/** * Authenticates a user. * The example implementation makes sure if the username and password * are both 'demo'. * In practical applications, this should be changed to authenticate * against some persistent user identity storage (e.g. database). * @return boolean whether authentication succeeds. */ public function authenticate() { $username = strtolower($this->username); /** @var $user User */ $user = User::model()->with('roles')->find('LOWER(use_username)=?', array($username)); if ($user === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if (!$user->validatePassword($this->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $user->use_id; $this->username = $user->use_fname; $this->_branchId = $user->use_branch; $this->_scope = $user->use_scope; $this->_roles = $user->roles; $this->userData = serialize($user); Yii::app()->user->setState("fullname", $user->getFullName()); $this->errorCode = self::ERROR_NONE; $this->loadSessionForOldLogin($user); } } LoginLog::model()->log($this, $user); return $this->errorCode == self::ERROR_NONE; }
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $oDataset->next(); $aRow = $oDataset->getRow(); if ($aRow) { if ($aRow['LOG_STATUS'] != 'CLOSED' && $aRow['LOG_END_DATE'] == null) { $weblog = new LoginLog(); $aLog['LOG_UID'] = $aRow['LOG_UID']; $aLog['LOG_STATUS'] = 'CLOSED'; $aLog['LOG_IP'] = $aRow['LOG_IP']; $aLog['LOG_SID'] = session_id(); $aLog['LOG_INIT_DATE'] = $aRow['LOG_INIT_DATE']; $aLog['LOG_END_DATE'] = date('Y-m-d H:i:s');
die; } if (isset($frm['USER_LANG'])) { if ($frm['USER_LANG'] != '') { $lang = $frm['USER_LANG']; } } else { if (defined('SYS_LANG')) { $lang = SYS_LANG; } else { $lang = 'en'; } } /**log in table Login**/ require_once 'classes/model/LoginLog.php'; $weblog = new LoginLog(); $aLog['LOG_UID'] = G::generateUniqueID(); $aLog['LOG_STATUS'] = 'ACTIVE'; $aLog['LOG_IP'] = G::getIpAddress(); $aLog['LOG_SID'] = session_id(); $aLog['LOG_INIT_DATE'] = date('Y-m-d H:i:s'); //$aLog['LOG_END_DATE'] = '0000-00-00 00:00:00'; $aLog['LOG_CLIENT_HOSTNAME'] = $_SERVER['HTTP_HOST']; $aLog['USR_UID'] = $_SESSION['USER_LOGGED']; $weblog->create($aLog); /**end log**/ //************** background processes, here we are putting some back office routines ********** $heartBeatNWIDate = $oServerConf->getHeartbeatProperty('HB_NEXT_GWI_DATE', 'HEART_BEAT_CONF'); if (is_null($heartBeatNWIDate)) { $heartBeatNWIDate = time(); }
$oCriteria->add(UsersPeer::USR_UID, $aUsers, Criteria::IN); } elseif ($totalRows == 0 && $auths != '') { $oCriteria->add(UsersPeer::USR_UID, '', Criteria::IN); } if ($sort != '') { if ($dir == 'ASC') { $oCriteria->addAscendingOrderByColumn($sort); } else { $oCriteria->addDescendingOrderByColumn($sort); } } $oCriteria->setOffset($start); $oCriteria->setLimit($limit); $oDataset = UsersPeer::DoSelectRs($oCriteria); $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $Login = new LoginLog(); $aLogin = $Login->getLastLoginAllUsers(); $Cases = new AppCacheView(); $aCases = $Cases->getTotalCasesByAllUsers(); $Department = new Department(); $aDepart = $Department->getAllDepartmentsByUser(); $aAuthSources = $RBAC->getAllAuthSourcesByUser(); require_once PATH_CONTROLLERS . 'adminProxy.php'; $uxList = adminProxy::getUxTypesList(); $oRoles = new Roles(); $rows = array(); while ($oDataset->next()) { $row = $oDataset->getRow(); $uRole = $oRoles->loadByCode($row['USR_ROLE']); $row['USR_ROLE'] = isset($uRole['ROL_NAME']) ? $uRole['ROL_NAME'] != '' ? $uRole['ROL_NAME'] : $uRole['USR_ROLE'] : $uRole['USR_ROLE']; $row['DUE_DATE_OK'] = date('Y-m-d') > date('Y-m-d', strtotime($row['USR_DUE_DATE'])) ? 0 : 1;
/** * Login */ public function login() { require_once 'classes/model/LoginLog.php'; G::LoadClass('system'); G::loadClass('configuration'); $this->conf = new Configurations(); // getting posibles errors passed by GET method $this->getInUrlError(); if (!isset($_SESSION['G_MESSAGE'])) { $_SESSION['G_MESSAGE'] = ''; } if (!isset($_SESSION['G_MESSAGE_TYPE'])) { $_SESSION['G_MESSAGE_TYPE'] = ''; } $msg = $_SESSION['G_MESSAGE']; $msgType = $_SESSION['G_MESSAGE_TYPE']; if (!isset($_SESSION['FAILED_LOGINS'])) { $_SESSION['FAILED_LOGINS'] = 0; } $sFailedLogins = $_SESSION['FAILED_LOGINS']; if (isset($_SESSION['USER_LOGGED'])) { //close the session, if the current session_id was used in PM. $oCriteria = new Criteria('workflow'); $oCriteria->add(LoginLogPeer::LOG_SID, session_id()); $oCriteria->add(LoginLogPeer::USR_UID, isset($_SESSION['USER_LOGGED']) ? $_SESSION['USER_LOGGED'] : '-'); $oCriteria->add(LoginLogPeer::LOG_STATUS, 'ACTIVE'); $oCriteria->add(LoginLogPeer::LOG_END_DATE, null, Criteria::ISNULL); $oDataset = LoginLogPeer::doSelectRS($oCriteria); $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $oDataset->next(); $aRow = $oDataset->getRow(); if ($aRow) { if ($aRow['LOG_STATUS'] != 'CLOSED' && $aRow['LOG_END_DATE'] == null) { $weblog = new LoginLog(); $aLog['LOG_UID'] = $aRow['LOG_UID']; $aLog['LOG_STATUS'] = 'CLOSED'; $aLog['LOG_IP'] = $aRow['LOG_IP']; $aLog['LOG_SID'] = session_id(); $aLog['LOG_INIT_DATE'] = $aRow['LOG_INIT_DATE']; $aLog['LOG_END_DATE'] = date('Y-m-d H:i:s'); $aLog['LOG_CLIENT_HOSTNAME'] = $aRow['LOG_CLIENT_HOSTNAME']; $aLog['USR_UID'] = $aRow['USR_UID']; $weblog->update($aLog); } } //remove memcached session $this->memcache->delete('rbacSession' . session_id()); } else { // Execute SSO trigger $pluginRegistry =& PMPluginRegistry::getSingleton(); if (defined('PM_SINGLE_SIGN_ON')) { if ($pluginRegistry->existsTrigger(PM_SINGLE_SIGN_ON)) { if ($pluginRegistry->executeTriggers(PM_SINGLE_SIGN_ON, null)) { // Start new session @session_destroy(); session_start(); session_regenerate_id(); // Authenticate $result = $this->authentication(); if ($result->success) { // Redirect to landing page for the user G::header('Location: ' . $result->url); die; } } } } } //end log //start new session @session_destroy(); session_start(); session_regenerate_id(); if (strlen($msg) > 0) { $_SESSION['G_MESSAGE'] = $msg; } if (strlen($msgType) > 0) { $_SESSION['G_MESSAGE_TYPE'] = $msgType; } $_SESSION['FAILED_LOGINS'] = $sFailedLogins; $availableLangArray = $this->getLanguagesList(); G::LoadClass("serverConfiguration"); $sflag = 0; if (($nextBeatDate = $this->memcache->get('nextBeatDate')) === false) { //get the serverconf singleton, and check if we can send the heartbeat $oServerConf =& serverConf::getSingleton(); $sflag = $oServerConf->getHeartbeatProperty('HB_OPTION', 'HEART_BEAT_CONF'); $sflag = trim($sflag) != '' ? $sflag : '1'; //get date of next beat $nextBeatDate = $oServerConf->getHeartbeatProperty('HB_NEXT_BEAT_DATE', 'HEART_BEAT_CONF'); $this->memcache->set('nextBeatDate', $nextBeatDate, 1 * 3600); } else { $sflag = '1'; } if ($sflag == '1' && (strtotime("now") > $nextBeatDate || is_null($nextBeatDate))) { //To do: we need to change to ExtJs $this->setJSVar('flagHeartBeat', 1); } else { $this->setJSVar('flagHeartBeat', 0); } if (($flagGettingStarted = $this->memcache->get('flagGettingStarted')) === false) { require_once 'classes/model/Configuration.php'; $oConfiguration = new Configuration(); $oCriteria = new Criteria('workflow'); $oCriteria->add(ConfigurationPeer::CFG_UID, 'getStarted'); $oCriteria->add(ConfigurationPeer::OBJ_UID, ''); $oCriteria->add(ConfigurationPeer::CFG_VALUE, '1'); $oCriteria->add(ConfigurationPeer::PRO_UID, ''); $oCriteria->add(ConfigurationPeer::USR_UID, ''); $oCriteria->add(ConfigurationPeer::APP_UID, ''); $flagGettingStarted = ConfigurationPeer::doCount($oCriteria); $this->memcache->set('flagGettingStarted', $flagGettingStarted, 8 * 3600); } $this->setJSVar('flagGettingStarted', $flagGettingStarted == 0); G::loadClass('configuration'); $oConf = new Configurations(); $oConf->loadConfig($obj, 'ENVIRONMENT_SETTINGS', ''); $flagForgotPassword = isset($oConf->aConfig['login_enableForgotPassword']) ? $oConf->aConfig['login_enableForgotPassword'] : '******'; $this->includeExtJSLib('ux/virtualkeyboard'); $this->includeExtJS('main/login'); $this->setView('main/login'); $oConf->loadConfig($obj, 'ENVIRONMENT_SETTINGS', ''); $forgotPasswd = isset($oConf->aConfig['login_enableForgotPassword']) ? $oConf->aConfig['login_enableForgotPassword'] : false; $virtualKeyboad = isset($oConf->aConfig['login_enableVirtualKeyboard']) ? $oConf->aConfig['login_enableVirtualKeyboard'] : false; $defaultLanguaje = isset($oConf->aConfig['login_defaultLanguage']) ? $oConf->aConfig['login_defaultLanguage'] : 'en'; $this->setJSVar('forgotPasswd', $forgotPasswd); $this->setJSVar('virtualKeyboad', $virtualKeyboad); $this->setJSVar('languages', $availableLangArray); $this->setJSVar('defaultLang', $defaultLanguaje); //binding G::SendTemporalMessage() to Ext.msgBoxSlider.msgTopCenter() if (($flyNotify = $this->getFlyNotify()) !== false) { $this->setJSVar('flyNotify', $flyNotify); } //binding G::SendTemporalMessage() to Ext.msgBoxSlider.msgTopCenter() if (isset($_GET['u'])) { $this->setJSVar('urlRequested', urldecode($_GET['u'])); } $this->setVar('logo_company', $this->getCompanyLogo()); $this->setVar('pmos_version', System::getVersion()); $footerText = 'Copyright © 2003-' . date('Y') . ' Colosa, Inc. All rights reserved.'; $adviseText = 'Supplied free of charge with no support, certification, warranty, maintenance nor indemnity by Colosa and its Certified Partners. '; $this->setVar('footer_text', $footerText); $this->setVar('advise_text', $adviseText); $loginScript = $this->getHeadPublisher()->getExtJsLibraries(); $loginScript .= $this->getHeadPublisher()->getExtJsScripts(); $this->setVar('login_script', $loginScript); $this->setVar('login_vars', $this->getHeadPublisher()->getExtJsVariablesScript()); $this->setLayout('pm-modern-login'); $this->render(); }
public function log(CUserIdentity $userIdentity, User $user = null) { /** @var $session CHttpSession */ $session = Yii::app()->getSession(); $log = new LoginLog(); $log->log_ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : ""; $log->log_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ""; $log->log_session = $session->getSessionID(); if ($user === null) { $log->log_result = self::Fail; $log->log_errmsg = "User is not found"; } else { $log->log_use_username = $user->use_username; $log->log_use_id = $user->use_id; if (!$user->use_salt) { $log->log_result = self::Fail; $log->log_errmsg = "User does not has salt"; } } switch ($userIdentity->errorCode) { default: case CUserIdentity::ERROR_NONE: $log->log_result = self::Success; break; case CUserIdentity::ERROR_USERNAME_INVALID: $log->log_result = self::Fail; $log->log_errmsg = "User is not found"; // impossible situation. we already check whether user exists or not. break; case CUserIdentity::ERROR_PASSWORD_INVALID: // password did not match. $log->log_result = self::Fail; $log->log_errmsg = "Password did not match"; break; } $log->save(); return; }