/**
* Adds an entry in the Watchdog log
*
* @param string $type
* @param string $description(='')
*/
public static function alert($type, $description = '')
{
$entry = new PcWatchdog();
$entry->setType($type);
$entry->setDescription($description);
$entry->save();
}
/**
* Logins the user (performing the brute force attack check)
*
* @param myUser $userSf
* @param PcUser $userApp - the user trying to login
* @param boolean $rememberme - whether the user wanted to remember the login
* @param boolean $remembermeCookieAlreadySet - in this case, if even
* $rememberme is true, the cookie is not set because it is already available
* @return boolean - false if the account is blocked because of a brute
* force attack detection
*/
public static function login(myUser $userSf, PcUser $userApp, $rememberme = false, $remembermeCookieAlreadySet = false)
{
// Check whether the account must be block because of a
// brute force attack detection
$c = new Criteria();
$c->addJoin(PcUserPeer::ID, PcFailedLoginsPeer::USER_ID, Criteria::INNER_JOIN);
$c->add(PcUserPeer::ID, $userApp->getId(), Criteria::EQUAL);
$row = PcFailedLoginsPeer::doSelectOne($c);
if ($row) {
$maxAttempts = sfConfig::get('app_bruteForceLockout_loginAttemptThreshold');
$currentAttempts = $row->getTimes();
$timeout = sfConfig::get('app_bruteForceLockout_lockoutDuration');
$secondsElapsedFromLastAttempt = time() - strtotime($row->getUpdatedAt());
if ($secondsElapsedFromLastAttempt > $timeout) {
// reset the 'failed logins' situation for the user
$row->delete();
} else {
if ($currentAttempts >= $maxAttempts) {
PcWatchdog::alert('Brute force attack attempt', 'For the userid ' . $row->getUserId());
return false;
}
}
}
$userApp->setLanguage(PcUtils::getVisitorAcceptLanguage());
$userApp->setIpAddress(PcUtils::getVisitorIPAddress());
$userApp->save();
$userSf->setAuthenticated(true);
$userSf->setAttribute('userid', $userApp->getId());
if ($userApp->isAdmin()) {
$userSf->addCredential('admin');
}
if ($userApp->isStaffMember()) {
$userSf->addCredential('staffMember');
}
if ($userApp->isContractor()) {
$userSf->addCredential('contractor');
}
if ($userApp->isEditor()) {
$userSf->addCredential('editor');
}
if ($userApp->isTranslator()) {
$userSf->addCredential('translator');
}
if ($rememberme && !$remembermeCookieAlreadySet) {
self::setRememberMeCookie($userSf, $userApp);
} else {
if (!$rememberme) {
// the user may login a second time (while still logged in because of forum integration problems), without
// ticking the rememberme checkbox
self::resetRememberMeCookie();
} else {
// if $rememberme and $remembermeCookieAlreadySet
// are both true we don't need to do anything
}
}
sfContext::getInstance()->getEventDispatcher()->notify(new sfEvent('CustomAuthLogin', 'custom_auth.login', array('user' => $userApp, 'rememberme' => $rememberme)));
return true;
}
public function executePasswordReset(sfWebRequest $request)
{
$token = '';
if ($request->getParameter('t')) {
$token = $request->getParameter('t');
} else {
$param = $request->getParameter('passwordReset');
$token = $param['t'];
}
$token = trim($token);
// if the user is authenticated, they shouldn't get here
PcUtils::redirectLoggedInUser($this->getUser(), $this);
// Check the token is valid
$c = new Criteria();
$c->add(PcPasswordResetTokenPeer::TOKEN, $token, Criteria::EQUAL);
$entry = PcPasswordResetTokenPeer::doSelectOne($c);
if (!is_object($entry)) {
// the token is not valid
PcWatchdog::alert('Invalid Password Reset Token', 'This is the token ' . $token);
$this->forward('customAuth', 'passwordResetInvalidToken');
}
$this->form = new PasswordResetForm(array('t' => $token));
if ($request->isMethod('post')) {
$this->form->bind($request->getParameter('passwordReset'));
if ($this->form->isValid()) {
$fields = $request->getParameter('passwordReset');
$user = CustomAuth::resetPassword($token, $fields['password1']);
$this->redirect('/' . sfConfig::get('app_accountApp_frontController'));
}
}
}
/**
* If the email is too big (probably because of attachments), it records
* only the beginning of it
*
* @param string $errorMessage
* @param string $emailPath
*/
private function handleFault($errorMessage, $emailPath)
{
$this->log($errorMessage);
sfErrorNotifier::alert($errorMessage);
$emailFileSize = filesize($emailPath);
if ($emailFileSize < 32000) {
$description = file_get_contents($emailPath);
} else {
$description = "The email was too big (probably because of attachment). Here is the beginning of it: \n\n";
$description .= shell_exec("cat {$emailPath} | head -100");
}
$watchdog = new PcWatchdog();
$watchdog->setType('email-to-inbox')->setDescription($description)->save();
if (is_file($emailPath)) {
unlink($emailPath);
}
}
/**
* Adds an object to the instance pool.
*
* Propel keeps cached copies of objects in an instance pool when they are retrieved
* from the database. In some cases -- especially when you override doSelect*()
* methods in your stub classes -- you may need to explicitly add objects
* to the cache in order to ensure that the same objects are always returned by doSelect*()
* and retrieveByPK*() calls.
*
* @param PcWatchdog $value A PcWatchdog object.
* @param string $key (optional) key to use for instance map (for performance boost if key was already calculated externally).
*/
public static function addInstanceToPool(PcWatchdog $obj, $key = null)
{
if (Propel::isInstancePoolingEnabled()) {
if ($key === null) {
$key = (string) $obj->getId();
}
// if key === null
self::$instances[$key] = $obj;
}
}
/**
* Re-arranges due date to the next occurrence on the repetition.
* IMPORTANT: if the task hasn't got a due date, it uses the today's date
*
* @param bool $isInitialAdjustment - whether we want just to compute an initial adjustment
*/
public function setNextOccurrence($isInitialAdjustment = false)
{
$repetition = PcRepetitionPeer::retrieveByPk($this->getRepetitionId());
if ($repetition->getSpecial() == 'selected_wkdays') {
$startingPointForDueDateTimestamp = time() > $this->getDueDate('U') ? time() : $this->getDueDate('U');
$weekdaysSet = DateFormat::fromIntegerToWeekdaysSetForRepetition($this->getRepetitionParam());
$closestWeekdayInSet = '9999999999';
// this big to make sure the first attempt of the following loop will set a value
foreach ($weekdaysSet as $k => $v) {
if ($v) {
$next = $isInitialAdjustment ? '' : 'next';
$closestWeekdayInSetTemp = strtotime("{$next} {$k}", $startingPointForDueDateTimestamp);
// i.e.: next mon
if ($closestWeekdayInSetTemp < $closestWeekdayInSet) {
$closestWeekdayInSet = $closestWeekdayInSetTemp;
}
}
}
$nextTimestamp = $closestWeekdayInSet;
} else {
$rce = $isInitialAdjustment ? $repetition->getInitialComputerExpression() : $repetition->getComputerExpression();
$param = $repetition->isParamCardinal() ? $this->getRepetitionParam() : PcUtils::getOrdinalFromCardinal($this->getRepetitionParam());
$rce = str_replace('_X_', $param, $rce);
//$rce = str_replace('_Xlong_', PcUtils::getOrdinalFromCardinal($this->getRepetitionParam(), false), $rce);
$todayTimestamp = strtotime('today');
$dateFormat = DateFormat::getInstance();
$oldDueDateTimestamp = 0;
if ($this->getDueDate()) {
$loggedUser = PcUserPeer::getLoggedInUser();
$oldDueDateTimestamp = $dateFormat->getTimestamp($this->getDueDate($loggedUser->getDateFormat()));
} else {
$oldDueDateTimestamp = $todayTimestamp;
}
$nextTimestamp = $oldDueDateTimestamp;
if (strpos($rce, '_month') === FALSE) {
if ($isInitialAdjustment) {
$nextTimestamp = strtotime($rce, $nextTimestamp);
} else {
// we are in the case we need to apply the computer expression just once or
// over and over again
do {
$nextTimestamp = strtotime($rce, $nextTimestamp);
} while ($nextTimestamp < $todayTimestamp || $nextTimestamp <= $oldDueDateTimestamp);
}
} else {
$i = 1;
$repetitionParam = $this->getRepetitionParam();
// we are in the case where to deal with months. We have to go through the months
if ($isInitialAdjustment) {
$monthPlus = date('F Y', strtotime('+ 0 months', $oldDueDateTimestamp));
$rceWithReplacement = str_replace('_month_', $monthPlus, $rce);
$nextTimestamp = strtotime($rceWithReplacement);
// comparing just the timestamps was giving some unexpected results
if (date('Ymd', $nextTimestamp) < date('Ymd', $oldDueDateTimestamp)) {
$monthPlus = date('F Y', strtotime('+ 1 months', $oldDueDateTimestamp));
$rceWithReplacement = str_replace('_month_', $monthPlus, $rce);
$nextTimestamp = strtotime($rceWithReplacement);
}
} else {
do {
$oldDueDateTimestamp = $nextTimestamp;
$oldDueDateTimestampFirstDayOfMonth = strtotime('first day of this month', $oldDueDateTimestamp);
$monthPlus = date('F Y', strtotime('+' . $repetitionParam . 'months', $oldDueDateTimestampFirstDayOfMonth));
$rceWithReplacement = str_replace('_month_', $monthPlus, $rce);
$nextTimestamp = strtotime($rceWithReplacement);
// {{{ added this code to troubleshoot a PHP max execution error in this loop
if ($i > 50) {
$watchdog = new PcWatchdog();
$watchdog->setType("NEXT RECURRENCE")->setDescription("taskId: {$this->getId()}")->save();
$watchdog3 = new PcWatchdog();
$watchdog3->setType("NEXT RECURRENCE")->setDescription("monthPlus: {$monthPlus}")->save();
$watchdog4 = new PcWatchdog();
$watchdog4->setType("NEXT RECURRENCE")->setDescription("rceWithReplacement: {$rceWithReplacement}")->save();
$watchdog6 = new PcWatchdog();
$watchdog6->setType("NEXT RECURRENCE")->setDescription($nextTimestamp)->save();
$watchdog7 = new PcWatchdog();
$watchdog7->setType("NEXT RECURRENCE")->setDescription($todayTimestamp)->save();
break;
}
// }}}
$i++;
} while ($nextTimestamp < $todayTimestamp || $nextTimestamp <= $oldDueDateTimestamp);
}
}
}
$this->setDueDate(date('Y-m-d', $nextTimestamp), 'Y-m-d');
$this->save();
}
