/** * Show and process login form * * @param void * @return null */ function login() { include_once ROOT . "/library/browser/Browser.php"; if (Browser::instance()->getBrowser() == Browser::BROWSER_IE && Browser::instance()->getVersion() < 7) { flash_error(lang("ie browser outdated")); } $this->addHelper('form'); if (function_exists('logged_user') && (logged_user() instanceof Contact && logged_user()->isUser())) { $ref_controller = null; $ref_action = null; $ref_params = array(); foreach ($_GET as $k => $v) { if (str_starts_with($k, 'ref_')) { $ref_var_name = trim(substr($k, 4, strlen($k))); switch ($ref_var_name) { case 'c': $ref_controller = $v; break; case 'a': $ref_action = $v; break; default: $ref_params[$ref_var_name] = $v; } // switch } // if } // if $this->redirectTo($ref_controller, $ref_action, $ref_params); } // if $login_data = array_var($_POST, 'login'); $localization = array_var($_POST, 'configOptionSelect'); if (!is_array($login_data)) { $login_data = array(); foreach ($_GET as $k => $v) { if (str_starts_with($k, 'ref_')) { $login_data[htmlspecialchars($k)] = htmlspecialchars($v); } } // foreach } // if tpl_assign('login_data', $login_data); if (is_array(array_var($_POST, 'login'))) { $username = array_var($login_data, 'username'); $password = array_var($login_data, 'password'); $remember = array_var($login_data, 'remember') == 'checked'; if (config_option('block_login_after_x_tries')) { $from_time = DateTimeValueLib::now(); $from_time = $from_time->add('m', -10); $sec_logs = AdministrationLogs::getLastLogs(AdministrationLogs::ADM_LOG_CATEGORY_SECURITY, "invalid login", array_var($_SERVER, 'REMOTE_ADDR'), 10, "`created_on` > '" . $from_time->toMySQL() . "'"); if (is_array($sec_logs) && count($sec_logs) >= 5) { AdministrationLogs::createLog("invalid login", array_var($_SERVER, 'REMOTE_ADDR'), AdministrationLogs::ADM_LOG_CATEGORY_SECURITY); tpl_assign('error', new Error(lang('invalid login data'))); $this->render(); } } if (trim($username) == '') { AdministrationLogs::createLog("invalid login", array_var($_SERVER, 'REMOTE_ADDR'), AdministrationLogs::ADM_LOG_CATEGORY_SECURITY); tpl_assign('error', new Error(lang('username value missing'))); $this->render(); } // if if (trim($password) == '') { AdministrationLogs::createLog("invalid login", array_var($_SERVER, 'REMOTE_ADDR'), AdministrationLogs::ADM_LOG_CATEGORY_SECURITY); tpl_assign('error', new Error(lang('password value missing'))); $this->render(); } // if if (preg_match(EMAIL_FORMAT, $username)) { $user = Contacts::getByEmail($username); } else { $user = Contacts::getByUsername($username); } if (!($user instanceof Contact && $user->isUser()) || $user->getDisabled()) { AdministrationLogs::createLog("invalid login", array_var($_SERVER, 'REMOTE_ADDR'), AdministrationLogs::ADM_LOG_CATEGORY_SECURITY); tpl_assign('error', new Error(lang('invalid login data'))); $this->render(); } // if $userIsValidPassword = false; // If ldap authentication is enabled ldap.config.php will return true. $config_ldap_file_path = ROOT . '/config/ldap.config.php'; $config_ldap_is_set = file_exists($config_ldap_file_path) && (include_once $config_ldap_file_path); if ($config_ldap_is_set === true) { $userIsValidPassword = $user->isValidPasswordLdap($username, $password, $config_ldap); } if (!$userIsValidPassword) { $userIsValidPassword = $user->isValidPassword($password); } if (!$userIsValidPassword) { AdministrationLogs::createLog("invalid login", array_var($_SERVER, 'REMOTE_ADDR'), AdministrationLogs::ADM_LOG_CATEGORY_SECURITY); tpl_assign('error', new Error(lang('invalid login data'))); $this->render(); } // if //Start change user language if ($localization != 'Default' && self::check_valid_localization($localization)) { set_user_config_option('localization', $localization, $user->getId()); } $ref_controller = null; $ref_action = null; $ref_params = array(); foreach ($login_data as $k => $v) { if (str_starts_with($k, 'ref_')) { $ref_var_name = trim(substr($k, 4, strlen($k))); switch ($ref_var_name) { case 'c': $ref_controller = $v; break; case 'a': $ref_action = $v; break; default: $ref_params[$ref_var_name] = $v; } // switch } // if } // if if (!count($ref_params)) { $ref_params = null; } if (ContactPasswords::validatePassword($password)) { $newest_password = ContactPasswords::getNewestContactPassword($user->getId()); if (!$newest_password instanceof ContactPassword) { $user_password = new ContactPassword(); $user_password->setContactId($user->getId()); $user_password->setPasswordDate(DateTimeValueLib::now()); $user_password->setPassword(cp_encrypt($password, $user_password->getPasswordDate()->getTimestamp())); $user_password->password_temp = $password; $user_password->save(); } else { if (ContactPasswords::isContactPasswordExpired($user->getId())) { $this->redirectTo('access', 'change_password', array('id' => $user->getId(), 'msg' => 'expired', 'ref_c' => $ref_controller, 'ref_a' => $ref_action, $ref_params)); } } } else { $this->redirectTo('access', 'change_password', array('id' => $user->getId(), 'msg' => 'invalid', 'ref_c' => $ref_controller, 'ref_a' => $ref_action, $ref_params)); } try { CompanyWebsite::instance()->logUserIn($user, $remember); $ip = get_ip_address(); ApplicationLogs::createLog($user, ApplicationLogs::ACTION_LOGIN, false, false, true, $ip); } catch (Exception $e) { tpl_assign('error', new Error(lang('invalid login data'))); $this->render(); } // try if ($ref_controller && $ref_action) { $this->redirectTo($ref_controller, $ref_action, $ref_params); } else { $this->redirectTo('access', 'index'); } // if } // if }
/** * This function will return paginated result. Result is an array where first element is * array of returned object and second populated pagination object that can be used for * obtaining and rendering pagination data using various helpers. * * Items and pagination array vars are indexed with 0 for items and 1 for pagination * because you can't use associative indexing with list() construct * * @access public * @param array $arguments Query argumens (@see find()) Limit and offset are ignored! * @param integer $items_per_page Number of items per page * @param integer $current_page Current page number * @return array */ function paginate($arguments = null, $items_per_page = 10, $current_page = 1) { if(isset($this) && instance_of($this, 'AdministrationLogs')) { return parent::paginate($arguments, $items_per_page, $current_page); } else { return AdministrationLogs::instance()->paginate($arguments, $items_per_page, $current_page); //$instance =& AdministrationLogs::instance(); //return $instance->paginate($arguments, $items_per_page, $current_page); } // if } // paginate
/** * Return manager instance * * @access protected * @param void * @return AdministrationLogs */ function manager() { if (!$this->manager instanceof AdministrationLogs) { $this->manager = AdministrationLogs::instance(); } return $this->manager; }
/** * Return manager instance * * @access protected * @param void * @return AdministrationLogs */ function manager() { if(!($this->manager instanceof AdministrationLogs)) $this->manager = AdministrationLogs::instance(); return $this->manager; } // manager