirect($uri, $opts);
} else {
if (isset($session->route)) {
$session->unsetAll();
return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
}
}
// Redirect by hook
foreach ((array) $event->getResponses() as $response) {
if (is_array($response)) {
if (!empty($response['error']) && !empty($response['message'])) {
return $form->addError($response['message']);
} else {
if (!empty($response['redirect'])) {
return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false));
}
}
}
}
// Just redirect to home
return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true);
}
}
protected function _initSession()
{
// Get session configuration
$file = APPLICATION_PATH . '/application/settings/session.php';
$config = array();
if (file_exists($file)) {
$config = (include $file);
}
// Get default session configuration
if (empty($config)) {
$config = array('options' => array('save_path' => 'session', 'use_only_cookies' => true, 'remember_me_seconds' => 864000, 'gc_maxlifetime' => 86400, 'cookie_httponly' => false), 'saveHandler' => array('class' => 'Core_Model_DbTable_Session', 'params' => array('lifetime' => 86400)));
}
// Remove httponly unless forced in config
if (!isset($config['options']['cookie_httponly'])) {
$config['options']['cookie_httponly'] = false;
}
// Set session options
Zend_Session::setOptions($config['options']);
$saveHandler = $config['saveHandler']['class'];
Zend_Session::setSaveHandler(new $saveHandler($config['saveHandler']['params']));
// Session hack for fancy upload
//if( !isset($_COOKIE[session_name()]) )
//{
$sessionName = Zend_Session::getOptions('name');
if (isset($_POST[$sessionName])) {
Zend_Session::setId($_POST[$sessionName]);
} else {
if (isset($_POST['PHPSESSID'])) {
Zend_Session::setId($_POST['PHPSESSID']);
}
}
//}
//Zend_Session::start();
}
/**
* Write session data
*
* @param string $id
* @param string $data
* @return boolean
*/
public function write($id, $data)
{
return $this->getCache()->save($data, $this->normalizeId($id), array(), \Zend_Session::getOptions('gc_maxlifetime'));
}
public function loginAction()
{
// Already logged in
if (Engine_Api::_()->user()->getViewer()->getIdentity()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('You are already signed in.');
if (null === $this->_helper->contextSwitch->getCurrentContext()) {
$this->_helper->redirector->gotoRoute(array(), 'home');
}
return;
}
// Make form
$this->view->form = $form = new User_Form_Login();
$form->populate(array('return_url' => $this->_getParam('return_url')));
// Facebook login
if (User_Model_DbTable_Facebook::authenticate($form)) {
// Facebook login succeeded, redirect to home
$this->_helper->redirector->gotoRoute(array(), 'home');
}
// Not a post
if (!$this->getRequest()->isPost()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken');
return;
}
// Form not valid
if (!$form->isValid($this->getRequest()->getPost())) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data');
return;
}
// Check login creds
extract($form->getValues());
// $email, $password, $remember
$user_table = Engine_Api::_()->getDbtable('users', 'user');
$user_select = $user_table->select()->where('email = ?', $email);
// If post exists
$user = $user_table->fetchRow($user_select);
// Check if user exists
if (empty($user)) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.');
$form->addError(Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'));
return;
}
// Check if user is verified and enabled
if (!$user->verified || !$user->enabled) {
$this->view->status = false;
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('This account still requires either email verification or admin approval.');
if (!empty($user) && !$user->verified) {
$resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true);
$error .= ' ';
$error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url);
}
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
return;
}
// Version 3 Import compatibility
if (empty($user->password)) {
$compat = Engine_Api::_()->getApi('settings', 'core')->getSetting('core.compatibility.password');
$migration = null;
try {
$migration = Engine_Db_Table::getDefaultAdapter()->select()->from('engine4_user_migration')->where('user_id = ?', $user->getIdentity())->limit(1)->query()->fetch();
} catch (Exception $e) {
$migration = null;
$compat = null;
}
if (!$migration) {
$compat = null;
}
if ($compat == 'import-version-3') {
// Version 3 authentication
$cryptedPassword = self::_version3PasswordCrypt($migration['user_password_method'], $migration['user_code'], $password);
if ($cryptedPassword === $migration['user_password']) {
// Regenerate the user password using the given password
$user->salt = (string) rand(1000000, 9999999);
$user->password = $password;
$user->save();
Engine_Api::_()->user()->getAuth()->getStorage()->write($user->getIdentity());
// @todo should we delete the old migration row?
} else {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
return;
}
// End Version 3 authentication
} else {
$form->addError('There appears to be a problem logging in. Please reset your password with the Forgot Password link.');
return;
}
} else {
$authResult = Engine_Api::_()->user()->authenticate($email, $password);
$authCode = $authResult->getCode();
Engine_Api::_()->user()->setViewer();
if ($authCode != Zend_Auth_Result::SUCCESS) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
return;
}
}
// -- Success! --
// Remember
if ($remember) {
$lifetime = 1209600;
// Two weeks
Zend_Session::getSaveHandler()->setLifetime($lifetime, true);
Zend_Session::rememberMe($lifetime);
}
// Increment sign-in count
Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins');
// Test activity @todo remove
$viewer = Engine_Api::_()->user()->getViewer();
if ($viewer->getIdentity()) {
$viewer->lastlogin_date = date("Y-m-d H:i:s");
$viewer->lastlogin_ip = $_SERVER['REMOTE_ADDR'];
$viewer->save();
Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login');
}
// Assign sid to view for json context
$this->view->status = true;
$this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful');
$this->view->sid = Zend_Session::getId();
$this->view->sname = Zend_Session::getOptions('name');
// Do redirection only if normal context
if (null === $this->_helper->contextSwitch->getCurrentContext()) {
// Redirect by form
$uri = $form->getValue('return_url');
if ($uri) {
return $this->_redirect($uri, array('prependBase' => false));
}
// Redirect by session
$session = new Zend_Session_Namespace('Redirect');
if (isset($session->uri)) {
$uri = $session->uri;
$opts = $session->options;
$session->unsetAll();
return $this->_redirect($uri, $opts);
} else {
if (isset($session->route)) {
$session->unsetAll();
return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
} else {
return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general');
}
}
}
}
public function activateAction()
{
$this->_helper->layout->setLayout('default-simple');
$user = Engine_Api::_()->core()->getSubject();
if (!$user->deactive) {
return $this->_forward('success', 'utility', 'core', array('messages' => array(Zend_Registry::get('Zend_Translate')->_('Your request is invalid.')), 'redirect' => $this->getFrontController()->getRouter()->assemble(array('action' => 'home'), 'user_general', true)));
}
// Form
$this->view->form = $form = new User_Form_Settings_Active();
if (!$this->getRequest()->isPost()) {
return;
}
if (!$form->isValid($this->getRequest()->getPost())) {
return;
}
// Process
$db = Engine_Api::_()->getDbtable('users', 'user')->getAdapter();
$db->beginTransaction();
try {
$user->user_id = $user->deactive;
$user->deactive = 0;
$user->save();
$db->commit();
} catch (Exception $e) {
$db->rollBack();
throw $e;
}
Zend_Auth::getInstance()->getStorage()->write($user->user_id);
Engine_Api::_()->user()->setViewer();
// Register login
$loginTable = Engine_Api::_()->getDbtable('logins', 'user');
$ipObj = new Engine_IP();
$ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary())));
$loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $user->email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true));
$_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId();
// Increment sign-in count
Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins');
// Test activity @todo remove
$viewer = Engine_Api::_()->user()->getViewer();
if ($viewer->getIdentity()) {
$viewer->lastlogin_date = date("Y-m-d H:i:s");
if ('cli' !== PHP_SAPI) {
$viewer->lastlogin_ip = $ipExpr;
}
$viewer->save();
Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login');
}
// Assign sid to view for json context
$this->view->status = true;
$this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful');
$this->view->sid = Zend_Session::getId();
$this->view->sname = Zend_Session::getOptions('name');
// Run post login hook
$event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer);
// Do redirection only if normal context
if (null === $this->_helper->contextSwitch->getCurrentContext()) {
// Redirect by form
$uri = $form->getValue('return_url');
if ($uri) {
if (substr($uri, 0, 3) == '64-') {
$uri = base64_decode(substr($uri, 3));
}
return $this->_redirect($uri, array('prependBase' => false));
}
// Redirect by session
$session = new Zend_Session_Namespace('Redirect');
if (isset($session->uri)) {
$uri = $session->uri;
$opts = $session->options;
$session->unsetAll();
return $this->_redirect($uri, $opts);
} else {
if (isset($session->route)) {
$session->unsetAll();
return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
}
}
// Redirect by hook
foreach ((array) $event->getResponses() as $response) {
if (is_array($response)) {
if (!empty($response['error']) && !empty($response['message'])) {
return $form->addError($response['message']);
} else {
if (!empty($response['redirect'])) {
return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false));
}
}
}
}
// Just redirect to home
return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true);
}
}
/**
* init session after successful login
*
* @param Tinebase_Model_FullUser $user
* @param boolean $fixCookieHeader
*/
protected function _initUserSession($fixCookieHeader = true)
{
// FIXME 0010508: Session_Validator_AccountStatus causes problems
//Tinebase_Session::registerValidatorAccountStatus();
Tinebase_Session::registerValidatorMaintenanceMode();
if (Tinebase_Config::getInstance()->get(Tinebase_Config::SESSIONUSERAGENTVALIDATION, TRUE)) {
Tinebase_Session::registerValidatorHttpUserAgent();
} else {
Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' User agent validation disabled.');
}
// we only need to activate ip session validation for non-encrypted connections
$ipSessionValidationDefault = Tinebase_Core::isHttpsRequest() ? FALSE : TRUE;
if (Tinebase_Config::getInstance()->get(Tinebase_Config::SESSIONIPVALIDATION, $ipSessionValidationDefault)) {
Tinebase_Session::registerValidatorIpAddress();
} else {
Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Session ip validation disabled.');
}
if ($fixCookieHeader && Zend_Session::getOptions('use_cookies')) {
/**
* fix php session header handling http://forge.tine20.org/mantisbt/view.php?id=4918
* -> search all Set-Cookie: headers and replace them with the last one!
**/
$cookieHeaders = array();
foreach (headers_list() as $headerString) {
if (strpos($headerString, 'Set-Cookie: TINE20SESSID=') === 0) {
array_push($cookieHeaders, $headerString);
}
}
header(array_pop($cookieHeaders), true);
/** end of fix **/
}
Tinebase_Session::getSessionNamespace()->currentAccount = Tinebase_Core::getUser();
}
public function indexAction()
{
$this->html->h2($this->_('Project information'));
$versions = $this->loader->getVersions();
$data[$this->_('Project name')] = $this->project->name;
$data[$this->_('Project version')] = $versions->getProjectVersion();
$data[$this->_('Gems version')] = $versions->getGemsVersion();
$data[$this->_('Gems build')] = $versions->getBuild();
$data[$this->_('Gems project')] = GEMS_PROJECT_NAME;
$data[$this->_('Gems web directory')] = $this->getDirInfo(GEMS_WEB_DIR);
$data[$this->_('Gems root directory')] = $this->getDirInfo(GEMS_ROOT_DIR);
$data[$this->_('Gems code directory')] = $this->getDirInfo(GEMS_LIBRARY_DIR);
$data[$this->_('Gems variable directory')] = $this->getDirInfo(GEMS_ROOT_DIR . '/var');
$data[$this->_('MUtil version')] = \MUtil_Version::get();
$data[$this->_('Zend version')] = \Zend_Version::VERSION;
$data[$this->_('Application environment')] = APPLICATION_ENV;
$data[$this->_('Application baseuri')] = $this->loader->getUtil()->getCurrentURI();
$data[$this->_('Application directory')] = $this->getDirInfo(APPLICATION_PATH);
$data[$this->_('Application encoding')] = APPLICATION_ENCODING;
$data[$this->_('PHP version')] = phpversion();
$data[$this->_('Server Hostname')] = php_uname('n');
$data[$this->_('Server OS')] = php_uname('s');
$data[$this->_('Time on server')] = date('r');
$driveVars = array($this->_('Session directory') => \Zend_Session::getOptions('save_path'), $this->_('Temporary files directory') => realpath(getenv('TMP')));
if ($system = getenv('SystemDrive')) {
$driveVars[$this->_('System Drive')] = realpath($system);
}
foreach ($driveVars as $name => $drive) {
$data[$name] = $this->getDirInfo($drive);
}
$lock = $this->util->getMaintenanceLock();
if ($lock->isLocked()) {
$label = $this->_('Turn Maintenance Mode OFF');
} else {
$label = $this->_('Turn Maintenance Mode ON');
}
$request = $this->getRequest();
$buttonList = $this->menu->getMenuList();
$buttonList->addParameterSources($request)->addByController($request->getControllerName(), 'maintenance', $label)->addByController($request->getControllerName(), 'cacheclean');
// $this->html->buttonDiv($buttonList);
$this->_showTable($this->_('Version information'), $data);
$this->html->buttonDiv($buttonList);
}
