public function testInitSetsSaveHandler()
{
$saveHandler = $this->getMock('Zend_Session_SaveHandler_Interface');
$this->resource->setSaveHandler($saveHandler);
$this->resource->init();
$this->assertSame($saveHandler, Zend_Session::getSaveHandler());
}
public function init()
{
$registry = Zend_Registry::getInstance();
$auth = Zend_Auth::getInstance();
$config = $registry->get("config");
$sessionConfig = $config['resources']['session'];
$cookieLifetime = $sessionConfig['cookie_lifetime'];
/* @todo fix issue of system with incoherent behavior when the session
system has a issue, such as when the savehandler doesn't work as
expected when it's off-line which results in differents
catched / uncatched exception when the resource (page) loads
*/
$saveHandler = new Ml_Session_SaveHandler_PlusCache($registry->get("memCache"), $config['session']['prefix'], $config['lastActivity']['prefix']);
Zend_Session::setSaveHandler($saveHandler);
Zend_Session::getSaveHandler()->setLifetime($cookieLifetime, true);
Zend_Session::start();
$defaultNamespace = new Zend_Session_Namespace();
if (!isset($defaultNamespace->initialized)) {
Zend_Session::regenerateId();
$defaultNamespace->initialized = true;
}
if ($auth->hasIdentity()) {
$people = Ml_Model_People::getInstance();
$signedUserInfo = $people->getById($auth->getIdentity());
$registry->set('signedUserInfo', $signedUserInfo);
}
$globalHash = Ml_Model_MagicCookies::getInstance()->getLast(true);
$registry->set("globalHash", $globalHash);
}
protected function _initSession()
{
if ($this->hasPluginResource('session') && !Zend_Session::getSaveHandler()) {
Zend_Session::setSaveHandler($this->getPluginResource('session')->getSaveHandler());
}
Zend_Session::start();
}
public function testNewInstance()
{
$application = new Zend_Application('tests', dirname(__FILE__) . '/application4.ini');
$application->bootstrap()->getBootstrap()->getResource('session');
$rediska = Zend_Session::getSaveHandler()->getRediska();
$this->assertEquals('default', $rediska->getOption('name'));
$this->assertEquals(array(), Rediska_Manager::getAll());
}
/**
* Singleton pattern implementation makes "new" unavailable
*
* @return void
*/
public final function __construct($config = array())
{
$registry = Zend_Registry::getInstance();
$handler = $registry->get("memCache");
$this->_cache = $handler;
$sessionHandler = Zend_Session::getSaveHandler();
$this->_sessionPrefix = $sessionHandler->getSessionPrefix();
$this->_lastActivityPrefix = $sessionHandler->getLastActivityPrefix();
parent::__construct($config);
}
/**
* Login authentication
* @param username, password
*/
function kloginAction()
{
$this->_helper->layout()->disableLayout();
$request = $this->getRequest();
$userName = $request->getParam('u') ? $request->getParam('u') : '';
$password = $request->getParam('p') ? $request->getParam('p') : '';
$remember = $request->getParam('s') ? $request->getParam('s') : '';
$response = array();
$saveHandler = Zend_Session::getSaveHandler();
$saveHandler->setLifetime(3600)->setOverrideLifetime(true);
Zend_Session::start();
$authMan = new Pandamp_Auth_Manager($userName, $password);
$authResult = $authMan->authenticate();
$zendAuth = Zend_Auth::getInstance();
if ($zendAuth->hasIdentity()) {
if ($authResult->isValid()) {
Zend_Session::regenerateId();
$r = $this->getRequest();
$returnUrl = base64_decode($r->getParam('r'));
if (!empty($returnUrl)) {
if (strpos($returnUrl, '?')) {
$sAddition = '&';
} else {
$sAddition = '?';
Pandamp_Lib_Formater::writeLog();
if (isset($remember) && $remember == 'yes') {
Zend_Session::rememberMe(3600);
$hol = new Pandamp_Core_Hol_Auth();
$hol->user = $userName;
$hol->user_pw = $password;
$hol->save_login = $remember;
$hol->login_saver();
}
$this->_helper->getHelper('Cache')->removePagesTagged(array('entries', 'hold', 'warta', 'clinic'));
$response['success'] = true;
$response['message'] = "{$returnUrl}" . $sAddition . "PHPSESSID=" . Zend_Session::getId();
}
}
} else {
if ($authResult->getCode() != -51) {
// failure : clear database row from session
Zend_Auth::getInstance()->clearIdentity();
}
$messages = $authResult->getMessages();
$response['error'] = $messages[0];
$response['success'] = false;
}
} else {
$response['failure'] = true;
$messages = $authResult->getMessages();
$response['error'] = $messages[0];
}
echo Zend_Json::encode($response);
}
/**
* @brief authenticateUser method - authenticates a given user with given password
* @param string $username: user name
* @param string $password: submitted plain text password
* @return TRUE or FALSE
*
* Authenticates the given user with the given password and sets the authentication
* singleton to its new state. Authentication is carried out using HASHing (using given
* hash) and SALTing.
*/
public function authenticateUser($username, $password, $remember = false)
{
// first check if username or password are missing
if (!$username) {
throw new Exception('Username not given.');
} else {
if (!$password) {
throw new Exception('Password not given.');
}
}
// set username and password
$this->_userAdapter->setIdentity($username);
$this->_userAdapter->setCredential($password);
// check authentification using the adapter
$result = $this->_userAdapter->authenticate();
if ($result->isValid()) {
// store user table row in auth object, but suppress password
$row = $this->_userAdapter->getResultRowObject(null, 'password');
// get ip and user agent
$row->ip = $this->getRemoteAddr();
$row->userAgent = $this->getUserAgent();
// get role and status
$row->status = $this->getStatus($row->status_id);
$row->role = $this->getRole($row->role_id);
// get the auth singleton and its storage and store the row
$storage = Zend_Auth::getInstance()->getStorage();
$storage->write($row);
// extend login to two weeks, i.e. 1209600 s
if ($remember) {
// extend lifetime of the clients cookie
Zend_Session::rememberMe(1209600);
// extent the lifetime of the session in the database
$saveHandler = Zend_Session::getSaveHandler();
$saveHandler->setLifetime(1209600, true);
}
return true;
} else {
return false;
}
}
public function loginAction()
{
// Already logged in
if (Engine_Api::_()->user()->getViewer()->getIdentity()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('You are already signed in.');
if (null === $this->_helper->contextSwitch->getCurrentContext()) {
$this->_helper->redirector->gotoRoute(array(), 'default', true);
}
return;
}
// Make form
$this->view->form = $form = new User_Form_Login();
$form->setAction($this->view->url(array('return_url' => null)));
$form->populate(array('return_url' => $this->_getParam('return_url')));
// Facebook login
// if( User_Model_DbTable_Facebook::authenticate($form) ) {
// // Facebook login succeeded, redirect to home
// return $this->_helper->redirector->gotoRoute(array(), 'default', true);
// }
// Render
$this->_helper->content->setEnabled();
// Not a post
if (!$this->getRequest()->isPost()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken');
return;
}
// Form not valid
if (!$form->isValid($this->getRequest()->getPost())) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data');
return;
}
// Check login creds
extract($form->getValues());
// $email, $password, $remember
$user_table = Engine_Api::_()->getDbtable('users', 'user');
$user_select = $user_table->select()->where('email = ?', $email);
// If post exists
$user = $user_table->fetchRow($user_select);
// Get ip address
$db = Engine_Db_Table::getDefaultAdapter();
$ipObj = new Engine_IP();
$ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary())));
// Check if user exists
if (empty($user)) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.');
$form->addError(Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'));
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'no-member'));
return;
}
// Check if user is verified and enabled
if (!$user->enabled) {
if (!$user->verified) {
$this->view->status = false;
$resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true);
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('This account still requires either email verification.');
$error .= ' ';
$error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url);
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled'));
return;
} else {
if (!$user->approved) {
$this->view->status = false;
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('This account still requires admin approval.');
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled'));
return;
}
}
// Should be handled by hooks or payment
//return;
}
// Handle subscriptions
if (Engine_Api::_()->hasModuleBootstrap('payment')) {
// Check for the user's plan
$subscriptionsTable = Engine_Api::_()->getDbtable('subscriptions', 'payment');
if (!$subscriptionsTable->check($user)) {
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'unpaid'));
// Redirect to subscription page
$subscriptionSession = new Zend_Session_Namespace('Payment_Subscription');
$subscriptionSession->unsetAll();
$subscriptionSession->user_id = $user->getIdentity();
return $this->_helper->redirector->gotoRoute(array('module' => 'payment', 'controller' => 'subscription', 'action' => 'index'), 'default', true);
}
}
// Run pre login hook
$event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginBefore', $user);
foreach ((array) $event->getResponses() as $response) {
if (is_array($response)) {
if (!empty($response['error']) && !empty($response['message'])) {
$form->addError($response['message']);
} else {
if (!empty($response['redirect'])) {
$this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false));
} else {
continue;
}
}
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'third-party'));
// Return
return;
}
}
// Version 3 Import compatibility
if (empty($user->password)) {
$compat = Engine_Api::_()->getApi('settings', 'core')->getSetting('core.compatibility.password');
$migration = null;
try {
$migration = Engine_Db_Table::getDefaultAdapter()->select()->from('engine4_user_migration')->where('user_id = ?', $user->getIdentity())->limit(1)->query()->fetch();
} catch (Exception $e) {
$migration = null;
$compat = null;
}
if (!$migration) {
$compat = null;
}
if ($compat == 'import-version-3') {
// Version 3 authentication
$cryptedPassword = self::_version3PasswordCrypt($migration['user_password_method'], $migration['user_code'], $password);
if ($cryptedPassword === $migration['user_password']) {
// Regenerate the user password using the given password
$user->salt = (string) rand(1000000, 9999999);
$user->password = $password;
$user->save();
Engine_Api::_()->user()->getAuth()->getStorage()->write($user->getIdentity());
// @todo should we delete the old migration row?
} else {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
return;
}
// End Version 3 authentication
} else {
$form->addError('There appears to be a problem logging in. Please reset your password with the Forgot Password link.');
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'v3-migration'));
return;
}
} else {
$authResult = Engine_Api::_()->user()->authenticate($email, $password);
$authCode = $authResult->getCode();
Engine_Api::_()->user()->setViewer();
if ($authCode != Zend_Auth_Result::SUCCESS) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
// Register login
Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'bad-password'));
return;
}
}
// -- Success! --
// Register login
$loginTable = Engine_Api::_()->getDbtable('logins', 'user');
$loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true));
$_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId();
// Remember
if ($remember) {
$lifetime = 1209600;
// Two weeks
Zend_Session::getSaveHandler()->setLifetime($lifetime, true);
Zend_Session::rememberMe($lifetime);
}
// Increment sign-in count
Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins');
// Test activity @todo remove
$viewer = Engine_Api::_()->user()->getViewer();
if ($viewer->getIdentity()) {
$viewer->lastlogin_date = date("Y-m-d H:i:s");
if ('cli' !== PHP_SAPI) {
$viewer->lastlogin_ip = $ipExpr;
}
$viewer->save();
Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login');
}
// Assign sid to view for json context
$this->view->status = true;
$this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful');
$this->view->sid = Zend_Session::getId();
$this->view->sname = Zend_Session::getOptions('name');
// Run post login hook
$event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer);
// Do redirection only if normal context
if (null === $this->_helper->contextSwitch->getCurrentContext()) {
// Redirect by form
$uri = $form->getValue('return_url');
if ($uri) {
if (substr($uri, 0, 3) == '64-') {
$uri = base64_decode(substr($uri, 3));
}
return $this->_redirect($uri, array('prependBase' => false));
}
// Redirect by session
$session = new Zend_Session_Namespace('Redirect');
if (isset($session->uri)) {
$uri = $session->uri;
$opts = $session->options;
$session->unsetAll();
return $this->_redirect($uri, $opts);
} else {
if (isset($session->route)) {
$session->unsetAll();
return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
}
}
// Redirect by hook
foreach ((array) $event->getResponses() as $response) {
if (is_array($response)) {
if (!empty($response['error']) && !empty($response['message'])) {
return $form->addError($response['message']);
} else {
if (!empty($response['redirect'])) {
return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false));
}
}
}
}
// Just redirect to home
return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true);
}
}
public function indexAction()
{
// Already logged in
$viewer = Khcn_Api::_()->getViewer();
if ($viewer && $viewer->getIdentity()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Bạn đã đăng nhập.');
$this->_helper->redirector->gotoRoute(array(), 'default', true);
return;
}
// Make form
$this->view->form = $form = new Default_Form_Login();
$form->setAction($this->view->url(array('return_url' => null)));
$form->populate(array('return_url' => $this->_getParam('return_url')));
// Not a post
if (!$this->getRequest()->isPost()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken');
return;
}
// Form not valid
if (!$form->isValid($this->getRequest()->getPost())) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data');
return;
}
// Check login creds
extract($form->getValues());
// $Username, $Password, $Remember
$userTable = Khcn_Api::_()->getItemTable('default_nguoi_dung');
$userSelect = $userTable->select()->where('ten_dang_nhap = ?', $Username);
// If post exists
$user = $userTable->fetchRow($userSelect);
// Get ip address
$db = Khcn_Db_Table::getDefaultAdapter();
// Check if user exists
if (empty($user)) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.'));
return;
}
// Check if user is verified and enabled
if (!$user->enabled) {
if (!$user->verified) {
$this->view->status = false;
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('Vui lòng kích hoạt tài khoản thông qua email.');
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
return;
} else {
if (!$user->approved) {
$this->view->status = false;
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('Tài khoản của bạn cần được kích hoạt bởi admin.');
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
return;
}
}
// Should be handled by hooks or payment
//return;
}
// Version 3 Import compatibility
if (empty($user->mat_khau)) {
$form->addError('Mật khẩu không hợp lệ. Vui lòng reset lại mật khẩu.');
return;
} else {
$authResult = Khcn_Api::_()->authenticate($Username, $Password);
$authCode = $authResult->getCode();
Khcn_Api::_()->setViewer();
if ($authCode != Zend_Auth_Result::SUCCESS) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.'));
return;
}
}
// -- Success! --
// Remember
if (!empty($Remember)) {
$lifetime = 1209600;
// Two weeks
Zend_Session::getSaveHandler()->setLifetime($lifetime, true);
Zend_Session::rememberMe($lifetime);
}
// Test activity @todo remove
$viewer = Khcn_Api::_()->getViewer();
if ($viewer && $viewer->getIdentity()) {
$viewer->lan_dang_nhap_cuoi = date("Y-m-d H:i:s");
$viewer->save();
}
// Assign sid to view for json context
$this->view->status = true;
$this->view->message = Zend_Registry::get('Zend_Translate')->_('Đăng nhập thành công');
$this->view->sid = Zend_Session::getId();
$this->view->sname = Zend_Session::getOptions('name');
// Do redirection only if normal context
// Redirect by form
$uri = $form->getValue('return_url');
if ($uri) {
if (substr($uri, 0, 3) == '64-') {
$uri = base64_decode(substr($uri, 3));
}
return $this->_redirect($uri, array('prependBase' => false));
}
// Redirect by session
$session = new Zend_Session_Namespace('Redirect');
if (isset($session->uri)) {
$uri = $session->uri;
$opts = $session->options;
$session->unsetAll();
return $this->_redirect($uri, $opts);
} else {
if (isset($session->route)) {
$session->unsetAll();
return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
}
}
// Just redirect to home
return $this->_helper->redirector->gotoRoute(array(), null, true);
}
public function loginAction()
{
//$this->_helper->layout->disableLayout();
$this->_helper->layout()->setLayout('layout-lgs');
$r = $this->getRequest();
//$returnTo = $r->getParam('returnTo');
//$this->view->returnTo = urlencode($returnTo);
if ($r->isPost()) {
$returnTo = $r->getParam('returnTo');
$this->view->returnTo = $returnTo;
Zend_Session::rememberMe(86400);
$saveHandler = Zend_Session::getSaveHandler();
$saveHandler->setLifetime(87500)->setOverrideLifetime(true);
Zend_Session::start();
$username = $r->getParam('username');
$password = $r->getParam('password');
$registry = Zend_Registry::getInstance();
$application = $registry->get('application');
//ensure resource Session has/is initialized;
//$application->getBootstrap()->bootstrap('identity');
$identity = $application->getBootstrap()->getResource('identity');
$authAdapter = $identity->authAdapter;
$authAdapter->setIdentity($username)->setCredential($password);
$auth = Zend_Auth::getInstance();
$authResult = $auth->authenticate($authAdapter);
if ($authResult->isValid()) {
Zend_Session::regenerateId();
// success : store database row to auth's storage
$data = $authAdapter->getResultRowObject();
$auth->getStorage()->write($data);
if (strpos($returnTo, '?')) {
$sAddition = '&';
} else {
$sAddition = '?';
}
//[TODO] update last login date in tbl User
//[TODO] update last login IP in tbl User
$tblUser = new Kutu_Core_Orm_Table_User();
$row = $tblUser->fetchRow($tblUser->select()->where('username = ?', $username));
$ip = $this->real_ip_address();
$row->lastLoginIp = $ip;
$today = date('Y-m-d h:i:s');
$row->lastLoginDate = $today;
$row->save();
header("location: " . $returnTo . $sAddition . "PHPSESSID=" . Zend_Session::getId());
} else {
if ($authResult->getCode() != -51) {
// failure : clear database row from session
Zend_Auth::getInstance()->clearIdentity();
}
$this->view->errorMessage = "Login GAGAL";
}
} else {
Zend_Session::start();
$returnTo = $r->getParam('returnTo');
if (!empty($returnTo)) {
$returnTo = urldecode($returnTo);
$this->view->returnTo = $returnTo;
} else {
//$returnTo = KUTU_ROOT_URL.'/identity/account';
$returnTo = KUTU_ROOT_URL . '/pages';
$this->view->returnTo = $returnTo;
}
//check sudah login belum
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
//echo "punya identitas";
if (strpos($returnTo, '?')) {
$sAddition = '&';
} else {
$sAddition = '?';
}
header("location: " . $returnTo . $sAddition . "PHPSESSID=" . Zend_Session::getId());
}
}
}
public function loginAction()
{
if ($this->isAuth()) {
$this->_forward('index', 'index');
// если уже залогинен: action, controller
return;
}
$form = new formLogin();
if ($this->_request->isPost()) {
/* Проверяем валидность данных формы */
if ($form->isValid($this->_getAllParams())) {
$db = Zend_Registry::get('db_bacula');
/**
* Настраиваем правила выборки пользователей из БД
* имя таблицы, название поля с идентификатором пользователя, название поля пароля
*
* [ $zendDb = null], [string $tableName = null], [string $identityColumn = null],
* [string $credentialColumn = null], [string $credentialTreatment = null])
*/
if (Zend_Registry::get('DB_ADAPTER') == 'PDO_SQLITE') {
// Sqlite do not have MD5 function
$authAdapter = new Zend_Auth_Adapter_DbTable($db, 'webacula_users', 'login', 'pwd', '? AND active = 1');
} else {
$authAdapter = new Zend_Auth_Adapter_DbTable($db, 'webacula_users', 'login', 'pwd', 'MD5(?) AND active = 1');
}
/* Передаем в адаптер данные пользователя */
$authAdapter->setIdentity($form->getValue('login'));
$authAdapter->setCredential($form->getValue('pwd'));
/* Собственно, процесс аутентификации */
$auth = Zend_Auth::getInstance();
$resultAuth = $auth->authenticate($authAdapter);
/* Проверяем валидность результата */
if ($resultAuth->isValid()) {
/* Пишем в сессию (default) необходимые нам данные (пароль обнуляем) */
$storage = $auth->getStorage();
$data = $authAdapter->getResultRowObject(array('id', 'login', 'role_id', 'role_name', 'email'));
// find role name
$table = new Wbroles();
$row = $table->find($data->role_id);
if ($row->count() == 1) {
$data->role_name = $row[0]['name'];
}
$storage->write($data);
// обнуляем счетчик неудачных логинов
if (isset($this->defNamespace->numLoginFails)) {
$this->defNamespace->numLoginFails = 0;
}
// remember me
if ($form->getValue('rememberme')) {
Zend_Session::rememberMe(self::MAX_LIFETIME);
Zend_Session::getSaveHandler()->setLifetime(self::MAX_LIFETIME);
}
// update user statistics
$users = new Wbusers();
$users->updateLoginStat($data->login);
// goto home page
$this->_redirect('index/index');
} else {
sleep(7);
$this->view->msg = $this->view->translate->_("Username or password is incorrect");
// включаем счетчик, если кол-во неудачных логинов большое то включаем капчу
$this->defNamespace->numLoginFails++;
}
}
}
/* Если данные не передавались или неверный логин, то выводим форму для авторизации */
$this->view->caption = sprintf($this->view->translate->_("Login with your %sWe%sbacula%s account"), '<font color="#00008B">', '</font><font color="#A80000">', '</font>');
$this->view->title = $this->view->translate->_('Login with your Webacula account');
$this->view->form = $form;
// workaround for unit tests 'Action Helper by name Layout not found'
if (!$this->_helper->hasHelper('layout')) {
$this->render();
}
}
public function loginAction()
{
// Already logged in
if (Engine_Api::_()->user()->getViewer()->getIdentity()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('You are already signed in.');
if (null === $this->_helper->contextSwitch->getCurrentContext()) {
$this->_helper->redirector->gotoRoute(array(), 'home');
}
return;
}
// Make form
$this->view->form = $form = new User_Form_Login();
$form->populate(array('return_url' => $this->_getParam('return_url')));
// Facebook login
if (User_Model_DbTable_Facebook::authenticate($form)) {
// Facebook login succeeded, redirect to home
$this->_helper->redirector->gotoRoute(array(), 'home');
}
// Not a post
if (!$this->getRequest()->isPost()) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken');
return;
}
// Form not valid
if (!$form->isValid($this->getRequest()->getPost())) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data');
return;
}
// Check login creds
extract($form->getValues());
// $email, $password, $remember
$user_table = Engine_Api::_()->getDbtable('users', 'user');
$user_select = $user_table->select()->where('email = ?', $email);
// If post exists
$user = $user_table->fetchRow($user_select);
// Check if user exists
if (empty($user)) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.');
$form->addError(Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'));
return;
}
// Check if user is verified and enabled
if (!$user->verified || !$user->enabled) {
$this->view->status = false;
$translate = Zend_Registry::get('Zend_Translate');
$error = $translate->translate('This account still requires either email verification or admin approval.');
if (!empty($user) && !$user->verified) {
$resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true);
$error .= ' ';
$error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url);
}
$form->getDecorator('errors')->setOption('escape', false);
$form->addError($error);
return;
}
// Version 3 Import compatibility
if (empty($user->password)) {
$compat = Engine_Api::_()->getApi('settings', 'core')->getSetting('core.compatibility.password');
$migration = null;
try {
$migration = Engine_Db_Table::getDefaultAdapter()->select()->from('engine4_user_migration')->where('user_id = ?', $user->getIdentity())->limit(1)->query()->fetch();
} catch (Exception $e) {
$migration = null;
$compat = null;
}
if (!$migration) {
$compat = null;
}
if ($compat == 'import-version-3') {
// Version 3 authentication
$cryptedPassword = self::_version3PasswordCrypt($migration['user_password_method'], $migration['user_code'], $password);
if ($cryptedPassword === $migration['user_password']) {
// Regenerate the user password using the given password
$user->salt = (string) rand(1000000, 9999999);
$user->password = $password;
$user->save();
Engine_Api::_()->user()->getAuth()->getStorage()->write($user->getIdentity());
// @todo should we delete the old migration row?
} else {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
return;
}
// End Version 3 authentication
} else {
$form->addError('There appears to be a problem logging in. Please reset your password with the Forgot Password link.');
return;
}
} else {
$authResult = Engine_Api::_()->user()->authenticate($email, $password);
$authCode = $authResult->getCode();
Engine_Api::_()->user()->setViewer();
if ($authCode != Zend_Auth_Result::SUCCESS) {
$this->view->status = false;
$this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials');
$form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied'));
return;
}
}
// -- Success! --
// Remember
if ($remember) {
$lifetime = 1209600;
// Two weeks
Zend_Session::getSaveHandler()->setLifetime($lifetime, true);
Zend_Session::rememberMe($lifetime);
}
// Increment sign-in count
Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins');
// Test activity @todo remove
$viewer = Engine_Api::_()->user()->getViewer();
if ($viewer->getIdentity()) {
$viewer->lastlogin_date = date("Y-m-d H:i:s");
$viewer->lastlogin_ip = $_SERVER['REMOTE_ADDR'];
$viewer->save();
Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login');
}
// Assign sid to view for json context
$this->view->status = true;
$this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful');
$this->view->sid = Zend_Session::getId();
$this->view->sname = Zend_Session::getOptions('name');
// Do redirection only if normal context
if (null === $this->_helper->contextSwitch->getCurrentContext()) {
// Redirect by form
$uri = $form->getValue('return_url');
if ($uri) {
return $this->_redirect($uri, array('prependBase' => false));
}
// Redirect by session
$session = new Zend_Session_Namespace('Redirect');
if (isset($session->uri)) {
$uri = $session->uri;
$opts = $session->options;
$session->unsetAll();
return $this->_redirect($uri, $opts);
} else {
if (isset($session->route)) {
$session->unsetAll();
return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset);
} else {
return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general');
}
}
}
}
public function __construct()
{
$savehandle = Zend_Session::getSaveHandler();
// self::$_ZEND_SESSION_NAMESPACE_EXPIRATION_SECONDS = $savehandle->getLifetime();
self::$_ZEND_SESSION_NAMESPACE_EXPIRATION_SECONDS = 3600;
}
public function loginAction()
{
if ($this->isAuth()) {
$this->_forward('index', 'index');
// если уже залогинен: action, controller
return;
}
$form = new formLogin();
if ($this->_request->isPost()) {
/* Проверяем валидность данных формы */
if ($form->isValid($this->_getAllParams())) {
$users = new Wbusers();
$login = $form->getValue('login');
if ($users->checkPassword($login, $form->getValue('pwd'))) {
$user = $users->fetchUser($login);
$user[0]['pwd'] = '';
// пароль обнуляем
$user = (object) $user[0];
/* Пишем в сессию (default) необходимые нам данные */
$auth = Zend_Auth::getInstance();
$storage = $auth->getStorage();
// find role name
$storage->write($user);
// обнуляем счетчик неудачных логинов
if (isset($this->defNamespace->numLoginFails)) {
$this->defNamespace->numLoginFails = 0;
}
// remember me
if ($form->getValue('rememberme')) {
Zend_Session::rememberMe(self::MAX_LIFETIME);
Zend_Session::getSaveHandler()->setLifetime(self::MAX_LIFETIME);
}
// update user statistics
$users->updateLoginStat($user->login);
// goto home page
$this->_redirect('index/index');
} else {
sleep(7);
$this->view->msg = $this->view->translate->_("Username or password is incorrect");
// включаем счетчик, если кол-во неудачных логинов большое то включаем капчу
$this->defNamespace->numLoginFails++;
}
}
}
/* Если данные не передавались или неверный логин, то выводим форму для авторизации */
$this->view->caption = sprintf($this->view->translate->_("Login with your %sWe%sbacula%s account"), '<font color="#00008B">', '</font><font color="#A80000">', '</font>');
$this->view->title = $this->view->translate->_('Login with your Webacula account');
$this->view->form = $form;
// workaround for unit tests 'Action Helper by name Layout not found'
if (!$this->_helper->hasHelper('layout')) {
$this->render();
}
}
