public function check(User_Model_User $user) { // No CLI if ('cli' === PHP_SAPI) { return; } // Prepare $id = (int) $user->getIdentity(); // Get ip address $db = $this->getAdapter(); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); // Run update first $count = $this->update(array('active' => date('Y-m-d H:i:s')), array('user_id = ?' => $id, 'ip = ?' => $ipExpr, 'active > ?' => new Zend_Db_Expr('DATE_SUB(NOW(),INTERVAL 20 MINUTE)'))); // Run insert if update doesn't do anything if ($count < 1) { if ($this->getAdapter() instanceof Zend_Db_Adapter_Mysqli || $this->getAdapter() instanceof Engine_Db_Adapter_Mysql || $this->getAdapter() instanceof Zend_Db_Adapter_Pdo_Mysql) { $sql = 'INSERT IGNORE INTO `' . $this->info('name') . '` (`user_id`, `ip`, `active`) VALUES (?, UNHEX(?), ?)'; $sql = $this->getAdapter()->quoteInto($sql, $id, null, 1); $sql = $this->getAdapter()->quoteInto($sql, bin2hex($ipObj->toBinary()), null, 1); $sql = $this->getAdapter()->quoteInto($sql, date('Y-m-d H:i:s'), null, 1); $this->getAdapter()->query($sql); } else { $this->insert(array('user_id' => $id, 'ip' => $ipExpr, 'active' => date('Y-m-d H:i:s'))); } } return $this; }
public function removeAddressRange($startAddress, $stopAddress) { $startAddressObject = new Engine_IP($startAddress); $stopAddressObject = new Engine_IP($stopAddress); if (!$startAddressObject->isValid()) { throw new Engine_Exception('Invalid start IP address'); } if (!$stopAddressObject->isValid()) { throw new Engine_Exception('Invalid stop IP address'); } $startAddressBinary = $startAddressObject->toBinary(); $stopAddressBinary = $stopAddressObject->toBinary(); // Delete $this->delete(array('start' => $startAddressBinary, 'stop' => $stopAddressBinary)); $removedIds = $this->select()->from($this, 'bannedip_id')->where(delete(array('start' => $startAddressBinary, 'stop' => $stopAddressBinary)))->query()->fetchAll(Zend_Db::FETCH_COLUMN); if (count($removedIds) != 0) { $extraTable = Engine_Api::_()->getDBTable('extrainfo', 'ynbanmem'); $extraTable->delete(array('banned_id IN(?)' => $removedIds, 'banned_type = 1')); } return $this; }
public function indexAction() { // Render $this->_helper->content->setEnabled(); // Get settings $settings = Engine_Api::_()->getApi('settings', 'core'); // If the user is logged in, they can't sign up now can they? if (Engine_Api::_()->user()->getViewer()->getIdentity()) { return $this->_helper->redirector->gotoRoute(array(), 'default', true); } $formSequenceHelper = $this->_helper->formSequence; foreach (Engine_Api::_()->getDbtable('signup', 'user')->fetchAll() as $row) { if ($row->enable == 1) { $class = $row->class; $formSequenceHelper->setPlugin(new $class(), $row->order); } } // This will handle everything until done, where it will return true if (!$this->_helper->formSequence()) { return; } // Get viewer $viewer = Engine_Api::_()->user()->getViewer(); // Run post signup hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserSignupAfter', $viewer); $responses = $event->getResponses(); if ($responses) { foreach ($event->getResponses() as $response) { if (is_array($response)) { // Clear login status if (!empty($response['error'])) { Engine_Api::_()->user()->setViewer(null); Engine_Api::_()->user()->getAuth()->getStorage()->clear(); } // Redirect if (!empty($response['redirect'])) { return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } } } } // Handle subscriptions if (Engine_Api::_()->hasModuleBootstrap('payment')) { // Check for the user's plan $subscriptionsTable = Engine_Api::_()->getDbtable('subscriptions', 'payment'); if (!$subscriptionsTable->check($viewer)) { // Handle default payment plan $defaultSubscription = null; try { $subscriptionsTable = Engine_Api::_()->getDbtable('subscriptions', 'payment'); if ($subscriptionsTable) { $defaultSubscription = $subscriptionsTable->activateDefaultPlan($viewer); if ($defaultSubscription) { // Re-process enabled? $viewer->enabled = true; $viewer->save(); } } } catch (Exception $e) { // Silence } if (!$defaultSubscription) { // Redirect to subscription page, log the user out, and set the user id // in the payment session $subscriptionSession = new Zend_Session_Namespace('Payment_Subscription'); $subscriptionSession->user_id = $viewer->getIdentity(); Engine_Api::_()->user()->setViewer(null); Engine_Api::_()->user()->getAuth()->getStorage()->clear(); if (!empty($subscriptionSession->subscription_id)) { return $this->_helper->redirector->gotoRoute(array('module' => 'payment', 'controller' => 'subscription', 'action' => 'gateway'), 'default', true); } else { return $this->_helper->redirector->gotoRoute(array('module' => 'payment', 'controller' => 'subscription', 'action' => 'index'), 'default', true); } } } } // Handle email verification or pending approval if (!$viewer->enabled) { Engine_Api::_()->user()->setViewer(null); Engine_Api::_()->user()->getAuth()->getStorage()->clear(); $confirmSession = new Zend_Session_Namespace('Signup_Confirm'); $confirmSession->approved = $viewer->approved; $confirmSession->verified = $viewer->verified; $confirmSession->enabled = $viewer->enabled; return $this->_helper->_redirector->gotoRoute(array('action' => 'confirm'), 'user_signup', true); } else { Engine_Api::_()->user()->getAuth()->getStorage()->write($viewer->getIdentity()); Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserEnable', $viewer); } // Set lastlogin_date here to prevent issues with payment if ($viewer->getIdentity()) { $viewer->lastlogin_date = date("Y-m-d H:i:s"); if ('cli' !== PHP_SAPI) { $ipObj = new Engine_IP(); $viewer->lastlogin_ip = $ipObj->toBinary(); } $viewer->save(); } return $this->_helper->_redirector->gotoRoute(array('action' => 'home'), 'user_general', true); }
public function onRenderLayoutDefault($event) { //echo 'banmer';die; // Check if visitor is banned by IP $addressObject = new Engine_IP(); $addressBinary = $addressObject->toBinary(); // Load banned IPs $bannedIpTable = Engine_Api::_()->getDbtable('bannedips', 'ynbanmem'); $bannedIps = $bannedIpTable->select()->query()->fetchAll(); $bannedId; $isBanned = false; if (count($bannedIps) > 0) { foreach ($bannedIps as $bannedIp) { // @todo ipv4->ipv6 transformations if (strlen($addressBinary) == strlen($bannedIp['start'])) { if (strcmp($addressBinary, $bannedIp['start']) >= 0 && strcmp($addressBinary, $bannedIp['stop']) <= 0) { $isBanned = true; $bannedId = $bannedIp['banedip_id']; break; } } } // tell them they're banned if ($isBanned) { $extraInfoTable = Engine_Api::_()->getDbTable('extrainfo', 'ynbanmem'); //Get extra info $extraInfo = $extraInfoTable->getExtraInfo($bannedId, 1); //@todo give appropriate forbidden page if (!headers_sent()) { header('HTTP/1.0 403 Forbidden'); } if (count($extraInfo) != 0) { die($extraInfo[0]['reason']); } die('banned'); } } $viewer = Engine_Api::_()->user()->getViewer(); if ($viewer->getIdentity() > 0 && $viewer->username != null && !$viewer->level_id != 1) { // Load banned Usernames $bannedUsernameTable = Engine_Api::_()->getDbtable('bannedusernames', 'ynbanmem'); $bannedUsername = $bannedUsernameTable->select()->where('username = ?', $viewer->username)->query()->fetchAll(); // tell them they're banned if (count($bannedUsername) != 0) { $extraInfoTable = Engine_Api::_()->getDbTable('extrainfo', 'ynbanmem'); //Get extra info $extraInfo = $extraInfoTable->getExtraInfo($bannedUsername[0]['bannedusername_id'], 0); //@todo give appropriate forbidden page if (!headers_sent()) { header('HTTP/1.0 403 Forbidden'); } if (count($extraInfo) != 0) { die('banned <br/>' . $extraInfo[0]['reason']); } die('banned'); } // Load banned emails $bannedEmailTable = Engine_Api::_()->getDbtable('bannedemails', 'ynbanmem'); $bannedEmail = $bannedEmailTable->select()->where('email = ?', $viewer->email)->query()->fetchAll(); //echo $viewer -> email;die; // tell them they're banned if (count($bannedEmail) != 0) { $extraInfoTable = Engine_Api::_()->getDbTable('extrainfo', 'ynbanmem'); //Get extra info $extraInfo = $extraInfoTable->getExtraInfo($bannedEmail[0]['bannedemail_id'], 2); //@todo give appropriate forbidden page if (!headers_sent()) { header('HTTP/1.0 403 Forbidden'); } if (count($extraInfo) != 0) { die('banned <br/>' . $extraInfo[0]['reason']); } //die('banned'); } } }
public function activateAction() { $this->_helper->layout->setLayout('default-simple'); $user = Engine_Api::_()->core()->getSubject(); if (!$user->deactive) { return $this->_forward('success', 'utility', 'core', array('messages' => array(Zend_Registry::get('Zend_Translate')->_('Your request is invalid.')), 'redirect' => $this->getFrontController()->getRouter()->assemble(array('action' => 'home'), 'user_general', true))); } // Form $this->view->form = $form = new User_Form_Settings_Active(); if (!$this->getRequest()->isPost()) { return; } if (!$form->isValid($this->getRequest()->getPost())) { return; } // Process $db = Engine_Api::_()->getDbtable('users', 'user')->getAdapter(); $db->beginTransaction(); try { $user->user_id = $user->deactive; $user->deactive = 0; $user->save(); $db->commit(); } catch (Exception $e) { $db->rollBack(); throw $e; } Zend_Auth::getInstance()->getStorage()->write($user->user_id); Engine_Api::_()->user()->setViewer(); // Register login $loginTable = Engine_Api::_()->getDbtable('logins', 'user'); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); $loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $user->email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true)); $_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId(); // Increment sign-in count Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins'); // Test activity @todo remove $viewer = Engine_Api::_()->user()->getViewer(); if ($viewer->getIdentity()) { $viewer->lastlogin_date = date("Y-m-d H:i:s"); if ('cli' !== PHP_SAPI) { $viewer->lastlogin_ip = $ipExpr; } $viewer->save(); Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login'); } // Assign sid to view for json context $this->view->status = true; $this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful'); $this->view->sid = Zend_Session::getId(); $this->view->sname = Zend_Session::getOptions('name'); // Run post login hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer); // Do redirection only if normal context if (null === $this->_helper->contextSwitch->getCurrentContext()) { // Redirect by form $uri = $form->getValue('return_url'); if ($uri) { if (substr($uri, 0, 3) == '64-') { $uri = base64_decode(substr($uri, 3)); } return $this->_redirect($uri, array('prependBase' => false)); } // Redirect by session $session = new Zend_Session_Namespace('Redirect'); if (isset($session->uri)) { $uri = $session->uri; $opts = $session->options; $session->unsetAll(); return $this->_redirect($uri, $opts); } else { if (isset($session->route)) { $session->unsetAll(); return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset); } } // Redirect by hook foreach ((array) $event->getResponses() as $response) { if (is_array($response)) { if (!empty($response['error']) && !empty($response['message'])) { return $form->addError($response['message']); } else { if (!empty($response['redirect'])) { return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } } } } // Just redirect to home return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true); } }
public function removeAddressRange($startAddress, $stopAddress) { $startAddressObject = new Engine_IP($startAddress); $stopAddressObject = new Engine_IP($stopAddress); if (!$startAddressObject->isValid()) { throw new Engine_Exception('Invalid start IP address'); } if (!$stopAddressObject->isValid()) { throw new Engine_Exception('Invalid stop IP address'); } $startAddressBinary = $startAddressObject->toBinary(); $stopAddressBinary = $stopAddressObject->toBinary(); // Delete $this->delete(array('start' => $startAddressBinary, 'stop' => $stopAddressBinary)); return $this; }
public function janrainAction() { // Exit if no token is posted if (!($token = $this->_getParam('token'))) { return $this->_helper->redirector->gotoRoute(array(), 'default', true); } // Get settings $settings = Engine_Api::_()->getDbtable('settings', 'core'); $janrainSettings = $settings->core_janrain; if (empty($janrainSettings['key']) || empty($janrainSettings['enable']) || $janrainSettings['enable'] == 'none') { return $this->_helper->redirector->gotoRoute(array(), 'default', true); } // Get info $viewer = Engine_Api::_()->user()->getViewer(); $janrainTable = Engine_Api::_()->getDbtable('janrain', 'user'); $db = Engine_Db_Table::getDefaultAdapter(); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); $log = Zend_Registry::get('Zend_Log'); // Call auth_info $post_data = array('token' => $token, 'apiKey' => $janrainSettings['key'], 'format' => 'json', 'extended' => 'false'); //Extended is not available to Basic. $curl = curl_init(); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_URL, 'https://rpxnow.com/api/v2/auth_info'); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $post_data); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_FAILONERROR, true); $result = curl_exec($curl); if ($result == false) { $log->log('Janrain Error' . PHP_EOL . 'Curl error: ' . curl_error($curl) . PHP_EOL . 'HTTP code: ' . curl_errno($curl) . PHP_EOL . var_export($post_data, true), Zend_Log::DEBUG); return $this->_helper->redirector->gotoRoute(array(), 'default', true); } curl_close($curl); // Decode json $auth_info = Zend_Json::decode($result, true); if ($auth_info['stat'] !== 'ok') { $log->log('Janrain Error' . PHP_EOL . var_export($result, true) . PHP_EOL . var_export($auth_info, true), Zend_Log::DEBUG); return $this->_helper->redirector->gotoRoute(array(), 'default', true); } $profile = $auth_info['profile']; if (!empty($auth_info['merged_poco'])) { $profile['merged_poco'] = $auth_info['merged_poco']; } $identifier = $profile['identifier']; $provider = $profile['providerName']; // Check if already exists $info = $janrainTable->select()->from($janrainTable)->where('identifier = ?', $identifier)->limit(1)->query()->fetch(); if ($info) { if ($viewer->getIdentity()) { // Already associated $this->view->error = 'That account has already been connected to ' . 'another member on this site.'; } else { // Sign-in Zend_Auth::getInstance()->getStorage()->write($info['user_id']); // Register login $viewer = Engine_Api::_()->getItem('user', $info['user_id']); $viewer->lastlogin_date = date("Y-m-d H:i:s"); if ('cli' !== PHP_SAPI) { $viewer->lastlogin_ip = $ipExpr; Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $info['user_id'], 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'source' => 'janrain')); } $viewer->save(); // Redirect return $this->_helper->redirector->gotoRoute(array(), 'default', true); } } else { if ($viewer->getIdentity()) { // Connect $janrainTable->insert(array('user_id' => $viewer->getIdentity(), 'identifier' => $identifier, 'provider' => $provider, 'token' => $token)); // Redirect return $this->_helper->redirector->gotoRoute(array(), 'default', true); } else { // Sign-up $_SESSION['janrain_signup'] = true; $_SESSION['janrain_signup_info'] = $profile; $_SESSION['janrain_signup_token'] = $token; return $this->_helper->redirector->gotoRoute(array(), 'user_signup', true); } } }
protected function _insert() { $settings = Engine_Api::_()->getApi('settings', 'core'); // These need to be done first so the hook can see them $this->level_id = Engine_Api::_()->getItemTable('authorization_level')->getDefaultLevel()->level_id; $this->approved = (int) ($settings->getSetting('user.signup.approve', 1) == 1); $this->verified = (int) ($settings->getSetting('user.signup.verifyemail', 1) < 2); $this->enabled = $this->approved && $this->verified; $this->search = true; if (empty($this->_modifiedFields['timezone'])) { $this->timezone = $settings->getSetting('core.locale.timezone', 'America/Los_Angeles'); } if (empty($this->_modifiedFields['locale'])) { $this->locale = $settings->getSetting('core.locale.locale', 'auto'); } if (empty($this->_modifiedFields['language'])) { $this->language = $settings->getSetting('core.locale.language', 'en_US'); } if ('cli' !== PHP_SAPI) { // No CLI // Get ip address $db = $this->getTable()->getAdapter(); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); $this->creation_ip = $ipExpr; } // Set defaults, process etc $this->salt = (string) rand(1000000, 9999999); if (!empty($this->password)) { $this->password = md5($settings->getSetting('core.secret', 'staticSalt') . $this->password . $this->salt); } else { $this->password = ''; } // The hook will be called here parent::_insert(); }
public function loginAction() { // Render $this->_helper->content->setContentName('user_auth_login')->setEnabled(); $this->view->form = $form = new User_Form_Login(); $form->setAction(Zend_Controller_Front::getInstance()->getRouter()->assemble(array(), 'user_login', true)); $user_id = 0; $email = ""; $skey = self::TEMPORAY_SESSION_LOGIN_ID; if (isset($_SESSION[$skey])) { $user_id = $_SESSION[$skey]; unset($_SESSION[$skey]); } // $email, $password, $remember $user_table = Engine_Api::_()->getDbtable('users', 'user'); // If post exists $user = $user_table->find($user_id)->current(); // Get ip address $db = Engine_Db_Table::getDefaultAdapter(); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); // Check if user exists if (empty($user)) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'no-member')); return; } // Check if user is verified and enabled if (!$user->enabled) { if (!$user->verified) { $this->view->status = false; $resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true); $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('This account still requires either email verification.'); $error .= ' '; $error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url); $this->view->error = $error; $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled')); return; } else { if (!$user->approved) { $this->view->status = false; $translate = Zend_Registry::get('Zend_Translate'); $this->view->error = $error = $translate->translate('This account still requires admin approval.'); $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled')); return; } } // Should be handled by hooks or payment } // Handle subscriptions if (Engine_Api::_()->hasModuleBootstrap('payment')) { // Check for the user's plan $subscriptionsTable = Engine_Api::_()->getDbtable('subscriptions', 'payment'); if (!$subscriptionsTable->check($user)) { // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'unpaid')); // Redirect to subscription page $subscriptionSession = new Zend_Session_Namespace('Payment_Subscription'); $subscriptionSession->unsetAll(); $subscriptionSession->user_id = $user->getIdentity(); return $this->_helper->redirector->gotoRoute(array('module' => 'payment', 'controller' => 'subscription', 'action' => 'index'), 'default', true); } } // Register login $auth = Zend_Auth::getInstance(); $auth->getStorage()->write($user->getIdentity()); // Run pre login hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginBefore', $user); foreach ((array) $event->getResponses() as $response) { if (is_array($response)) { if (!empty($response['error']) && !empty($response['message'])) { $form->addError($response['message']); } else { if (!empty($response['redirect'])) { $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } else { continue; } } // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'third-party')); // Return return; } } // Register login $loginTable = Engine_Api::_()->getDbtable('logins', 'user'); $loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true)); $_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId(); // Increment sign-in count Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins'); // Test activity @todo remove $viewer = Engine_Api::_()->user()->getViewer(); if ($viewer->getIdentity()) { $viewer->lastlogin_date = date("Y-m-d H:i:s"); if ('cli' !== PHP_SAPI) { $viewer->lastlogin_ip = $ipExpr; } $viewer->save(); Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login'); } // Assign sid to view for json context $this->view->status = true; $this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful'); $this->view->sid = Zend_Session::getId(); $this->view->sname = Zend_Session::getOptions('name'); // Run post login hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer); // Do redirection only if normal context if (null === $this->_helper->contextSwitch->getCurrentContext()) { // Redirect by session $session = new Zend_Session_Namespace('Redirect'); if (isset($session->uri)) { $uri = $session->uri; $opts = $session->options; $session->unsetAll(); return $this->_redirect($uri, $opts); } else { if (isset($session->route)) { $session->unsetAll(); return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset); } } // Redirect by hook foreach ((array) $event->getResponses() as $response) { if (is_array($response)) { if (!empty($response['error']) && !empty($response['message'])) { return $form->addError($response['message']); } else { if (!empty($response['redirect'])) { return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } } } } // Just redirect to home return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true); } }
protected function _initBannedIps() { // No CLI if ('cli' === PHP_SAPI) { return; } // Check if visitor is banned by IP $addressObject = new Engine_IP(); $addressBinary = $addressObject->toBinary(); // Load banned IPs $db = $this->getContainer()->db; $bannedIps = $db->select()->from('engine4_core_bannedips')->query()->fetchAll(); $isBanned = false; foreach ($bannedIps as $bannedIp) { // @todo ipv4->ipv6 transformations if (strlen($addressBinary) == strlen($bannedIp['start'])) { if (strcmp($addressBinary, $bannedIp['start']) >= 0 && strcmp($addressBinary, $bannedIp['stop']) <= 0) { $isBanned = true; break; } } } // tell them they're banned if ($isBanned) { //@todo give appropriate forbidden page if (!headers_sent()) { header('HTTP/1.0 403 Forbidden'); } die('banned'); } }
public function indexAction() { $this->view->formFilter = $formFilter = new User_Form_Admin_Manage_Login(); $table = Engine_Api::_()->getDbtable('users', 'user'); $select = $table->select(); // Process form $values = array(); if ($formFilter->isValid($this->_getAllParams())) { $values = $formFilter->getValues(); } foreach ($values as $key => $value) { if (null === $value) { unset($values[$key]); } } $values = array_merge(array('order' => 'timestamp', 'order_direction' => 'DESC'), $values); $this->view->assign($values); // Get navigation $this->view->navigation = Engine_Api::_()->getApi('menus', 'core')->getNavigation('core_admin_banning', array(), 'user_admin_banning_logins'); // Get select $table = Engine_Api::_()->getDbtable('logins', 'user'); $select = $table->select(); $select->order((!empty($values['order']) ? $values['order'] : 'user_id') . ' ' . (!empty($values['order_direction']) ? $values['order_direction'] : 'DESC')); if (!empty($values['username'])) { $usersTable = Engine_Api::_()->getDbtable('users', 'user'); $usersSelect = $usersTable->select()->from($usersTable, 'user_id')->where('username LIKE ?', '%' . $values['username'] . '%'); $select->where('user_id IN ?', $usersSelect); } if (!empty($values['email'])) { $select->where('email LIKE ?', '%' . $values['email'] . '%'); } if (!empty($values['ip'])) { $ipObj = new Engine_IP($values['ip']); $select->where('ip = ?', $ipObj->toBinary()); } if (!empty($values['state']) && $values['state'] != -1) { $select->where('state = ?', $values['state']); } if (!empty($values['source']) && $values['source'] != -1) { $select->where('source = ?', $values['source']); } // Filter out junk $valuesCopy = array_filter($values); // Get paginator $this->view->paginator = $paginator = Zend_Paginator::factory($select); $paginator->setItemCountPerPage(50); $paginator->setCurrentPageNumber($this->_getParam('page', 1)); $this->view->formValues = $valuesCopy; // Preload users $identities = array(); foreach ($paginator as $item) { if (!empty($item->user_id)) { $identities[] = $item->user_id; } } $identities = array_unique($identities); $users = array(); if (!empty($identities)) { foreach (Engine_Api::_()->getItemMulti('user', $identities) as $user) { $users[$user->getIdentity()] = $user; } } $this->view->users = $users; }
public function ajaxRenderAdsAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(TRUE); $params = array(); $params['content_id'] = $content_id = $this->_getParam('content_id'); $viewer = Engine_Api::_()->user()->getViewer(); $tableHiddens = Engine_Api::_()->getItemTable('ynsocialads_hidden'); $tableAdBlock = Engine_Api::_()->getItemTable('ynsocialads_adblock'); $adBlock = $tableAdBlock->fetchRow($tableAdBlock->select()->where('content_id = ?', $content_id)); $ads_limit = $adBlock->ads_limit; if ($viewer->getIdentity()) { $items = Engine_Api::_()->getItemTable('ynsocialads_ad')->getAdsRender($params, $viewer->getIdentity(), 'yes'); } else { // Get ip address $db = Engine_Db_Table::getDefaultAdapter(); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); $items = Engine_Api::_()->getItemTable('ynsocialads_ad')->getAdsRender($params, $ipExpr, 'no'); } $arr = array(); foreach ($items as $item) { if ($item->isAudience($viewer->getIdentity())) { $package = $item->getPackage(); $base_order = 0; switch ($package->benefit_type) { case 'click': $base_order = $item->click_count / $item->benefit_total; break; case 'impression': $base_order = $item->impressions_count / $item->benefit_total; break; case 'day': $start_date = new DateTime($item->start_date); $now = new DateTime(); $diff = date_diff($start_date, $now); $base_order = $diff->format('%a') / $item->benefit_total; break; } $user_id = $item->user_id; $ad_id = $item->getIdentity(); $id = $item->ad_id; $arr[$id] = $base_order; } } asort($arr); $arr_ads = array(); $count = 0; foreach ($arr as $key => $value) { if ($count >= $ads_limit) { break; } $item = Engine_Api::_()->getItem('ynsocialads_ad', $key); $arr_ads[] = $item; //update view $tableStatisticTable = Engine_Api::_()->getItemTable('ynsocialads_statistic'); $tableTrackTable = Engine_Api::_()->getItemTable('ynsocialads_track'); $date = new DateTime(); $item->last_view = $date->getTimestamp(); $today = date("Y-m-d"); //check if user login if ($viewer->getIdentity()) { // check if user has not view ad yet -> add reach count if (!$tableStatisticTable->checkUniqueViewByUserId($viewer->getIdentity(), $key, 'impression')) { $item->reaches_count = $item->reaches_count + 1; $item->impressions_count = $item->impressions_count + 1; if ($track = $tableTrackTable->checkExistTrack($today, $key)) { $track->reaches = $track->reaches + 1; $track->impressions = $track->impressions + 1; $track->save(); } else { $track = $tableTrackTable->createRow(); $track->date = $today; $track->ad_id = $key; $track->reaches = 1; $track->impressions = 1; $track->save(); } } else { $item->impressions_count = $item->impressions_count + 1; if ($track = $tableTrackTable->checkExistTrack($today, $key)) { $track->impressions = $track->impressions + 1; $track->save(); } else { $track = $tableTrackTable->createRow(); $track->date = $today; $track->ad_id = $key; $track->impressions = 1; $track->save(); } } //update view statistic $stats = $tableStatisticTable->createRow(); $stats->user_id = $viewer->getIdentity(); $stats->timestamp = date('Y-m-d H:i:s'); $stats->type = 'impression'; $stats->ad_id = $key; $stats->save(); } else { // Get ip address $db = Engine_Db_Table::getDefaultAdapter(); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); if (!$tableStatisticTable->checkUniqueViewByIP($ipExpr, $key, 'impression')) { $item->reaches_count = $item->reaches_count + 1; $item->impressions_count = $item->impressions_count + 1; if ($track = $tableTrackTable->checkExistTrack($today, $key)) { $track->reaches = $track->reaches + 1; $track->impressions = $track->impressions + 1; $track->save(); } else { $track = $tableTrackTable->createRow(); $track->date = $today; $track->ad_id = $key; $track->reaches = 1; $track->impressions = 1; $track->save(); } } else { $item->impressions_count = $item->impressions_count + 1; if ($track = $tableTrackTable->checkExistTrack($today, $key)) { $track->impressions = $track->impressions + 1; $track->save(); } else { $track = $tableTrackTable->createRow(); $track->date = $today; $track->ad_id = $key; $track->impressions = 1; $track->save(); } } //update view statistic $stats = $tableStatisticTable->createRow(); $stats->IP = $ipExpr; $stats->timestamp = date('Y-m-d H:i:s'); $stats->type = 'impression'; $stats->ad_id = $key; $stats->save(); } $item->save(); $count++; } echo $this->view->partial(Ynsocialads_Api_Core::partialViewFullPath('_blockRenderView.tpl'), array('ads' => $arr_ads, 'content_id' => $content_id, 'viewer' => $viewer)); }