public function createNewSession($userid)
{
# If this is an actual user, we need to have the user record
$tmpUser = $this->_userDao->getUser($userid);
/*
* If this is an anonymous user, or if the user has never
* logged in before, the last visit time is always the
* session creation time.
*
* We do not use the 'nonauthencated_userid' for this because
* it would result in loss of read data for single-user systems
*/
if ($userid == SPOTWEB_ANONYMOUS_USERID || $tmpUser['lastlogin'] == 0) {
$tmpUser['lastvisit'] = time();
# Mark everything as read for anonymous users
$this->_daoFactory->getUserFilterCountDao()->markFilterCountAsSeen($userid);
} else {
$tmpUser['lastvisit'] = $tmpUser['lastlogin'];
}
# if
# Create a new session record
$session = array('sessionid' => Services_User_Util::generateUniqueId(), 'userid' => $userid, 'hitcount' => 1, 'lasthit' => time(), 'ipaddr' => $this->determineUsersIpAddress(), 'devicetype' => $this->determineDeviceType());
/*
* To prevent flooding the sessions table, we
* don't actually create the db entry for anonymous
* sessions. We can only do this for 'real' anonymous
* users because when this is overriden, the new
* anonymous user might have given additional features
*/
if ($userid != SPOTWEB_ANONYMOUS_USERID) {
$this->_sessionDao->addSession($session);
}
# if
return array('user' => $tmpUser, 'session' => $session);
}
function createPasswordSalt()
{
$salt = Services_User_Util::generateUniqueId() . Services_User_Util::generateUniqueId();
$this->setIfNot('pass_salt', $salt);
}
function resetUserApi($user)
{
$user['apikey'] = md5(Services_User_Util::generateUniqueId());
$this->_userDao->setUser($user);
$result = new Dto_FormResult('success');
$result->addData('apikey', $user['apikey']);
return $result;
}