/**
* Handles user login (form and processing)
*/
public function login()
{
$isLoginFailure = false;
if ($this->request->getMethod() == 'POST') {
$token = $this->getParam('token');
if (!isset($token, $_SESSION['login_token']) || $token !== $_SESSION['login_token']) {
$isLoginFailure = true;
} else {
unset($_SESSION['login_token']);
$user = $this->userStore->getByEmail($this->getParam('email'));
if ($user && password_verify($this->getParam('password', ''), $user->getHash())) {
session_regenerate_id(true);
$_SESSION['phpci_user_id'] = $user->getId();
$response = new b8\Http\Response\RedirectResponse();
$response->setHeader('Location', $this->getLoginRedirect());
return $response;
} else {
$isLoginFailure = true;
}
}
}
$form = new b8\Form();
$form->setMethod('POST');
$form->setAction(PHPCI_URL . 'session/login');
$email = new b8\Form\Element\Email('email');
$email->setLabel(Lang::get('email_address'));
$email->setRequired(true);
$email->setContainerClass('form-group');
$email->setClass('form-control');
$form->addField($email);
$pwd = new b8\Form\Element\Password('password');
$pwd->setLabel(Lang::get('password'));
$pwd->setRequired(true);
$pwd->setContainerClass('form-group');
$pwd->setClass('form-control');
$form->addField($pwd);
$pwd = new b8\Form\Element\Submit();
$pwd->setValue(Lang::get('log_in'));
$pwd->setClass('btn-success');
$form->addField($pwd);
$tokenValue = $this->generateToken();
$_SESSION['login_token'] = $tokenValue;
$token = new b8\Form\Element\Hidden('token');
$token->setValue($tokenValue);
$form->addField($token);
$this->view->form = $form->render();
$this->view->failed = $isLoginFailure;
return $this->view->render();
}
public function getLoginForm($returnUrl = null)
{
$form = new Form();
$form->setMethod('POST');
$form->setAction('/member/login');
$form->disableValidation();
if (!is_null($returnUrl)) {
$rtn = new Hidden();
$rtn->setName('rtn');
$rtn->setValue($returnUrl);
$form->addField($rtn);
}
$form->addField(Email::create('email', 'Email Address', true));
$form->addField(Password::create('password', 'Password', true));
$submit = new Submit();
$submit->setClass('button pull-right');
$submit->setValue('Login');
$form->addField($submit);
return $form;
}
protected function resetPasswordForm($memberId, $key)
{
$form = new Form();
$form->setMethod('POST');
$form->setAction('/member/reset-password/' . $memberId);
$form->enableValidation();
$form->addField(Hidden::create('k', 'Key', true));
$form->addField(Password::create('password', 'Your New Password', true));
$submit = new Submit();
$submit->setClass('button pull-right');
$submit->setValue('Reset and Login');
$form->setValues(['k' => $key]);
$form->addField($submit);
return $form;
}
protected function userForm($values, $type = 'add')
{
$form = new FormElement();
$form->setMethod('POST');
if ($type == 'add') {
$form->setAction($this->config->get('site.full_admin_url') . '/user/add');
} else {
$form->setAction($this->config->get('site.full_admin_url') . '/user/edit/' . $values['id']);
}
$form->setClass('smart-form');
$fieldset = new Form\FieldSet('fieldset');
$form->addField($fieldset);
if (isset($values['id'])) {
$field = new Form\Element\Hidden('id');
$field->setRequired(true);
$field->setValue($values['id']);
$fieldset->addField($field);
}
$field = new Form\Element\Text('name');
$field->setRequired(true);
$field->setLabel('Name');
$fieldset->addField($field);
$field = new Form\Element\Email('email');
$field->setRequired(true);
$field->setLabel('Email Address');
$fieldset->addField($field);
$field = new Form\Element\Password('password');
if ($type == 'add') {
$field->setRequired(true);
} else {
$field->setRequired(false);
}
$field->setLabel('Password' . ($type == 'edit' ? ' (leave blank to keep current password)' : ''));
$fieldset->addField($field);
if ($this->currentUser->getIsAdmin()) {
$field = new Form\Element\Select('is_admin');
$field->setRequired(false);
$field->setLabel('Administrator');
$field->setOptions([0 => 'No', 1 => 'Yes']);
$fieldset->addField($field);
}
$data = [&$form, &$values];
Event::trigger('userForm', $data);
list($form, $values) = $data;
$fieldset = new Form\FieldSet('fieldset3');
$form->addField($fieldset);
$field = new Form\Element\Submit();
$field->setValue('Save User');
$field->setClass('btn-success');
$fieldset->addField($field);
$form->setValues($values);
return $form;
}
