public function indexAction()
{
// shares/avatar files are deleted by an off-line routine in crontab
$request = $this->getRequest();
$registry = Zend_Registry::getInstance();
$auth = Zend_Auth::getInstance();
$credential = Ml_Model_Credential::getInstance();
$peopleDelete = Ml_Model_PeopleDelete::getInstance();
$signedUserInfo = $registry->get("signedUserInfo");
$form = $peopleDelete->deleteAccountForm();
if ($request->isPost()) {
$credentialInfo = $credential->getByUid($auth->getIdentity());
if (!$credentialInfo) {
throw new Exception("Fatal error on checking credential in account delete controller.");
}
$registry->set('credentialInfoDataForPasswordChange', $credentialInfo);
if ($form->isValid($request->getPost())) {
$registry->set("canDeleteAccount", true);
$peopleDelete->deleteAccount($signedUserInfo, sha1(serialize($signedUserInfo)));
$auth->clearIdentity();
Zend_Session::namespaceUnset('Zend_Auth');
Zend_Session::regenerateId();
Zend_Session::destroy(true);
$this->_redirect("/account/terminated", array("exit"));
}
}
$this->view->deleteAccountForm = $form;
}
public function init()
{
$registry = Zend_Registry::getInstance();
$auth = Zend_Auth::getInstance();
$config = $registry->get("config");
$sessionConfig = $config['resources']['session'];
$cookieLifetime = $sessionConfig['cookie_lifetime'];
/* @todo fix issue of system with incoherent behavior when the session
system has a issue, such as when the savehandler doesn't work as
expected when it's off-line which results in differents
catched / uncatched exception when the resource (page) loads
*/
$saveHandler = new Ml_Session_SaveHandler_PlusCache($registry->get("memCache"), $config['session']['prefix'], $config['lastActivity']['prefix']);
Zend_Session::setSaveHandler($saveHandler);
Zend_Session::getSaveHandler()->setLifetime($cookieLifetime, true);
Zend_Session::start();
$defaultNamespace = new Zend_Session_Namespace();
if (!isset($defaultNamespace->initialized)) {
Zend_Session::regenerateId();
$defaultNamespace->initialized = true;
}
if ($auth->hasIdentity()) {
$people = Ml_Model_People::getInstance();
$signedUserInfo = $people->getById($auth->getIdentity());
$registry->set('signedUserInfo', $signedUserInfo);
}
$globalHash = Ml_Model_MagicCookies::getInstance()->getLast(true);
$registry->set("globalHash", $globalHash);
}
public function indexAction()
{
if ($this->getRequest()->getParam('garbage')) {
$this->redirect('');
}
$translator = Zend_Registry::get('Zend_Translate');
if (!$this->getRequest()->isPost()) {
if (Zend_Session::sessionExists()) {
$namespace = $this->_session->getNamespace();
if (isset($_SESSION[$namespace])) {
unset($_SESSION[$namespace]);
}
$translator->setLocale('en');
Zend_Registry::set('Zend_Translate', $translator);
Zend_Session::regenerateId();
}
} else {
$lang = $this->getRequest()->getParam('lang');
if ($lang && Zend_Locale::isLocale($lang)) {
$this->_session->locale->setLocale($lang);
if ($translator->getLocale() !== $lang) {
$translator->setLocale($lang);
Zend_Registry::set('Zend_Translate', $translator);
}
$this->_session->nextStep = 1;
}
if ($this->_session->nextStep !== null) {
return $this->forward('step' . $this->_session->nextStep);
}
}
$this->forward('step1');
}
public function logoutAction()
{
$this->_helper->layout()->disableLayout();
$serverUrl = 'http://' . AUTH_SERVER . self::AUTH_PATH . '/logout';
$client = new Zend_Http_Client($serverUrl, array('timeout' => 30));
try {
if (isset($_COOKIE[self::AUTH_SID])) {
$moduleName = $this->getRequest()->getModuleName();
$client->setCookie('PHPSESSID', $_COOKIE[self::AUTH_SID]);
$client->setCookie('moduleName', $moduleName);
$response = $client->request();
if ($response->isError()) {
$remoteErr = $remoteErr = 'REMOTE ERROR: (' . $response->getStatus() . ') ' . $response->getMessage() . ', i.e. ' . $response->getHeader('Message');
throw new Zend_Exception($remoteErr, Zend_Log::ERR);
}
} else {
$this->_helper->logger('No remote cookie found. So, not requesting AUTH_SERVER to logout.');
}
} catch (Zend_Exception $e) {
echo $e->getMessage();
}
preg_match('/[^.]+\\.[^.]+$/', $_SERVER['SERVER_NAME'], $domain);
if (isset($_COOKIE[self::AUTH_SID])) {
setcookie(self::AUTH_SID, '', time() - 360000, self::AUTH_PATH, ".{$domain['0']}");
}
if (isset($_COOKIE['last'])) {
setcookie('last', '', time() - 36000, '/', ".{$domain['0']}");
}
if (isset($_COOKIE['identity'])) {
setcookie('identity', '', time() - 36000, '/', ".{$domain['0']}");
}
Zend_Auth::getInstance()->clearIdentity();
Zend_Session::destroy();
Zend_Session::regenerateId();
}
/**
* Login function authentication system
* @param Zend_Db_Table_Row $account
* @return boolean
*/
function Login(Zend_Db_Table_Row $account)
{
$select = $this->select()->where('email=?', $account->email)->limit(1);
$row = $this->fetchRow($select);
// set up the auth adapter
$db = Acl_Model_Account::getDefaultAdapter();
$authAdapter = new OS_Application_Adapter_Auth($account->email, $account->password);
$authAdapter = new Zend_Auth_Adapter_DbTable($db);
$authAdapter->setTableName($this->_name)->setIdentityColumn('email')->setCredentialColumn('password')->setCredentialTreatment('block = 0');
#->setCredentialTreatment('MD5(?) and block = 0');
$authAdapter->setIdentity($account->email);
$authAdapter->setCredential(crypt($account->password, $row->password));
$result = $authAdapter->authenticate();
Zend_Session::regenerateId();
if ($result->isValid()) {
$auth = Zend_Auth::getInstance();
$storage = $auth->getStorage();
$storage->write($authAdapter->getResultRowObject(array('id', 'email', 'registerdate', 'lastvisitdate', 'role_id', 'fullname', 'email_alternative')));
$account = $this->find($authAdapter->getResultRowObject()->id)->current();
#$account = $this->createRow( $account->toArray() );
$account->lastvisitdate = Zend_Date::now()->toString('YYYY-MM-dd HH:mm:ss');
$account->save();
return true;
}
return false;
}
public function loginAction()
{
$this->_helper->layout()->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$formLogin = new Application_Form_Login();
if ($this->getRequest()->isPost()) {
foreach ($this->_request->getPost('dataPost') as $dataArray) {
$name = $dataArray['name'];
$formDataForValidation["{$name}"] = $dataArray['value'];
}
if ($formLogin->isValid($formDataForValidation)) {
$user = $formDataForValidation['email'];
$password = $formDataForValidation['password'];
$adapter = new Zend_Auth_Adapter_DbTable(null, 'users', 'email', 'password');
$adapter->setIdentity($user);
$adapter->setCredential($password);
Zend_Session::regenerateId();
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($adapter);
if ($result->isValid()) {
$user = $adapter->getResultRowObject();
$auth->getStorage()->write($user);
$this->_helper->json(0);
} else {
$this->_helper->json(1);
}
} else {
$this->_helper->json(1);
}
}
}
public function loginAction()
{
//$this->_helper->layout->disableLayout();
$this->_helper->layout()->setLayout('layout-front');
$r = $this->getRequest();
//$returnTo = $r->getParam('returnTo');
//$this->view->returnTo = urlencode($returnTo);
if ($r->isPost()) {
$returnTo = $r->getParam('returnTo');
$this->view->returnTo = $returnTo;
Zend_Session::start();
$username = $r->getParam('username');
$password = $r->getParam('password');
$authAdapterFactory = new Kutu_Auth_Adapter_Factory();
$authAdapter = $authAdapterFactory->getAdapter();
$authAdapter->setIdentity($username)->setCredential($password);
$auth = Zend_Auth::getInstance();
$authResult = $auth->authenticate($authAdapter);
if ($authResult->isValid()) {
Zend_Session::regenerateId();
// success : store database row to auth's storage
$data = $authAdapter->getResultRowObject();
$auth->getStorage()->write($data);
if (strpos($returnTo, '?')) {
$sAddition = '&';
} else {
$sAddition = '?';
}
header("location: " . $returnTo . $sAddition . "PHPSESSID=" . Zend_Session::getId());
} else {
if ($authResult->getCode() != -51) {
// failure : clear database row from session
Zend_Auth::getInstance()->clearIdentity();
}
$this->view->errorMessage = "Login GAGAL";
}
} else {
Zend_Session::start();
$returnTo = $r->getParam('returnTo');
if (!empty($returnTo)) {
$returnTo = urldecode($returnTo);
$this->view->returnTo = $returnTo;
} else {
$returnTo = KUTU_ROOT_URL . '/identity/account';
$this->view->returnTo = $returnTo;
}
//check sudah login belum
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
//echo "punya identitas";
if (strpos($returnTo, '?')) {
$sAddition = '&';
} else {
$sAddition = '?';
}
header("location: " . $returnTo . $sAddition . "PHPSESSID=" . Zend_Session::getId());
}
}
}
/**
* Log in - show the login form or handle a login request
*
* @todo Implement real authentication
*/
public function loginAction()
{
if ($this->getRequest()->getMethod() != 'POST') {
// Not a POST request, show log-in form
$view = $this->initView();
$this->render();
} else {
// Handle log-in form
$username = $this->getRequest()->getParam('user');
if ($username) {
$password = $this->getRequest()->getParam('password');
} else {
$username = $this->getRequest()->getParam('suser');
$password = $this->getRequest()->getParam('spassword');
}
// setup Zend_Auth adapter for a database table
$dbAdapters = Zend_Registry::get('dbAdapters');
$authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapters['user'], 'nukevo_users', 'username', 'user_password', 'MD5(?)');
// Set the input credential values to authenticate against
$authAdapter->setIdentity($username);
$authAdapter->setCredential($password);
// do the authentication
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
// success: store database row to auth's storage
// system. (Not the password though!)
$data = $authAdapter->getResultRowObject(null, 'password');
$auth->getStorage()->write($data);
Zend_Session::regenerateId();
$this->session->logged_in = true;
$this->session->username = $username;
$player_table = new Player();
$player = $player_table->getPlayerForUsername($username);
if ($player) {
$this->session->steamid = $player->steamid;
} else {
$member_table = new Members();
$member = $member_table->getMember($user);
if ($member) {
$this->session->steamid = 'STEAM_' . $member->steamid;
// Update player record's username
$player = $player_table->getPlayerForSteamid($this->session->steamid);
if ($player) {
$where = $table->getAdapter()->quoteInto('steamid = ?', $this->session->steamid);
$player_table->update(array('username' => $username), $where);
}
}
}
//$this->_forward('profile');
$this->_redirect('/sc/player/show/user/' . $username);
} else {
$view = $this->initView();
$view->user = $username;
$view->error = 'Wrong user name or password, please try again';
$this->render();
}
}
}
/**
* Clear the session information
*/
public static function clearSession()
{
$authCookieName = Zend_Registry::get('config')->General->login_cookie_name;
$cookie = new Core_Cookie($authCookieName);
$cookie->delete();
Zend_Session::expireSessionCookie();
Zend_Session::regenerateId();
}
protected function _initSession()
{
$session = new Zend_Session_Namespace('ipmcore');
Zend_Registry::set('session', $session);
if (!isset($session->initialized)) {
Zend_Session::regenerateId();
$session->initialized = true;
}
}
private function __construct()
{
Zend_Session::start();
$this->namespace = new Zend_Session_Namespace('sessaoproponente');
if (!isset($this->namespace->initialized)) {
Zend_Session::regenerateId();
$this->namespace->initialized = true;
}
}
/**
* @param string $username
* @param string $password
* @return boolean
*/
public function login($username, $password)
{
$adapter = $this->getAuthAdapter();
$adapter->setIdentity($username);
$adapter->setCredential($password);
$result = $this->getAuth()->authenticate($adapter);
\Zend_Session::regenerateId();
return $result->isValid();
}
/**
* Initialize session namespace
*
* @return Zend_Session_Namespace
*/
public function init()
{
Zend_Session::start();
$defaultNamespace = new Zend_Session_Namespace('Default');
if (!isset($defaultNamespace->initialized)) {
Zend_Session::regenerateId();
$defaultNamespace->initialized = true;
}
return $defaultNamespace;
}
/**
* Push value to session with key.
*
* @param $key
* @param $value
*/
public static function setProperty($key, $value)
{
$myNamespace = new Zend_Session_Namespace(self::NAME);
if (!isset($myNamespace->initialized)) {
Zend_Session::regenerateId();
$myNamespace->initialized = true;
}
$myNamespace->setExpirationSeconds(self::EXPIRE_IN_SEC, $key);
$myNamespace->{$key} = $value;
}
private static function _processValidators()
{
foreach ($_SESSION['__KWF']['VALID'] as $validator_name => $valid_data) {
$validator = new $validator_name();
if ($validator->validate() === false) {
$_SESSION = array();
Zend_Session::regenerateId();
break;
}
}
}
private static function identificationUserSign()
{
if (SJB_Settings::getValue('sessionBindIP')) {
$userIdentity = md5(SJB_Request::getvar('HTTP_USER_AGENT', '', 'SERVER') . SJB_Request::getvar('REMOTE_ADDR', '', 'SERVER'));
if (self::getValue('userSign') !== $userIdentity) {
session_unset();
Zend_Session::regenerateId();
self::setValue('userSign', $userIdentity);
}
}
}
private function _initSessionDb()
{
$this->bootstrap('db');
$this->bootstrap('session');
Zend_Session::start();
$defaultNamespace = new Zend_Session_Namespace();
if (!isset($defaultNamespace->initialized)) {
Zend_Session::regenerateId();
$defaultNamespace->initialized = true;
}
}
/**
* Login action
*/
public function loginAction()
{
$this->view->layout()->setLayout('login');
$total_number_attempt = $this->_getBootstrapOption('total_number_attempt', 'default', 3);
$lock_login_time = $this->_getBootstrapOption('lock_login_time', 'default', 180);
$expire_password = 3600 * 24 * $this->_getBootstrapOption('expire_password_day', 'default', 90);
$user = new Auth_Model_User();
//login
if ($this->getRequest()->isPost()) {
//username found
//$isExistUser = Auth_Model_UserMapper::getInstance()->getInstance()->findByUsername($this->_getParam('username', ""), $user);
$isExistUser = Auth_Model_UserMapper::getInstance()->getInstance()->findByCredentials($this->_getParam('auth', ""), $user);
if ($isExistUser) {
$aclLoader = HCMS_Acl_Loader::getInstance();
//check permission
$isMaster = $aclLoader->getAcl()->isAllowed($aclLoader->getRoleCode($user->get_role_id()), "admin", "master");
//password expired for non master
//echo $user->get_changed_password_dt();die('<br>here');
if (!$isMaster && strtotime($user->get_changed_password_dt()) + $expire_password < time()) {
$this->sendNotificationEmail($this->_application->get_name() . " - " . $this->translate("your password expired. Please check with your system admin how to re-activate your account."), array("subject" => $this->_application->get_name() . " - Your password is expired", "to_emails" => array($user->get_email())), CURR_LANG);
return $this->_setLoginError();
}
//unlock attempts
if ($user->get_attempt_login() >= $total_number_attempt) {
if (strtotime($user->get_attempt_login_dt()) + $lock_login_time < time()) {
$this->_updateAttemp($user, 0);
} else {
return $this->_setLoginError();
}
}
}
$adapter = new Admin_Model_Auth_Adapter($this->_applicationId, $this->_getParam('auth'), $this->_getParam('password'));
$result = Zend_Auth::getInstance()->authenticate($adapter);
if ($result->isValid()) {
//updated logged time
Auth_Model_UserMapper::getInstance()->getInstance()->updateUserLogged($result->getIdentity());
$this->_updateAttemp($user, 0);
Zend_Session::regenerateId();
$defaultUrl = $this->view->url(array('module' => 'admin', 'controller' => 'index', 'action' => 'index'), 'default', true);
return $this->returnThere($defaultUrl);
} else {
if ($isExistUser) {
$this->_updateAttemp($user, $user->get_attempt_login() + 1);
//send notification
if ($user->get_attempt_login() >= $total_number_attempt) {
$this->sendNotificationEmail($this->_application->get_name() . " - " . $this->translate("your account is temporarily blocked due to too many invalid login attempts"), array("subject" => $this->_application->get_name() . " - Your account is temporarily blocked", "to_emails" => array($user->get_email())), CURR_LANG);
}
}
return $this->_setLoginError(implode(' ', $result->getMessages()));
}
}
}
/**
* authenticate the request
*
* @return zend_auth_response
*/
public function authenticate()
{
//authenticate the user
$this->_authAdapter->setIdentity(htmlspecialchars(base64_decode($this->_username)));
$this->_authAdapter->setCredential(md5(htmlspecialchars(base64_decode($this->_password))));
$result = $this->_authAdapter->authenticate();
if ($result->isValid()) {
$this->_isValid = true;
Zend_Session::regenerateId();
$this->getStorage()->write($this->_authAdapter->getResultRowObject($this->_resultRowColumns));
return $this;
}
}
private function __construct() {
/* Start the session */
Zend_Session::start();
/* Create default namcespace */
$this->namespace = new Zend_Session_Namespace();
/* Initialize */
if (!isset($this->namespace->initialized)) {
Zend_Session::regenerateId();
$this->namespace->initialized = true;
}
}
/**
* recognizes a valid session by checking certain additional information stored in the session
* often recommended as protection against session fixation/hijacking - but doesnt make much sense
* Zend-Framework supports session validators to validate sessions
* @return unknown_type
*/
public function __construct()
{
try {
if (!Zend_Session::isStarted()) {
Zend_Session::start();
}
} catch (Zend_Session_Exception $e) {
Zend_Session::destroy();
Zend_Session::start();
Zend_Session::regenerateId();
}
Zend_Session::registerValidator(new Zend_Session_Validator_HttpUserAgent());
}
public function login($userEmail, $userPassword)
{
$authAdapter = new Zend_Auth_Adapter_DbTable();
$authAdapter->setTableName(self::TABLE_NAME)->setIdentityColumn('email')->setIdentity($userEmail)->setCredentialColumn('password')->setCredential(md5($userPassword));
$authController = Zend_Auth::getInstance();
$auth = $authController->authenticate($authAdapter);
if ($auth->isValid()) {
$authController->getStorage()->write(array('email' => $userEmail));
Zend_Session::regenerateId();
return true;
}
return false;
}
/**
* Performs an authentication attempt
*
* @throws Zend_Auth_Adapter_Exception If authentication cannot be performed
* @return Zend_Auth_Result
*/
public function authenticate()
{
// Whether the authntication succeeds or fails - generate a fresh session ID
// This will assist in preventing session hijacking
// This will also apply session options and cookie updates (e.g. cookie_secure)
Zend_Session::regenerateId();
if ($this->ks) {
$client = Infra_ClientHelper::getClient();
$client->setKs($this->ks);
$user = $client->user->get();
/* @var $user Kaltura_Client_Type_User */
$identity = $this->getUserIdentity($user, $this->ks, $user->partnerId);
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity);
}
if (!$this->username || !$this->password) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, null);
}
$partnerId = null;
$settings = Zend_Registry::get('config')->settings;
if (isset($settings->partnerId)) {
$partnerId = $settings->partnerId;
}
$client = Infra_ClientHelper::getClient();
$client->setKs(null);
try {
if ($this->partnerId) {
$ks = $client->user->loginByLoginId($this->username, $this->password, $this->partnerId, null, $this->privileges);
$client->setKs($ks);
$user = $client->user->getByLoginId($this->username, $this->partnerId);
$identity = $this->getUserIdentity($user, $ks, $this->partnerId);
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity);
}
if (!$this->ks) {
$this->ks = $client->user->loginByLoginId($this->username, $this->password, $partnerId, null, $this->privileges);
}
$client->setKs($this->ks);
$user = $client->user->getByLoginId($this->username, $partnerId);
$identity = $this->getUserIdentity($user, $this->ks, $user->partnerId);
if ($partnerId && $user->partnerId != $partnerId) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, null);
}
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity);
} catch (Exception $ex) {
if ($ex->getCode() === self::SYSTEM_USER_INVALID_CREDENTIALS || $ex->getCode() === self::SYSTEM_USER_DISABLED || $ex->getCode() === self::USER_WRONG_PASSWORD || $ex->getCode() === self::USER_NOT_FOUND) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, null);
} else {
throw $ex;
}
}
}
public function indexAction()
{
$this->server = new Zend_Amf_Server();
Zend_Session::start();
$this->server->setSession(Amf_Auth::AUTH_NAMESPACE);
$this->server->setProduction(false);
$this->server->addDirectory('application/services');
$this->server->setAuth(new Amf_Auth());
$this->server->setAcl(new Amf_Acl());
Zend_Session::regenerateId();
$response = $this->server->handle();
Zend_Session::destroy();
if (count($response->getAmfBodies()) > 0) {
echo $response;
}
}
public function loginAction()
{
$username = $this->_getParam('username');
$password = $this->_getParam('password');
$auth = Zend_Auth::getInstance();
$authAdapter = new Axis_Auth_AdminAdapter($username, $password);
$result = $auth->authenticate($authAdapter);
if (!$result->isValid()) {
Axis::dispatch('admin_user_login_failed', array('username' => $username));
$this->_redirect($this->_getBackUrl());
} else {
Zend_Session::regenerateId();
Axis::dispatch('admin_user_login_success', array('username' => $username));
Axis::session()->roleId = Axis::single('admin/user')->select('role_id')->where('id = ?', $result->getIdentity())->fetchOne();
$this->_redirect($this->_getBackUrl());
}
}
private function __construct()
{
/* Explicitly start the session */
$config = array('name' => 'session', 'primary' => 'id', 'modifiedColumn' => 'modified', 'dataColumn' => 'data', 'lifetimeColumn' => 'lifetime', 'db' => Zend_Registry::get("dbAdapter"));
Zend_Session::setSaveHandler(new Zend_Session_SaveHandler_DbTable($config));
//start your session
Zend_Session::start();
/* Create our Session namespace - using 'Default' namespace */
$this->namespace = new Zend_Session_Namespace();
/** Check that our namespace has been initialized - if not, regenerate the session id
* Makes Session fixation more difficult to achieve
*/
if (!isset($this->namespace->initialized)) {
Zend_Session::regenerateId();
$this->namespace->initialized = true;
}
}
public function indexAction()
{
$acl = new Zend_Acl();
$acl->addRole(new Zend_Acl_Role('administrator'));
Zend_Session::regenerateId();
$server = new Zend_Amf_Server();
//set amf server session namespace
$server->setSession();
$server->setProduction(false);
$server->setAcl($acl);
//set service root directory
$server->addDirectory(realpath(dirname(__FILE__) . '/../services/amf/'));
echo($server->handle());
}
public function indexAction()
{
if (isset($this->_session->user)) {
$this->redirect("home/");
}
if (isset($_POST['submit']) && $_POST['submit'] == "SIGN IN") {
$login_data = $_POST;
$user = Model_Users::getByUserName($login_data['username']);
if (!empty($user['user_name']) && $user['user_password'] == $login_data['password']) {
Zend_Session::regenerateId();
$this->_session->user = $user;
$this->redirect('home');
} else {
$errors['invalid_credentials'] = 'Invalid Credentials!!';
}
$this->view->errors = $errors;
}
}
public function confirmAction()
{
$auth = Zend_Auth::getInstance();
$request = $this->getRequest();
$registry = Zend_Registry::getInstance();
$router = Zend_Controller_Front::getInstance()->getRouter();
$config = $registry->get("config");
if ($auth->hasIdentity()) {
$registry->set("pleaseSignout", true);
return $this->_forward("index", "logout");
}
$signUp = Ml_Model_SignUp::getInstance();
$credential = Ml_Model_Credential::getInstance();
$people = Ml_Model_People::getInstance();
$profile = Ml_Model_Profile::getInstance();
if ($config['ssl'] && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on")) {
$this->_redirect("https://" . $config['webhostssl'] . $router->assemble(array($request->getUserParams()), "join_emailconfirm"), array("exit"));
}
$securityCode = $request->getParam("security_code");
$confirmationInfo = $signUp->getByHash($securityCode);
if (!$confirmationInfo) {
$this->getResponse()->setHttpResponseCode(404);
return $this->_forward("unavailable");
}
$form = $signUp->newIdentityForm($securityCode);
if ($request->isPost() && $form->isValid($request->getPost())) {
$newUsername = $form->getValue("newusername");
$password = $form->getValue("password");
$preUserInfo = array("alias" => $newUsername, "membershipdate" => $confirmationInfo['timestamp'], "name" => $confirmationInfo['name'], "email" => $confirmationInfo['email']);
$uid = $people->create($newUsername, $password, $preUserInfo, $confirmationInfo);
$getUserByUsername = $people->getByUsername($preUserInfo['alias']);
$adapter = $credential->getAuthAdapter($getUserByUsername['id'], $password);
if ($adapter) {
$result = $auth->authenticate($adapter);
if ($result->getCode() != Zend_Auth_Result::SUCCESS) {
throw new Exception("Could not authenticate 'just created' user");
}
}
Zend_Session::regenerateId();
$this->_redirect($router->assemble(array(), "join_welcome"), array("exit"));
}
$this->view->entry = $confirmationInfo;
$this->view->confirmForm = $form;
}
private function __construct() {
/* Explicitly start the session */
try {
Zend_Session::start();
} catch (Exception $e) {
}
/* Create our Session namespace - using 'Default' namespace */
$this->namespace = new Zend_Session_Namespace();
/** Check that our namespace has been initialized - if not, regenerate the session id
* Makes Session fixation more difficult to achieve
*/
if (!isset($this->namespace->initialized)) {
Zend_Session::regenerateId();
$this->namespace->initialized = true;
}
}
