public function authenticateAction()
{
$registry = Zend_Registry::getInstance();
$config = $registry->get('config');
$request = $this->getRequest();
$username = $request->getParam('identity');
$password = $request->getParam('credential');
//$db = Zend_Db::factory($config->db->adapter, $config->db->config->toArray());
/*
$db = Zend_Db::factory('Pdo_Mysql', array(
'host' => 'localhost'
,'username' => 'root'
,'password' => ''
,'dbname' => 'hid'
));
*/
$dbAdapters = Zend_Registry::get('dbAdapters');
$config1 = $dbAdapters['hol'];
$config2 = $dbAdapters['identity'];
//$a = $db->fetchAll("SELECT * FROM KutuUser WHERE username ='******' AND isActive=1");
//$b = $db->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%$username%'");
$a = $config2->fetchAll("SELECT * FROM KutuUser WHERE username ='******' AND isActive=1");
//$b = Zend_Db_Table::getDefaultAdapter()->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%$username%'");
$b = $config1->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%{$username}%'");
if (count($b) >= 1) {
$b[0]['password'] = '******';
$b[0]['username'] = '******';
$b[0]['packageId'] = '---';
$b[0]['picture'] = '---';
$b[0]['kopel'] = 'XXISLOGINXX';
echo Zend_Json::encode($b);
} else {
if (count($a) < 1) {
echo '[]';
//dummy data for the remote auth adapter
} else {
if (count($a) > 1) {
echo '[{"id":"xx"},{"id":"yy"}]';
//dummy data for the remote auth adapter
} else {
$obj = new Kutu_Crypt_Password();
$resultIdentity = $a[0];
if (strtoupper(substr(sha1($password), 0, 30)) == $resultIdentity['password']) {
$resultIdentity['password'] = $obj->encryptPassword($password);
$config2->update('KutuUser', $resultIdentity, "username='******'");
$this->authenticateAction();
} elseif ($obj->matchPassword($password, $resultIdentity['password'])) {
echo Zend_Json::encode($a);
} else {
$a[0]['password'] = '******';
$a[0]['username'] = '******';
$a[0]['kopel'] = '---';
echo Zend_Json::encode($a);
}
}
}
}
}
public function changePassword($userGuid, $oldPassword, $newPassword)
{
$tblUser = new Kutu_Core_Orm_Table_User();
$row = $tblUser->find($userGuid)->current();
$obj = new Kutu_Crypt_Password();
if ($obj->matchPassword($oldPassword, $row->password)) {
$row->password = $obj->encryptPassword($newPassword);
$row->save();
return true;
} else {
return false;
}
}
public function verifyoldpasswordAction()
{
$r = $this->getRequest();
$oldPassword = $r->getParam('oldPassword');
$auth = Zend_Auth::getInstance();
$obj = new Kutu_Crypt_Password();
$tblUser = new Kutu_Core_Orm_Table_User();
$row = $tblUser->find($auth->getIdentity()->guid)->current();
if ($obj->matchPassword($oldPassword, $row->password)) {
die('1');
} else {
die('0');
}
}
public function authenticate()
{
// create result array
$authResult = array('code' => Zend_Auth_Result::FAILURE, 'identity' => $this->_identity, 'messages' => array());
$client = new Zend_Http_Client();
$client->setUri($this->_remoteAuthUrl);
$client->setParameterPost(array('identity' => $this->_identity, 'credential' => $this->_credential));
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$client->setHeaders("User-Agent:{$userAgent}");
try {
$response = $client->request(Zend_Http_Client::POST);
$sResponse = $response->getBody();
$resultIdentities = Zend_Json::decode($sResponse);
} catch (Exception $e) {
require_once 'Zend/Auth/Adapter/Exception.php';
throw new Zend_Auth_Adapter_Exception($sResponse);
}
if (count($resultIdentities) < 1) {
$authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND;
$authResult['messages'][] = 'A record with the supplied identity could not be found.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
} elseif (count($resultIdentities) > 1) {
$authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS;
$authResult['messages'][] = 'More than one record matches the supplied identity.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
$resultIdentity = $resultIdentities[0];
$obj = new Kutu_Crypt_Password();
if ($resultIdentity['guid'] == 'XXISLOGINXX') {
$authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS;
$authResult['messages'][] = 'You already login';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
//if(!$this->_httpClient)
if (true) {
//if ($resultIdentity['zend_auth_credential_match'] != '1') {
if (!$obj->matchPassword($this->_credential, $resultIdentity['password'])) {
$authResult['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
$authResult['messages'][] = 'Supplied credential is invalid.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
}
unset($resultIdentity['zend_auth_credential_match']);
$this->_resultRow = $resultIdentity;
$authResult['code'] = Zend_Auth_Result::SUCCESS;
$authResult['messages'][] = 'Authentication successful.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
public function authenticate()
{
$record = RIUser::model()->findByAttributes(array('username' => $this->username));
$obj = new Kutu_Crypt_Password();
if ($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
$this->errorMessage = 'Username Invalid';
} else {
if (!$obj->matchPassword($this->password, $record->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
$this->errorMessage = 'Password Invalid';
} else {
$this->_id = $record->guid;
$this->setState('username', $record->username);
$this->setState('lastname', $record->lastname);
$this->errorCode = self::ERROR_NONE;
}
}
return !$this->errorCode;
}
function authenticate()
{
$exception = null;
if ($this->_tableName == '') {
$exception = 'A table must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.';
} elseif ($this->_identityColumn == '') {
$exception = 'An identity column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.';
} elseif ($this->_credentialColumn == '') {
$exception = 'A credential column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.';
} elseif ($this->_identity == '') {
$exception = 'A value for the identity was not provided prior to authentication with Zend_Auth_Adapter_DbTable.';
} elseif ($this->_credential === null) {
$exception = 'A credential value was not provided prior to authentication with Zend_Auth_Adapter_DbTable.';
}
if (null !== $exception) {
/**
* @see Zend_Auth_Adapter_Exception
*/
require_once 'Zend/Auth/Adapter/Exception.php';
throw new Zend_Auth_Adapter_Exception($exception);
}
// create result array
$authResult = array('code' => Zend_Auth_Result::FAILURE, 'identity' => $this->_identity, 'messages' => array());
// build credential expression
if (empty($this->_credentialTreatment) || strpos($this->_credentialTreatment, "?") === false) {
$this->_credentialTreatment = '?';
}
$credentialExpression = new Zend_Db_Expr($this->_zendDb->quoteInto($this->_zendDb->quoteIdentifier($this->_credentialColumn) . ' = ' . $this->_credentialTreatment, $this->_credential) . ' AS zend_auth_credential_match');
// get select
/*$dbSelect = $this->_zendDb->select();
$dbSelect->from($this->_tableName, array('*', $credentialExpression))
->where($this->_zendDb->quoteIdentifier($this->_identityColumn) . ' = ?', $this->_identity);*/
// query for the identity
try {
//$resultIdentities = $this->_zendDb->fetchAll($dbSelect->__toString());
$resultIdentities = $this->_zendDb->fetchAll('Select guid, username, password from ' . $this->_tableName . ' where ' . $this->_identityColumn . "='" . $this->_identity . "'");
} catch (Exception $e) {
/**
* @see Zend_Auth_Adapter_Exception
*/
require_once 'Zend/Auth/Adapter/Exception.php';
throw new Zend_Auth_Adapter_Exception('The supplied parameters to Zend_Auth_Adapter_DbTable failed to ' . 'produce a valid sql statement, please check table and column names ' . 'for validity.');
}
if (count($resultIdentities) < 1) {
$authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND;
$authResult['messages'][] = 'A record with the supplied identity could not be found.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
} elseif (count($resultIdentities) > 1) {
$authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS;
$authResult['messages'][] = 'More than one record matches the supplied identity.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
$resultIdentity = $resultIdentities[0];
$obj = new Kutu_Crypt_Password();
//if(!$this->_httpClient)
if (true) {
//if ($resultIdentity['zend_auth_credential_match'] != '1') {
if (!$obj->matchPassword($this->_credential, $resultIdentity[$this->_credentialColumn])) {
$authResult['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
$authResult['messages'][] = 'Supplied credential is invalid.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
}
unset($resultIdentity['zend_auth_credential_match']);
$this->_resultRow = $resultIdentity;
/*$registry = Zend_Registry::getInstance();
$config = $registry->get('config');
if(strtolower($config->session->savehandler) != 'directdb')
{
throw new Zend_Exception('Session configuration savehandler: '. $config->session->savehandler. ' is not supported for checking user is already login feature!');
//TODO we can avoid above exception by assuming or setting so that the session server is the same server as auth server.
//$isAlreadyLogin = $this->_zendDb->fetchAll("SELECT sessionId FROM KutuSession WHERE sessionData LIKE '%$this->_identity%'");
}
else
{
$db = Zend_Db::factory($config->session->config->db->adapter, $config->session->config->db->param->toArray());
$isAlreadyLogin = $db->fetchAll("SELECT sessionId FROM KutuSession WHERE sessionData LIKE '%$this->_identity%'");
}*/
//if(count($isAlreadyLogin))
if (false) {
$authResult['code'] = -51;
//Zend_Auth_Result::FAILURE_UNCATEGORIZED;
$authResult['messages'][] = 'You already login';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
$authResult['code'] = Zend_Auth_Result::SUCCESS;
$authResult['messages'][] = 'Authentication successful.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}