public function indexAction() { $auth = Zend_Auth::getInstance(); $registry = Zend_Registry::getInstance(); $router = Zend_Controller_Front::getInstance()->getRouter(); $request = $this->getRequest(); $params = $request->getParams(); $credential = Ml_Model_Credential::getInstance(); $session = Ml_Model_Session::getInstance(); if (!$auth->hasIdentity()) { $this->_redirect($router->assemble(array(), "index"), array("exit")); } if ($registry->isRegistered("signedUserInfo")) { $signedUserInfo = $registry->get("signedUserInfo"); } $form = $credential->logoutForm(); if ($request->isPost() && $form->isValid($request->getPost())) { ignore_user_abort(true); $unfilteredValues = $form->getUnfilteredValues(); if (isset($unfilteredValues['remote_signout'])) { $session->remoteLogout(); $this->view->remoteLogoutDone = true; } else { $session->logout(); $this->_redirect($router->assemble(array(), "index"), array("exit")); } } $recentActivity = $session->getRecentActivity($signedUserInfo['id']); $this->view->logoutForm = $form; $this->view->recentActivity = $recentActivity; }
public function indexAction() { $registry = Zend_Registry::getInstance(); $auth = Zend_Auth::getInstance(); $config = $registry->get("config"); $sessionConfig = $config['resources']['session']; Ml_Model_AntiAttack::loadRules(); $credential = Ml_Model_Credential::getInstance(); $logger = Ml_Model_Logger::getInstance(); if ($auth->hasIdentity()) { return $this->_forward("goback"); } $request = $this->getRequest(); $form = $credential->loginForm(); if (Ml_Model_AntiAttack::ensureHuman()) { $ensureHuman = true; } else { $ensureHuman = false; } if ($request->isPost()) { ignore_user_abort(true); //A way to sign in only if captcha is right. This is a workaround to //signout if the captcha is wrong. // //I've decided to put the sign in code in the validator itself, //but couldn't find a way to make the password validator //load after the captcha one (but to let it come first in code, //and that's ugly on the screen) and get a result if the //validation worked. Notice that it is only useful when //the captcha is required. if ($form->isValid($request->getPost())) { //@see below $session = Ml_Model_Session::getInstance(); //rememberMe and ForgetMe already regenerates the ID if ($form->getElement("remember_me")->isChecked()) { Zend_Session::rememberMe($sessionConfig['cookie_lifetime']); } else { Zend_Session::ForgetMe(); } $session->associate($auth->getIdentity(), Zend_Session::getId()); $logger->log(array("action" => "login", "username" => $form->getValue("username"))); $this->_forward("goback"); } else { //@see above if ($auth->hasIdentity()) { $auth->clearIdentity(); } $logger->log(array("action" => "login_denied", "username" => $form->getValue("username"))); $this->view->errorlogin = true; } //@end of workaround } $challenge = $form->getElement("challenge"); //don't show missing value in the first time that asks for the captcha if (!$ensureHuman && is_object($challenge)) { $challenge->setErrorMessages(array("missingValue" => '')); } $this->view->loginform = $form; }