/** * This handles the affiliate tracking for an invite_id, * placing a cookie when necessary, * otherwise putting the referral in the database * */ public static function handleInviteId() { $app = \Base::instance(); $identity = \Dsc\System::instance()->get('auth')->getIdentity(); $request_invite_id = \Dsc\System::instance()->get('input')->get('invite_id'); $cookie_invite_id = \Dsc\Cookie::get('invite_id'); // is there an invite ID in the request? if (!empty($request_invite_id)) { // \Dsc\System::addMessage('Tracking Invite ID in the request: ' . $request_invite_id); // If the user is not logged in, set a cookie. if (empty($identity->id)) { // Validate the $request_invite_id if (\Affiliates\Models\Invites::idValid($request_invite_id)) { \Dsc\Cookie::set('invite_id', $request_invite_id, 2592000 / 60); // == 30 days == (86400*30) return true; } } elseif (static::isUser($identity->id)) { \Dsc\Cookie::forget('invite_id'); return false; } else { \Dsc\Cookie::forget('invite_id'); return false; } } elseif (empty($identity->id) && !empty($cookie_invite_id)) { // Extend the life of the cookie // \Dsc\System::addMessage('Extending the life of the cookie of the Invite ID'); \Dsc\Cookie::set('invite_id', $cookie_invite_id, 2592000 / 60); // == 30 days == (86400*30) return true; } elseif (!empty($identity->id) && !empty($cookie_invite_id)) { \Dsc\Cookie::forget('invite_id'); return false; } \Dsc\Cookie::forget('invite_id'); return true; }
public static function fetch($email = null) { $app = \Base::instance(); if (!empty($email)) { return static::fetchForEmail($email); } $user = \Dsc\System::instance()->get('auth')->getIdentity(); if (!empty($user->id)) { $actor = static::fetchForUser(); } else { $actor = static::fetchForSession(); } // has anything changed in the $actor? // or is it a new $actor $ip = $_SERVER['REMOTE_ADDR']; $agent = $app->get('AGENT'); $session_id = \Dsc\System::instance()->get('session')->id(); $fingerprint = \Dsc\System::instance()->get('session')->get('activity.fingerprint'); $fingerprints = array_filter(array_unique(array_merge($actor->fingerprints, array($fingerprint)))); $ips = array_filter(array_unique(array_merge($actor->ips, array($ip)))); $agents = array_filter(array_unique(array_merge($actor->agents, array($agent)))); if (empty($actor->id) || $actor->fingerprints != $fingerprints || $actor->ips != $ips || $actor->agents != $agents) { $actor->agents = $agents; $actor->ips = $ips; $actor->session_id = $session_id; $actor->fingerprints = $fingerprints; $actor->save(); } // If this is a session actor, then push it into an array of actor_ids // so that once the user is identified, we can merge the activity if (empty($actor->user_id)) { //$session_actor_ids = (array) json_decode( $app->get('COOKIE.session_actor_ids') ); $session_actor_ids = (array) json_decode(\Dsc\Cookie::get('session_actor_ids')); $session_actor_ids = array_unique(array_merge($session_actor_ids, array((string) $actor->id))); //$app->set('COOKIE.session_actor_ids', json_encode($session_actor_ids), $actor->__expire ); \Dsc\Cookie::set('session_actor_ids', json_encode($session_actor_ids), $actor->__expire / 60); } elseif (!empty($actor->user_id) && \Dsc\Cookie::get('session_actor_ids')) { // update all actions with session_actor_ids to use this $actor->id $session_actor_ids = (array) json_decode(\Dsc\Cookie::get('session_actor_ids')); if (!empty($session_actor_ids)) { $mongo_ids = array(); foreach ($session_actor_ids as $session_actor_id) { $regex = '/^[0-9a-z]{24}$/'; if (preg_match($regex, (string) $session_actor_id)) { $mongo_ids[] = new \MongoId($session_actor_id); } } if (!empty($mongo_ids)) { \Activity\Models\Actions::collection()->update(array('actor_id' => array('$in' => $mongo_ids)), array('$set' => array('actor_id' => $actor->id, 'actor_name' => $actor->name)), array('multiple' => true)); } } //$app->set('COOKIE.session_actor_ids', null, $actor->__expire); \Dsc\Cookie::forget('session_actor_ids'); } // No matter what, update the cookie with the current actor_id // TODO Remove this? Is this necessary? //$app->set('COOKIE.actor_id', (string) $actor->id, $actor->__expire); \Dsc\Cookie::set('actor_id', (string) $actor->id, $actor->__expire / 60); return $actor; }
/** * Logs on using the information in the coookies * * @return */ public function loginWithRememberMe() { //if we are already logged in do nothing if (!empty($this->getIdentity()->id)) { return; } if ($cookie = $this->hasRememberMe()) { $values = explode("|", $cookie, 3); try { $mongoCookie = $this->findTriplet($values[0], $values[1], $values[2]); if (!empty($mongoCookie)) { //LOGIN TOKEN FOUND LETS UPDATE THE COOKIE $expireTime = 604800; $expire = time() + $expireTime; $token = $this->createToken() . $this->salt(); $mongoCookie->set('token', $token); $mongoCookie->set('expire', $expire); $mongoCookie->save(); \Dsc\Cookie::set('remember', implode("|", array($mongoCookie->user_id, $mongoCookie->token, $mongoCookie->newPersistentToken)), $expire); //LOGIN THE USER FROM THE COOKIE $user = (new \Users\Models\Users())->setState('filter.id', $mongoCookie->user_id)->getItem(); if (!empty($user)) { $this->login($user, 0); } } else { //WE HAD A REMEMBER TOKEN BUT IT IS INVALID \Dsc\Cookie::forget('remember'); //WE MIGHT WANT TO DELETE ALL THE LOGIN COOKIES FOR THIS USER } } catch (\Exception $e) { echo $e->getMessage(); die; //fail silently } } // TODO try a login from cookie data }