/** * Do username/password check here * * @param $user * @param $password * @param $remember * @return bool * @throws Kohana_Exception */ protected function _login($user, $password, $remember) { if (!is_array($user)) { $user = Model_Manager::getManager(['login' => strtoupper($user)]); } if (is_string($password)) { // Create a hashed password $password = $this->hash($password); } // If the passwords match, perform a login if (empty($user['PASSWORD']) || $user['PASSWORD'] !== $password) { Messages::put('Неправильный логин или пароль', 'error'); return false; } if ($user['AGENT_STATE'] != 1) { Messages::put('Доступ запрещен', 'error'); return false; } if ($user['STATE_ID'] != 1) { Messages::put('Доступ запрещен', 'error'); return false; } // Finish the login $this->complete_login($user); $db = Oracle::init(); $data = ['p_manager_id' => $user['MANAGER_ID'], 'p_params' => $_SERVER['HTTP_USER_AGENT'] . ';' . $_SERVER['REMOTE_ADDR']]; $db->procedure('auth_user', $data); return true; }
/** * функция авторизации */ public function action_login() { $post = Request::current()->post(); if (empty($post['login']) || empty($post['password'])) { Messages::put('Не заполнен логин или пароль', 'error'); $this->redirect('/'); } if (Auth::instance()->login($post['login'], $post['password'], FALSE)) { $this->redirect('/clients'); } $this->redirect('/'); }
/** * редактирование карты и лимитов * * @param $params * @return bool */ public static function editCardLimits($cardId, $limits) { if (empty($cardId)) { return false; } $user = Auth::instance()->get_user(); if (in_array($user['role'], array_keys(Access::$clientRoles))) { $currentLimits = self::getOilRestrictions($cardId); foreach ($limits as $limit) { if ($limit['param'] == 1 && $limit['value'] > 1000 || $limit['param'] == 2 && $limit['value'] > 30000) { if (empty($currentLimits)) { Messages::put('Изменение лимитов не произошло. Превышен допустимый лимит! Обратитесь к вашему менеджеру'); return false; } foreach ($limit['services'] as $service) { foreach ($currentLimits as $currentLimit) { foreach ($currentLimit as $currentL) { if ($currentL['SERVICE_ID'] == $service && $limit['value'] != $currentL['LIMIT_VALUE']) { Messages::put('Изменение лимитов не произошло. Превышен допустимый лимит! Обратитесь к вашему менеджеру'); return false; } } } } } } } $db = Oracle::init(); $db->procedure('card_service_refresh', ['p_card_id' => $cardId]); if (empty($limits)) { $db->procedure('card_queue_limit_add', ['p_card_id' => $cardId]); return true; } foreach ($limits as $group => $limit) { foreach ($limit['services'] as $service) { $data = ['p_card_id' => $cardId, 'p_service_id' => $service, 'p_limit_group' => $group, 'p_limit_param' => $limit['param'], 'p_limit_type' => $limit['type'], 'p_limit_value' => str_replace(",", ".", $limit['value']), 'p_limit_currency' => Model_Contract::CURRENCY_RUR, 'p_limit_pcs' => 0, 'p_manager_id' => $user['MANAGER_ID'], 'p_error_code' => 'out']; $res = $db->procedure('card_service_edit', $data); if (!empty($res)) { return false; } } } $db->procedure('card_queue_limit_add', ['p_card_id' => $cardId]); return true; }