Ejemplo n.º 1
0
 public function testInitSetsSaveHandler()
 {
     $saveHandler = $this->getMock('Zend_Session_SaveHandler_Interface');
     $this->resource->setSaveHandler($saveHandler);
     $this->resource->init();
     $this->assertSame($saveHandler, Zend_Session::getSaveHandler());
 }
Ejemplo n.º 2
0
 public function init()
 {
     $registry = Zend_Registry::getInstance();
     $auth = Zend_Auth::getInstance();
     $config = $registry->get("config");
     $sessionConfig = $config['resources']['session'];
     $cookieLifetime = $sessionConfig['cookie_lifetime'];
     /* @todo fix issue of system with incoherent behavior when the session
        system has a issue, such as when the savehandler doesn't work as
        expected when it's off-line which results in differents
        catched / uncatched exception when the resource (page) loads
        */
     $saveHandler = new Ml_Session_SaveHandler_PlusCache($registry->get("memCache"), $config['session']['prefix'], $config['lastActivity']['prefix']);
     Zend_Session::setSaveHandler($saveHandler);
     Zend_Session::getSaveHandler()->setLifetime($cookieLifetime, true);
     Zend_Session::start();
     $defaultNamespace = new Zend_Session_Namespace();
     if (!isset($defaultNamespace->initialized)) {
         Zend_Session::regenerateId();
         $defaultNamespace->initialized = true;
     }
     if ($auth->hasIdentity()) {
         $people = Ml_Model_People::getInstance();
         $signedUserInfo = $people->getById($auth->getIdentity());
         $registry->set('signedUserInfo', $signedUserInfo);
     }
     $globalHash = Ml_Model_MagicCookies::getInstance()->getLast(true);
     $registry->set("globalHash", $globalHash);
 }
Ejemplo n.º 3
0
 protected function _initSession()
 {
     if ($this->hasPluginResource('session') && !Zend_Session::getSaveHandler()) {
         Zend_Session::setSaveHandler($this->getPluginResource('session')->getSaveHandler());
     }
     Zend_Session::start();
 }
Ejemplo n.º 4
0
 public function testNewInstance()
 {
     $application = new Zend_Application('tests', dirname(__FILE__) . '/application4.ini');
     $application->bootstrap()->getBootstrap()->getResource('session');
     $rediska = Zend_Session::getSaveHandler()->getRediska();
     $this->assertEquals('default', $rediska->getOption('name'));
     $this->assertEquals(array(), Rediska_Manager::getAll());
 }
Ejemplo n.º 5
0
 /**
  * Singleton pattern implementation makes "new" unavailable
  *
  * @return void
  */
 public final function __construct($config = array())
 {
     $registry = Zend_Registry::getInstance();
     $handler = $registry->get("memCache");
     $this->_cache = $handler;
     $sessionHandler = Zend_Session::getSaveHandler();
     $this->_sessionPrefix = $sessionHandler->getSessionPrefix();
     $this->_lastActivityPrefix = $sessionHandler->getLastActivityPrefix();
     parent::__construct($config);
 }
Ejemplo n.º 6
0
 /**	
  * Login authentication
  * @param username, password 
  */
 function kloginAction()
 {
     $this->_helper->layout()->disableLayout();
     $request = $this->getRequest();
     $userName = $request->getParam('u') ? $request->getParam('u') : '';
     $password = $request->getParam('p') ? $request->getParam('p') : '';
     $remember = $request->getParam('s') ? $request->getParam('s') : '';
     $response = array();
     $saveHandler = Zend_Session::getSaveHandler();
     $saveHandler->setLifetime(3600)->setOverrideLifetime(true);
     Zend_Session::start();
     $authMan = new Pandamp_Auth_Manager($userName, $password);
     $authResult = $authMan->authenticate();
     $zendAuth = Zend_Auth::getInstance();
     if ($zendAuth->hasIdentity()) {
         if ($authResult->isValid()) {
             Zend_Session::regenerateId();
             $r = $this->getRequest();
             $returnUrl = base64_decode($r->getParam('r'));
             if (!empty($returnUrl)) {
                 if (strpos($returnUrl, '?')) {
                     $sAddition = '&';
                 } else {
                     $sAddition = '?';
                     Pandamp_Lib_Formater::writeLog();
                     if (isset($remember) && $remember == 'yes') {
                         Zend_Session::rememberMe(3600);
                         $hol = new Pandamp_Core_Hol_Auth();
                         $hol->user = $userName;
                         $hol->user_pw = $password;
                         $hol->save_login = $remember;
                         $hol->login_saver();
                     }
                     $this->_helper->getHelper('Cache')->removePagesTagged(array('entries', 'hold', 'warta', 'clinic'));
                     $response['success'] = true;
                     $response['message'] = "{$returnUrl}" . $sAddition . "PHPSESSID=" . Zend_Session::getId();
                 }
             }
         } else {
             if ($authResult->getCode() != -51) {
                 // failure : clear database row from session
                 Zend_Auth::getInstance()->clearIdentity();
             }
             $messages = $authResult->getMessages();
             $response['error'] = $messages[0];
             $response['success'] = false;
         }
     } else {
         $response['failure'] = true;
         $messages = $authResult->getMessages();
         $response['error'] = $messages[0];
     }
     echo Zend_Json::encode($response);
 }
Ejemplo n.º 7
0
 /**
  * @brief   authenticateUser method - authenticates a given user with given password
  * @param   string $username: user name
  * @param   string $password: submitted plain text password
  * @return  TRUE or FALSE
  * 
  * Authenticates the given user with the given password and sets the authentication
  * singleton to its new state. Authentication is carried out using HASHing (using given
  * hash) and SALTing.
  */
 public function authenticateUser($username, $password, $remember = false)
 {
     // first check if username or password are missing
     if (!$username) {
         throw new Exception('Username not given.');
     } else {
         if (!$password) {
             throw new Exception('Password not given.');
         }
     }
     // set username and password
     $this->_userAdapter->setIdentity($username);
     $this->_userAdapter->setCredential($password);
     // check authentification using the adapter
     $result = $this->_userAdapter->authenticate();
     if ($result->isValid()) {
         // store user table row in auth object, but suppress password
         $row = $this->_userAdapter->getResultRowObject(null, 'password');
         // get ip and user agent
         $row->ip = $this->getRemoteAddr();
         $row->userAgent = $this->getUserAgent();
         // get role and status
         $row->status = $this->getStatus($row->status_id);
         $row->role = $this->getRole($row->role_id);
         // get the auth singleton and its storage and store the row
         $storage = Zend_Auth::getInstance()->getStorage();
         $storage->write($row);
         // extend login to two weeks, i.e. 1209600 s
         if ($remember) {
             // extend lifetime of the clients cookie
             Zend_Session::rememberMe(1209600);
             // extent the lifetime of the session in the database
             $saveHandler = Zend_Session::getSaveHandler();
             $saveHandler->setLifetime(1209600, true);
         }
         return true;
     } else {
         return false;
     }
 }
Ejemplo n.º 8
0
 public function loginAction()
 {
     // Already logged in
     if (Engine_Api::_()->user()->getViewer()->getIdentity()) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('You are already signed in.');
         if (null === $this->_helper->contextSwitch->getCurrentContext()) {
             $this->_helper->redirector->gotoRoute(array(), 'default', true);
         }
         return;
     }
     // Make form
     $this->view->form = $form = new User_Form_Login();
     $form->setAction($this->view->url(array('return_url' => null)));
     $form->populate(array('return_url' => $this->_getParam('return_url')));
     // Facebook login
     //    if( User_Model_DbTable_Facebook::authenticate($form) ) {
     //      // Facebook login succeeded, redirect to home
     //      return $this->_helper->redirector->gotoRoute(array(), 'default', true);
     //    }
     // Render
     $this->_helper->content->setEnabled();
     // Not a post
     if (!$this->getRequest()->isPost()) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken');
         return;
     }
     // Form not valid
     if (!$form->isValid($this->getRequest()->getPost())) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data');
         return;
     }
     // Check login creds
     extract($form->getValues());
     // $email, $password, $remember
     $user_table = Engine_Api::_()->getDbtable('users', 'user');
     $user_select = $user_table->select()->where('email = ?', $email);
     // If post exists
     $user = $user_table->fetchRow($user_select);
     // Get ip address
     $db = Engine_Db_Table::getDefaultAdapter();
     $ipObj = new Engine_IP();
     $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary())));
     // Check if user exists
     if (empty($user)) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.');
         $form->addError(Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'));
         // Register login
         Engine_Api::_()->getDbtable('logins', 'user')->insert(array('email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'no-member'));
         return;
     }
     // Check if user is verified and enabled
     if (!$user->enabled) {
         if (!$user->verified) {
             $this->view->status = false;
             $resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true);
             $translate = Zend_Registry::get('Zend_Translate');
             $error = $translate->translate('This account still requires either email verification.');
             $error .= ' ';
             $error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url);
             $form->getDecorator('errors')->setOption('escape', false);
             $form->addError($error);
             // Register login
             Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled'));
             return;
         } else {
             if (!$user->approved) {
                 $this->view->status = false;
                 $translate = Zend_Registry::get('Zend_Translate');
                 $error = $translate->translate('This account still requires admin approval.');
                 $form->getDecorator('errors')->setOption('escape', false);
                 $form->addError($error);
                 // Register login
                 Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled'));
                 return;
             }
         }
         // Should be handled by hooks or payment
         //return;
     }
     // Handle subscriptions
     if (Engine_Api::_()->hasModuleBootstrap('payment')) {
         // Check for the user's plan
         $subscriptionsTable = Engine_Api::_()->getDbtable('subscriptions', 'payment');
         if (!$subscriptionsTable->check($user)) {
             // Register login
             Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'unpaid'));
             // Redirect to subscription page
             $subscriptionSession = new Zend_Session_Namespace('Payment_Subscription');
             $subscriptionSession->unsetAll();
             $subscriptionSession->user_id = $user->getIdentity();
             return $this->_helper->redirector->gotoRoute(array('module' => 'payment', 'controller' => 'subscription', 'action' => 'index'), 'default', true);
         }
     }
     // Run pre login hook
     $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginBefore', $user);
     foreach ((array) $event->getResponses() as $response) {
         if (is_array($response)) {
             if (!empty($response['error']) && !empty($response['message'])) {
                 $form->addError($response['message']);
             } else {
                 if (!empty($response['redirect'])) {
                     $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false));
                 } else {
                     continue;
                 }
             }
             // Register login
             Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'third-party'));
             // Return
             return;
         }
     }
     // Version 3 Import compatibility
     if (empty($user->password)) {
         $compat = Engine_Api::_()->getApi('settings', 'core')->getSetting('core.compatibility.password');
         $migration = null;
         try {
             $migration = Engine_Db_Table::getDefaultAdapter()->select()->from('engine4_user_migration')->where('user_id = ?', $user->getIdentity())->limit(1)->query()->fetch();
         } catch (Exception $e) {
             $migration = null;
             $compat = null;
         }
         if (!$migration) {
             $compat = null;
         }
         if ($compat == 'import-version-3') {
             // Version 3 authentication
             $cryptedPassword = self::_version3PasswordCrypt($migration['user_password_method'], $migration['user_code'], $password);
             if ($cryptedPassword === $migration['user_password']) {
                 // Regenerate the user password using the given password
                 $user->salt = (string) rand(1000000, 9999999);
                 $user->password = $password;
                 $user->save();
                 Engine_Api::_()->user()->getAuth()->getStorage()->write($user->getIdentity());
                 // @todo should we delete the old migration row?
             } else {
                 $this->view->status = false;
                 $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
                 $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
                 return;
             }
             // End Version 3 authentication
         } else {
             $form->addError('There appears to be a problem logging in. Please reset your password with the Forgot Password link.');
             // Register login
             Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'v3-migration'));
             return;
         }
     } else {
         $authResult = Engine_Api::_()->user()->authenticate($email, $password);
         $authCode = $authResult->getCode();
         Engine_Api::_()->user()->setViewer();
         if ($authCode != Zend_Auth_Result::SUCCESS) {
             $this->view->status = false;
             $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
             $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
             // Register login
             Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'bad-password'));
             return;
         }
     }
     // -- Success! --
     // Register login
     $loginTable = Engine_Api::_()->getDbtable('logins', 'user');
     $loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true));
     $_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId();
     // Remember
     if ($remember) {
         $lifetime = 1209600;
         // Two weeks
         Zend_Session::getSaveHandler()->setLifetime($lifetime, true);
         Zend_Session::rememberMe($lifetime);
     }
     // Increment sign-in count
     Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins');
     // Test activity @todo remove
     $viewer = Engine_Api::_()->user()->getViewer();
     if ($viewer->getIdentity()) {
         $viewer->lastlogin_date = date("Y-m-d H:i:s");
         if ('cli' !== PHP_SAPI) {
             $viewer->lastlogin_ip = $ipExpr;
         }
         $viewer->save();
         Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login');
     }
     // Assign sid to view for json context
     $this->view->status = true;
     $this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful');
     $this->view->sid = Zend_Session::getId();
     $this->view->sname = Zend_Session::getOptions('name');
     // Run post login hook
     $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer);
     // Do redirection only if normal context
     if (null === $this->_helper->contextSwitch->getCurrentContext()) {
         // Redirect by form
         $uri = $form->getValue('return_url');
         if ($uri) {
             if (substr($uri, 0, 3) == '64-') {
                 $uri = base64_decode(substr($uri, 3));
             }
             return $this->_redirect($uri, array('prependBase' => false));
         }
         // Redirect by session
         $session = new Zend_Session_Namespace('Redirect');
         if (isset($session->uri)) {
             $uri = $session->uri;
             $opts = $session->options;
             $session->unsetAll();
             return $this->_redirect($uri, $opts);
         } else {
             if (isset($session->route)) {
                 $session->unsetAll();
                 return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
             }
         }
         // Redirect by hook
         foreach ((array) $event->getResponses() as $response) {
             if (is_array($response)) {
                 if (!empty($response['error']) && !empty($response['message'])) {
                     return $form->addError($response['message']);
                 } else {
                     if (!empty($response['redirect'])) {
                         return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false));
                     }
                 }
             }
         }
         // Just redirect to home
         return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true);
     }
 }
Ejemplo n.º 9
0
 public function indexAction()
 {
     // Already logged in
     $viewer = Khcn_Api::_()->getViewer();
     if ($viewer && $viewer->getIdentity()) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('Bạn đã đăng nhập.');
         $this->_helper->redirector->gotoRoute(array(), 'default', true);
         return;
     }
     // Make form
     $this->view->form = $form = new Default_Form_Login();
     $form->setAction($this->view->url(array('return_url' => null)));
     $form->populate(array('return_url' => $this->_getParam('return_url')));
     // Not a post
     if (!$this->getRequest()->isPost()) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken');
         return;
     }
     // Form not valid
     if (!$form->isValid($this->getRequest()->getPost())) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data');
         return;
     }
     // Check login creds
     extract($form->getValues());
     // $Username, $Password, $Remember
     $userTable = Khcn_Api::_()->getItemTable('default_nguoi_dung');
     $userSelect = $userTable->select()->where('ten_dang_nhap = ?', $Username);
     // If post exists
     $user = $userTable->fetchRow($userSelect);
     // Get ip address
     $db = Khcn_Db_Table::getDefaultAdapter();
     // Check if user exists
     if (empty($user)) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.');
         $form->addError(Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.'));
         return;
     }
     // Check if user is verified and enabled
     if (!$user->enabled) {
         if (!$user->verified) {
             $this->view->status = false;
             $translate = Zend_Registry::get('Zend_Translate');
             $error = $translate->translate('Vui lòng kích hoạt tài khoản thông qua email.');
             $form->getDecorator('errors')->setOption('escape', false);
             $form->addError($error);
             return;
         } else {
             if (!$user->approved) {
                 $this->view->status = false;
                 $translate = Zend_Registry::get('Zend_Translate');
                 $error = $translate->translate('Tài khoản của bạn cần được kích hoạt bởi admin.');
                 $form->getDecorator('errors')->setOption('escape', false);
                 $form->addError($error);
                 return;
             }
         }
         // Should be handled by hooks or payment
         //return;
     }
     // Version 3 Import compatibility
     if (empty($user->mat_khau)) {
         $form->addError('Mật khẩu không hợp lệ. Vui lòng reset lại mật khẩu.');
         return;
     } else {
         $authResult = Khcn_Api::_()->authenticate($Username, $Password);
         $authCode = $authResult->getCode();
         Khcn_Api::_()->setViewer();
         if ($authCode != Zend_Auth_Result::SUCCESS) {
             $this->view->status = false;
             $this->view->error = Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.');
             $form->addError(Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.'));
             return;
         }
     }
     // -- Success! --
     // Remember
     if (!empty($Remember)) {
         $lifetime = 1209600;
         // Two weeks
         Zend_Session::getSaveHandler()->setLifetime($lifetime, true);
         Zend_Session::rememberMe($lifetime);
     }
     // Test activity @todo remove
     $viewer = Khcn_Api::_()->getViewer();
     if ($viewer && $viewer->getIdentity()) {
         $viewer->lan_dang_nhap_cuoi = date("Y-m-d H:i:s");
         $viewer->save();
     }
     // Assign sid to view for json context
     $this->view->status = true;
     $this->view->message = Zend_Registry::get('Zend_Translate')->_('Đăng nhập thành công');
     $this->view->sid = Zend_Session::getId();
     $this->view->sname = Zend_Session::getOptions('name');
     // Do redirection only if normal context
     // Redirect by form
     $uri = $form->getValue('return_url');
     if ($uri) {
         if (substr($uri, 0, 3) == '64-') {
             $uri = base64_decode(substr($uri, 3));
         }
         return $this->_redirect($uri, array('prependBase' => false));
     }
     // Redirect by session
     $session = new Zend_Session_Namespace('Redirect');
     if (isset($session->uri)) {
         $uri = $session->uri;
         $opts = $session->options;
         $session->unsetAll();
         return $this->_redirect($uri, $opts);
     } else {
         if (isset($session->route)) {
             $session->unsetAll();
             return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
         }
     }
     // Just redirect to home
     return $this->_helper->redirector->gotoRoute(array(), null, true);
 }
Ejemplo n.º 10
0
 public function loginAction()
 {
     //$this->_helper->layout->disableLayout();
     $this->_helper->layout()->setLayout('layout-lgs');
     $r = $this->getRequest();
     //$returnTo = $r->getParam('returnTo');
     //$this->view->returnTo = urlencode($returnTo);
     if ($r->isPost()) {
         $returnTo = $r->getParam('returnTo');
         $this->view->returnTo = $returnTo;
         Zend_Session::rememberMe(86400);
         $saveHandler = Zend_Session::getSaveHandler();
         $saveHandler->setLifetime(87500)->setOverrideLifetime(true);
         Zend_Session::start();
         $username = $r->getParam('username');
         $password = $r->getParam('password');
         $registry = Zend_Registry::getInstance();
         $application = $registry->get('application');
         //ensure resource Session has/is initialized;
         //$application->getBootstrap()->bootstrap('identity');
         $identity = $application->getBootstrap()->getResource('identity');
         $authAdapter = $identity->authAdapter;
         $authAdapter->setIdentity($username)->setCredential($password);
         $auth = Zend_Auth::getInstance();
         $authResult = $auth->authenticate($authAdapter);
         if ($authResult->isValid()) {
             Zend_Session::regenerateId();
             // success : store database row to auth's storage
             $data = $authAdapter->getResultRowObject();
             $auth->getStorage()->write($data);
             if (strpos($returnTo, '?')) {
                 $sAddition = '&';
             } else {
                 $sAddition = '?';
             }
             //[TODO] update last login date in tbl User
             //[TODO] update last login IP in tbl User
             $tblUser = new Kutu_Core_Orm_Table_User();
             $row = $tblUser->fetchRow($tblUser->select()->where('username = ?', $username));
             $ip = $this->real_ip_address();
             $row->lastLoginIp = $ip;
             $today = date('Y-m-d h:i:s');
             $row->lastLoginDate = $today;
             $row->save();
             header("location: " . $returnTo . $sAddition . "PHPSESSID=" . Zend_Session::getId());
         } else {
             if ($authResult->getCode() != -51) {
                 // failure : clear database row from session
                 Zend_Auth::getInstance()->clearIdentity();
             }
             $this->view->errorMessage = "Login GAGAL";
         }
     } else {
         Zend_Session::start();
         $returnTo = $r->getParam('returnTo');
         if (!empty($returnTo)) {
             $returnTo = urldecode($returnTo);
             $this->view->returnTo = $returnTo;
         } else {
             //$returnTo = KUTU_ROOT_URL.'/identity/account';
             $returnTo = KUTU_ROOT_URL . '/pages';
             $this->view->returnTo = $returnTo;
         }
         //check sudah login belum
         $auth = Zend_Auth::getInstance();
         if ($auth->hasIdentity()) {
             //echo "punya identitas";
             if (strpos($returnTo, '?')) {
                 $sAddition = '&';
             } else {
                 $sAddition = '?';
             }
             header("location: " . $returnTo . $sAddition . "PHPSESSID=" . Zend_Session::getId());
         }
     }
 }
 public function loginAction()
 {
     if ($this->isAuth()) {
         $this->_forward('index', 'index');
         // если уже залогинен: action, controller
         return;
     }
     $form = new formLogin();
     if ($this->_request->isPost()) {
         /* Проверяем валидность данных формы */
         if ($form->isValid($this->_getAllParams())) {
             $db = Zend_Registry::get('db_bacula');
             /**
              * Настраиваем правила выборки пользователей из БД
              * имя таблицы, название поля с идентификатором пользователя, название поля пароля
              *
              * [ $zendDb = null], [string $tableName = null], [string $identityColumn = null],
              * [string $credentialColumn = null], [string $credentialTreatment = null])
              */
             if (Zend_Registry::get('DB_ADAPTER') == 'PDO_SQLITE') {
                 // Sqlite do not have MD5 function
                 $authAdapter = new Zend_Auth_Adapter_DbTable($db, 'webacula_users', 'login', 'pwd', '? AND active = 1');
             } else {
                 $authAdapter = new Zend_Auth_Adapter_DbTable($db, 'webacula_users', 'login', 'pwd', 'MD5(?) AND active = 1');
             }
             /* Передаем в адаптер данные пользователя */
             $authAdapter->setIdentity($form->getValue('login'));
             $authAdapter->setCredential($form->getValue('pwd'));
             /* Собственно, процесс аутентификации */
             $auth = Zend_Auth::getInstance();
             $resultAuth = $auth->authenticate($authAdapter);
             /* Проверяем валидность результата */
             if ($resultAuth->isValid()) {
                 /* Пишем в сессию (default) необходимые нам данные (пароль обнуляем) */
                 $storage = $auth->getStorage();
                 $data = $authAdapter->getResultRowObject(array('id', 'login', 'role_id', 'role_name', 'email'));
                 // find role name
                 $table = new Wbroles();
                 $row = $table->find($data->role_id);
                 if ($row->count() == 1) {
                     $data->role_name = $row[0]['name'];
                 }
                 $storage->write($data);
                 // обнуляем счетчик неудачных логинов
                 if (isset($this->defNamespace->numLoginFails)) {
                     $this->defNamespace->numLoginFails = 0;
                 }
                 // remember me
                 if ($form->getValue('rememberme')) {
                     Zend_Session::rememberMe(self::MAX_LIFETIME);
                     Zend_Session::getSaveHandler()->setLifetime(self::MAX_LIFETIME);
                 }
                 // update user statistics
                 $users = new Wbusers();
                 $users->updateLoginStat($data->login);
                 // goto home page
                 $this->_redirect('index/index');
             } else {
                 sleep(7);
                 $this->view->msg = $this->view->translate->_("Username or password is incorrect");
                 // включаем счетчик, если кол-во неудачных логинов большое то включаем капчу
                 $this->defNamespace->numLoginFails++;
             }
         }
     }
     /* Если данные не передавались или неверный логин, то выводим форму для авторизации */
     $this->view->caption = sprintf($this->view->translate->_("Login with your %sWe%sbacula%s account"), '<font color="#00008B">', '</font><font color="#A80000">', '</font>');
     $this->view->title = $this->view->translate->_('Login with your Webacula account');
     $this->view->form = $form;
     // workaround for unit tests 'Action Helper by name Layout not found'
     if (!$this->_helper->hasHelper('layout')) {
         $this->render();
     }
 }
Ejemplo n.º 12
0
 public function loginAction()
 {
     // Already logged in
     if (Engine_Api::_()->user()->getViewer()->getIdentity()) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('You are already signed in.');
         if (null === $this->_helper->contextSwitch->getCurrentContext()) {
             $this->_helper->redirector->gotoRoute(array(), 'home');
         }
         return;
     }
     // Make form
     $this->view->form = $form = new User_Form_Login();
     $form->populate(array('return_url' => $this->_getParam('return_url')));
     // Facebook login
     if (User_Model_DbTable_Facebook::authenticate($form)) {
         // Facebook login succeeded, redirect to home
         $this->_helper->redirector->gotoRoute(array(), 'home');
     }
     // Not a post
     if (!$this->getRequest()->isPost()) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken');
         return;
     }
     // Form not valid
     if (!$form->isValid($this->getRequest()->getPost())) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data');
         return;
     }
     // Check login creds
     extract($form->getValues());
     // $email, $password, $remember
     $user_table = Engine_Api::_()->getDbtable('users', 'user');
     $user_select = $user_table->select()->where('email = ?', $email);
     // If post exists
     $user = $user_table->fetchRow($user_select);
     // Check if user exists
     if (empty($user)) {
         $this->view->status = false;
         $this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.');
         $form->addError(Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'));
         return;
     }
     // Check if user is verified and enabled
     if (!$user->verified || !$user->enabled) {
         $this->view->status = false;
         $translate = Zend_Registry::get('Zend_Translate');
         $error = $translate->translate('This account still requires either email verification or admin approval.');
         if (!empty($user) && !$user->verified) {
             $resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true);
             $error .= ' ';
             $error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url);
         }
         $form->getDecorator('errors')->setOption('escape', false);
         $form->addError($error);
         return;
     }
     // Version 3 Import compatibility
     if (empty($user->password)) {
         $compat = Engine_Api::_()->getApi('settings', 'core')->getSetting('core.compatibility.password');
         $migration = null;
         try {
             $migration = Engine_Db_Table::getDefaultAdapter()->select()->from('engine4_user_migration')->where('user_id = ?', $user->getIdentity())->limit(1)->query()->fetch();
         } catch (Exception $e) {
             $migration = null;
             $compat = null;
         }
         if (!$migration) {
             $compat = null;
         }
         if ($compat == 'import-version-3') {
             // Version 3 authentication
             $cryptedPassword = self::_version3PasswordCrypt($migration['user_password_method'], $migration['user_code'], $password);
             if ($cryptedPassword === $migration['user_password']) {
                 // Regenerate the user password using the given password
                 $user->salt = (string) rand(1000000, 9999999);
                 $user->password = $password;
                 $user->save();
                 Engine_Api::_()->user()->getAuth()->getStorage()->write($user->getIdentity());
                 // @todo should we delete the old migration row?
             } else {
                 $this->view->status = false;
                 $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
                 $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
                 return;
             }
             // End Version 3 authentication
         } else {
             $form->addError('There appears to be a problem logging in. Please reset your password with the Forgot Password link.');
             return;
         }
     } else {
         $authResult = Engine_Api::_()->user()->authenticate($email, $password);
         $authCode = $authResult->getCode();
         Engine_Api::_()->user()->setViewer();
         if ($authCode != Zend_Auth_Result::SUCCESS) {
             $this->view->status = false;
             $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
             $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
             return;
         }
     }
     // -- Success! --
     // Remember
     if ($remember) {
         $lifetime = 1209600;
         // Two weeks
         Zend_Session::getSaveHandler()->setLifetime($lifetime, true);
         Zend_Session::rememberMe($lifetime);
     }
     // Increment sign-in count
     Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins');
     // Test activity @todo remove
     $viewer = Engine_Api::_()->user()->getViewer();
     if ($viewer->getIdentity()) {
         $viewer->lastlogin_date = date("Y-m-d H:i:s");
         $viewer->lastlogin_ip = $_SERVER['REMOTE_ADDR'];
         $viewer->save();
         Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login');
     }
     // Assign sid to view for json context
     $this->view->status = true;
     $this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful');
     $this->view->sid = Zend_Session::getId();
     $this->view->sname = Zend_Session::getOptions('name');
     // Do redirection only if normal context
     if (null === $this->_helper->contextSwitch->getCurrentContext()) {
         // Redirect by form
         $uri = $form->getValue('return_url');
         if ($uri) {
             return $this->_redirect($uri, array('prependBase' => false));
         }
         // Redirect by session
         $session = new Zend_Session_Namespace('Redirect');
         if (isset($session->uri)) {
             $uri = $session->uri;
             $opts = $session->options;
             $session->unsetAll();
             return $this->_redirect($uri, $opts);
         } else {
             if (isset($session->route)) {
                 $session->unsetAll();
                 return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
             } else {
                 return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general');
             }
         }
     }
 }
Ejemplo n.º 13
0
 public function __construct()
 {
     $savehandle = Zend_Session::getSaveHandler();
     //        self::$_ZEND_SESSION_NAMESPACE_EXPIRATION_SECONDS =  $savehandle->getLifetime();
     self::$_ZEND_SESSION_NAMESPACE_EXPIRATION_SECONDS = 3600;
 }
Ejemplo n.º 14
0
 public function loginAction()
 {
     if ($this->isAuth()) {
         $this->_forward('index', 'index');
         // если уже залогинен: action, controller
         return;
     }
     $form = new formLogin();
     if ($this->_request->isPost()) {
         /* Проверяем валидность данных формы */
         if ($form->isValid($this->_getAllParams())) {
             $users = new Wbusers();
             $login = $form->getValue('login');
             if ($users->checkPassword($login, $form->getValue('pwd'))) {
                 $user = $users->fetchUser($login);
                 $user[0]['pwd'] = '';
                 // пароль обнуляем
                 $user = (object) $user[0];
                 /* Пишем в сессию (default) необходимые нам данные */
                 $auth = Zend_Auth::getInstance();
                 $storage = $auth->getStorage();
                 // find role name
                 $storage->write($user);
                 // обнуляем счетчик неудачных логинов
                 if (isset($this->defNamespace->numLoginFails)) {
                     $this->defNamespace->numLoginFails = 0;
                 }
                 // remember me
                 if ($form->getValue('rememberme')) {
                     Zend_Session::rememberMe(self::MAX_LIFETIME);
                     Zend_Session::getSaveHandler()->setLifetime(self::MAX_LIFETIME);
                 }
                 // update user statistics
                 $users->updateLoginStat($user->login);
                 // goto home page
                 $this->_redirect('index/index');
             } else {
                 sleep(7);
                 $this->view->msg = $this->view->translate->_("Username or password is incorrect");
                 // включаем счетчик, если кол-во неудачных логинов большое то включаем капчу
                 $this->defNamespace->numLoginFails++;
             }
         }
     }
     /* Если данные не передавались или неверный логин, то выводим форму для авторизации */
     $this->view->caption = sprintf($this->view->translate->_("Login with your %sWe%sbacula%s account"), '<font color="#00008B">', '</font><font color="#A80000">', '</font>');
     $this->view->title = $this->view->translate->_('Login with your Webacula account');
     $this->view->form = $form;
     // workaround for unit tests 'Action Helper by name Layout not found'
     if (!$this->_helper->hasHelper('layout')) {
         $this->render();
     }
 }