public function addAction()
{
$modDir = $this->getFrontController()->getModuleDirectory();
require_once $modDir . '/components/user/UserMainMenu.php';
$w = new UserMainMenu();
$this->view->userMainMenu = $w->render();
$r = $this->getRequest();
if ($r->isPost()) {
$username = $r->getParam('username');
if (empty($username)) {
die('ERROR: Username can not be empty!');
}
$password = $r->getParam('password');
$crypt = new Kutu_Crypt_Password();
$password = $crypt->encryptPassword($password);
$firstname = $r->getParam('firstname');
$lastname = $r->getParam('lastname');
$email = $r->getParam('email');
$tblUser = new Kutu_Core_Orm_Table_User();
$row = $tblUser->createRow();
$row->username = $username;
$row->password = $password;
$row->firstname = $firstname;
$row->lastname = $lastname;
$row->email = $email;
$row->save();
$this->_helper->viewRenderer->setScriptAction('add-success');
}
}
public function authenticateAction()
{
$registry = Zend_Registry::getInstance();
$config = $registry->get('config');
$request = $this->getRequest();
$username = $request->getParam('identity');
$password = $request->getParam('credential');
//$db = Zend_Db::factory($config->db->adapter, $config->db->config->toArray());
/*
$db = Zend_Db::factory('Pdo_Mysql', array(
'host' => 'localhost'
,'username' => 'root'
,'password' => ''
,'dbname' => 'hid'
));
*/
$dbAdapters = Zend_Registry::get('dbAdapters');
$config1 = $dbAdapters['hol'];
$config2 = $dbAdapters['identity'];
//$a = $db->fetchAll("SELECT * FROM KutuUser WHERE username ='******' AND isActive=1");
//$b = $db->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%$username%'");
$a = $config2->fetchAll("SELECT * FROM KutuUser WHERE username ='******' AND isActive=1");
//$b = Zend_Db_Table::getDefaultAdapter()->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%$username%'");
$b = $config1->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%{$username}%'");
if (count($b) >= 1) {
$b[0]['password'] = '******';
$b[0]['username'] = '******';
$b[0]['packageId'] = '---';
$b[0]['picture'] = '---';
$b[0]['kopel'] = 'XXISLOGINXX';
echo Zend_Json::encode($b);
} else {
if (count($a) < 1) {
echo '[]';
//dummy data for the remote auth adapter
} else {
if (count($a) > 1) {
echo '[{"id":"xx"},{"id":"yy"}]';
//dummy data for the remote auth adapter
} else {
$obj = new Kutu_Crypt_Password();
$resultIdentity = $a[0];
if (strtoupper(substr(sha1($password), 0, 30)) == $resultIdentity['password']) {
$resultIdentity['password'] = $obj->encryptPassword($password);
$config2->update('KutuUser', $resultIdentity, "username='******'");
$this->authenticateAction();
} elseif ($obj->matchPassword($password, $resultIdentity['password'])) {
echo Zend_Json::encode($a);
} else {
$a[0]['password'] = '******';
$a[0]['username'] = '******';
$a[0]['kopel'] = '---';
echo Zend_Json::encode($a);
}
}
}
}
}
public function verifyoldpasswordAction()
{
$r = $this->getRequest();
$oldPassword = $r->getParam('oldPassword');
$auth = Zend_Auth::getInstance();
$obj = new Kutu_Crypt_Password();
$tblUser = new Kutu_Core_Orm_Table_User();
$row = $tblUser->find($auth->getIdentity()->guid)->current();
if ($obj->matchPassword($oldPassword, $row->password)) {
die('1');
} else {
die('0');
}
}
public function login_saver()
{
if ($this->save_login == "no" || $this->save_login == "undefined") {
if (isset($_COOKIE[$this->cookie_name])) {
$expire = time() - 3600;
} else {
return;
}
} else {
$expire = time() + 2592000;
}
$obj = new Kutu_Crypt_Password();
$cookie_str = $this->user . chr(31) . $obj->encryptPassword($this->user_pw);
setcookie($this->cookie_name, $cookie_str, $expire, $this->cookie_path);
}
public function authenticate()
{
// create result array
$authResult = array('code' => Zend_Auth_Result::FAILURE, 'identity' => $this->_identity, 'messages' => array());
$client = new Zend_Http_Client();
$client->setUri($this->_remoteAuthUrl);
$client->setParameterPost(array('identity' => $this->_identity, 'credential' => $this->_credential));
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$client->setHeaders("User-Agent:{$userAgent}");
try {
$response = $client->request(Zend_Http_Client::POST);
$sResponse = $response->getBody();
$resultIdentities = Zend_Json::decode($sResponse);
} catch (Exception $e) {
require_once 'Zend/Auth/Adapter/Exception.php';
throw new Zend_Auth_Adapter_Exception($sResponse);
}
if (count($resultIdentities) < 1) {
$authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND;
$authResult['messages'][] = 'A record with the supplied identity could not be found.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
} elseif (count($resultIdentities) > 1) {
$authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS;
$authResult['messages'][] = 'More than one record matches the supplied identity.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
$resultIdentity = $resultIdentities[0];
$obj = new Kutu_Crypt_Password();
if ($resultIdentity['guid'] == 'XXISLOGINXX') {
$authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS;
$authResult['messages'][] = 'You already login';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
//if(!$this->_httpClient)
if (true) {
//if ($resultIdentity['zend_auth_credential_match'] != '1') {
if (!$obj->matchPassword($this->_credential, $resultIdentity['password'])) {
$authResult['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
$authResult['messages'][] = 'Supplied credential is invalid.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
}
unset($resultIdentity['zend_auth_credential_match']);
$this->_resultRow = $resultIdentity;
$authResult['code'] = Zend_Auth_Result::SUCCESS;
$authResult['messages'][] = 'Authentication successful.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
public function authenticate()
{
$record = RIUser::model()->findByAttributes(array('username' => $this->username));
$obj = new Kutu_Crypt_Password();
if ($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
$this->errorMessage = 'Username Invalid';
} else {
if (!$obj->matchPassword($this->password, $record->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
$this->errorMessage = 'Password Invalid';
} else {
$this->_id = $record->guid;
$this->setState('username', $record->username);
$this->setState('lastname', $record->lastname);
$this->errorCode = self::ERROR_NONE;
}
}
return !$this->errorCode;
}
function loadWidget($widgetUrl, $widgetAuthActionUrl)
{
Zend_Loader::loadClass('Zend_Http_Client');
Zend_Loader::loadClass('Kutu_Crypt_Password');
$auth = Zend_Auth::getInstance();
$password = '';
$userName = '';
if ($auth->hasIdentity()) {
$crypt = new Kutu_Crypt_Password();
$password = $crypt->decryptPassword($auth->getIdentity()->password);
$userName = $auth->getIdentity()->username;
}
$client = new Zend_Http_Client($widgetUrl, array('keepalive' => true));
$client->setCookieJar();
$client->setUri($widgetAuthActionUrl);
$client->setParameterPost(array('username' => $userName, 'password' => $password));
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$client->setHeaders("User-Agent: {$userAgent}");
$response = $client->request(Zend_Http_Client::POST);
$client->setUri($widgetUrl);
$response = $client->request(Zend_Http_Client::GET);
return $response->getBody();
}
function authenticate()
{
$exception = null;
if ($this->_tableName == '') {
$exception = 'A table must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.';
} elseif ($this->_identityColumn == '') {
$exception = 'An identity column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.';
} elseif ($this->_credentialColumn == '') {
$exception = 'A credential column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.';
} elseif ($this->_identity == '') {
$exception = 'A value for the identity was not provided prior to authentication with Zend_Auth_Adapter_DbTable.';
} elseif ($this->_credential === null) {
$exception = 'A credential value was not provided prior to authentication with Zend_Auth_Adapter_DbTable.';
}
if (null !== $exception) {
/**
* @see Zend_Auth_Adapter_Exception
*/
require_once 'Zend/Auth/Adapter/Exception.php';
throw new Zend_Auth_Adapter_Exception($exception);
}
// create result array
$authResult = array('code' => Zend_Auth_Result::FAILURE, 'identity' => $this->_identity, 'messages' => array());
// build credential expression
if (empty($this->_credentialTreatment) || strpos($this->_credentialTreatment, "?") === false) {
$this->_credentialTreatment = '?';
}
$credentialExpression = new Zend_Db_Expr($this->_zendDb->quoteInto($this->_zendDb->quoteIdentifier($this->_credentialColumn) . ' = ' . $this->_credentialTreatment, $this->_credential) . ' AS zend_auth_credential_match');
// get select
/*$dbSelect = $this->_zendDb->select();
$dbSelect->from($this->_tableName, array('*', $credentialExpression))
->where($this->_zendDb->quoteIdentifier($this->_identityColumn) . ' = ?', $this->_identity);*/
// query for the identity
try {
//$resultIdentities = $this->_zendDb->fetchAll($dbSelect->__toString());
$resultIdentities = $this->_zendDb->fetchAll('Select guid, username, password from ' . $this->_tableName . ' where ' . $this->_identityColumn . "='" . $this->_identity . "'");
} catch (Exception $e) {
/**
* @see Zend_Auth_Adapter_Exception
*/
require_once 'Zend/Auth/Adapter/Exception.php';
throw new Zend_Auth_Adapter_Exception('The supplied parameters to Zend_Auth_Adapter_DbTable failed to ' . 'produce a valid sql statement, please check table and column names ' . 'for validity.');
}
if (count($resultIdentities) < 1) {
$authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND;
$authResult['messages'][] = 'A record with the supplied identity could not be found.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
} elseif (count($resultIdentities) > 1) {
$authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS;
$authResult['messages'][] = 'More than one record matches the supplied identity.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
$resultIdentity = $resultIdentities[0];
$obj = new Kutu_Crypt_Password();
//if(!$this->_httpClient)
if (true) {
//if ($resultIdentity['zend_auth_credential_match'] != '1') {
if (!$obj->matchPassword($this->_credential, $resultIdentity[$this->_credentialColumn])) {
$authResult['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
$authResult['messages'][] = 'Supplied credential is invalid.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
}
unset($resultIdentity['zend_auth_credential_match']);
$this->_resultRow = $resultIdentity;
/*$registry = Zend_Registry::getInstance();
$config = $registry->get('config');
if(strtolower($config->session->savehandler) != 'directdb')
{
throw new Zend_Exception('Session configuration savehandler: '. $config->session->savehandler. ' is not supported for checking user is already login feature!');
//TODO we can avoid above exception by assuming or setting so that the session server is the same server as auth server.
//$isAlreadyLogin = $this->_zendDb->fetchAll("SELECT sessionId FROM KutuSession WHERE sessionData LIKE '%$this->_identity%'");
}
else
{
$db = Zend_Db::factory($config->session->config->db->adapter, $config->session->config->db->param->toArray());
$isAlreadyLogin = $db->fetchAll("SELECT sessionId FROM KutuSession WHERE sessionData LIKE '%$this->_identity%'");
}*/
//if(count($isAlreadyLogin))
if (false) {
$authResult['code'] = -51;
//Zend_Auth_Result::FAILURE_UNCATEGORIZED;
$authResult['messages'][] = 'You already login';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
$authResult['code'] = Zend_Auth_Result::SUCCESS;
$authResult['messages'][] = 'Authentication successful.';
return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']);
}
/**
* _writeConfirmCorporateEmail
* @return JSON
*/
function _writeConfirmCorporateEmail($mailcontent, $fullname, $company, $payment, $disc, $total, $username, $guid, $email)
{
$obj = new Kutu_Crypt_Password();
$mailcontent = str_replace('$fullname', $fullname, $mailcontent);
$mailcontent = str_replace('$company', $company, $mailcontent);
$mailcontent = str_replace('$timeline', $payment, $mailcontent);
$mailcontent = str_replace('$disc', $disc, $mailcontent);
$mailcontent = str_replace('$price', number_format($total), $mailcontent);
$mailcontent = str_replace('$username1', $username, $mailcontent);
$mailcontent = str_replace('$guid', $guid, $mailcontent);
// table User
$tblUser = new Kutu_Core_Orm_Table_User();
$where = $tblUser->getAdapter()->quoteInto('company=?', $company);
$rowUser = $tblUser->fetchAll($where, 'username ASC');
$tag = '<table>';
$tag .= '<tr><td><b>Username</b></td><td> </td><td> </td><td> </td><td><b>Password</b></td></tr>';
foreach ($rowUser as $rowsetUser) {
$tag .= '<tr><td>' . $rowsetUser->username . '</td><td> </td><td> </td><td> </td><td>' . $obj->decryptPassword($rowsetUser->password) . '</td></tr>';
}
$tag .= '</table>';
$mailcontent = str_replace('$tag', $tag, $mailcontent);
$mail_body = $mailcontent;
// parse ini_file
$config = new Zend_Config_Ini(KUTU_ROOT_DIR . '/application/configs/mail.ini', 'mail');
$mailAttempt = $this->add_mail($config->mail->sender->support->email, $email, $username, $config->mail->sender->support->name, $mail_body);
// try to save mail before send
if ($mailAttempt) {
$sendAttempt = $this->send_mail();
if ($sendAttempt) {
$message = "Please check your email at {$email}!";
// update user
$rowUser = $tblUser->find($obj->decryptPassword($guid))->current();
if ($rowUser) {
$rowUser->isEmailSent = 'Y';
$rowUser->save();
}
} else {
$message = "Error send mail but register user successfully!<br>Please contact our customer service for more information";
}
} else {
$message = "Error saving mail!";
}
return $message;
}
function signupAction()
{
$this->_helper->layout->setLayout('layout-newhukumonlineid-daftar');
$this->view->identity = 'Daftar';
$r = $this->getRequest();
if ($r->isPost()) {
$fullName = $r->getParam('fullname');
$username = $r->getParam('username');
$password = $r->getParam('password');
$email = $r->getParam('email');
$package = $r->getParam('aro_groups');
$kopel = $this->generateKopel();
$obj = new Kutu_Crypt_Password();
$data = array('kopel' => $kopel, 'username' => $username, 'password' => $obj->encryptPassword($password), 'fullName' => $fullName, 'email' => $email, 'packageId' => $package, 'periodeId' => 1, 'createdDate' => date('Y-m-d H:i:s'), 'createdBy' => $username);
$modelUser = new Kutu_Core_Orm_Table_User();
$modelUser->insert($data);
$this->updateKopel();
$acl = new Kutu_Acl_Adapter_Local();
//$acl->addUser($username,"Free");
$acl->addUserToGroup($username, "Free");
$formater = new Kutu_Core_Hol_User();
$mailcontent = $formater->getMailContent('konfirmasi email gratis');
$m = $formater->_writeConfirmFreeEmail($mailcontent, $fullName, $username, $password, base64_encode($kopel), $email, 'gratis');
$this->view->message = $m;
}
$tblCatalog = new Kutu_Core_Orm_Table_Catalog();
$rowset = $tblCatalog->fetchRow("shortTitle='halaman-depan-login' AND status=99");
if (!empty($rowset)) {
$rowsetCatalogAttribute = $rowset->findDependentRowsetCatalogAttribute();
$fixedContent = $rowsetCatalogAttribute->findByAttributeGuid('fixedContent')->value;
} else {
$fixedContent = '';
}
$this->view->content = $fixedContent;
}
function _writeConfirmCorporateEmail($mailcontent, $company, $payment, $disc, $total, $username, $guid, $email)
{
$formater = new Kutu_Lib_Formater();
$obj = new Kutu_Crypt_Password();
$mailcontent = str_replace('$company', $company, $mailcontent);
$mailcontent = str_replace('$timeline', $payment, $mailcontent);
$mailcontent = str_replace('$disc', $disc, $mailcontent);
$mailcontent = str_replace('$price', number_format($total), $mailcontent);
$mailcontent = str_replace('$username1', $username, $mailcontent);
$mailcontent = str_replace('$guid', $guid, $mailcontent);
// table User
$tblUser = new Kutu_Core_Orm_Table_User();
$where = $tblUser->getAdapter()->quoteInto('company=?', $company);
$rowUser = $tblUser->fetchAll($where, 'username ASC');
$tag = '<table>';
$tag .= '<tr><td><b>Username</b></td><td> </td><td> </td><td> </td><td><b>Password</b></td></tr>';
foreach ($rowUser as $rowsetUser) {
$tag .= '<tr><td>' . $rowsetUser->username . '</td><td> </td><td> </td><td> </td><td>' . $obj->decryptPassword($rowsetUser->password) . '</td></tr>';
}
$tag .= '</table>';
$mailcontent = str_replace('$tag', $tag, $mailcontent);
$mail_body = $mailcontent;
// parse ini_file
$config = new Zend_Config_Ini(KUTU_ROOT_DIR . '/app/config/config.ini', 'mail');
$mailAttempt = $formater->add_mail($config->from, $email, $username, 'Hukumonline-ID', $mail_body);
// try to save mail before send
if ($mailAttempt) {
$sendAttempt = $formater->send_mail();
if ($sendAttempt) {
$response['success'] = true;
$response['message'] = "Please check your email at {$email}!";
} else {
ob_clean();
$response['failure'] = false;
$response['message'] = "Error send mail but register user successfully!<br>Please contact our customer service for more information";
}
} else {
$response['failure'] = true;
$response['message'] = "Error saving mail!";
}
echo Zend_Json::encode($response);
}
public function save($aData)
{
if (isset($aData['fullname']) && !empty($aData['fullname'])) {
$aData['firstname'] = $aData['fullname'];
}
if (empty($aData['firstname'])) {
throw new Zend_Exception('Firstname can not be EMPTY!');
}
$tblUser = new Kutu_Core_Orm_Table_User();
$gman = new Kutu_Core_Guid();
$guid = isset($aData['guid']) && !empty($aData['guid']) ? $aData['guid'] : $gman->generateGuid();
//if not empty, there are 2 possibilities
$tblUser = new Kutu_Core_Orm_Table_User();
$row = $tblUser->fetchRow("guid='{$guid}'");
if (empty($row)) {
if (empty($aData['username'])) {
throw new Zend_Exception('Username can not be EMPTY!');
}
if (empty($aData['password'])) {
throw new Zend_Exception('Password can not be EMPTY!');
}
$row = $tblUser->createRow();
if (isset($aData['username']) && !empty($aData['username'])) {
//check if username was already taken
$username = $aData['username'];
$tblUser = new Kutu_Core_Orm_Table_User();
$rowUsername = $tblUser->fetchRow("username='******'");
if ($rowUsername) {
throw new Zend_Exception('Username exists');
}
$row->username = $aData['username'];
}
if (isset($aData['password']) && !empty($aData['password'])) {
$password = $aData['password'];
$crypt = new Kutu_Crypt_Password();
$password = $crypt->encryptPassword($password);
$row->password = $password;
}
}
if (isset($aData['firstname'])) {
$row->firstname = $aData['firstname'];
}
if (isset($aData['lastname'])) {
$row->lastname = $aData['lastname'];
}
if (isset($aData['email'])) {
$row->email = $aData['email'];
}
if (isset($aData['bbPin'])) {
$row->bbPin = $aData['bbPin'];
}
if (isset($aData['clientId'])) {
$row->clientId = $aData['clientId'];
}
if (isset($aData['mainAddress'])) {
$row->mainAddress = $aData['mainAddress'];
}
if (isset($aData['city'])) {
$row->city = $aData['city'];
}
if (isset($aData['state'])) {
$row->state = $aData['state'];
}
if (isset($aData['zip'])) {
$row->zip = $aData['zip'];
}
if (isset($aData['phone'])) {
$row->phone = $aData['phone'];
}
if (isset($aData['fax'])) {
$row->fax = $aData['fax'];
}
if (isset($aData['url'])) {
$row->url = $aData['url'];
}
if (isset($aData['countryId'])) {
$row->countryId = $aData['countryId'];
}
if (isset($aData['company'])) {
$row->company = $aData['company'];
}
if (isset($aData['companySizeId'])) {
$row->companySizeId = $aData['companySizeId'];
}
if (isset($aData['jobId'])) {
$row->jobId = $aData['jobId'];
}
if (isset($aData['industryId'])) {
$row->industryId = $aData['industryId'];
}
if (isset($aData['isActive'])) {
$row->isActive = $aData['isActive'];
}
if (isset($aData['registrationDate'])) {
$row->registrationDate = $aData['registrationDate'];
}
if (isset($aData['activationDate'])) {
$row->activationDate = $aData['activationDate'];
}
if (isset($aData['activationCode'])) {
$row->activationCode = $aData['activationCode'];
}
if (isset($aData['expirationDate'])) {
$row->expirationDate = $aData['expirationDate'];
}
$row->save();
return $row;
}
