/** * Adds an entry in the Watchdog log * * @param string $type * @param string $description(='') */ public static function alert($type, $description = '') { $entry = new PcWatchdog(); $entry->setType($type); $entry->setDescription($description); $entry->save(); }
/** * Logins the user (performing the brute force attack check) * * @param myUser $userSf * @param PcUser $userApp - the user trying to login * @param boolean $rememberme - whether the user wanted to remember the login * @param boolean $remembermeCookieAlreadySet - in this case, if even * $rememberme is true, the cookie is not set because it is already available * @return boolean - false if the account is blocked because of a brute * force attack detection */ public static function login(myUser $userSf, PcUser $userApp, $rememberme = false, $remembermeCookieAlreadySet = false) { // Check whether the account must be block because of a // brute force attack detection $c = new Criteria(); $c->addJoin(PcUserPeer::ID, PcFailedLoginsPeer::USER_ID, Criteria::INNER_JOIN); $c->add(PcUserPeer::ID, $userApp->getId(), Criteria::EQUAL); $row = PcFailedLoginsPeer::doSelectOne($c); if ($row) { $maxAttempts = sfConfig::get('app_bruteForceLockout_loginAttemptThreshold'); $currentAttempts = $row->getTimes(); $timeout = sfConfig::get('app_bruteForceLockout_lockoutDuration'); $secondsElapsedFromLastAttempt = time() - strtotime($row->getUpdatedAt()); if ($secondsElapsedFromLastAttempt > $timeout) { // reset the 'failed logins' situation for the user $row->delete(); } else { if ($currentAttempts >= $maxAttempts) { PcWatchdog::alert('Brute force attack attempt', 'For the userid ' . $row->getUserId()); return false; } } } $userApp->setLanguage(PcUtils::getVisitorAcceptLanguage()); $userApp->setIpAddress(PcUtils::getVisitorIPAddress()); $userApp->save(); $userSf->setAuthenticated(true); $userSf->setAttribute('userid', $userApp->getId()); if ($userApp->isAdmin()) { $userSf->addCredential('admin'); } if ($userApp->isStaffMember()) { $userSf->addCredential('staffMember'); } if ($userApp->isContractor()) { $userSf->addCredential('contractor'); } if ($userApp->isEditor()) { $userSf->addCredential('editor'); } if ($userApp->isTranslator()) { $userSf->addCredential('translator'); } if ($rememberme && !$remembermeCookieAlreadySet) { self::setRememberMeCookie($userSf, $userApp); } else { if (!$rememberme) { // the user may login a second time (while still logged in because of forum integration problems), without // ticking the rememberme checkbox self::resetRememberMeCookie(); } else { // if $rememberme and $remembermeCookieAlreadySet // are both true we don't need to do anything } } sfContext::getInstance()->getEventDispatcher()->notify(new sfEvent('CustomAuthLogin', 'custom_auth.login', array('user' => $userApp, 'rememberme' => $rememberme))); return true; }
public function executePasswordReset(sfWebRequest $request) { $token = ''; if ($request->getParameter('t')) { $token = $request->getParameter('t'); } else { $param = $request->getParameter('passwordReset'); $token = $param['t']; } $token = trim($token); // if the user is authenticated, they shouldn't get here PcUtils::redirectLoggedInUser($this->getUser(), $this); // Check the token is valid $c = new Criteria(); $c->add(PcPasswordResetTokenPeer::TOKEN, $token, Criteria::EQUAL); $entry = PcPasswordResetTokenPeer::doSelectOne($c); if (!is_object($entry)) { // the token is not valid PcWatchdog::alert('Invalid Password Reset Token', 'This is the token ' . $token); $this->forward('customAuth', 'passwordResetInvalidToken'); } $this->form = new PasswordResetForm(array('t' => $token)); if ($request->isMethod('post')) { $this->form->bind($request->getParameter('passwordReset')); if ($this->form->isValid()) { $fields = $request->getParameter('passwordReset'); $user = CustomAuth::resetPassword($token, $fields['password1']); $this->redirect('/' . sfConfig::get('app_accountApp_frontController')); } } }
/** * If the email is too big (probably because of attachments), it records * only the beginning of it * * @param string $errorMessage * @param string $emailPath */ private function handleFault($errorMessage, $emailPath) { $this->log($errorMessage); sfErrorNotifier::alert($errorMessage); $emailFileSize = filesize($emailPath); if ($emailFileSize < 32000) { $description = file_get_contents($emailPath); } else { $description = "The email was too big (probably because of attachment). Here is the beginning of it: \n\n"; $description .= shell_exec("cat {$emailPath} | head -100"); } $watchdog = new PcWatchdog(); $watchdog->setType('email-to-inbox')->setDescription($description)->save(); if (is_file($emailPath)) { unlink($emailPath); } }
/** * Adds an object to the instance pool. * * Propel keeps cached copies of objects in an instance pool when they are retrieved * from the database. In some cases -- especially when you override doSelect*() * methods in your stub classes -- you may need to explicitly add objects * to the cache in order to ensure that the same objects are always returned by doSelect*() * and retrieveByPK*() calls. * * @param PcWatchdog $value A PcWatchdog object. * @param string $key (optional) key to use for instance map (for performance boost if key was already calculated externally). */ public static function addInstanceToPool(PcWatchdog $obj, $key = null) { if (Propel::isInstancePoolingEnabled()) { if ($key === null) { $key = (string) $obj->getId(); } // if key === null self::$instances[$key] = $obj; } }
/** * Re-arranges due date to the next occurrence on the repetition. * IMPORTANT: if the task hasn't got a due date, it uses the today's date * * @param bool $isInitialAdjustment - whether we want just to compute an initial adjustment */ public function setNextOccurrence($isInitialAdjustment = false) { $repetition = PcRepetitionPeer::retrieveByPk($this->getRepetitionId()); if ($repetition->getSpecial() == 'selected_wkdays') { $startingPointForDueDateTimestamp = time() > $this->getDueDate('U') ? time() : $this->getDueDate('U'); $weekdaysSet = DateFormat::fromIntegerToWeekdaysSetForRepetition($this->getRepetitionParam()); $closestWeekdayInSet = '9999999999'; // this big to make sure the first attempt of the following loop will set a value foreach ($weekdaysSet as $k => $v) { if ($v) { $next = $isInitialAdjustment ? '' : 'next'; $closestWeekdayInSetTemp = strtotime("{$next} {$k}", $startingPointForDueDateTimestamp); // i.e.: next mon if ($closestWeekdayInSetTemp < $closestWeekdayInSet) { $closestWeekdayInSet = $closestWeekdayInSetTemp; } } } $nextTimestamp = $closestWeekdayInSet; } else { $rce = $isInitialAdjustment ? $repetition->getInitialComputerExpression() : $repetition->getComputerExpression(); $param = $repetition->isParamCardinal() ? $this->getRepetitionParam() : PcUtils::getOrdinalFromCardinal($this->getRepetitionParam()); $rce = str_replace('_X_', $param, $rce); //$rce = str_replace('_Xlong_', PcUtils::getOrdinalFromCardinal($this->getRepetitionParam(), false), $rce); $todayTimestamp = strtotime('today'); $dateFormat = DateFormat::getInstance(); $oldDueDateTimestamp = 0; if ($this->getDueDate()) { $loggedUser = PcUserPeer::getLoggedInUser(); $oldDueDateTimestamp = $dateFormat->getTimestamp($this->getDueDate($loggedUser->getDateFormat())); } else { $oldDueDateTimestamp = $todayTimestamp; } $nextTimestamp = $oldDueDateTimestamp; if (strpos($rce, '_month') === FALSE) { if ($isInitialAdjustment) { $nextTimestamp = strtotime($rce, $nextTimestamp); } else { // we are in the case we need to apply the computer expression just once or // over and over again do { $nextTimestamp = strtotime($rce, $nextTimestamp); } while ($nextTimestamp < $todayTimestamp || $nextTimestamp <= $oldDueDateTimestamp); } } else { $i = 1; $repetitionParam = $this->getRepetitionParam(); // we are in the case where to deal with months. We have to go through the months if ($isInitialAdjustment) { $monthPlus = date('F Y', strtotime('+ 0 months', $oldDueDateTimestamp)); $rceWithReplacement = str_replace('_month_', $monthPlus, $rce); $nextTimestamp = strtotime($rceWithReplacement); // comparing just the timestamps was giving some unexpected results if (date('Ymd', $nextTimestamp) < date('Ymd', $oldDueDateTimestamp)) { $monthPlus = date('F Y', strtotime('+ 1 months', $oldDueDateTimestamp)); $rceWithReplacement = str_replace('_month_', $monthPlus, $rce); $nextTimestamp = strtotime($rceWithReplacement); } } else { do { $oldDueDateTimestamp = $nextTimestamp; $oldDueDateTimestampFirstDayOfMonth = strtotime('first day of this month', $oldDueDateTimestamp); $monthPlus = date('F Y', strtotime('+' . $repetitionParam . 'months', $oldDueDateTimestampFirstDayOfMonth)); $rceWithReplacement = str_replace('_month_', $monthPlus, $rce); $nextTimestamp = strtotime($rceWithReplacement); // {{{ added this code to troubleshoot a PHP max execution error in this loop if ($i > 50) { $watchdog = new PcWatchdog(); $watchdog->setType("NEXT RECURRENCE")->setDescription("taskId: {$this->getId()}")->save(); $watchdog3 = new PcWatchdog(); $watchdog3->setType("NEXT RECURRENCE")->setDescription("monthPlus: {$monthPlus}")->save(); $watchdog4 = new PcWatchdog(); $watchdog4->setType("NEXT RECURRENCE")->setDescription("rceWithReplacement: {$rceWithReplacement}")->save(); $watchdog6 = new PcWatchdog(); $watchdog6->setType("NEXT RECURRENCE")->setDescription($nextTimestamp)->save(); $watchdog7 = new PcWatchdog(); $watchdog7->setType("NEXT RECURRENCE")->setDescription($todayTimestamp)->save(); break; } // }}} $i++; } while ($nextTimestamp < $todayTimestamp || $nextTimestamp <= $oldDueDateTimestamp); } } } $this->setDueDate(date('Y-m-d', $nextTimestamp), 'Y-m-d'); $this->save(); }