public function indexAction()
{
$registry = Zend_Registry::getInstance();
$auth = Zend_Auth::getInstance();
$config = $registry->get("config");
$sessionConfig = $config['resources']['session'];
Ml_Model_AntiAttack::loadRules();
$credential = Ml_Model_Credential::getInstance();
$logger = Ml_Model_Logger::getInstance();
if ($auth->hasIdentity()) {
return $this->_forward("goback");
}
$request = $this->getRequest();
$form = $credential->loginForm();
if (Ml_Model_AntiAttack::ensureHuman()) {
$ensureHuman = true;
} else {
$ensureHuman = false;
}
if ($request->isPost()) {
ignore_user_abort(true);
//A way to sign in only if captcha is right. This is a workaround to
//signout if the captcha is wrong.
//
//I've decided to put the sign in code in the validator itself,
//but couldn't find a way to make the password validator
//load after the captcha one (but to let it come first in code,
//and that's ugly on the screen) and get a result if the
//validation worked. Notice that it is only useful when
//the captcha is required.
if ($form->isValid($request->getPost())) {
//@see below
$session = Ml_Model_Session::getInstance();
//rememberMe and ForgetMe already regenerates the ID
if ($form->getElement("remember_me")->isChecked()) {
Zend_Session::rememberMe($sessionConfig['cookie_lifetime']);
} else {
Zend_Session::ForgetMe();
}
$session->associate($auth->getIdentity(), Zend_Session::getId());
$logger->log(array("action" => "login", "username" => $form->getValue("username")));
$this->_forward("goback");
} else {
//@see above
if ($auth->hasIdentity()) {
$auth->clearIdentity();
}
$logger->log(array("action" => "login_denied", "username" => $form->getValue("username")));
$this->view->errorlogin = true;
}
//@end of workaround
}
$challenge = $form->getElement("challenge");
//don't show missing value in the first time that asks for the captcha
if (!$ensureHuman && is_object($challenge)) {
$challenge->setErrorMessages(array("missingValue" => ''));
}
$this->view->loginform = $form;
}
public function init()
{
$registry = Zend_Registry::getInstance();
$config = $registry->get("config");
$this->addElementPrefixPath('Ml_Validate', 'Ml/Validate/', Zend_Form_Element::VALIDATE);
$this->addElementPrefixPath('Ml_Filter', 'Ml/Filter/', Zend_Form_Element::FILTER);
$this->addElement('text', 'username', array('label' => 'Username or e-mail:', 'required' => true, 'autofocus' => 'autofocus', 'filters' => array('StringTrim', 'StringToLower'), 'validators' => array(array('validator' => 'username'))));
$this->getElement("username")->setAttrib('required', 'required');
$this->addElement('password', 'password', array('label' => 'Password:'******'required' => true, 'filters' => array('StringTrim'), 'validators' => array(array('validator' => 'StringLength', 'options' => array(5, 20)), array('validator' => 'password'))));
$this->getElement("password")->setAttrib('required', 'required');
$this->addElement('checkbox', 'remember_me', array('label' => 'Remember me'));
if (Ml_Model_AntiAttack::ensureHuman()) {
$this->addElement(Ml_Model_AntiAttack::captchaElement());
}
$login = $this->addElement('submit', 'login', array('required' => false, 'ignore' => true, 'label' => 'Sign in', 'class' => 'btn primary'));
if ($config['ssl']) {
$this->getElement("login")->addValidator("Https");
//By default the submit element doesn't display a error decorator
$this->getElement("login")->addDecorator("Errors");
}
$this->getElement("username")->setAttrib('class', 'span3');
$this->getElement("password")->setAttrib('class', 'span3');
$this->setAttrib('class', 'form-stacked');
}
