public function addAction() { $modDir = $this->getFrontController()->getModuleDirectory(); require_once $modDir . '/components/user/UserMainMenu.php'; $w = new UserMainMenu(); $this->view->userMainMenu = $w->render(); $r = $this->getRequest(); if ($r->isPost()) { $username = $r->getParam('username'); if (empty($username)) { die('ERROR: Username can not be empty!'); } $password = $r->getParam('password'); $crypt = new Kutu_Crypt_Password(); $password = $crypt->encryptPassword($password); $firstname = $r->getParam('firstname'); $lastname = $r->getParam('lastname'); $email = $r->getParam('email'); $tblUser = new Kutu_Core_Orm_Table_User(); $row = $tblUser->createRow(); $row->username = $username; $row->password = $password; $row->firstname = $firstname; $row->lastname = $lastname; $row->email = $email; $row->save(); $this->_helper->viewRenderer->setScriptAction('add-success'); } }
public function authenticateAction() { $registry = Zend_Registry::getInstance(); $config = $registry->get('config'); $request = $this->getRequest(); $username = $request->getParam('identity'); $password = $request->getParam('credential'); //$db = Zend_Db::factory($config->db->adapter, $config->db->config->toArray()); /* $db = Zend_Db::factory('Pdo_Mysql', array( 'host' => 'localhost' ,'username' => 'root' ,'password' => '' ,'dbname' => 'hid' )); */ $dbAdapters = Zend_Registry::get('dbAdapters'); $config1 = $dbAdapters['hol']; $config2 = $dbAdapters['identity']; //$a = $db->fetchAll("SELECT * FROM KutuUser WHERE username ='******' AND isActive=1"); //$b = $db->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%$username%'"); $a = $config2->fetchAll("SELECT * FROM KutuUser WHERE username ='******' AND isActive=1"); //$b = Zend_Db_Table::getDefaultAdapter()->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%$username%'"); $b = $config1->fetchAll("SELECT sessionId FROM session WHERE sessionData LIKE '%{$username}%'"); if (count($b) >= 1) { $b[0]['password'] = '******'; $b[0]['username'] = '******'; $b[0]['packageId'] = '---'; $b[0]['picture'] = '---'; $b[0]['kopel'] = 'XXISLOGINXX'; echo Zend_Json::encode($b); } else { if (count($a) < 1) { echo '[]'; //dummy data for the remote auth adapter } else { if (count($a) > 1) { echo '[{"id":"xx"},{"id":"yy"}]'; //dummy data for the remote auth adapter } else { $obj = new Kutu_Crypt_Password(); $resultIdentity = $a[0]; if (strtoupper(substr(sha1($password), 0, 30)) == $resultIdentity['password']) { $resultIdentity['password'] = $obj->encryptPassword($password); $config2->update('KutuUser', $resultIdentity, "username='******'"); $this->authenticateAction(); } elseif ($obj->matchPassword($password, $resultIdentity['password'])) { echo Zend_Json::encode($a); } else { $a[0]['password'] = '******'; $a[0]['username'] = '******'; $a[0]['kopel'] = '---'; echo Zend_Json::encode($a); } } } } }
public function verifyoldpasswordAction() { $r = $this->getRequest(); $oldPassword = $r->getParam('oldPassword'); $auth = Zend_Auth::getInstance(); $obj = new Kutu_Crypt_Password(); $tblUser = new Kutu_Core_Orm_Table_User(); $row = $tblUser->find($auth->getIdentity()->guid)->current(); if ($obj->matchPassword($oldPassword, $row->password)) { die('1'); } else { die('0'); } }
public function login_saver() { if ($this->save_login == "no" || $this->save_login == "undefined") { if (isset($_COOKIE[$this->cookie_name])) { $expire = time() - 3600; } else { return; } } else { $expire = time() + 2592000; } $obj = new Kutu_Crypt_Password(); $cookie_str = $this->user . chr(31) . $obj->encryptPassword($this->user_pw); setcookie($this->cookie_name, $cookie_str, $expire, $this->cookie_path); }
public function authenticate() { // create result array $authResult = array('code' => Zend_Auth_Result::FAILURE, 'identity' => $this->_identity, 'messages' => array()); $client = new Zend_Http_Client(); $client->setUri($this->_remoteAuthUrl); $client->setParameterPost(array('identity' => $this->_identity, 'credential' => $this->_credential)); $userAgent = $_SERVER['HTTP_USER_AGENT']; $client->setHeaders("User-Agent:{$userAgent}"); try { $response = $client->request(Zend_Http_Client::POST); $sResponse = $response->getBody(); $resultIdentities = Zend_Json::decode($sResponse); } catch (Exception $e) { require_once 'Zend/Auth/Adapter/Exception.php'; throw new Zend_Auth_Adapter_Exception($sResponse); } if (count($resultIdentities) < 1) { $authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND; $authResult['messages'][] = 'A record with the supplied identity could not be found.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } elseif (count($resultIdentities) > 1) { $authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS; $authResult['messages'][] = 'More than one record matches the supplied identity.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } $resultIdentity = $resultIdentities[0]; $obj = new Kutu_Crypt_Password(); if ($resultIdentity['guid'] == 'XXISLOGINXX') { $authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS; $authResult['messages'][] = 'You already login'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } //if(!$this->_httpClient) if (true) { //if ($resultIdentity['zend_auth_credential_match'] != '1') { if (!$obj->matchPassword($this->_credential, $resultIdentity['password'])) { $authResult['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID; $authResult['messages'][] = 'Supplied credential is invalid.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } } unset($resultIdentity['zend_auth_credential_match']); $this->_resultRow = $resultIdentity; $authResult['code'] = Zend_Auth_Result::SUCCESS; $authResult['messages'][] = 'Authentication successful.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); }
public function authenticate() { $record = RIUser::model()->findByAttributes(array('username' => $this->username)); $obj = new Kutu_Crypt_Password(); if ($record === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; $this->errorMessage = 'Username Invalid'; } else { if (!$obj->matchPassword($this->password, $record->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; $this->errorMessage = 'Password Invalid'; } else { $this->_id = $record->guid; $this->setState('username', $record->username); $this->setState('lastname', $record->lastname); $this->errorCode = self::ERROR_NONE; } } return !$this->errorCode; }
function loadWidget($widgetUrl, $widgetAuthActionUrl) { Zend_Loader::loadClass('Zend_Http_Client'); Zend_Loader::loadClass('Kutu_Crypt_Password'); $auth = Zend_Auth::getInstance(); $password = ''; $userName = ''; if ($auth->hasIdentity()) { $crypt = new Kutu_Crypt_Password(); $password = $crypt->decryptPassword($auth->getIdentity()->password); $userName = $auth->getIdentity()->username; } $client = new Zend_Http_Client($widgetUrl, array('keepalive' => true)); $client->setCookieJar(); $client->setUri($widgetAuthActionUrl); $client->setParameterPost(array('username' => $userName, 'password' => $password)); $userAgent = $_SERVER['HTTP_USER_AGENT']; $client->setHeaders("User-Agent: {$userAgent}"); $response = $client->request(Zend_Http_Client::POST); $client->setUri($widgetUrl); $response = $client->request(Zend_Http_Client::GET); return $response->getBody(); }
function authenticate() { $exception = null; if ($this->_tableName == '') { $exception = 'A table must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.'; } elseif ($this->_identityColumn == '') { $exception = 'An identity column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.'; } elseif ($this->_credentialColumn == '') { $exception = 'A credential column must be supplied for the Zend_Auth_Adapter_DbTable authentication adapter.'; } elseif ($this->_identity == '') { $exception = 'A value for the identity was not provided prior to authentication with Zend_Auth_Adapter_DbTable.'; } elseif ($this->_credential === null) { $exception = 'A credential value was not provided prior to authentication with Zend_Auth_Adapter_DbTable.'; } if (null !== $exception) { /** * @see Zend_Auth_Adapter_Exception */ require_once 'Zend/Auth/Adapter/Exception.php'; throw new Zend_Auth_Adapter_Exception($exception); } // create result array $authResult = array('code' => Zend_Auth_Result::FAILURE, 'identity' => $this->_identity, 'messages' => array()); // build credential expression if (empty($this->_credentialTreatment) || strpos($this->_credentialTreatment, "?") === false) { $this->_credentialTreatment = '?'; } $credentialExpression = new Zend_Db_Expr($this->_zendDb->quoteInto($this->_zendDb->quoteIdentifier($this->_credentialColumn) . ' = ' . $this->_credentialTreatment, $this->_credential) . ' AS zend_auth_credential_match'); // get select /*$dbSelect = $this->_zendDb->select(); $dbSelect->from($this->_tableName, array('*', $credentialExpression)) ->where($this->_zendDb->quoteIdentifier($this->_identityColumn) . ' = ?', $this->_identity);*/ // query for the identity try { //$resultIdentities = $this->_zendDb->fetchAll($dbSelect->__toString()); $resultIdentities = $this->_zendDb->fetchAll('Select guid, username, password from ' . $this->_tableName . ' where ' . $this->_identityColumn . "='" . $this->_identity . "'"); } catch (Exception $e) { /** * @see Zend_Auth_Adapter_Exception */ require_once 'Zend/Auth/Adapter/Exception.php'; throw new Zend_Auth_Adapter_Exception('The supplied parameters to Zend_Auth_Adapter_DbTable failed to ' . 'produce a valid sql statement, please check table and column names ' . 'for validity.'); } if (count($resultIdentities) < 1) { $authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND; $authResult['messages'][] = 'A record with the supplied identity could not be found.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } elseif (count($resultIdentities) > 1) { $authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS; $authResult['messages'][] = 'More than one record matches the supplied identity.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } $resultIdentity = $resultIdentities[0]; $obj = new Kutu_Crypt_Password(); //if(!$this->_httpClient) if (true) { //if ($resultIdentity['zend_auth_credential_match'] != '1') { if (!$obj->matchPassword($this->_credential, $resultIdentity[$this->_credentialColumn])) { $authResult['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID; $authResult['messages'][] = 'Supplied credential is invalid.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } } unset($resultIdentity['zend_auth_credential_match']); $this->_resultRow = $resultIdentity; /*$registry = Zend_Registry::getInstance(); $config = $registry->get('config'); if(strtolower($config->session->savehandler) != 'directdb') { throw new Zend_Exception('Session configuration savehandler: '. $config->session->savehandler. ' is not supported for checking user is already login feature!'); //TODO we can avoid above exception by assuming or setting so that the session server is the same server as auth server. //$isAlreadyLogin = $this->_zendDb->fetchAll("SELECT sessionId FROM KutuSession WHERE sessionData LIKE '%$this->_identity%'"); } else { $db = Zend_Db::factory($config->session->config->db->adapter, $config->session->config->db->param->toArray()); $isAlreadyLogin = $db->fetchAll("SELECT sessionId FROM KutuSession WHERE sessionData LIKE '%$this->_identity%'"); }*/ //if(count($isAlreadyLogin)) if (false) { $authResult['code'] = -51; //Zend_Auth_Result::FAILURE_UNCATEGORIZED; $authResult['messages'][] = 'You already login'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); } $authResult['code'] = Zend_Auth_Result::SUCCESS; $authResult['messages'][] = 'Authentication successful.'; return new Zend_Auth_Result($authResult['code'], $authResult['identity'], $authResult['messages']); }
/** * _writeConfirmCorporateEmail * @return JSON */ function _writeConfirmCorporateEmail($mailcontent, $fullname, $company, $payment, $disc, $total, $username, $guid, $email) { $obj = new Kutu_Crypt_Password(); $mailcontent = str_replace('$fullname', $fullname, $mailcontent); $mailcontent = str_replace('$company', $company, $mailcontent); $mailcontent = str_replace('$timeline', $payment, $mailcontent); $mailcontent = str_replace('$disc', $disc, $mailcontent); $mailcontent = str_replace('$price', number_format($total), $mailcontent); $mailcontent = str_replace('$username1', $username, $mailcontent); $mailcontent = str_replace('$guid', $guid, $mailcontent); // table User $tblUser = new Kutu_Core_Orm_Table_User(); $where = $tblUser->getAdapter()->quoteInto('company=?', $company); $rowUser = $tblUser->fetchAll($where, 'username ASC'); $tag = '<table>'; $tag .= '<tr><td><b>Username</b></td><td> </td><td> </td><td> </td><td><b>Password</b></td></tr>'; foreach ($rowUser as $rowsetUser) { $tag .= '<tr><td>' . $rowsetUser->username . '</td><td> </td><td> </td><td> </td><td>' . $obj->decryptPassword($rowsetUser->password) . '</td></tr>'; } $tag .= '</table>'; $mailcontent = str_replace('$tag', $tag, $mailcontent); $mail_body = $mailcontent; // parse ini_file $config = new Zend_Config_Ini(KUTU_ROOT_DIR . '/application/configs/mail.ini', 'mail'); $mailAttempt = $this->add_mail($config->mail->sender->support->email, $email, $username, $config->mail->sender->support->name, $mail_body); // try to save mail before send if ($mailAttempt) { $sendAttempt = $this->send_mail(); if ($sendAttempt) { $message = "Please check your email at {$email}!"; // update user $rowUser = $tblUser->find($obj->decryptPassword($guid))->current(); if ($rowUser) { $rowUser->isEmailSent = 'Y'; $rowUser->save(); } } else { $message = "Error send mail but register user successfully!<br>Please contact our customer service for more information"; } } else { $message = "Error saving mail!"; } return $message; }
function signupAction() { $this->_helper->layout->setLayout('layout-newhukumonlineid-daftar'); $this->view->identity = 'Daftar'; $r = $this->getRequest(); if ($r->isPost()) { $fullName = $r->getParam('fullname'); $username = $r->getParam('username'); $password = $r->getParam('password'); $email = $r->getParam('email'); $package = $r->getParam('aro_groups'); $kopel = $this->generateKopel(); $obj = new Kutu_Crypt_Password(); $data = array('kopel' => $kopel, 'username' => $username, 'password' => $obj->encryptPassword($password), 'fullName' => $fullName, 'email' => $email, 'packageId' => $package, 'periodeId' => 1, 'createdDate' => date('Y-m-d H:i:s'), 'createdBy' => $username); $modelUser = new Kutu_Core_Orm_Table_User(); $modelUser->insert($data); $this->updateKopel(); $acl = new Kutu_Acl_Adapter_Local(); //$acl->addUser($username,"Free"); $acl->addUserToGroup($username, "Free"); $formater = new Kutu_Core_Hol_User(); $mailcontent = $formater->getMailContent('konfirmasi email gratis'); $m = $formater->_writeConfirmFreeEmail($mailcontent, $fullName, $username, $password, base64_encode($kopel), $email, 'gratis'); $this->view->message = $m; } $tblCatalog = new Kutu_Core_Orm_Table_Catalog(); $rowset = $tblCatalog->fetchRow("shortTitle='halaman-depan-login' AND status=99"); if (!empty($rowset)) { $rowsetCatalogAttribute = $rowset->findDependentRowsetCatalogAttribute(); $fixedContent = $rowsetCatalogAttribute->findByAttributeGuid('fixedContent')->value; } else { $fixedContent = ''; } $this->view->content = $fixedContent; }
function _writeConfirmCorporateEmail($mailcontent, $company, $payment, $disc, $total, $username, $guid, $email) { $formater = new Kutu_Lib_Formater(); $obj = new Kutu_Crypt_Password(); $mailcontent = str_replace('$company', $company, $mailcontent); $mailcontent = str_replace('$timeline', $payment, $mailcontent); $mailcontent = str_replace('$disc', $disc, $mailcontent); $mailcontent = str_replace('$price', number_format($total), $mailcontent); $mailcontent = str_replace('$username1', $username, $mailcontent); $mailcontent = str_replace('$guid', $guid, $mailcontent); // table User $tblUser = new Kutu_Core_Orm_Table_User(); $where = $tblUser->getAdapter()->quoteInto('company=?', $company); $rowUser = $tblUser->fetchAll($where, 'username ASC'); $tag = '<table>'; $tag .= '<tr><td><b>Username</b></td><td> </td><td> </td><td> </td><td><b>Password</b></td></tr>'; foreach ($rowUser as $rowsetUser) { $tag .= '<tr><td>' . $rowsetUser->username . '</td><td> </td><td> </td><td> </td><td>' . $obj->decryptPassword($rowsetUser->password) . '</td></tr>'; } $tag .= '</table>'; $mailcontent = str_replace('$tag', $tag, $mailcontent); $mail_body = $mailcontent; // parse ini_file $config = new Zend_Config_Ini(KUTU_ROOT_DIR . '/app/config/config.ini', 'mail'); $mailAttempt = $formater->add_mail($config->from, $email, $username, 'Hukumonline-ID', $mail_body); // try to save mail before send if ($mailAttempt) { $sendAttempt = $formater->send_mail(); if ($sendAttempt) { $response['success'] = true; $response['message'] = "Please check your email at {$email}!"; } else { ob_clean(); $response['failure'] = false; $response['message'] = "Error send mail but register user successfully!<br>Please contact our customer service for more information"; } } else { $response['failure'] = true; $response['message'] = "Error saving mail!"; } echo Zend_Json::encode($response); }
public function save($aData) { if (isset($aData['fullname']) && !empty($aData['fullname'])) { $aData['firstname'] = $aData['fullname']; } if (empty($aData['firstname'])) { throw new Zend_Exception('Firstname can not be EMPTY!'); } $tblUser = new Kutu_Core_Orm_Table_User(); $gman = new Kutu_Core_Guid(); $guid = isset($aData['guid']) && !empty($aData['guid']) ? $aData['guid'] : $gman->generateGuid(); //if not empty, there are 2 possibilities $tblUser = new Kutu_Core_Orm_Table_User(); $row = $tblUser->fetchRow("guid='{$guid}'"); if (empty($row)) { if (empty($aData['username'])) { throw new Zend_Exception('Username can not be EMPTY!'); } if (empty($aData['password'])) { throw new Zend_Exception('Password can not be EMPTY!'); } $row = $tblUser->createRow(); if (isset($aData['username']) && !empty($aData['username'])) { //check if username was already taken $username = $aData['username']; $tblUser = new Kutu_Core_Orm_Table_User(); $rowUsername = $tblUser->fetchRow("username='******'"); if ($rowUsername) { throw new Zend_Exception('Username exists'); } $row->username = $aData['username']; } if (isset($aData['password']) && !empty($aData['password'])) { $password = $aData['password']; $crypt = new Kutu_Crypt_Password(); $password = $crypt->encryptPassword($password); $row->password = $password; } } if (isset($aData['firstname'])) { $row->firstname = $aData['firstname']; } if (isset($aData['lastname'])) { $row->lastname = $aData['lastname']; } if (isset($aData['email'])) { $row->email = $aData['email']; } if (isset($aData['bbPin'])) { $row->bbPin = $aData['bbPin']; } if (isset($aData['clientId'])) { $row->clientId = $aData['clientId']; } if (isset($aData['mainAddress'])) { $row->mainAddress = $aData['mainAddress']; } if (isset($aData['city'])) { $row->city = $aData['city']; } if (isset($aData['state'])) { $row->state = $aData['state']; } if (isset($aData['zip'])) { $row->zip = $aData['zip']; } if (isset($aData['phone'])) { $row->phone = $aData['phone']; } if (isset($aData['fax'])) { $row->fax = $aData['fax']; } if (isset($aData['url'])) { $row->url = $aData['url']; } if (isset($aData['countryId'])) { $row->countryId = $aData['countryId']; } if (isset($aData['company'])) { $row->company = $aData['company']; } if (isset($aData['companySizeId'])) { $row->companySizeId = $aData['companySizeId']; } if (isset($aData['jobId'])) { $row->jobId = $aData['jobId']; } if (isset($aData['industryId'])) { $row->industryId = $aData['industryId']; } if (isset($aData['isActive'])) { $row->isActive = $aData['isActive']; } if (isset($aData['registrationDate'])) { $row->registrationDate = $aData['registrationDate']; } if (isset($aData['activationDate'])) { $row->activationDate = $aData['activationDate']; } if (isset($aData['activationCode'])) { $row->activationCode = $aData['activationCode']; } if (isset($aData['expirationDate'])) { $row->expirationDate = $aData['expirationDate']; } $row->save(); return $row; }