/**
* @todo Change the $dbAdapter for making it automatic according to the config, here we are stuck with MySQL
* @param Zend_Controller_Request_Http $request
* @param bool $encryptedPass
* @return bool|Sydney_Auth_Adaptater_DbTable
*/
public static function getAuthAdapter(Zend_Controller_Request_Http $request, $encryptedPass = false)
{
// Load cookie informations
$identity = Sydney_Http_Cookie::getIdentity($request);
$credential = Sydney_Http_Cookie::getCredential($request);
// Load params
$params = $request->getParams();
// Auth with identity and credential loaded from cookie
if (empty($identity) && empty($credential) && empty($params['username']) && empty($params['password'])) {
// IF no username and no password then return false
return false;
} elseif (!empty($identity) && !empty($credential) && empty($params['username']) && empty($params['password'])) {
// IF identity loaded from cookie then set as params
$params['username'] = $identity;
$params['password'] = $credential;
}
$where2 = " 1 = 2 ";
$username = strtolower(addslashes($params['username']));
$password = addslashes($params['password']);
// get the user if any
$uDB = new Users();
$users = $uDB->fetchAll(" LOWER(login) LIKE '" . $username . "' ");
// one user found
if (count($users) == 1) {
if ($users[0]->safinstances_id == Sydney_Tools::getSafinstancesId()) {
$where2 = " 1 = 1 ";
} else {
$corDB = new SafinstancesUsers();
$cors = $corDB->fetchAll(" safinstances_id = " . Sydney_Tools::getSafinstancesId() . " AND users_id = " . $users[0]->id . " ");
if (count($cors) > 0) {
$where2 = " 1 = 1 ";
}
}
$username = $users[0]->login;
}
$config = Zend_Registry::get('config');
$dbAdapter = new Zend_Db_Adapter_Pdo_Mysql($config->db->params);
if ($encryptedPass === false) {
$authAdapter = new Sydney_Auth_Adaptater_DbTable($dbAdapter, 'users', 'login', 'password', 'MD5(?) AND valid = 1 AND active = 1 AND (TIMESTAMPADD(SECOND,timeValidityPassword,lastpwdchanges) > now() OR timeValidityPassword = 0) AND ' . $where2);
} else {
$authAdapter = new Sydney_Auth_Adaptater_DbTable($dbAdapter, 'users', 'login', 'password', '? AND valid = 1 AND active = 1 AND (TIMESTAMPADD(SECOND,timeValidityPassword,lastpwdchanges) > now() OR timeValidityPassword = 0) AND ' . $where2);
}
// Store username and pass to cookie
if ($params['rememberme'] == "1") {
Sydney_Http_Cookie::setAuthCookie($username, $password, 7);
}
$authAdapter->setIdentity($username)->setCredential($password);
return $authAdapter;
}
/**
* Do the process of registration
* @todo add a link to a safinstance if the user exists and he wants to register from another safinstance
* @return void
*/
public function registerprocessAction()
{
$request = $this->getRequest();
// Check if we have a POST request
if (!$request->isPost()) {
return $this->_helper->redirector('login');
} else {
// Get our form and validate it
$form = $this->getRegistrationForm();
$this->view->form = $form;
$params = $request->getPost();
// check the form is valid
if (!$form->isValid($request->getPost())) {
return $this->render('register');
} else {
if ($params['password'] != $params['password2']) {
$this->view->form->setDescription($this->_translate->_('Both password do not match'));
return $this->render('register');
} else {
// check if the login doen't exist already
$users = new Users();
$rows = $users->fetchAll("login LIKE '" . $params['username'] . "'");
// user is not unique
if (count($rows) > 0) {
$this->view->form->setDescription($this->_translate->_('This user exists already'));
return $this->render('register');
} else {
// insert the new user in the table
$data = array('login' => addslashes($params['username']), 'password' => md5(addslashes($params['password'])), 'usersgroups_id' => 2, 'email' => addslashes($params['username']), 'active' => 1, 'safinstances_id' => $this->_config->db->safinstances_id, 'subscribedate' => date("Y-m-d H:i:s"), 'ip' => $_SERVER['REMOTE_ADDR']);
$uid = $users->insert($data);
// insert the link to the safinstance
$corDB = new SafinstancesUsers();
$row = $corDB->createRow();
$row->safinstances_id = $this->_config->db->safinstances_id;
$row->users_id = $uid;
$row->save();
// process login with the information provided
$adapter = $this->getAuthAdapter($request);
$auth = Sydney_Auth::getInstance();
$result = $auth->authenticate($adapter);
if ($result->isValid()) {
$r = $this->getRequest();
if (isset($r->redirectmodule)) {
$this->_helper->redirector('index', 'index', $r->getParam('redirectmodule', 'index'));
} elseif ($r->redirectpage) {
$this->_helper->redirector('view', 'index', 'publicms', array('page' => $r->redirectpage));
} else {
$this->_helper->redirector('index', 'index', $r->getParam('redirectmodule', 'index'));
}
// $this->logger->log('New user registered', Zend_Log::WARN);
// return $this->render('register');
} else {
$this->view->form->setDescription($this->_translate->_('An unexpected error occured... please contact the support.'));
return $this->render('register');
}
}
}
}
}
}
/**
*
* @return void
*/
public function permissionsAction()
{
$r = $this->getRequest();
$uid = 0;
if (isset($r->id) && preg_match("/^[0-9]{1,100}\$/", $r->id)) {
$uid = $r->id;
}
$usersDB = new Users();
$users = $usersDB->find($uid);
if (count($users) == 1) {
$user = $users[0];
$this->setSubtitle2('Permissions for ' . $user->login);
$this->setSideBar('permissions', 'people');
$this->view->extended = false;
if (in_array(3, $this->usersData['member_of_groups'])) {
$this->view->extended = true;
$form = new UsersWebsitePermisionsForm();
$safinstancesUsers = new SafinstancesUsers();
$data = array('id' => $user->id, 'saf_id' => $user->safinstances_id, 'SafinstancesUsers' => $safinstancesUsers->getSafinstancesLinkedTo($user->id));
$form->populate($data);
$this->view->websiteForm = $form;
}
}
}
/**
* Saves the data from the "permission access to website form"
* @return void
*/
public function userswebsitepermisionsAction()
{
$this->view->ResultSet = array();
$this->view->message = 'Error... ';
$this->view->status = 0;
$form = new UsersWebsitePermisionsForm();
$data = $this->getRequest()->getPost();
if ($form->isValid($data)) {
if (isset($data['id']) && preg_match('/^[0-9]{1,10}$/', $data['id'])) {
// update the user
$usersDB = new Users();
$users = $usersDB->find($data['id']);
if (count($users) == 1) {
$users[0]->safinstances_id = $data['saf_id'];
$uid = $users[0]->id;
$users[0]->save();
// update correspondances
$c1DB = new SafinstancesUsers();
$c1DB->delete("users_id = '" . $uid . "' ");
$c1DB->setUsersLinkedTo($uid, $data['SafinstancesUsers']);
$this->view->message = 'Data saved';
$this->view->status = 1;
$this->view->modal = false;
}
}
} else {
$this->view->ResultSet = array('errors' => $form->getMessages(), 'entry' => $data);
$this->view->message = 'Errors in the form...';
$this->view->status = 0;
$this->view->timeout = 2;
$this->view->modal = false;
}
}
private function saveRow($data, $modeEdit, $isPublicModule)
{
try {
$usersDb = new Users();
if ($modeEdit) {
$rows = $usersDb->fetchAll(" id = '" . $data['id'] . "' AND login = '******'login']) . "' ");
$row = $rows[0];
} else {
$row = $usersDb->createRow();
}
// Store row
$this->set($row);
foreach ($data as $k => $v) {
if (isset($data[$k]) && isset($row->{$k})) {
switch ($k) {
case 'password':
if (!empty($data[$k])) {
if (!$this->isValidPassword($data[$k], $data['id'])) {
Sydney_Messages::getInstance()->addMessage(Sydney_Tools::_('Please use another password!'));
return false;
}
$row->lastpwdhistory = $this->getUpdatedHistoryForDb($row->lastpwdhistory, $data[$k]);
$row->{$k} = md5($data[$k]);
$row->lastpwdchanges = Sydney_Tools::getMySQLFormatedDate();
$row->timeValidityPassword = 0;
}
break;
case 'valid':
if ($row->{$k} != $data[$k]) {
$row->laststatuschange = Sydney_Tools::getMySQLFormatedDate();
if ($row->{$k} == 1) {
$row->unsubscribedate = Sydney_Tools::getMySQLFormatedDate();
}
}
$row->{$k} = $data[$k];
break;
case 'active':
if ($row->{$k} != $data[$k]) {
$row->laststatuschange = Sydney_Tools::getMySQLFormatedDate();
if ($row->{$k} == 1) {
$row->unsubscribedate = Sydney_Tools::getMySQLFormatedDate();
}
}
$row->{$k} = $data[$k];
break;
default:
$row->{$k} = $data[$k];
break;
}
}
}
$creation = !($row->id > 0);
// Store row
$this->set($row);
if (!$creation) {
// in case we are editing
$row->modifieddate = Sydney_Tools::getMySQLFormatedDate();
} else {
// fixed values if public creation
if ($isPublicModule) {
$row->usersgroups_id = 2;
// User is added to group 'auth'
$row->active = 0;
// User is not active
}
// in case we are creating
$usersData = Sydney_Tools::getUserdata();
$row->subscribedate = Sydney_Tools::getMySQLFormatedDate();
$row->modifieddate = Sydney_Tools::getMySQLFormatedDate();
$row->safinstances_id = Sydney_Tools::getSafinstancesId();
$row->creatoridentity = $usersData ? $usersData['users_id'] : 0;
$row->ip = $_SERVER['REMOTE_ADDR'];
}
if ($newId = $row->save()) {
Sydney_Messages::getInstance()->addMessage('Success! The data is valid.');
$row->id = $newId;
// Store row
$this->set($row);
if ($creation) {
// create the link to cor table
$corDb = new SafinstancesUsers();
$corRow = $corDb->createRow();
$corRow->safinstances_id = Sydney_Tools::getSafinstancesId();
$corRow->users_id = $row->id;
$corRow->save();
}
return $row;
} else {
Sydney_Messages::getInstance()->addMessage('Error...');
return false;
}
} catch (Exception $e) {
Sydney_Messages::getInstance()->addMessage('UsersOp::save::Exception! ' . $e->getMessage());
return false;
}
}
