/** * beforeExecuteRoute($dispatcher) before init route * * @param $dispatcher * @return bool */ public function beforeExecuteRoute($dispatcher) { //auth token if ($this->cookies->has('remember')) { // if user was remembered $userId = $this->cookies->get('remember')->getValue(); $rememberToken = $this->cookies->get('rememberToken')->getValue(); $users = new Users(); $user = $users->findFirst(["id = ?0", "bind" => [$userId]]); // create user auth token $userToken = md5($user->getPassword() . $user->getSalt()); // set authentication for logged user if ($rememberToken == $userToken) { $this->session->set('auth', $user); } } $auth = $this->session->get('auth'); // if the user is logged in if (!$auth) { $this->flashSession->error("You don't have access"); // dispatch to login page return $dispatcher->forward(['controller' => 'auth', 'action' => 'index']); } $this->_user = $auth; }
/** * Shows the forgot password form */ public function forgotPasswordAction() { $form = new ForgotPasswordForm(); if ($this->request->isPost()) { if ($form->isValid($this->request->getPost()) == false) { foreach ($form->getMessages() as $message) { $this->flash->error($message); } } else { $user = Users::findFirstByEmail($this->request->getPost('email')); if (!$user) { $this->flash->success('Не найден аккаунт привязанный к этой почте'); } else { $resetPassword = new ResetPasswords(); $resetPassword->usersId = $user->id; if ($resetPassword->save()) { $this->flash->success('Удачно! Пожалуйста проверте Вашу электронную почту для смены пароля'); } else { foreach ($resetPassword->getMessages() as $message) { $this->flash->error($message); } } } } } $this->view->form = $form; }
public function activate() { $http = new Http(); $id = $http->get('id'); $date = $http->get('register'); if (!empty($id) && !empty($date)) { $activation = new \models\Activation(); if ($activation->check($id, $date)) { $user = new Users($id); $user->setActive(); $user->writeData(true); Location::To(URL . 'success/success/Aktywacja powiodła się możesz teraz się zalogować.'); } else { Location::To(URL . 'error'); } } else { Location::To(URL . 'error'); } }
public function complete() { $http = new Http(); $id = $http->get('id'); $rand = $http->get('rand'); $email = $http->get('email'); if ($http->isActive('change')) { $id = $http->post('id'); $rand = $http->post('rand'); $email = $http->post('email'); } if (!empty($id) && !empty($rand) && $email) { $pass = new \models\PasswordRecovery($email); if ($pass->checkUserToChange($id, $rand)) { if ($http->isActive('change')) { $pass_1 = $http->post('password'); $pass_2 = $http->post('password_2'); $passVal = new \lib\PassVal("Nieprawidłowe hasło", "Hasła nie są takie same.", 5, 15); $validator = new \lib\Validator(array('password' => $passVal, 'password_2' => $passVal)); if ($validator->validate($http->post())) { $user = new Users($id); $user->setPassword($pass_1); $user->writeData(true); $pass->deleteUserToChange($id); $message = 'Twoje hało zostalo zmienione .'; Location::To(URL . 'success/success/' . $message); } else { $this->errors = $validator->getErrors(); $this->render('changepassword', array('categories' => $this->categories, 'd_product' => $this->d_product, 'id' => $id, 'rand' => $rand, 'email' => $email, 'errors' => $this->errors)); } } $this->render('changepassword', array('categories' => $this->categories, 'd_product' => $this->d_product, 'id' => $id, 'rand' => $rand, 'email' => $email)); } else { Location::To(URL . 'error'); } } else { Location::To(URL . 'error'); } }
public function loginAction() { if ($_SERVER['REQUEST_METHOD'] !== 'POST') { return $this->errorJSONResponse('Метод не доступен с этим HTTP-методом', 403); } if (!isset($_POST['email'], $_POST['pass'])) { return $this->errorJSONResponse('Не хватает одного из параметров', 500); } $email = $_POST['email']; $pass = $_POST['pass']; /** @var Users $user */ $user = Users::getOne(['email' => $email]); if (!$user || $user->pass !== md5($user->salt . $pass . $user->salt)) { return $this->errorJSONResponse('Такого пользователя не существует', 501); } return $this->successJSONResponse('Пользователь успешно авторизован', ['UID' => $user->id, 'token' => $user->authenticated == 1 ? $user->token : $user->generateToken()]); }
public function beforeExecuteRoute($dispatcher) { $action = $dispatcher->getActionName(); $controller = $dispatcher->getControllerName(); if (\Models\Users::isAuthorized()) { foreach (\Models\Users::getInstance()->getGroups() as $group) { if (static::getInstanceAccess()->isAllowed($group->getName(), $controller, $action) == \Phalcon\Acl::ALLOW) { return true; } } $this->forward('errors/Forbidden'); } else { if (static::getInstanceAccess()->isAllowed('guest', $controller, $action) == \Phalcon\Acl::ALLOW) { return true; } $this->redirect('/login/'); } return true; }
public function addAction() { $this->tag->setTitle('Add post'); $form = new \Forms\Blogs\Posts\Add(); if ($this->request->isPost()) { if ($form->isValid($this->request->getPost())) { $post = new \Models\Blogs\Posts(); $post->setUser(\Models\Users::getInstance()); if (static::fillModelByFormFromRequest($post, $form, 'blogs')->create()) { static::flash('success', 'Post added!'); $form->setEntity($post); } else { static::flash('error', $post->getMessages()); } } else { static::flash('warning', $form->getMessages()); } } $this->view->form = $form; }
public function submitAction() { if ($this->request->isPost()) { $form = new \Forms\Login(); if ($form->isValid($this->request->getPost())) { if (\Models\Users::login($this->request->getPost('email'), $this->request->getPost('password'), $this->request->getPost('remember') ? 1 : 0)) { $user = \Models\Users::findFirst($this->session->get('user')); static::flash('success', sprintf('Welcome %s!', ucfirst($user->name))); static::redirect('/cabinet/'); return true; } else { static::flash('error', 'E-Mail or Password not valid.'); } } else { static::flash('warning', $form->getMessages()); } } static::forward('login/index'); return false; }
public function submitAction() { if ($this->request->isPost()) { $form = new \Forms\Register(); if ($form->isValid($this->request->getPost())) { $user = \Models\Users::register($this->request->getPost('email'), $this->request->getPost('password'), array('name' => $this->request->getPost('name'), 'lastname' => $this->request->getPost('lastname'))); if ($user->getId()) { static::flash('success', 'Thank you for registering!'); static::redirect('/login/'); return true; } else { static::flash('error', $user->getMessages()); } } else { static::flash('warning', $form->getMessages()); } } static::forward('register/index'); return false; }
public function indexAction() { $this->tag->setTitle('Cabinet'); $user = \Models\Users::getInstance(); $form = new \Forms\Cabinet\Edit(); if ($this->request->isPost()) { $form = new \Forms\Cabinet\Edit(); if ($form->isValid($this->request->getPost())) { static::fillModelByFormFromRequest($user, $form, 'users'); if ($user->save()) { static::flash('success', 'Saved'); } else { static::flash('error', $user->getMessages()); } } else { static::flash('warning', $form->getMessages()); } } else { $form->setEntity($user); } $this->view->form = $form; }
/** * Deletes a User * * @param int $id */ public function deleteAction($id) { $model = Users::findFirstById($id); if (!$model) { $this->flash->error("Пользователь не найден"); return $this->dispatcher->forward(array('action' => 'index')); } if (!$model->delete()) { $this->flash->error($model->getMessages()); } else { $this->flash->success("Пользователь удален"); } return $this->dispatcher->forward(array('action' => 'index')); }
public function message() { $http = new Http(); $id = $http->post('id'); if ($http->isActive('user_id')) { $user_id = $http->post('user_id'); $user = new Users($user_id); $messages_m = new Messages($user_id); } else { $message_m = new Message($id); $message_m->setReaded(true); $message_m->writeData(true); $messages_m = new Messages($message_m->getUserId()); $user = new Users($message_m->getUserId()); } $messages = $messages_m->getMessages(false, false, true); $array_messages = array(); if (!empty($messages)) { foreach ($messages as $key => $m) { if (!$m->getDisplaySeller()) { continue; } $array_messages[$key]['id'] = $m->getId(); $array_messages[$key]['message'] = $m->getMessage(); $array_messages[$key]['date'] = $m->getDate(); } } echo $this->render('adminmessage', array('messages' => $array_messages, 'user' => $user->getLogin(), 'user_id' => $user->getId())); }
public function beforeCreate() { $this->setUser(\Models\Users::getInstance()); }
public function indexAction() { \Models\Users::logout(); static::redirect('login'); }
public function user() { return \Models\Users::getInstance(); }
<?php namespace controllers; use models\Country; use models\Users; use PDOException; require __DIR__ . '/autoload.php'; try { $data = Country::findAll(); var_dump($data); $data = Users::findAll(); var_dump($data); } catch (PDOException $e) { echo 'Подключение не удалось: ' . $e->getMessage(); }
/** * Help method which update last activity time of user * * @param string $sessionHash */ private function updateSession($sessionHash = null) { $this->mUsers->updateSession($this->currentUser(), $sessionHash); }
/** * LogIn action */ public function indexAction() { if ($this->request->isPost()) { if ($this->security->checkToken()) { // The token is ok, check authorization $login = $this->request->getPost('username'); $password = $this->request->getPost('password'); $remember = $this->request->getPost('remember'); $users = new Users(); $user = $users->findFirst(["login = ?0", "bind" => [$login]]); if ($user) { if ($this->security->checkHash($password, $user->getPassword())) { // Check if the "remember me" was selected if (isset($remember)) { $this->cookies->set('remember', $user->getId(), time() + $this->_config->rememberKeep); $this->cookies->set('rememberToken', md5($user->getPassword() . $user->getSalt()), time() + $this->_config->rememberKeep); } // set authentication for logged user $this->session->set('auth', $user); // update auth params $user->setDateLastvisit(date('Y-m-d H:i:s'))->setIp($this->request->getClientAddress())->setUa($this->request->getUserAgent())->save(); $referrer = parse_url($this->request->getHTTPReferer(), PHP_URL_PATH); if ($this->_logger) { $this->_logger->log('Authenticate success from ' . $this->request->getClientAddress()); } // full http redirect to the referrer page if ($referrer != $this->request->getURI()) { return $this->response->redirect($referrer); } else { return $this->response->redirect('dashboard'); } } else { // Wrong authenticate data (password or login) $this->flashSession->error("Wrong authenticate data"); if ($this->_logger) { $this->_logger->error('Authenticate failed from ' . $this->request->getClientAddress() . '. Wrong authenticate data'); } $this->response->redirect('dashboard/auth'); $this->view->disable(); } } else { // user does not exist in database $this->flashSession->error("The user not found"); if ($this->_logger) { $this->_logger->error('Authenticate failed from ' . $this->request->getClientAddress() . '. The user ' . $login . ' not found'); } $this->response->redirect('dashboard/auth'); $this->view->disable(); } } else { // CSRF protection if ($this->_logger) { $this->_logger->error('Authenticate failed from ' . $this->request->getClientAddress() . '. CSRF attack'); } $this->flashSession->error("Invalid access token"); $this->response->redirect('dashboard/auth'); $this->view->disable(); } } $this->view->setMainView('non-auth-layout'); }
/** * Get the entity related to user in the active identity * * @return \Models\Users */ public function getUser() { $identity = $this->session->get('auth'); if (isset($identity['id'])) { $user = Users::findFirstById($identity['id']); if ($user == false) { throw new Exception('Такого пользователя не существует'); } return $user; } return false; }