public function signIn($login_name, $password, $remember = false, $password_is_hashed = false) { c2cTools::log('in signin function from myUser class'); $return = false; // we need to retrieve the stored hash for the correspondings user to: // - the salt is stored there, needed for verifiying the password // - allows us to check whether it is still an old hash, without salt $upd = UserPrivateData::retrieveByLoginName($login_name); if (!$upd) { return false; } else { $userid = $upd->id; $hash_tmp = $upd->password_tmp; $hash = $upd->password; } if ($password_is_hashed) { $user = $password === $hash ? sfDoctrine::getTable('User')->find($userid) : false; } else { $user = self::check_password($password, $hash) ? sfDoctrine::getTable('User')->find($userid) : false; } // maybe the user requested a new password, check if password_tmp is ok if (!$user && !$password_is_hashed) { // This block is not used when password is hashed. Indeed password is hashed only // when performing an automatic signIn ("remember me"). // In that case, no temp password is used. c2cTools::log('base login failed, start trying with password_temp'); // user not found, try with tmp password $user = self::check_password($password, $hash_tmp) ? sfDoctrine::getTable('User')->find($userid) : false; if ($user) { c2cTools::log('user found, make temp password the new password'); // user used his tmp password $user_private_data = $user->get('private_data'); // set password to tmp password $user_private_data->set('password', $password); // delete tmp password $user_private_data->set('password_tmp', null); $user->save(); } } if ($user) { c2cTools::log('user found, continue to test if active'); if ($user->isActive()) { c2cTools::log('user is active'); $user_id = $user->get('id'); // if we went there with the old hash algorithm (simple hash, no salt), // then update the db with so that we use the new algorithm next time if (!$password_is_hashed && password_needs_rehash($hash, PASSWORD_DEFAULT)) { c2cTools::log('upgrading user to new hash algorithm'); $conn = sfDoctrine::Connection(); try { $user_private_data = UserPrivateData::find($user_id); $user_private_data->setPassword($password); $user_private_data->save(); $conn->commit(); } catch (Exception $e) { $conn->rollback(); c2cTools::log('could not upgrade user to new hash algorithm'); } $hash = $user_private_data->getPassword(); } $user_culture = $user->get('private_data')->getPreferedCulture(); // when user signs-in it confirms his signup if ($user->isConfirmationPending()) { c2cTools::log('remove user from pending group'); $user->removeFromGroup('pending'); } // login punbb if ($password_is_hashed) { Punbb::signIn($user_id, $password); } else { Punbb::signIn($user_id, $hash); } c2cTools::log('logged in punbb'); // remember? if ($remember) { c2cTools::log('remember me requested / or renew'); $context = sfContext::getInstance(); $remember_cookie = sfConfig::get('app_remember_key_cookie_name', 'c2corg_remember'); $key = RememberKey::generateRandomKey(); // if remember_cookie was set in the request, it means that we are renewing it $remember_key = $context->getRequest()->getCookie($remember_cookie); if ($remember_key) { RememberKey::renewKey($remember_key, $key); } else { $rk = new RememberKey(); $rk->set('remember_key', $key); $rk->set('user', $user); $rk->set('ip_address', isset($_SERVER['HTTP_X_ORIGIN_IP']) ? $_SERVER['HTTP_X_ORIGIN_IP'] : $_SERVER['REMOTE_ADDR']); // TODO remove obsolete field $rk->save(); } // TODO : move remove old keys in a batch // remove old keys RememberKey::deleteOldKeys(); // make key as a cookie $expiration_age = sfConfig::get('app_remember_key_expiration_age', 30 * 24 * 3600); $context->getResponse()->setCookie($remember_cookie, $key, time() + $expiration_age, '/', '', false, true); } else { // user is authenticated but has not checked "remember me" option // let's add a cookie to indicate his/her session should not be reset while his/her browser is open sfContext::getInstance()->getResponse()->setCookie('temp_remember', 1); } c2cTools::log('add some information in user session'); // give credentials $this->addCredentials($user->getAllPermissionNames()); // login session symfony $this->setAttribute('username', $user->get('private_data')->get('topo_name')); $this->setAttribute('id', $user_id); // set the prefered language for user session // and the list of languages ordered by preference $this->saveLanguageListInSession($user->get('private_data')->getDocumentCulture()); // set logged $this->setAuthenticated(true); $return = true; // change language session if needed if ($this->getCulture() != $user_culture) { $this->setCulture($user_culture); } // be sure to update punbb language cookie Punbb::setLanguage($user_culture); // Restore pref cookies c2cPersonalization::restorePrefCookies($user_id); } } return $return; }
/** * Executes Edit action for user private data. */ public function executeEditPrivateData() { $user_id = $this->getUser()->getId(); // logged user id if (!($user_private_data = UserPrivateData::find($user_id))) { $this->setNotFoundAndRedirect(); } if ($this->getRequest()->getMethod() == sfRequest::POST) { // user private data update $email = trim($this->getRequestParameter('email')); $password = trim($this->getRequestParameter('password')); $nickname = trim($this->getRequestParameter('edit_nickname')); $nickname = preg_replace('#\\s+#', ' ', $nickname); $toponame = trim($this->getRequestParameter('edit_topo_name')); $toponame = preg_replace('#\\s+#', ' ', $toponame); $is_profile_public = $this->getRequestParameter('is_profile_public'); $conn = sfDoctrine::Connection(); try { if (!empty($password)) { $user_private_data->setPassword($password); // since the password has been changed, we remove all the remember me keys // attached to this user. RememberKey::deleteUserKeys($user_id); } if (!is_null($email)) { $old_email = $user_private_data->getEmail(); if ($old_email != $email) { Sympa::updateEmail($old_email, $email); $user_private_data->setEmail($email); } } if ($nickname != $user_private_data->getUsername()) { $user_private_data->setUsername($nickname); } if ($toponame != $user_private_data->getTopoName()) { $user_private_data->setTopoName($toponame); } $user_private_data->setIsProfilePublic(!empty($is_profile_public)); $user_private_data->save(); $conn->commit(); $this->statsdIncrement('success'); // update cache $this->clearCache('users', $user_id, false, 'view'); } catch (Exception $e) { $conn->rollback(); $this->statsdIncrement('failure'); } // update user session $this->getUser()->setAttribute('username', $user_private_data->get('topo_name')); // little js update if ($this->isAjaxCall()) { sfLoader::loadHelpers(array('Javascript', 'Tag')); // update the name to use (after the welcome) // and be sure to reset password value $js = javascript_tag("\$('#name_to_use').html('" . $user_private_data->get('topo_name') . "');\n \$('#current_password').val('')"); } else { $js = ""; } if (!empty($password)) { // user updated is password. We need to update the login to punbb Punbb::signIn($user_private_data->getId(), $user_private_data->password); } $lang = $this->getUser()->getCulture(); return $this->setNoticeAndRedirect('Your private information have been successfully updated', "@document_by_id_lang?module=users&id={$user_id}&lang={$lang}", null, $js); } else { // display form //$this->user = $user; $this->user_private_data = $user_private_data; $this->setPageTitle($this->__('User account update')); } }