/** * login action * * @ActionDefinition( file='auth.tpl', propel ) */ public function login () { if ( !isset( $_SESSION['profiles'] ) || !isset( $_SESSION['role'] ) ) { // verify method if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) { // validate form if ( !isset( $this->request->email ) || !$this->request->email ) { $this->response->exception = 'Provide an email'; } elseif ( !isset( $this->request->password ) || !$this->request->password ) { $this->response->exception = 'Provide a password'; } else { // check if account exists $user = AuthUsersBss::getByEmail( $this->request->email ); if ( is_string( $user ) ) { $this->response->exception = $user; } else { // check password if ( $user['password'] == tlalokes_core_crypt( $this->request->password ) ) { $_SESSION['user_id'] = $user['id']; // check role $role = AuthRolesBss::getByName( $user['role_name'] ); if ( $role['role_status'] == 1 ) { // set access profile $profiles = AuthAccessProfilesRolesBss::getProfilesByRole( $role['id'] ); if ( is_string( $profiles ) ) { $this->response->exception = $profiles; } else { foreach( $profiles as $profile ) { $_SESSION['profiles'][] = $profile['profile']; } } unset( $profiles ); // set role $_SESSION['role'] = $role['id']; unset( $role ); $this->response->flag = true; } } else { $this->response->exception = 'Password invalid'; } } } } } else { $this->response->flag = true; } }