public function renewRestrictLogin($_user_no)
{
if (!RESTRICT_LOGIN || !$_user_no) {
return;
}
$restrict = new RestrictLoginEntity();
$row = $restrict->sessionCheck($_user_no);
if (!$row) {
$restrict->db()->insertRecord($_user_no);
}
}
/**
* login auth
*/
public function loginAction()
{
$e = $this->getEvent();
$storage = $e->getApplication()->getServiceManager()->get('Session\\Storage\\DbSessionStorage');
$storage->getSessionStorage()->regenerateId(true);
$this->layout('');
$id = $this->params()->fromPost('login_id');
$pw = $this->params()->fromPost('login_pw');
$key = $this->params()->fromPost('key_id');
$token_id = $this->params()->fromPost('token_id');
$sess_token_id = $this->container()->get('token_id');
$uri = $this->container()->get('uri');
$this->container()->clear('token_id');
// when can't get require item
if (!$id || !$pw || !$key || !$token_id || !$sess_token_id || $token_id != $sess_token_id) {
return $this->redirect()->toRoute('app', array('controller' => 'index'));
}
$user = new UserEntity();
$row = $user->db()->getLoginInfo($id, $key);
$success = false;
$ngCount = false;
$message = null;
$toRoute = array('controller' => 'index');
if (!$row || !$row->user_no) {
$message = "Unknown account";
// $message = "アカウントは不明です。";
} else {
if (LOGIN_FAILED_COUNT && LOGIN_FAILED_COUNT <= $row->ng_count) {
$message = "Account is locked";
// $message = "アカウントはロックされています。";
} else {
if (!$row->login_pw || md5($row->login_pw . $token_id) != $pw) {
$message = "Failed";
// $message = "ログインに失敗しました。";
$this->container()->set('forget', true);
$ngCount = true;
} else {
if ($row->initial_flag || EXPIRE_PW < $row->past_day) {
$message = "Please change password";
// $message = "パスワードの変更が必要です。";
$toRoute = array('controller' => 'index', 'action' => 'change-pw');
} else {
$success = true;
}
}
}
}
// save login error number
if ($ngCount) {
$user->db()->insertLoginFailed($row->user_no);
}
// check duplication login & limit duplication login data INSERT
if (RESTRICT_LOGIN && $success) {
$user->db()->deleteLocked($row->user_no);
$restrict = new RestrictLoginEntity();
// cleaning
$restrict->db()->clean();
$ret = $restrict->restrictCheck($row->user_no);
if ('error' === $ret) {
$this->container()->set('user_no', $row->user_no);
$message = "Not logout";
// $message = "ログアウトしていません。";
$success = false;
} else {
if (!$ret) {
$message = "Failed";
// $message = "ログインに失敗しました。";
$success = false;
}
}
}
// save error message
if ($message) {
$this->flashMessenger()->addMessage($message);
}
// failure auth
if (!$success) {
$this->container()->set('login_id', $id);
return $this->redirect()->toRoute('app', $toRoute);
}
$this->container()->setContainer('user_auth');
$this->container()->set('user_no', $row->user_no);
$this->container()->set('user_name', $row->user_name);
$this->container()->set('branch_no', $row->branch_no);
$this->container()->set('branch_name', $row->branch_name);
$this->container()->set('timezone', $row->timezone);
$this->container()->set('lang_id', $row->lang_id);
$this->container()->set('resource_id', $row->resource_id);
$this->container()->set('approver', $row->approver);
$this->container()->set('admin', $row->admin);
setcookie('lang_id', $row->lang_id, time() + 60 * 60 * 24 * 30, '/', BASE_DOMAIN);
setcookie('resource_id', $row->resource_id, time() + 60 * 60 * 24 * 30, '/', BASE_DOMAIN);
setcookie('timezone', $row->timezone, time() + 60 * 60 * 24 * 30, '/', BASE_DOMAIN);
$this->container()->clean('index');
if ($uri) {
return $this->redirect()->toUrl($uri);
} else {
return $this->redirect()->toRoute('app', array('controller' => 'menu', 'action' => 'top'));
}
$view = new ViewModel();
$view->setTerminal(true);
return $view;
}
