Esempio n. 1
0
 protected function _authenticateValidateResult($resultIdentity)
 {
     $hash = new Application_Plugin_Phpass();
     $check = false;
     // auto-login
     if ($this->_credentialTreatment == 'autologin') {
         $check = true;
     }
     // again, try with md5
     if (is_string($this->_credential) && md5($this->_credential) == $resultIdentity['password']) {
         $check = true;
     }
     // Check that hash value is correct
     if (is_string($this->_credential) && $hash->CheckPassword($this->_credential, $resultIdentity['password'])) {
         $check = true;
     }
     if (!$check) {
         $this->_authenticateResultInfo['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
         $this->_authenticateResultInfo['messages'][] = 'Supplied credential is invalid.';
         return $this->_authenticateCreateAuthResult();
     }
     $this->_resultRow = $resultIdentity;
     $this->_authenticateResultInfo['code'] = Zend_Auth_Result::SUCCESS;
     $this->_authenticateResultInfo['messages'][] = 'Authentication successful.';
     return $this->_authenticateCreateAuthResult();
 }
 /**
  * Edit user
  */
 public function userAction()
 {
     $Profiles = new Application_Model_Profiles();
     $ProfilesMeta = new Application_Model_ProfilesMeta();
     $request = $this->getRequest();
     $profile_id = $request->getParam('id', null);
     $profile = $Profiles->getProfileByField('id', $profile_id);
     $this->view->sidebar_editprofile = $profile;
     // attach sidebar box
     Zend_Registry::get('hooks')->attach('hook_view_sidebar', 5, function () {
         echo Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer')->view->render('/_sidebar/editprofile.phtml');
     });
     $edit_user_form = new Application_Form_AdminUser();
     $this->view->edit_user_form = $edit_user_form;
     if ($request->isPost() && $profile_id && $edit_user_form->isValid($_POST)) {
         $elements = $edit_user_form->getElements();
         // standard db fields
         foreach ($elements as $element) {
             $element_id = $element->getId();
             // if column exists - save to main profiles table
             if (isset($profile->{$element_id})) {
                 $profile->{$element_id} = $element->getValue();
             }
         }
         // specific fields
         if ($edit_user_form->getValue('password1')) {
             $hash = new Application_Plugin_Phpass();
             $profile->password = $hash->HashPassword($edit_user_form->getValue('password1'));
         }
         $profile->relogin_request = 1;
         $profile->save();
         // notifications
         $bulk_notifications = array();
         foreach ($elements as $element) {
             $element_id = $element->getId();
             if (strstr($element_id, 'notification_email') !== false) {
                 $bulk_notifications[$element_id] = $element->getValue();
             }
         }
         $ProfilesMeta->metaUpdate('bulk_notifications', json_encode($bulk_notifications), $profile->id);
         // save all the rest to meta
         $elements = $edit_user_form->getElements();
         $system_elements = array('identifier', 'formsubmit', 'profile_privacy', 'default_privacy', 'screen_name', 'language', 'password1', 'password2', 'activationkey', 'is_hidden', 'csrf', 'role', 'name', 'email', 'id');
         // foreach meta elements
         foreach ($elements as $element) {
             $element_id = $element->getId();
             $element_value = $element->getValue();
             // skip system & readonly fields
             if (in_array($element_id, $system_elements)) {
                 continue;
             }
             // skip notifications
             if (strstr($element_id, 'notification_email') !== false) {
                 continue;
             }
             // custom date element?
             if ($element->helper == 'formDate') {
                 if ($element_value) {
                     $dateval = date("Y-m-d H:i:s", strtotime($element_value['day'] . '-' . $element_value['month'] . '-' . $element_value['year']));
                     $ProfilesMeta->metaUpdate($element_id, $dateval, $profile->id);
                 } else {
                     $ProfilesMeta->deleteProfilesMetaKey($profile->id, $element_id);
                 }
                 continue;
             }
             $ProfilesMeta->metaUpdate($element_id, $element_value, $profile->id);
         }
         Application_Plugin_Alerts::success($this->view->translate('User updated'));
         // flush url
         $this->redirect('admin/user/id/' . $profile_id);
     }
 }
Esempio n. 3
0
 /**
  * Register submit
  */
 public function submitRegisterForm($form)
 {
     if ($form->isValid($_POST)) {
         $Profiles = new Application_Model_Profiles();
         $name = $form->getValue('regname');
         $email = $form->getValue('regemail');
         $hash = new Application_Plugin_Phpass();
         $password = $hash->HashPassword($form->getValue('regpassword'));
         $user = $Profiles->createRow();
         $user->name = $name;
         $user->email = $email;
         $user->password = $password;
         if (Zend_Registry::get('config')->get('user_activation_disabled')) {
             // create new user withot activation & login
             $user->activationkey = 'activated';
             $new_profile = $Profiles->createNewUser($user);
             // auto-login user and store identity
             $authAdapter = Application_Plugin_Common::getAuthAdapter();
             $authAdapter->setIdentity($new_profile->email)->setCredential('whatever')->setCredentialTreatment('autologin');
             $auth = Zend_Auth::getInstance();
             $auth->authenticate($authAdapter);
             $identity = $authAdapter->getResultRowObject();
             $authStorage = $auth->getStorage();
             $authStorage->write($identity);
             // update last login date
             $ProfilesMeta = new Application_Model_ProfilesMeta();
             $ProfilesMeta->metaUpdate('last_login', Application_Plugin_Common::now(), $identity->id);
             // show welcome message
             Application_Plugin_Alerts::success($this->view->translate('Welcome to the network.'), 'on');
         } else {
             // create activation key and sent it to user email
             $key = $Profiles->generateActivationKey($email);
             $user->activationkey = $key;
             $ret = Application_Plugin_Common::sendActivationEmail($email, $name, $key);
             // email has been sent, proceed
             if ($ret) {
                 // show success message
                 Application_Plugin_Alerts::info(Zend_Registry::get('Zend_Translate')->translate('Please Check your Inbox and come back after you activate your account.'), 'off');
                 // build url
                 $base_url = Application_Plugin_Common::getFullBaseUrl();
                 $resendactivation_link = $base_url . '/index/activate/resend/' . $user->name;
                 Application_Plugin_Alerts::info('<a href="' . $resendactivation_link . '">' . Zend_Registry::get('Zend_Translate')->translate('Click here to resend the activation email') . '</a>', 'off', false);
                 // create new user
                 $new_profile = $Profiles->createNewUser($user);
             } else {
                 // show error message
                 Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Something went wrong, email was not sent.'), 'off');
                 Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('');
                 return;
             }
         }
         // flush url
         Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('');
     }
     return $form;
 }
 /**
  * Change password with recover key
  */
 public function recoverpasswordAction()
 {
     $this->_helper->_layout->setLayout('layout_wide');
     $request = $this->getRequest();
     // Get password change key if any
     $key = $request->getParam('key', false);
     $Profiles = new Application_Model_Profiles();
     $ProfilesMeta = new Application_Model_ProfilesMeta();
     if ($key) {
         $form = new Application_Form_ChangeForgottenPassword();
         $profile_id = $ProfilesMeta->getProfileId('password_reset', $key);
         if ($profile_id) {
             $profile = $Profiles->getProfileByField('id', $profile_id);
         }
     }
     // Redirect if bad or no user
     if (!$key || !isset($profile) || !$profile) {
         $this->redirect('');
     }
     $this->view->form = $form;
     // Form Submitted...
     if ($request->isPost() && $form->isValid($_POST)) {
         Application_Plugin_Common::redirectOnDemoAccount();
         $newpassword = $form->getValue('password2');
         $hash = new Application_Plugin_Phpass();
         $hashed_password = $hash->HashPassword($newpassword);
         // update password
         $Profiles->updateField($profile->name, 'password', $hashed_password);
         // remove password reset key
         $ProfilesMeta->deletePair('password_reset', $key);
         Application_Plugin_Alerts::success($this->view->translate('Password updated'));
         // prepare phtml email template
         $mail_template_path = APPLICATION_PATH . '/views/emails/';
         $view = new Zend_View();
         $view->setScriptPath($mail_template_path);
         $body = $view->render('passwordnotice.phtml');
         // send email as a security measure
         $ret = Application_Plugin_Common::sendEmail($profile->email, $this->view->translate('Password updated'), $body, true);
         $this->redirect('');
     }
 }