/** * @depends testDestroy */ public function testOverride() { // Initialize session $result = $this->_handler->write($this->_id, $this->_data); $this->assertEquals(true, $result); $sess = $this->_findSession($this->_id); // No update $this->_handler->read($this->_id); $this->_handler->write($this->_id, $this->_data); $sess1 = $this->_findSession($this->_id); $this->assertEquals($sess, $sess1); // Wait sleep(1); // Update $this->_handler->read($this->_id); $this->_handler->write($this->_id, $this->_data . '3839'); $sess2 = $this->_findSession($this->_id); $this->assertNotEquals($sess, $sess2); $this->assertNotEquals($sess['metadata']['created'], $sess2['metadata']['created']); $this->assertEquals($sess['metadata']['expire'], $sess2['metadata']['expire']); // Wait sleep(Zend_Session::getOptions('gc_maxlifetime') + 1); // New one due to max lifetime $this->_handler->read($this->_id); $this->_handler->write($this->_id, $this->_data); $sess3 = $this->_findSession($this->_id); $this->assertNotEquals($sess, $sess3); $this->assertNotEquals($sess['metadata']['created'], $sess3['metadata']['created']); $this->assertNotEquals($sess['metadata']['expire'], $sess3['metadata']['expire']); }
public function perioddialogAction() { $yearList = new Model_Year_List(); $this->view->assign("yearList", $yearList->getListView()); $this->view->assign("yearCurrent", Zend_Session::getOptions("yearId")); $this->view->assign("filter", new Model_Abstract_Filter()); }
/** * */ public function __construct($config = array()) { if ($config instanceof Zend_Config) { $config = $config->toArray(); } else { if (!is_array($config)) { /** * @see Zend_Session_SaveHandler_Exception */ require_once 'Zend/Session/SaveHandler/Exception.php'; throw new Zend_Session_SaveHandler_Exception('$config must be an instance of Zend_Config or array of key/value pairs containing ' . 'configuration options for App_Session_SaveHandler_Cache.'); } } if (!isset($config['cache'])) { throw new Zend_Session_SaveHandler_Exception('$config have to indicate the cachename.'); } if (is_string($config['cache'])) { $cacheMgr = isset($config['cacheManager']) ? $config['cacheManager'] : App::get('cacheManager'); $this->_cache = $cacheMgr->getCache($config['cache']); } else { $this->_cache = $config['cache']; } if (isset($config['prefix'])) { $this->_prefix = (string) $config['prefix']; } $this->_maxLifeTime = Zend_Session::getOptions('gc_maxlifetime'); }
/** * Returns the data to show in the index action * * Allows to easily add or modifiy the information at project level * * @return array */ protected function _getData() { $versions = $this->loader->getVersions(); $data[$this->_('Project name')] = $this->project->getName(); $data[$this->_('Project version')] = $versions->getProjectVersion(); $data[$this->_('Gems version')] = $versions->getGemsVersion(); $data[$this->_('Gems build')] = $versions->getBuild(); $data[$this->_('Gems project')] = GEMS_PROJECT_NAME; $data[$this->_('Gems web directory')] = $this->getDirInfo(GEMS_WEB_DIR); $data[$this->_('Gems root directory')] = $this->getDirInfo(GEMS_ROOT_DIR); $data[$this->_('Gems code directory')] = $this->getDirInfo(GEMS_LIBRARY_DIR); $data[$this->_('Gems variable directory')] = $this->getDirInfo(GEMS_ROOT_DIR . '/var'); $data[$this->_('MUtil version')] = \MUtil_Version::get(); $data[$this->_('Zend version')] = \Zend_Version::VERSION; $data[$this->_('Application environment')] = APPLICATION_ENV; $data[$this->_('Application baseuri')] = $this->loader->getUtil()->getCurrentURI(); $data[$this->_('Application directory')] = $this->getDirInfo(APPLICATION_PATH); $data[$this->_('Application encoding')] = APPLICATION_ENCODING; $data[$this->_('PHP version')] = phpversion(); $data[$this->_('Server Hostname')] = php_uname('n'); $data[$this->_('Server OS')] = php_uname('s'); $data[$this->_('Time on server')] = date('r'); $driveVars = array($this->_('Session directory') => \Zend_Session::getOptions('save_path'), $this->_('Temporary files directory') => realpath(getenv('TMP'))); if ($system = getenv('SystemDrive')) { $driveVars[$this->_('System Drive')] = realpath($system); } foreach ($driveVars as $name => $drive) { $data[$name] = $this->getDirInfo($drive); } return $data; }
/** * */ public function __construct($config = array()) { if ($config instanceof Zend_Config) { $config = $config->toArray(); } else { if (!is_array($config)) { /** * @see Zend_Session_SaveHandler_Exception */ require_once 'Zend/Session/SaveHandler/Exception.php'; throw new Zend_Session_SaveHandler_Exception('$config must be an instance of Zend_Config or array of key/value pairs containing ' . 'configuration options for App_Session_SaveHandler_Cache.'); } } if (!isset($config['collection'])) { throw new Zend_Session_SaveHandler_Exception('$config have to indicate the collection.'); } try { if (is_string($config['collection'])) { $this->_connection = \App::get('mongo'); $this->_collection = $this->_connection->{$config['collection']}; } else { $this->_collection = $config['collection']; } } catch (\Exception $e) { if ($this->_connection) { $this->_connection->close(); } throw $e; } $this->_maxLifeTime = Zend_Session::getOptions('gc_maxlifetime'); }
public function testSetOptions() { Zend_Session::setOptions(array('use_only_cookies' => false, 'remember_me_seconds' => 3600)); $this->resource->setOptions(array('use_only_cookies' => true, 'remember_me_seconds' => 7200)); $this->resource->init(); $this->assertEquals(1, Zend_Session::getOptions('use_only_cookies')); $this->assertEquals(7200, Zend_Session::getOptions('remember_me_seconds')); }
public function __construct($namespace = self::NAMESPACE_DEFAULT, $member = self::MEMBER_DEFAULT) { $this->_namespace = $namespace; $this->_member = $member; $sessName = Zend_Session::getOptions('name'); if (isset($_COOKIE[$sessName])) { $this->_session = new Zend_Session_Namespace($namespace); } }
/** * @static * @return void */ public static function initSession() { Zend_Session::setOptions(array("throw_startup_exceptions" => false, "gc_maxlifetime" => 7200, "name" => "pimcore_admin_sid", "strict" => false, "use_only_cookies" => false)); try { try { if (!Zend_Session::isStarted()) { $sName = Zend_Session::getOptions("name"); // only set the session id if the cookie isn't present, otherwise Set-Cookie is always in the headers if (array_key_exists($sName, $_REQUEST) && !empty($_REQUEST[$sName]) && (!array_key_exists($sName, $_COOKIE) || empty($_COOKIE[$sName]))) { // get zend_session work with session-id via get (since SwfUpload doesn't support cookies) Zend_Session::setId($_REQUEST[$sName]); } // register session Zend_Session::start(); } } catch (Exception $e) { Logger::error("Problem while starting session"); Logger::error($e); } } catch (Exception $e) { Logger::emergency("there is a problem with admin session"); die; } }
public function loginAction() { // Already logged in if (Engine_Api::_()->user()->getViewer()->getIdentity()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('You are already signed in.'); if (null === $this->_helper->contextSwitch->getCurrentContext()) { $this->_helper->redirector->gotoRoute(array(), 'default', true); } return; } // Make form $this->view->form = $form = new User_Form_Login(); $form->setAction($this->view->url(array('return_url' => null))); $form->populate(array('return_url' => $this->_getParam('return_url'))); // Facebook login // if( User_Model_DbTable_Facebook::authenticate($form) ) { // // Facebook login succeeded, redirect to home // return $this->_helper->redirector->gotoRoute(array(), 'default', true); // } // Render $this->_helper->content->setEnabled(); // Not a post if (!$this->getRequest()->isPost()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken'); return; } // Form not valid if (!$form->isValid($this->getRequest()->getPost())) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data'); return; } // Check login creds extract($form->getValues()); // $email, $password, $remember $user_table = Engine_Api::_()->getDbtable('users', 'user'); $user_select = $user_table->select()->where('email = ?', $email); // If post exists $user = $user_table->fetchRow($user_select); // Get ip address $db = Engine_Db_Table::getDefaultAdapter(); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); // Check if user exists if (empty($user)) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'); $form->addError(Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.')); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'no-member')); return; } // Check if user is verified and enabled if (!$user->enabled) { if (!$user->verified) { $this->view->status = false; $resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true); $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('This account still requires either email verification.'); $error .= ' '; $error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url); $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled')); return; } else { if (!$user->approved) { $this->view->status = false; $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('This account still requires admin approval.'); $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled')); return; } } // Should be handled by hooks or payment //return; } // Handle subscriptions if (Engine_Api::_()->hasModuleBootstrap('payment')) { // Check for the user's plan $subscriptionsTable = Engine_Api::_()->getDbtable('subscriptions', 'payment'); if (!$subscriptionsTable->check($user)) { // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'unpaid')); // Redirect to subscription page $subscriptionSession = new Zend_Session_Namespace('Payment_Subscription'); $subscriptionSession->unsetAll(); $subscriptionSession->user_id = $user->getIdentity(); return $this->_helper->redirector->gotoRoute(array('module' => 'payment', 'controller' => 'subscription', 'action' => 'index'), 'default', true); } } // Run pre login hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginBefore', $user); foreach ((array) $event->getResponses() as $response) { if (is_array($response)) { if (!empty($response['error']) && !empty($response['message'])) { $form->addError($response['message']); } else { if (!empty($response['redirect'])) { $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } else { continue; } } // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'third-party')); // Return return; } } // Version 3 Import compatibility if (empty($user->password)) { $compat = Engine_Api::_()->getApi('settings', 'core')->getSetting('core.compatibility.password'); $migration = null; try { $migration = Engine_Db_Table::getDefaultAdapter()->select()->from('engine4_user_migration')->where('user_id = ?', $user->getIdentity())->limit(1)->query()->fetch(); } catch (Exception $e) { $migration = null; $compat = null; } if (!$migration) { $compat = null; } if ($compat == 'import-version-3') { // Version 3 authentication $cryptedPassword = self::_version3PasswordCrypt($migration['user_password_method'], $migration['user_code'], $password); if ($cryptedPassword === $migration['user_password']) { // Regenerate the user password using the given password $user->salt = (string) rand(1000000, 9999999); $user->password = $password; $user->save(); Engine_Api::_()->user()->getAuth()->getStorage()->write($user->getIdentity()); // @todo should we delete the old migration row? } else { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied')); return; } // End Version 3 authentication } else { $form->addError('There appears to be a problem logging in. Please reset your password with the Forgot Password link.'); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'v3-migration')); return; } } else { $authResult = Engine_Api::_()->user()->authenticate($email, $password); $authCode = $authResult->getCode(); Engine_Api::_()->user()->setViewer(); if ($authCode != Zend_Auth_Result::SUCCESS) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied')); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'bad-password')); return; } } // -- Success! -- // Register login $loginTable = Engine_Api::_()->getDbtable('logins', 'user'); $loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true)); $_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId(); // Remember if ($remember) { $lifetime = 1209600; // Two weeks Zend_Session::getSaveHandler()->setLifetime($lifetime, true); Zend_Session::rememberMe($lifetime); } // Increment sign-in count Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins'); // Test activity @todo remove $viewer = Engine_Api::_()->user()->getViewer(); if ($viewer->getIdentity()) { $viewer->lastlogin_date = date("Y-m-d H:i:s"); if ('cli' !== PHP_SAPI) { $viewer->lastlogin_ip = $ipExpr; } $viewer->save(); Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login'); } // Assign sid to view for json context $this->view->status = true; $this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful'); $this->view->sid = Zend_Session::getId(); $this->view->sname = Zend_Session::getOptions('name'); // Run post login hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer); // Do redirection only if normal context if (null === $this->_helper->contextSwitch->getCurrentContext()) { // Redirect by form $uri = $form->getValue('return_url'); if ($uri) { if (substr($uri, 0, 3) == '64-') { $uri = base64_decode(substr($uri, 3)); } return $this->_redirect($uri, array('prependBase' => false)); } // Redirect by session $session = new Zend_Session_Namespace('Redirect'); if (isset($session->uri)) { $uri = $session->uri; $opts = $session->options; $session->unsetAll(); return $this->_redirect($uri, $opts); } else { if (isset($session->route)) { $session->unsetAll(); return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset); } } // Redirect by hook foreach ((array) $event->getResponses() as $response) { if (is_array($response)) { if (!empty($response['error']) && !empty($response['message'])) { return $form->addError($response['message']); } else { if (!empty($response['redirect'])) { return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } } } } // Just redirect to home return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true); } }
public function indexAction() { // Already logged in $viewer = Khcn_Api::_()->getViewer(); if ($viewer && $viewer->getIdentity()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Bạn đã đăng nhập.'); $this->_helper->redirector->gotoRoute(array(), 'default', true); return; } // Make form $this->view->form = $form = new Default_Form_Login(); $form->setAction($this->view->url(array('return_url' => null))); $form->populate(array('return_url' => $this->_getParam('return_url'))); // Not a post if (!$this->getRequest()->isPost()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken'); return; } // Form not valid if (!$form->isValid($this->getRequest()->getPost())) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data'); return; } // Check login creds extract($form->getValues()); // $Username, $Password, $Remember $userTable = Khcn_Api::_()->getItemTable('default_nguoi_dung'); $userSelect = $userTable->select()->where('ten_dang_nhap = ?', $Username); // If post exists $user = $userTable->fetchRow($userSelect); // Get ip address $db = Khcn_Db_Table::getDefaultAdapter(); // Check if user exists if (empty($user)) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.')); return; } // Check if user is verified and enabled if (!$user->enabled) { if (!$user->verified) { $this->view->status = false; $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('Vui lòng kích hoạt tài khoản thông qua email.'); $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); return; } else { if (!$user->approved) { $this->view->status = false; $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('Tài khoản của bạn cần được kích hoạt bởi admin.'); $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); return; } } // Should be handled by hooks or payment //return; } // Version 3 Import compatibility if (empty($user->mat_khau)) { $form->addError('Mật khẩu không hợp lệ. Vui lòng reset lại mật khẩu.'); return; } else { $authResult = Khcn_Api::_()->authenticate($Username, $Password); $authCode = $authResult->getCode(); Khcn_Api::_()->setViewer(); if ($authCode != Zend_Auth_Result::SUCCESS) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.')); return; } } // -- Success! -- // Remember if (!empty($Remember)) { $lifetime = 1209600; // Two weeks Zend_Session::getSaveHandler()->setLifetime($lifetime, true); Zend_Session::rememberMe($lifetime); } // Test activity @todo remove $viewer = Khcn_Api::_()->getViewer(); if ($viewer && $viewer->getIdentity()) { $viewer->lan_dang_nhap_cuoi = date("Y-m-d H:i:s"); $viewer->save(); } // Assign sid to view for json context $this->view->status = true; $this->view->message = Zend_Registry::get('Zend_Translate')->_('Đăng nhập thành công'); $this->view->sid = Zend_Session::getId(); $this->view->sname = Zend_Session::getOptions('name'); // Do redirection only if normal context // Redirect by form $uri = $form->getValue('return_url'); if ($uri) { if (substr($uri, 0, 3) == '64-') { $uri = base64_decode(substr($uri, 3)); } return $this->_redirect($uri, array('prependBase' => false)); } // Redirect by session $session = new Zend_Session_Namespace('Redirect'); if (isset($session->uri)) { $uri = $session->uri; $opts = $session->options; $session->unsetAll(); return $this->_redirect($uri, $opts); } else { if (isset($session->route)) { $session->unsetAll(); return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset); } } // Just redirect to home return $this->_helper->redirector->gotoRoute(array(), null, true); }
public function loginAction() { // Render $this->_helper->content->setContentName('user_auth_login')->setEnabled(); $this->view->form = $form = new User_Form_Login(); $form->setAction(Zend_Controller_Front::getInstance()->getRouter()->assemble(array(), 'user_login', true)); $user_id = 0; $email = ""; $skey = self::TEMPORAY_SESSION_LOGIN_ID; if (isset($_SESSION[$skey])) { $user_id = $_SESSION[$skey]; unset($_SESSION[$skey]); } // $email, $password, $remember $user_table = Engine_Api::_()->getDbtable('users', 'user'); // If post exists $user = $user_table->find($user_id)->current(); // Get ip address $db = Engine_Db_Table::getDefaultAdapter(); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); // Check if user exists if (empty($user)) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'no-member')); return; } // Check if user is verified and enabled if (!$user->enabled) { if (!$user->verified) { $this->view->status = false; $resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true); $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('This account still requires either email verification.'); $error .= ' '; $error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url); $this->view->error = $error; $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled')); return; } else { if (!$user->approved) { $this->view->status = false; $translate = Zend_Registry::get('Zend_Translate'); $this->view->error = $error = $translate->translate('This account still requires admin approval.'); $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled')); return; } } // Should be handled by hooks or payment } // Handle subscriptions if (Engine_Api::_()->hasModuleBootstrap('payment')) { // Check for the user's plan $subscriptionsTable = Engine_Api::_()->getDbtable('subscriptions', 'payment'); if (!$subscriptionsTable->check($user)) { // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'unpaid')); // Redirect to subscription page $subscriptionSession = new Zend_Session_Namespace('Payment_Subscription'); $subscriptionSession->unsetAll(); $subscriptionSession->user_id = $user->getIdentity(); return $this->_helper->redirector->gotoRoute(array('module' => 'payment', 'controller' => 'subscription', 'action' => 'index'), 'default', true); } } // Register login $auth = Zend_Auth::getInstance(); $auth->getStorage()->write($user->getIdentity()); // Run pre login hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginBefore', $user); foreach ((array) $event->getResponses() as $response) { if (is_array($response)) { if (!empty($response['error']) && !empty($response['message'])) { $form->addError($response['message']); } else { if (!empty($response['redirect'])) { $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } else { continue; } } // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'third-party')); // Return return; } } // Register login $loginTable = Engine_Api::_()->getDbtable('logins', 'user'); $loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true)); $_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId(); // Increment sign-in count Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins'); // Test activity @todo remove $viewer = Engine_Api::_()->user()->getViewer(); if ($viewer->getIdentity()) { $viewer->lastlogin_date = date("Y-m-d H:i:s"); if ('cli' !== PHP_SAPI) { $viewer->lastlogin_ip = $ipExpr; } $viewer->save(); Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login'); } // Assign sid to view for json context $this->view->status = true; $this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful'); $this->view->sid = Zend_Session::getId(); $this->view->sname = Zend_Session::getOptions('name'); // Run post login hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer); // Do redirection only if normal context if (null === $this->_helper->contextSwitch->getCurrentContext()) { // Redirect by session $session = new Zend_Session_Namespace('Redirect'); if (isset($session->uri)) { $uri = $session->uri; $opts = $session->options; $session->unsetAll(); return $this->_redirect($uri, $opts); } else { if (isset($session->route)) { $session->unsetAll(); return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset); } } // Redirect by hook foreach ((array) $event->getResponses() as $response) { if (is_array($response)) { if (!empty($response['error']) && !empty($response['message'])) { return $form->addError($response['message']); } else { if (!empty($response['redirect'])) { return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } } } } // Just redirect to home return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true); } }
protected function _initSession() { // Get session configuration $file = APPLICATION_PATH . '/application/settings/session.php'; $config = array(); if (file_exists($file)) { $config = (include $file); } // Get default session configuration if (empty($config)) { $config = array('options' => array('save_path' => 'session', 'use_only_cookies' => true, 'remember_me_seconds' => 864000, 'gc_maxlifetime' => 86400, 'cookie_httponly' => false), 'saveHandler' => array('class' => 'Core_Model_DbTable_Session', 'params' => array('lifetime' => 86400))); } // Remove httponly unless forced in config if (!isset($config['options']['cookie_httponly'])) { $config['options']['cookie_httponly'] = false; } // Set session options Zend_Session::setOptions($config['options']); $saveHandler = $config['saveHandler']['class']; Zend_Session::setSaveHandler(new $saveHandler($config['saveHandler']['params'])); // Session hack for fancy upload //if( !isset($_COOKIE[session_name()]) ) //{ $sessionName = Zend_Session::getOptions('name'); if (isset($_POST[$sessionName])) { Zend_Session::setId($_POST[$sessionName]); } else { if (isset($_POST['PHPSESSID'])) { Zend_Session::setId($_POST['PHPSESSID']); } } //} //Zend_Session::start(); }
/** * Write session data * * @param string $id * @param string $data * @return boolean */ public function write($id, $data) { return $this->getCache()->save($data, $this->normalizeId($id), array(), \Zend_Session::getOptions('gc_maxlifetime')); }
public function loginAction() { // Already logged in if (Engine_Api::_()->user()->getViewer()->getIdentity()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('You are already signed in.'); if (null === $this->_helper->contextSwitch->getCurrentContext()) { $this->_helper->redirector->gotoRoute(array(), 'home'); } return; } // Make form $this->view->form = $form = new User_Form_Login(); $form->populate(array('return_url' => $this->_getParam('return_url'))); // Facebook login if (User_Model_DbTable_Facebook::authenticate($form)) { // Facebook login succeeded, redirect to home $this->_helper->redirector->gotoRoute(array(), 'home'); } // Not a post if (!$this->getRequest()->isPost()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken'); return; } // Form not valid if (!$form->isValid($this->getRequest()->getPost())) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data'); return; } // Check login creds extract($form->getValues()); // $email, $password, $remember $user_table = Engine_Api::_()->getDbtable('users', 'user'); $user_select = $user_table->select()->where('email = ?', $email); // If post exists $user = $user_table->fetchRow($user_select); // Check if user exists if (empty($user)) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'); $form->addError(Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.')); return; } // Check if user is verified and enabled if (!$user->verified || !$user->enabled) { $this->view->status = false; $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('This account still requires either email verification or admin approval.'); if (!empty($user) && !$user->verified) { $resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true); $error .= ' '; $error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url); } $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); return; } // Version 3 Import compatibility if (empty($user->password)) { $compat = Engine_Api::_()->getApi('settings', 'core')->getSetting('core.compatibility.password'); $migration = null; try { $migration = Engine_Db_Table::getDefaultAdapter()->select()->from('engine4_user_migration')->where('user_id = ?', $user->getIdentity())->limit(1)->query()->fetch(); } catch (Exception $e) { $migration = null; $compat = null; } if (!$migration) { $compat = null; } if ($compat == 'import-version-3') { // Version 3 authentication $cryptedPassword = self::_version3PasswordCrypt($migration['user_password_method'], $migration['user_code'], $password); if ($cryptedPassword === $migration['user_password']) { // Regenerate the user password using the given password $user->salt = (string) rand(1000000, 9999999); $user->password = $password; $user->save(); Engine_Api::_()->user()->getAuth()->getStorage()->write($user->getIdentity()); // @todo should we delete the old migration row? } else { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied')); return; } // End Version 3 authentication } else { $form->addError('There appears to be a problem logging in. Please reset your password with the Forgot Password link.'); return; } } else { $authResult = Engine_Api::_()->user()->authenticate($email, $password); $authCode = $authResult->getCode(); Engine_Api::_()->user()->setViewer(); if ($authCode != Zend_Auth_Result::SUCCESS) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied')); return; } } // -- Success! -- // Remember if ($remember) { $lifetime = 1209600; // Two weeks Zend_Session::getSaveHandler()->setLifetime($lifetime, true); Zend_Session::rememberMe($lifetime); } // Increment sign-in count Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins'); // Test activity @todo remove $viewer = Engine_Api::_()->user()->getViewer(); if ($viewer->getIdentity()) { $viewer->lastlogin_date = date("Y-m-d H:i:s"); $viewer->lastlogin_ip = $_SERVER['REMOTE_ADDR']; $viewer->save(); Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login'); } // Assign sid to view for json context $this->view->status = true; $this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful'); $this->view->sid = Zend_Session::getId(); $this->view->sname = Zend_Session::getOptions('name'); // Do redirection only if normal context if (null === $this->_helper->contextSwitch->getCurrentContext()) { // Redirect by form $uri = $form->getValue('return_url'); if ($uri) { return $this->_redirect($uri, array('prependBase' => false)); } // Redirect by session $session = new Zend_Session_Namespace('Redirect'); if (isset($session->uri)) { $uri = $session->uri; $opts = $session->options; $session->unsetAll(); return $this->_redirect($uri, $opts); } else { if (isset($session->route)) { $session->unsetAll(); return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset); } else { return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general'); } } } }
public function activateAction() { $this->_helper->layout->setLayout('default-simple'); $user = Engine_Api::_()->core()->getSubject(); if (!$user->deactive) { return $this->_forward('success', 'utility', 'core', array('messages' => array(Zend_Registry::get('Zend_Translate')->_('Your request is invalid.')), 'redirect' => $this->getFrontController()->getRouter()->assemble(array('action' => 'home'), 'user_general', true))); } // Form $this->view->form = $form = new User_Form_Settings_Active(); if (!$this->getRequest()->isPost()) { return; } if (!$form->isValid($this->getRequest()->getPost())) { return; } // Process $db = Engine_Api::_()->getDbtable('users', 'user')->getAdapter(); $db->beginTransaction(); try { $user->user_id = $user->deactive; $user->deactive = 0; $user->save(); $db->commit(); } catch (Exception $e) { $db->rollBack(); throw $e; } Zend_Auth::getInstance()->getStorage()->write($user->user_id); Engine_Api::_()->user()->setViewer(); // Register login $loginTable = Engine_Api::_()->getDbtable('logins', 'user'); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); $loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $user->email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true)); $_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId(); // Increment sign-in count Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins'); // Test activity @todo remove $viewer = Engine_Api::_()->user()->getViewer(); if ($viewer->getIdentity()) { $viewer->lastlogin_date = date("Y-m-d H:i:s"); if ('cli' !== PHP_SAPI) { $viewer->lastlogin_ip = $ipExpr; } $viewer->save(); Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login'); } // Assign sid to view for json context $this->view->status = true; $this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful'); $this->view->sid = Zend_Session::getId(); $this->view->sname = Zend_Session::getOptions('name'); // Run post login hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer); // Do redirection only if normal context if (null === $this->_helper->contextSwitch->getCurrentContext()) { // Redirect by form $uri = $form->getValue('return_url'); if ($uri) { if (substr($uri, 0, 3) == '64-') { $uri = base64_decode(substr($uri, 3)); } return $this->_redirect($uri, array('prependBase' => false)); } // Redirect by session $session = new Zend_Session_Namespace('Redirect'); if (isset($session->uri)) { $uri = $session->uri; $opts = $session->options; $session->unsetAll(); return $this->_redirect($uri, $opts); } else { if (isset($session->route)) { $session->unsetAll(); return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset); } } // Redirect by hook foreach ((array) $event->getResponses() as $response) { if (is_array($response)) { if (!empty($response['error']) && !empty($response['message'])) { return $form->addError($response['message']); } else { if (!empty($response['redirect'])) { return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } } } } // Just redirect to home return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true); } }
/** * init session after successful login * * @param Tinebase_Model_FullUser $user * @param boolean $fixCookieHeader */ protected function _initUserSession($fixCookieHeader = true) { // FIXME 0010508: Session_Validator_AccountStatus causes problems //Tinebase_Session::registerValidatorAccountStatus(); Tinebase_Session::registerValidatorMaintenanceMode(); if (Tinebase_Config::getInstance()->get(Tinebase_Config::SESSIONUSERAGENTVALIDATION, TRUE)) { Tinebase_Session::registerValidatorHttpUserAgent(); } else { Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' User agent validation disabled.'); } // we only need to activate ip session validation for non-encrypted connections $ipSessionValidationDefault = Tinebase_Core::isHttpsRequest() ? FALSE : TRUE; if (Tinebase_Config::getInstance()->get(Tinebase_Config::SESSIONIPVALIDATION, $ipSessionValidationDefault)) { Tinebase_Session::registerValidatorIpAddress(); } else { Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Session ip validation disabled.'); } if ($fixCookieHeader && Zend_Session::getOptions('use_cookies')) { /** * fix php session header handling http://forge.tine20.org/mantisbt/view.php?id=4918 * -> search all Set-Cookie: headers and replace them with the last one! **/ $cookieHeaders = array(); foreach (headers_list() as $headerString) { if (strpos($headerString, 'Set-Cookie: TINE20SESSID=') === 0) { array_push($cookieHeaders, $headerString); } } header(array_pop($cookieHeaders), true); /** end of fix **/ } Tinebase_Session::getSessionNamespace()->currentAccount = Tinebase_Core::getUser(); }
public function indexAction() { $this->html->h2($this->_('Project information')); $versions = $this->loader->getVersions(); $data[$this->_('Project name')] = $this->project->name; $data[$this->_('Project version')] = $versions->getProjectVersion(); $data[$this->_('Gems version')] = $versions->getGemsVersion(); $data[$this->_('Gems build')] = $versions->getBuild(); $data[$this->_('Gems project')] = GEMS_PROJECT_NAME; $data[$this->_('Gems web directory')] = $this->getDirInfo(GEMS_WEB_DIR); $data[$this->_('Gems root directory')] = $this->getDirInfo(GEMS_ROOT_DIR); $data[$this->_('Gems code directory')] = $this->getDirInfo(GEMS_LIBRARY_DIR); $data[$this->_('Gems variable directory')] = $this->getDirInfo(GEMS_ROOT_DIR . '/var'); $data[$this->_('MUtil version')] = \MUtil_Version::get(); $data[$this->_('Zend version')] = \Zend_Version::VERSION; $data[$this->_('Application environment')] = APPLICATION_ENV; $data[$this->_('Application baseuri')] = $this->loader->getUtil()->getCurrentURI(); $data[$this->_('Application directory')] = $this->getDirInfo(APPLICATION_PATH); $data[$this->_('Application encoding')] = APPLICATION_ENCODING; $data[$this->_('PHP version')] = phpversion(); $data[$this->_('Server Hostname')] = php_uname('n'); $data[$this->_('Server OS')] = php_uname('s'); $data[$this->_('Time on server')] = date('r'); $driveVars = array($this->_('Session directory') => \Zend_Session::getOptions('save_path'), $this->_('Temporary files directory') => realpath(getenv('TMP'))); if ($system = getenv('SystemDrive')) { $driveVars[$this->_('System Drive')] = realpath($system); } foreach ($driveVars as $name => $drive) { $data[$name] = $this->getDirInfo($drive); } $lock = $this->util->getMaintenanceLock(); if ($lock->isLocked()) { $label = $this->_('Turn Maintenance Mode OFF'); } else { $label = $this->_('Turn Maintenance Mode ON'); } $request = $this->getRequest(); $buttonList = $this->menu->getMenuList(); $buttonList->addParameterSources($request)->addByController($request->getControllerName(), 'maintenance', $label)->addByController($request->getControllerName(), 'cacheclean'); // $this->html->buttonDiv($buttonList); $this->_showTable($this->_('Version information'), $data); $this->html->buttonDiv($buttonList); }