public static function validate($username, $hash, $rememberme = false)
{
if (!$username) {
return false;
}
// TODO: try to make only one sql request
$adapter = Zend_Db_Table_Abstract::getDefaultAdapter();
$authAdapter = new Zend_Auth_Adapter_DbTable($adapter, 'users', 'pseudo', 'password');
$authAdapter->setIdentity($username)->setCredential($hash);
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($authAdapter);
if (!$result->isValid()) {
self::$_current = null;
return false;
}
$userid = $authAdapter->getResultRowObject('id')->id;
$userMapper = new Syj_Model_UserMapper();
$user = new Syj_Model_User();
if (!$userMapper->find($userid, $user)) {
throw new Zend_Exception();
}
$request = Zend_Controller_Front::getInstance()->getRequest();
if (!$request->getCookie('syj_user') or !$request->getCookie('syj_hashpass')) {
if ($rememberme) {
// cookie will be valid for 2 weeks
$time = time() + 14 * 60 * 24 * 60;
} else {
$time = 0;
}
setcookie("syj_user", $username, $time, "", "", false, true);
setcookie("syj_hashpass", $hash, $time, "", "", false, true);
}
self::$_current = $user;
return true;
}
protected function _run()
{
$this->_newpwd = pwdgen\PwdGenerator::generate();
$this->_user->password = sha1($this->_newpwd);
$userMapper = new Syj_Model_UserMapper();
$userMapper->save($this->_user);
return true;
}
public function indexAction()
{
$user = $this->_helper->SyjUserManager->current();
$request = $this->getRequest();
$form = new Syj_Form_Account(array('name' => 'accountform'));
$formData = $request->getPost();
$valid = false;
if (!empty($formData) and $form->isValid($formData)) {
$valid = true;
if ($user->password != sha1($formData['account_password_current'])) {
$valid = false;
$form->account_password_current->addError(__("Wrong password"));
}
$user->email = $formData['account_email'];
$user->password = sha1($formData['account_password']);
$userMapper = new Syj_Model_UserMapper();
try {
$userMapper->save($user);
} catch (Zend_Db_Statement_Exception $e) {
if ($e->getCode() == 23505) {
// 23505: Unique violation throw new Syj_Exception_Request();
$message = $e->getMessage();
if (strpos($message, 'users_email_key') !== false) {
$valid = false;
$form->account_email->addError(__("an user is already registered with this email"));
} else {
throw $e;
}
} else {
throw $e;
}
}
}
if ($valid) {
$this->_helper->ViewRenderer->setViewScriptPathSpec(':controller/success.:suffix');
return;
}
if (empty($formData)) {
$form->account_email->setValue($user->email);
} else {
$form->account_email->setValue($formData['account_email']);
}
$this->_jsLocaleStrings();
$this->view->form = $form;
}
public function indexAction()
{
$form = new Syj_Form_Newpwd(array('name' => 'newpwdform'));
$request = $this->getRequest();
$formData = $request->getPost();
$this->view->form = $form;
$httprequest = $request->isXmlHttpRequest();
if (!$httprequest) {
$this->_jsLocaleStrings();
}
if (empty($formData)) {
$loggeduser = $this->_helper->SyjUserManager->current();
if ($loggeduser) {
$form->newpwd_email->setValue($loggeduser->email)->setAttrib('readonly', 'true');
}
}
if (empty($formData) or !$form->isValid($formData)) {
if ($httprequest) {
throw new Syj_Exception_Request();
} else {
return;
}
}
/* form has been filled */
$userMapper = new Syj_Model_UserMapper();
$user = new Syj_Model_User();
if ($userMapper->findByEmail($formData['newpwd_email'], $user)) {
// if no user exist with posted email, pretend everything went correct
$loggeduser = isset($loggeduser) ? $loggeduser : $this->_helper->SyjUserManager->current();
if ($loggeduser and $loggeduser != $user) {
throw new Syj_Exception_Request();
}
$pending = new Syj_Model_Pending_ResetPassword();
$pending->setUser($user);
if (!$pending->notify()) {
throw new Zend_Exception();
}
}
if ($httprequest) {
$api = $this->_helper->SyjApi->setCode(200);
} else {
$this->_helper->ViewRenderer->setViewScriptPathSpec(':controller/success.:suffix');
}
}
public function userAction()
{
$formData = $this->_helper->SyjPostData->getPostData('Syj_Form_User');
// XXX: we validate email server side *only* so we don't want to
// validate in SyjPostData. Then, we validate email outside Syj_Form_User
$emailValidator = new Syj_Validate_EmailAddress();
if (!$emailValidator->isValid($formData['user_email'])) {
throw new Syj_Exception_InvalidEmail();
}
$user = new Syj_Model_User();
$user->pseudo = $formData["user_pseudo"];
$user->password = sha1($formData["user_password"]);
$user->email = $formData["user_email"];
if (Zend_Registry::isRegistered('Zend_Translate')) {
$translator = Zend_Registry::get('Zend_Translate');
$adapter = $translator->getAdapter();
$locale = new Zend_Locale($adapter->getLocale());
$user->lang = $locale->getLanguage();
}
$userMapper = new Syj_Model_UserMapper();
try {
$userMapper->save($user);
} catch (Zend_Db_Statement_Exception $e) {
if ($e->getCode() == 23505) {
// 23505: Unique violation throw new Syj_Exception_Request();
$message = $e->getMessage();
if (strpos($message, 'users_pseudo_key') !== false) {
throw new Syj_Exception_Request("uniquepseudo");
} else {
if (strpos($message, 'users_email_key') !== false) {
throw new Syj_Exception_Request("uniqueemail");
} else {
throw $e;
}
}
} else {
throw $e;
}
}
$this->_helper->SyjUserManager->validate($user->pseudo, $user->password);
$data = array('pseudo' => $user->pseudo);
$this->_helper->SyjApi->setBodyJson($data)->setCode(200);
}
protected function _cancel()
{
$mapper = new Syj_Model_UserMapper();
$mapper->delete($this->_user);
return true;
}
protected function _itemFromRow(Syj_Model_Pending $item, Zend_Db_Table_Row $row)
{
$item->setId($row->id)->setHash($row->hash)->setNotificationsNumber($row->notifications_number)->setCreationTime($row->creation_time);
if (!$item->getUser()) {
$user = new Syj_Model_User();
$userMapper = new Syj_Model_UserMapper();
if ($userMapper->find($row->userid, $user)) {
$item->setUser($user);
}
}
return $item;
}
protected function _itemFromRow(Syj_Model_Path $item, Zend_Db_Table_Row $row)
{
$decoder = new gisconverter\WKT();
$geom = $decoder->geomFromText($row->wkt);
$item->setId($row->id)->setGeom($geom)->setTitle($row->title)->setUrlComp($row->urlcomp)->setCreatorIp($row->creator_ip);
if (!$item->getCreator()) {
$user = new Syj_Model_User();
$userMapper = new Syj_Model_UserMapper();
if ($userMapper->find($row->creator, $user)) {
$item->setCreator($user);
}
}
return $item;
}
