public function actionSearch()
{
$this->checkRequest();
$q = $this->q;
$this->checkRequiredParams($q, array('token', 'user_id', 'status', 'type', 'page'));
$this->checkToken();
//same as login session
$criteria = new CDbCriteria();
$criteria->compare('user_id', $q->user_id);
$criteria->compare('status_listing', $q->status);
$criteria->compare('listing_type', $q->type);
$criteria->limit = 20;
$criteria->order = 'property_name_or_address ASC';
$models = Listing::model()->findAll($criteria);
$items = array();
foreach ($models as $model) {
$items[] = array('property_name_or_address' => $model->property_name_or_address, 'tenure' => Listing::getViewDetailTenure($model));
}
$result = ApiModule::$defaultSuccessResponse;
$result['list'] = $items;
$result['message'] = Yii::t('systemmsg', 'Query success');
//always need
ApiModule::sendResponse($result);
}
public function actionForgotPass()
{
$result = ApiModule::$defaultSuccessResponse;
$this->checkRequest();
$q = $this->q;
$this->checkRequiredParams($q, array('email'));
$model = new ForgotPasswordForm();
$model->email = trim($q->email);
if ($model->validate()) {
//check Email
$criteria = new CDbCriteria();
$criteria->compare('t.email_not_login', $model->email);
$criteria->compare('t.role_id', ROLE_AGENT);
$mUser = Users::model()->find($criteria);
if (!$mUser) {
$model->addError('email', 'Email does not exist.');
} elseif ($mUser->status == STATUS_ACTIVE) {
$password = substr(uniqid(rand(), 1), 1, 10);
$pass_en = md5($password);
$mUser->password_hash = $pass_en;
$mUser->temp_password = $password;
$mUser->update(array('password_hash', 'temp_password'));
SendEmail::forgotPassword($mUser, $password, ROLE_AGENT);
$result['message'] = Yii::t('systemmsg', 'An email with your new password has been sent to "{email}". ' . 'Please check your inbox. If you do not receive the email, ' . 'please add "@properyinfo.sg" to your mailbox safe list and check your Junk/Spam mailbox.', array('{email}' => $mUser->email_not_login));
} else {
$model->addError('email', 'Email does not exist.');
}
}
$result['record_error_key'] = array_keys($model->getErrors());
$result['record_error'] = $model->getErrors();
ApiModule::sendResponse($result);
}
public function actionApi()
{
$rs = array('1' => '你好', '2' => '测试api', '3' => 'api');
ApiModule::d($rs);
}
public static function setUid($uid)
{
if (empty($uid)) {
$msg = "authorization failed, missing login user id.";
throw new CHttpException(401, $msg);
exit;
}
//登录为yii user
self::$_uid = $uid;
}
public function actionAuthorize()
{
$isValid = false;
//Login User
// $user_id = Yii::app()->user->id;
// $model=new LoginForm;
// $errmsg = '';
// To obtain OAuth store and OAuth Server object
$server = new OAuthServer();
try {
if (empty($_GET['username']) || empty($_GET['ctime']) || empty($_GET['signature'])) {
// throw new CHttpException(401,'Missing parametter.');
$this->redirectResponse($server, 'Missing parametter');
}
$mUser = Users::model()->find('email="' . $_GET['username'] . '"');
if (!$mUser) {
$this->redirectResponse($server, 'Email is invalid');
}
$user_id = $mUser->id;
$this->_identity = new ApiUserIdentity($_GET['username'], $mUser->password_hash);
$this->_identity->authenticate();
$this->errorCodeLoginForm = $this->_identity->errorCode;
switch ($this->_identity->errorCode) {
case ApiUserIdentity::ERROR_NONE:
if ($this->checkSignature($_GET['username'], $_GET['ctime'], $mUser->password_hash, $_GET['signature'])) {
$isValid = true;
$duration = 0;
// 30 days
Yii::app()->user->login($this->_identity, $duration);
} else {
// $result = array('error'=>'Invalid request.');
// ApiModule::sendResponse($result);
$this->redirectResponse($server, 'Invalid request');
}
break;
case UserIdentity::ERROR_USERNAME_INVALID:
$this->redirectResponse($server, 'Email is invalid');
break;
case UserIdentity::ERROR_USERNAME_BLOCKED:
$this->redirectResponse($server, 'Account is inactive');
break;
case UserIdentity::ERROR_STATUS_WAIT_ACTIVE_CODE:
$this->redirectResponse($server, 'Account is not verified');
break;
case UserIdentity::ERROR_PASSWORD_INVALID:
$this->redirectResponse($server, 'Wrong password');
break;
}
// Check the current request contains a valid request token
// Returns an array containing consumer key, consumer secret, token, token secret And token type.
$rs = $server->authorizeVerify($user_id);
if ($isValid) {
// $oauth_callback = $server->getCallbackUrl();
// $result = array('error'=>'Callback: '.$oauth_callback);
// ApiModule::sendResponse($result);
$authorized = True;
$server->authorizeFinish($authorized, $user_id);
} else {
$result = array('error' => 'Wrong username or password');
ApiModule::sendResponse($result);
}
} catch (OAuthException $e) {
$errmsg = $e->getMessage();
throw new CHttpException(401, $errmsg);
// The request does not contain token, Display allows the user to input token To validate the page
// ** Your code **
} catch (OAuthException2 $e) {
$errmsg = $e->getMessage();
// Requested an error token
// ** Your code **
throw new CHttpException(401, $errmsg);
}
// $data = array(
// 'rs'=>$rs,
// 'model'=>$model,
// 'errmsg'=>$errmsg
// );
// $this->render('Authorize',$data);
}
public function checkToken($token = null)
{
$result = ApiModule::$defaultResponse;
if ($token === null) {
$token = $this->q->token;
}
if (!UsersTokens::model()->checkToken($token)) {
$result['message'] = 'Token is invalid or expired';
ApiModule::sendResponse($result);
}
}
