public function indexAction()
{
$auth = Zend_Auth::getInstance();
$registry = Zend_Registry::getInstance();
$router = Zend_Controller_Front::getInstance()->getRouter();
$request = $this->getRequest();
$params = $request->getParams();
$credential = Ml_Model_Credential::getInstance();
$session = Ml_Model_Session::getInstance();
if (!$auth->hasIdentity()) {
$this->_redirect($router->assemble(array(), "index"), array("exit"));
}
if ($registry->isRegistered("signedUserInfo")) {
$signedUserInfo = $registry->get("signedUserInfo");
}
$form = $credential->logoutForm();
if ($request->isPost() && $form->isValid($request->getPost())) {
ignore_user_abort(true);
$unfilteredValues = $form->getUnfilteredValues();
if (isset($unfilteredValues['remote_signout'])) {
$session->remoteLogout();
$this->view->remoteLogoutDone = true;
} else {
$session->logout();
$this->_redirect($router->assemble(array(), "index"), array("exit"));
}
}
$recentActivity = $session->getRecentActivity($signedUserInfo['id']);
$this->view->logoutForm = $form;
$this->view->recentActivity = $recentActivity;
}
public function indexAction()
{
$registry = Zend_Registry::getInstance();
$auth = Zend_Auth::getInstance();
$config = $registry->get("config");
$sessionConfig = $config['resources']['session'];
Ml_Model_AntiAttack::loadRules();
$credential = Ml_Model_Credential::getInstance();
$logger = Ml_Model_Logger::getInstance();
if ($auth->hasIdentity()) {
return $this->_forward("goback");
}
$request = $this->getRequest();
$form = $credential->loginForm();
if (Ml_Model_AntiAttack::ensureHuman()) {
$ensureHuman = true;
} else {
$ensureHuman = false;
}
if ($request->isPost()) {
ignore_user_abort(true);
//A way to sign in only if captcha is right. This is a workaround to
//signout if the captcha is wrong.
//
//I've decided to put the sign in code in the validator itself,
//but couldn't find a way to make the password validator
//load after the captcha one (but to let it come first in code,
//and that's ugly on the screen) and get a result if the
//validation worked. Notice that it is only useful when
//the captcha is required.
if ($form->isValid($request->getPost())) {
//@see below
$session = Ml_Model_Session::getInstance();
//rememberMe and ForgetMe already regenerates the ID
if ($form->getElement("remember_me")->isChecked()) {
Zend_Session::rememberMe($sessionConfig['cookie_lifetime']);
} else {
Zend_Session::ForgetMe();
}
$session->associate($auth->getIdentity(), Zend_Session::getId());
$logger->log(array("action" => "login", "username" => $form->getValue("username")));
$this->_forward("goback");
} else {
//@see above
if ($auth->hasIdentity()) {
$auth->clearIdentity();
}
$logger->log(array("action" => "login_denied", "username" => $form->getValue("username")));
$this->view->errorlogin = true;
}
//@end of workaround
}
$challenge = $form->getElement("challenge");
//don't show missing value in the first time that asks for the captcha
if (!$ensureHuman && is_object($challenge)) {
$challenge->setErrorMessages(array("missingValue" => ''));
}
$this->view->loginform = $form;
}
