/** * Sign In form. * * @return */ public function executeLogin($request) { if ($request->getMethod() != coreRequest::POST) { // get the referer option from redirectToLogin() $referer = $this->getUser()->getAttribute('login_referer', ''); // get other options from redirectToLogin() $username = $this->getUser()->getAttribute('login_username', ''); // clear redirectToLogin() options $this->getUser()->getAttributeHolder()->remove('login_referer'); $this->getUser()->getAttributeHolder()->remove('login_username'); $this->getRequest()->setParameter('referer', empty($referer) ? '@homepage' : $referer); $this->getRequest()->setParameter('username', $username); // AUTO FILL FORM (DEVELOPMENT ONLY!) if (CORE_ENVIRONMENT === 'dev') { $request->getParameterHolder()->add(array('username' => 'guest', 'password' => '')); } } else { $validator = new coreValidator($this->getActionName()); if ($validator->validate($request->getParameterHolder()->getAll())) { $username = trim($request->getParameter('username')); $raw_password = trim($request->getParameter('password')); $rememberme = $request->hasParameter('rememberme'); // check that user exists and password matches $user = UsersPeer::getUser($username); if (!$user || $this->getUser()->getSaltyHashedPassword($raw_password) != $user['password']) { $request->setError('login_invalid', "Invalid username and/or password."); return; } // sign in user $this->getUser()->signIn($user); // optionally, create the remember me cookie if ($rememberme) { $this->getUser()->setRememberMeCookie($user['username'], $this->getUser()->getSaltyHashedPassword($raw_password)); } // authenticate user on the community forums if (coreContext::getInstance()->getConfiguration()->getEnvironment() !== 'staging' && coreConfig::get('app_path_to_punbb') !== null) { PunBBUsersPeer::signIn($username, $raw_password, $rememberme); } // succesfully signed in return $this->redirect($this->getRequestParameter('referer', '@homepage')); } } }
/** * */ public function initialize(coreSessionStorage $storage, $options = array()) { parent::initialize($storage, $options); // sign in unauthenticated user if a "remember me" cookie exists if (!$this->isAuthenticated()) { if ($cookieData = coreContext::getInstance()->getRequest()->getCookie(self::COOKIE_NAME)) { $value = unserialize(base64_decode($cookieData)); $username = $value[0]; $saltyPassword = $value[1]; // sign in user if user is valid and password from cookie matches the one in database $user = UsersPeer::getUser($username); if ($user && $saltyPassword == $user['password']) { $this->signIn($user); } } } // session duration preferences $this->localPrefs = new LocalPrefs($this); }
public function executeIndex($request) { $username = $request->getParameter('username'); if (!$username) { if ($this->getUser()->isAuthenticated()) { $username = $this->getUser()->getUserName(); } else { // if unauthenticated user checks his (bookmarked?) profile, go to login and back $url = $this->getController()->genUrl('profile/index', true); $this->getUser()->redirectToLogin(array('referer' => $url)); } } if ($user = UsersPeer::getUser($username)) { $this->user = $user; $this->self_account = $user['username'] == $this->getUser()->getUserName(); $this->kanji_count = ReviewsPeer::getReviewedFlashcardCount($user['userid']); $this->total_reviews = ReviewsPeer::getTotalReviews($user['userid']); $this->forum_uid = coreConfig::get('app_path_to_punbb') !== null ? PunBBUsersPeer::getInstance()->getForumUID($username) : false; return coreView::SUCCESS; } return coreView::ERROR; }
/** * Forgot Password page. * * Request the username, send an email tot the corresponding * email address, with a new password. * */ public function executeRequestPassword($request) { if ($request->getMethod() != coreRequest::POST) { return coreView::SUCCESS; } // handle the form submission $validator = new coreValidator($this->getActionName()); if ($validator->validate($request->getParameterHolder()->getAll())) { $username = trim($request->getParameter('username')); $user = UsersPeer::getUser($username); if ($user) { // set new random password $raw_password = strtoupper(substr(md5(rand(100000, 999999)), 0, 8)); // update the password on main site and forum $this->getUser()->changePassword($user['username'], $raw_password); // send email with new password, user username from db here to email user with the // username in the exact CaSe they registered with $mailer = new rtkMail(); $mailer->sendRequestPasswordConfirmation($user['email'], $user['username'], $raw_password); return 'MailSent'; } else { $request->setError('username_invalid', 'This username could not be found. Did you spell your username correctly?'); return coreView::SUCCESS; } } }