/**
*
*/
protected function singleSession()
{
if (!cfg()->dev_mode) {
if (s()->user->id) {
$user_data = Admin_UsersModel::getInstance()->get(array('id' => s()->user->id));
if ($user_data['session_id'] != s()->getId()) {
s()->flush();
}
}
}
}
public static function login($user_id, $persistent = false)
{
s()->flush();
if ($persistent) {
s()->setPersistent();
}
// Load user data
s()->user->id = $user_id;
// Set user session
Admin_UsersModel::set(array('session_id' => s()->getId()), array('id' => s()->user->id));
Admin_LogsModel::insert(array('user_id' => $user_id, 'ip' => Core_Request::getInstance()->getServer('REMOTE_ADDR')), Admin_LogsModel::USER_LOGIN);
Cms_UserData::refresh(array(Cms_UserData::ATTR_ALL));
return s()->user->id ? true : false;
}
public function indexAction()
{
if ($this->getRequest()->getPost('user') == '' || $this->getRequest()->getPost('pass') == '') {
$this->getResponse()->setStatus(0)->setBody(__('Enter username and password'))->toJson();
}
/*if (!Core_LinkExploit::checkOnce($this->getRequest()->getPost('token'), 'login')) {
$this->getResponse()->setStatus(0)->setBody(__('Invalid Data Submitted'))->toJson();
}*/
$user_rs = Admin_UsersModel::get(array('user' => $this->getRequest()->getPost('user'), 'password' => Core_Security::generate($this->getRequest()->getPost('pass'))));
if (!$user_rs) {
$this->getResponse()->setStatus(0)->setBody(__('Wrong username and/or password'))->toJson();
}
// now login the user
if (Admin_UsersHelper::login($user_rs->id)) {
$this->getResponse()->setStatus(1)->toJson();
}
}
public function createAction()
{
$email = strtolower($this->getRequest()->getPost('email'));
if (!Core_Check::email($email)) {
$this->getResponse()->setStatus(0)->setBody(__('invalid email'))->toJson();
}
$pass = $this->getRequest()->getPost('pass');
if (!Core_Check::password($pass)) {
$this->getResponse()->setStatus(0)->setBody(__('password must be at least %1$s characters long', cfg()->min_pass_lenght))->toJson();
}
$user = $this->getRequest()->getPost('user');
if (!Core_Check::user($user)) {
$this->getResponse()->setStatus(0)->setBody(__('invalid user'))->toJson();
}
$all_roles = Admin_RolesModel::getAll(array());
$role_id = $this->getRequest()->getPost('role');
$valid_role = false;
foreach ($all_roles as $role_row) {
if ($role_id == $role_row->id) {
$valid_role = true;
}
}
if (!$valid_role) {
$this->getResponse()->setStatus(0)->setBody(__('invalid role'))->toJson();
}
$insert_data = array('user' => strip_tags(strtolower($this->getRequest()->getPost('user'))), 'email' => strip_tags(strtolower($this->getRequest()->getPost('email'))), 'role_id' => $this->getRequest()->getPost('role'), 'password' => Core_Security::generate($this->getRequest()->getPost('pass')), 'company' => $this->getRequest()->getPost('company'));
if ($insert_data['user'] == '' || $insert_data['email'] == '' || $insert_data['role_id'] == '') {
$this->getResponse()->setStatus(0)->setBody(__('invalid data submited. Username, Email and Role are mandatory'))->toJson();
}
if (!Admin_UsersModel::tryAdd($insert_data)) {
$this->getResponse()->setStatus(0)->setBody(__('duplicate user or email'))->toJson();
}
$this->getResponse()->setStatus(1)->setBody(__('user added'))->toJson();
}
