Ejemplo n.º 1
0
 /**
  * This method should handle any login logic and report back to the subject
  *
  * @param   array  $user     Holds the user data
  * @param   array  $options  Array holding options (remember, autoregister, group)
  *
  * @return  boolean  True on success
  *
  * @since   1.5
  */
 public function onUserLogin($user, $options = array())
 {
     $instance = $this->_getUser($user, $options);
     // If _getUser returned an error, then pass it back.
     if ($instance instanceof Exception) {
         return false;
     }
     // If the user is blocked, redirect with an error
     if ($instance->block == 1) {
         $this->app->enqueueMessage(JText::_('JERROR_NOLOGIN_BLOCKED'), 'warning');
         return false;
     }
     // Authorise the user based on the group information
     if (!isset($options['group'])) {
         $options['group'] = 'USERS';
     }
     // Check the user can login.
     $result = $instance->authorise($options['action']);
     if (!$result) {
         $this->app->enqueueMessage(JText::_('JERROR_LOGIN_DENIED'), 'warning');
         return false;
     }
     // Mark the user as logged in
     $instance->guest = 0;
     $session = JFactory::getSession();
     // Grab the current session ID
     $oldSessionId = $session->getId();
     // Fork the session
     $session->fork();
     $session->set('user', $instance);
     // Ensure the new session's metadata is written to the database
     $this->app->checkSession();
     // Purge the old session
     $query = $this->db->getQuery(true)->delete('#__session')->where($this->db->quoteName('session_id') . ' = ' . $this->db->quote($oldSessionId));
     try {
         $this->db->setQuery($query)->execute();
     } catch (RuntimeException $e) {
         // The old session is already invalidated, don't let this block logging in
     }
     // Hit the user last visit field
     $instance->setLastVisit();
     // Add "user state" cookie used for reverse caching proxies like Varnish, Nginx etc.
     $conf = JFactory::getConfig();
     $cookie_domain = $conf->get('cookie_domain', '');
     $cookie_path = $conf->get('cookie_path', '/');
     if ($this->app->isSite()) {
         $this->app->input->cookie->set("joomla_user_state", "logged_in", 0, $cookie_path, $cookie_domain, 0);
     }
     return true;
 }
Ejemplo n.º 2
0
 /**
  * This method should handle any login logic and report back to the subject
  *
  * @param   array  $user     Holds the user data
  * @param   array  $options  Array holding options (remember, autoregister, group)
  *
  * @return  boolean  True on success
  *
  * @since   1.5
  */
 public function onUserLogin($user, $options = array())
 {
     $instance = $this->_getUser($user, $options);
     // If _getUser returned an error, then pass it back.
     if ($instance instanceof Exception) {
         return false;
     }
     // If the user is blocked, redirect with an error
     if ($instance->get('block') == 1) {
         $this->app->enqueueMessage(JText::_('JERROR_NOLOGIN_BLOCKED'), 'warning');
         return false;
     }
     // Authorise the user based on the group information
     if (!isset($options['group'])) {
         $options['group'] = 'USERS';
     }
     // Check the user can login.
     $result = $instance->authorise($options['action']);
     if (!$result) {
         $this->app->enqueueMessage(JText::_('JERROR_LOGIN_DENIED'), 'warning');
         return false;
     }
     // Mark the user as logged in
     $instance->set('guest', 0);
     // Register the needed session variables
     $session = JFactory::getSession();
     $session->set('user', $instance);
     // Check to see the the session already exists.
     $this->app->checkSession();
     // Update the user related fields for the Joomla sessions table.
     $query = $this->db->getQuery(true)->update($this->db->quoteName('#__session'))->set($this->db->quoteName('guest') . ' = ' . $this->db->quote($instance->guest))->set($this->db->quoteName('username') . ' = ' . $this->db->quote($instance->username))->set($this->db->quoteName('userid') . ' = ' . (int) $instance->id)->where($this->db->quoteName('session_id') . ' = ' . $this->db->quote($session->getId()));
     try {
         $this->db->setQuery($query)->execute();
     } catch (RuntimeException $e) {
         return false;
     }
     // Hit the user last visit field
     $instance->setLastVisit();
     // Add "user state" cookie used for reverse caching proxies like Varnish, Nginx etc.
     $conf = JFactory::getConfig();
     $cookie_domain = $conf->get('cookie_domain', '');
     $cookie_path = $conf->get('cookie_path', '/');
     if ($this->app->isSite()) {
         $this->app->input->cookie->set("joomla_user_state", "logged_in", 0, $cookie_path, $cookie_domain, 0);
     }
     return true;
 }
Ejemplo n.º 3
0
 /**
  * This method should handle any login logic and report back to the subject
  *
  * @param   array  $user     Holds the user data
  * @param   array  $options  Array holding options (remember, autoregister, group)
  *
  * @return  boolean  True on success
  *
  * @since   1.5
  */
 public function onUserLogin($user, $options = array())
 {
     $instance = $this->_getUser($user, $options);
     // If _getUser returned an error, then pass it back.
     if ($instance instanceof Exception) {
         return false;
     }
     // If the user is blocked, redirect with an error
     if ($instance->get('block') == 1) {
         $this->app->enqueueMessage(JText::_('JERROR_NOLOGIN_BLOCKED'), 'warning');
         return false;
     }
     // Authorise the user based on the group information
     if (!isset($options['group'])) {
         $options['group'] = 'USERS';
     }
     // Check the user can login.
     $result = $instance->authorise($options['action']);
     if (!$result) {
         $this->app->enqueueMessage(JText::_('JERROR_LOGIN_DENIED'), 'warning');
         return false;
     }
     // Mark the user as logged in
     $instance->set('guest', 0);
     // If the user has an outdated hash, update it.
     if (substr($user['password'], 0, 4) != '$2y$' && $this->useStrongEncryption && JCrypt::hasStrongPasswordSupport() == true) {
         if (strlen($user['password']) > 55) {
             $user['password'] = substr($user['password'], 0, 55);
             JFactory::getApplication()->enqueueMessage(JText::_('JLIB_USER_ERROR_PASSWORD_TRUNCATED'), 'notice');
         }
         $instance->password = password_hash($user['password'], PASSWORD_BCRYPT);
         $instance->save();
     }
     // Register the needed session variables
     $session = JFactory::getSession();
     $session->set('user', $instance);
     // Check to see the the session already exists.
     $this->app->checkSession();
     // Update the user related fields for the Joomla sessions table.
     $query = $this->db->getQuery(true)->update($this->db->quoteName('#__session'))->set($this->db->quoteName('guest') . ' = ' . $this->db->quote($instance->guest))->set($this->db->quoteName('username') . ' = ' . $this->db->quote($instance->username))->set($this->db->quoteName('userid') . ' = ' . (int) $instance->id)->where($this->db->quoteName('session_id') . ' = ' . $this->db->quote($session->getId()));
     $this->db->setQuery($query)->execute();
     // Hit the user last visit field
     $instance->setLastVisit();
     return true;
 }
Ejemplo n.º 4
0
Archivo: joomla.php Proyecto: 01J/topm
 /**
  * This method should handle any login logic and report back to the subject
  *
  * @param   array  $user     Holds the user data
  * @param   array  $options  Array holding options (remember, autoregister, group)
  *
  * @return  boolean  True on success
  *
  * @since   1.5
  */
 public function onUserLogin($user, $options = array())
 {
     $instance = $this->_getUser($user, $options);
     // If _getUser returned an error, then pass it back.
     if ($instance instanceof Exception) {
         return false;
     }
     // If the user is blocked, redirect with an error
     if ($instance->get('block') == 1) {
         $this->app->enqueueMessage(JText::_('JERROR_NOLOGIN_BLOCKED'), 'warning');
         return false;
     }
     // Authorise the user based on the group information
     if (!isset($options['group'])) {
         $options['group'] = 'USERS';
     }
     // Check the user can login.
     $result = $instance->authorise($options['action']);
     if (!$result) {
         $this->app->enqueueMessage(JText::_('JERROR_LOGIN_DENIED'), 'warning');
         return false;
     }
     // Mark the user as logged in
     $instance->set('guest', 0);
     // Register the needed session variables
     $session = JFactory::getSession();
     $session->set('user', $instance);
     // Check to see the the session already exists.
     $this->app->checkSession();
     // Update the user related fields for the Joomla sessions table.
     $query = $this->db->getQuery(true)->update($this->db->quoteName('#__session'))->set($this->db->quoteName('guest') . ' = ' . $this->db->quote($instance->guest))->set($this->db->quoteName('username') . ' = ' . $this->db->quote($instance->username))->set($this->db->quoteName('userid') . ' = ' . (int) $instance->id)->where($this->db->quoteName('session_id') . ' = ' . $this->db->quote($session->getId()));
     $this->db->setQuery($query)->execute();
     // Hit the user last visit field
     $instance->setLastVisit();
     return true;
 }