public function testEncodePasswordPbkdf2()
{
$this->passwordEncoderCommandTester->execute(array('command' => 'security:encode-password', 'password' => 'password', 'user-class' => 'Custom\\Class\\Pbkdf2\\User'), array('interactive' => false));
$output = $this->passwordEncoderCommandTester->getDisplay();
$this->assertContains('Password encoding succeeded', $output);
$encoder = new Pbkdf2PasswordEncoder('sha512', true, 1000);
preg_match('# Encoded password\\s{1,}([\\w+\\/]+={0,2})\\s+#', $output, $matches);
$hash = $matches[1];
preg_match('# Generated salt\\s{1,}([\\w+\\/]+={0,2})\\s+#', $output, $matches);
$salt = $matches[1];
$this->assertTrue($encoder->isPasswordValid($hash, 'password', $salt));
}
public function testCheckPasswordLength()
{
$encoder = new Pbkdf2PasswordEncoder('foobar');
$this->assertFalse($encoder->isPasswordValid('encoded', str_repeat('a', 5000), 'salt'));
}
/**
* Set password
*
* @param string $password
*
* @return BaseUser
*/
public function setPassword($password)
{
$encoder = new Pbkdf2PasswordEncoder('sha512', true, 1000);
$this->password = $encoder->encodePassword($password, $this->getSalt());
return $this;
}
/**
* @expectedException LogicException
*/
public function testEncodePasswordAlgorithmDoesNotExist()
{
$encoder = new Pbkdf2PasswordEncoder('foobar');
$encoder->encodePassword('password', '');
}
/**
*
* @return RedirectResponse|Response
*/
public function myProfilePostAction()
{
$sc = $this->getSecurityTokenStorage();
$user = $sc->getToken()->getUser();
$oldDbpass = $user->getPassword();
$em = $this->getEntityManager();
$userUpdateProfileForm = $this->createForm(UserUpdateProfileTForm::class, $user);
// $userUpdatePreferedLangForm = $this->createForm(UserUpdatePreferedLangTForm::class, $user);
$userUpdateEmailForm = $this->createForm(UserUpdateEmailTForm::class, $user);
$userUpdatePasswordForm = $this->createForm(UserUpdatePasswordTForm::class, $user);
$userUploadAvatarForm = $this->createForm(UserUploadAvatarTForm::class, $user);
$userCropAvatarForm = $this->createForm(UserCropAvatarTForm::class);
$this->gvars['tabActive'] = $this->getSession()->get('tabActive', 2);
$this->getSession()->remove('tabActive');
$request = $this->getRequest();
$reqData = $request->request->all();
$cloneUser = clone $user;
if (isset($reqData['UserUpdateEmailForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userUpdateEmailForm->handleRequest($request);
if ($userUpdateEmailForm->isValid()) {
$em->persist($user);
$em->flush();
$this->flashMsgSession('success', $this->translate('Profile.edit.success'));
$this->traceEntity($cloneUser, $user);
return $this->redirect($this->generateUrl('_security_profile'));
} else {
$em->refresh($user);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
}
} elseif (isset($reqData['UserUpdatePasswordForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userUpdatePasswordForm->handleRequest($request);
if ($userUpdatePasswordForm->isValid()) {
$oldPassword = $userUpdatePasswordForm['oldPassword']->getData();
$encoder = new Pbkdf2PasswordEncoder('sha512', true, 1000);
$oldpassEncoded = $encoder->encodePassword($oldPassword, $user->getSalt());
if ($oldpassEncoded != $oldDbpass) {
$formError = new FormError($this->translate('User.oldPassword.incorrect', array(), 'validators'));
$userUpdatePasswordForm['oldPassword']->addError($formError);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
} else {
$em->persist($user);
$em->flush();
$this->flashMsgSession('success', $this->translate('Profile.edit.success'));
$this->traceEntity($cloneUser, $user);
return $this->redirect($this->generateUrl('_security_profile'));
}
} else {
$em->refresh($user);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
}
} elseif (isset($reqData['UserUpdateProfileForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userUpdateProfileForm->handleRequest($request);
if ($userUpdateProfileForm->isValid()) {
$em->persist($user);
$em->flush();
$this->flashMsgSession('success', $this->translate('Profile.edit.success'));
$this->traceEntity($cloneUser, $user);
return $this->redirect($this->generateUrl('_security_profile'));
} else {
$em->refresh($user);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
}
} elseif (isset($reqData['UserUploadAvatarForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userUploadAvatarForm->handleRequest($request);
if ($userUploadAvatarForm->isValid()) {
$filename = $user->getUsername() . '_' . uniqid() . '.' . $userUploadAvatarForm['avatar']->getData()->guessExtension();
$userUploadAvatarForm['avatar']->getData()->move($this->getParameter('adapter_tmp_files'), $filename);
$this->gvars['tmp_avatar'] = $filename;
$userCropAvatarForm = $this->createForm(UserCropAvatarTForm::class, null, array('filename' => $filename));
$this->gvars['UserCropAvatarForm'] = $userCropAvatarForm->createView();
$this->gvars['user'] = $user;
return $this->renderResponse('AcfSecurityBundle:Profile:resize_avatar.html.twig', $this->gvars);
} else {
$this->gvars['UserUploadAvatarForm'] = $userUploadAvatarForm->createView();
return $this->renderResponse('AcfSecurityBundle:Profile:resize_avatar_error.html.twig', $this->gvars);
}
} elseif (isset($reqData['UserCropAvatarForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userCropAvatarForm->handleRequest($request);
if ($userCropAvatarForm->isValid()) {
$filename = $userCropAvatarForm['avatar_tmp']->getData();
$path = $this->getParameter('adapter_tmp_files') . '/' . $filename;
$x1 = $userCropAvatarForm['x1']->getData();
$y1 = $userCropAvatarForm['y1']->getData();
$w = $userCropAvatarForm['w']->getData();
$h = $userCropAvatarForm['h']->getData();
$imagine = new Imagine();
$image = $imagine->open($path);
$firstpoint = new Point($x1, $y1);
$selbox = new Box($w, $h);
$lastbox = new Box(130, 130);
$mode = ImageInterface::THUMBNAIL_OUTBOUND;
$image->crop($firstpoint, $selbox)->thumbnail($lastbox, $mode)->save($path);
$file = new File($path);
$avatarDir = $this->getParameter('kernel.root_dir') . '/../web/res/avatars';
$file->move($avatarDir, $filename);
$user->setAvatar($filename);
$this->traceEntity($cloneUser, $user);
$em->persist($user);
$em->flush();
$this->flashMsgSession('success', $this->translate('Profile.edit.success'));
$this->getSession()->set('tabActive', 1);
return $this->redirect($this->generateUrl('_security_profile'));
} else {
$em->refresh($user);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
}
}
$this->gvars['user'] = $user;
$this->gvars['UserUpdateProfileForm'] = $userUpdateProfileForm->createView();
$this->gvars['UserUpdateEmailForm'] = $userUpdateEmailForm->createView();
$this->gvars['UserUpdatePasswordForm'] = $userUpdatePasswordForm->createView();
$this->gvars['UserUploadAvatarForm'] = $userUploadAvatarForm->createView();
$this->gvars['UserCropAvatarForm'] = $userCropAvatarForm->createView();
$this->gvars['pagetitle'] = $this->translate('pagetitle.profile');
$this->gvars['pagetitle_txt'] = $this->translate('pagetitle.profile.txt');
return $this->renderResponse('AcfSecurityBundle:Profile:profile.default.html.twig', $this->gvars);
}
public function myProfilePostAction()
{
$sc = $this->getSecurityContext();
$user = $sc->getToken()->getUser();
$oldDbpass = $user->getPassword();
$em = $this->getEntityManager();
$root = $em->getRepository('AllucoDataBundle:Staticpage')->findOneBy(array('pageUrl' => '/'));
$this->gvars['root'] = $root;
$staticpage = $em->getRepository('AllucoDataBundle:Staticpage')->findOneBy(array('pageUrl' => '/myProfile'));
if (null != $staticpage) {
$this->gvars['pagetitle_txt'] = $staticpage->getMetaTitleTrans();
$this->gvars['pagetitle'] = $staticpage->getPageTitleTrans();
$metas = array();
if (null != $staticpage->getMetaKeywordsTrans()) {
$meta = array();
$meta['name'] = 'keywords';
$meta['content'] = $staticpage->getMetaKeywordsTrans();
$metas[] = $meta;
}
if (null != $staticpage->getMetaDescriptionTrans()) {
$meta = array();
$meta['name'] = 'description';
$meta['content'] = $staticpage->getMetaDescriptionTrans();
$metas[] = $meta;
}
$this->gvars['metas'] = $metas;
}
$this->gvars['staticpage'] = $staticpage;
$banners = $em->getRepository('AllucoDataBundle:Banner')->getAll();
$this->gvars['banners'] = $banners;
$news = $em->getRepository('AllucoDataBundle:Sitenew')->getLimited(1);
$this->gvars['news'] = $news;
$groups = $em->getRepository('AllucoDataBundle:Product')->getRoots();
$this->gvars['groups'] = $groups;
$userUpdateProfileForm = $this->createForm(new UserUpdateProfileTForm(), $user);
$userUpdatePreferedLangForm = $this->createForm(new UserUpdatePreferedLangTForm(), $user);
$userUpdateJobForm = $this->createForm(new UserUpdateJobTForm(), $user);
$userUpdateEmailForm = $this->createForm(new UserUpdateEmailTForm(), $user);
$userUpdatePasswordForm = $this->createForm(new UserUpdatePasswordTForm(), $user);
$userUploadAvatarForm = $this->createForm(new UserUploadAvatarTForm(), $user);
$userCropAvatarForm = $this->createForm(new UserCropAvatarTForm());
$this->gvars['tabActive'] = $this->getSession()->get('tabActive', 2);
$this->getSession()->remove('tabActive');
$request = $this->getRequest();
$reqData = $request->request->all();
if (isset($reqData['UserUpdateEmailForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userUpdateEmailForm->bind($request);
if ($userUpdateEmailForm->isValid()) {
$em->persist($user);
$em->flush();
$this->flashMsgSession('success', $this->translate('Profile.edit.success'));
return $this->redirect($this->generateUrl('_security_profile'));
} else {
$em->refresh($user);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
}
} elseif (isset($reqData['UserUpdatePasswordForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userUpdatePasswordForm->bind($request);
if ($userUpdatePasswordForm->isValid()) {
$oldPassword = $userUpdatePasswordForm['oldPassword']->getData();
$encoder = new Pbkdf2PasswordEncoder('sha512', true, 1000);
$oldpassEncoded = $encoder->encodePassword($oldPassword, $user->getSalt());
if ($oldpassEncoded != $oldDbpass) {
$formError = new FormError($this->translate('User.oldPassword.incorrect', array(), 'validators'));
$userUpdatePasswordForm['oldPassword']->addError($formError);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
} else {
$em->persist($user);
$em->flush();
$this->flashMsgSession('success', $this->translate('Profile.edit.success'));
return $this->redirect($this->generateUrl('_security_profile'));
}
} else {
$em->refresh($user);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
}
} elseif (isset($reqData['UserUpdatePreferedLangForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userUpdatePreferedLangForm->bind($request);
if ($userUpdatePreferedLangForm->isValid()) {
$em->persist($user);
$em->flush();
$this->flashMsgSession('success', $this->translate('Profile.edit.success'));
return $this->redirect($this->generateUrl('_security_profile'));
} else {
$em->refresh($user);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
}
} elseif (isset($reqData['UserUpdateJobForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userUpdateJobForm->bind($request);
if ($userUpdateJobForm->isValid()) {
$em->persist($user);
$em->flush();
$this->flashMsgSession('success', $this->translate('Profile.edit.success'));
return $this->redirect($this->generateUrl('_security_profile'));
} else {
$em->refresh($user);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
}
} elseif (isset($reqData['UserUpdateProfileForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userUpdateProfileForm->bind($request);
if ($userUpdateProfileForm->isValid()) {
$em->persist($user);
$em->flush();
$this->flashMsgSession('success', $this->translate('Profile.edit.success'));
return $this->redirect($this->generateUrl('_security_profile'));
} else {
$em->refresh($user);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
}
} elseif (isset($reqData['UserUploadAvatarForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userUploadAvatarForm->bind($request);
if ($userUploadAvatarForm->isValid()) {
$filename = $user->getUsername() . "_" . uniqid() . '.' . $userUploadAvatarForm['avatar']->getData()->guessExtension();
$userUploadAvatarForm['avatar']->getData()->move($this->getParameter('adapter_tmp_files'), $filename);
$this->gvars['tmp_avatar'] = $filename;
$userCropAvatarForm = $this->createForm(new UserCropAvatarTForm($filename));
$this->gvars['UserCropAvatarForm'] = $userCropAvatarForm->createView();
$this->gvars['user'] = $user;
return $this->renderResponse('AllucoSecurityBundle:Profile:resize_avatar.html.twig', $this->gvars);
} else {
$this->gvars['UserUploadAvatarForm'] = $userUploadAvatarForm->createView();
return $this->renderResponse('AllucoSecurityBundle:Profile:resize_avatar_error.html.twig', $this->gvars);
}
} elseif (isset($reqData['UserCropAvatarForm'])) {
$this->gvars['tabActive'] = 2;
$this->getSession()->set('tabActive', 2);
$userCropAvatarForm->bind($request);
if ($userCropAvatarForm->isValid()) {
$filename = $userCropAvatarForm['avatar_tmp']->getData();
$path = $this->getParameter('adapter_tmp_files') . '/' . $filename;
$x1 = $userCropAvatarForm['x1']->getData();
$y1 = $userCropAvatarForm['y1']->getData();
$w = $userCropAvatarForm['w']->getData();
$h = $userCropAvatarForm['h']->getData();
$imagine = new Imagine();
$image = $imagine->open($path);
$firstpoint = new Point($x1, $y1);
$selbox = new Box($w, $h);
$lastbox = new Box(130, 130);
$mode = ImageInterface::THUMBNAIL_OUTBOUND;
$image->crop($firstpoint, $selbox)->thumbnail($lastbox, $mode)->save($path);
$file = new File($path);
$avatarDir = $this->getParameter('kernel.root_dir') . '/../web/res/avatars';
$file->move($avatarDir, $filename);
$user->setAvatar($filename);
$em->persist($user);
$em->flush();
$this->flashMsgSession('success', $this->translate('Profile.edit.success'));
$this->getSession()->set('tabActive', 1);
return $this->redirect($this->generateUrl('_security_profile'));
} else {
$em->refresh($user);
$this->flashMsgSession('error', $this->translate('Profile.edit.failure'));
}
}
$this->gvars['user'] = $user;
$this->gvars['UserUpdateProfileForm'] = $userUpdateProfileForm->createView();
$this->gvars['UserUpdatePreferedLangForm'] = $userUpdatePreferedLangForm->createView();
$this->gvars['UserUpdateJobForm'] = $userUpdateJobForm->createView();
$this->gvars['UserUpdateEmailForm'] = $userUpdateEmailForm->createView();
$this->gvars['UserUpdatePasswordForm'] = $userUpdatePasswordForm->createView();
$this->gvars['UserUploadAvatarForm'] = $userUploadAvatarForm->createView();
$this->gvars['UserCropAvatarForm'] = $userCropAvatarForm->createView();
return $this->renderResponse('AllucoSecurityBundle:Profile:profile.default.html.twig', $this->gvars);
}
