function process(Vtiger_Request $request) { $currentUserModel = Users_Record_Model::getCurrentUserModel(); $baseUserId = $currentUserModel->getId(); $userId = $request->get('id'); $user = new Users(); $currentUser = $user->retrieveCurrentUserInfoFromFile($userId); $name = $currentUserModel->getName(); $userName = $currentUser->column_fields['user_name']; Vtiger_Session::set('AUTHUSERID', $userId); Vtiger_Session::set('authenticated_user_id', $userId); Vtiger_Session::set('user_name', $userName); Vtiger_Session::set('full_user_name', $name); $status = 'Switched'; if (Vtiger_Session::get('baseUserId') == '') { Vtiger_Session::set('baseUserId', $baseUserId); $status = 'Signed in'; } elseif ($userId == Vtiger_Session::get('baseUserId')) { $baseUserId = $userId; Vtiger_Session::set('baseUserId', ''); $status = 'Signed out'; } else { $baseUserId = Vtiger_Session::get('baseUserId'); } $dbLog = PearDatabase::getInstance('log'); $dbLog->insert('l_yf_switch_users', ['baseid' => $baseUserId, 'destid' => $userId, 'busername' => $currentUserModel->getName(), 'dusername' => $name, 'date' => date('Y-m-d H:i:s'), 'ip' => Vtiger_Functions::getRemoteIP(), 'agent' => $_SERVER['HTTP_USER_AGENT'], 'status' => $status]); header('Location: index.php'); }
public function __construct($message = null, $code = 0) { parent::__construct($message, $code); Vtiger_Session::init(); $request = new Vtiger_Request($_REQUEST); $dbLog = PearDatabase::getInstance('log'); $userName = Vtiger_Session::get('full_user_name'); $dbLog->insert('o_yf_access_for_api', ['username' => empty($userName) ? '-' : $userName, 'date' => date('Y-m-d H:i:s'), 'ip' => Vtiger_Functions::getRemoteIP(), 'url' => Vtiger_Functions::getBrowserInfo()->url, 'agent' => $_SERVER['HTTP_USER_AGENT'], 'request' => json_encode($_REQUEST)]); }
public static function checkBlocked() { $db = PearDatabase::getInstance(); $query = "SELECT * FROM `vtiger_bruteforce` LIMIT 1"; $result = $db->pquery($query, array()); $ip = Vtiger_Functions::getRemoteIP(); $now = date("Y-m-d H:i:s"); $bruteforceSettings = $db->query_result_rowdata($result, 0); $attempsNumber = $bruteforceSettings['attempsnumber']; $blockTime = $bruteforceSettings['timelock']; $query = "SELECT count(login_id) as cn FROM `vtiger_loginhistory` vlh WHERE STATUS = 'Failed login' && user_ip = ? && unblock = 0 && (UNIX_TIMESTAMP(vlh.login_time) - UNIX_TIMESTAMP(ADDDATE(?, INTERVAL -{$blockTime} MINUTE))) > 0"; $result = $db->pquery($query, array($ip, $now)); if ($db->query_result_raw($result, 0, 'cn') >= $attempsNumber) { return true; } return false; }
/** * Function to store the login history * @param type $username */ public function saveLoginHistory($username, $status = 'Signed in', $browser = '') { $adb = PearDatabase::getInstance(); $userIPAddress = Vtiger_Functions::getRemoteIP(); $loginTime = date("Y-m-d H:i:s"); $browser = strlen($browser) ? $browser : '-'; $query = "INSERT INTO vtiger_loginhistory (user_name, user_ip, logout_time, login_time, status, browser) VALUES (?,?,?,?,?,?)"; $params = array($username, $userIPAddress, '0000-00-00 00:00:00', $loginTime, $status, $browser); $adb->pquery($query, $params); }