/** * Validate the password submission * * @param $user_name * @param $user_password_reset_hash * @param $user_password_new * @param $user_password_repeat * * @return bool */ public static function validateNewPassword($user_name, $user_password_reset_hash, $user_password_new, $user_password_repeat) { if (empty($user_name)) { Session::add('feedback_negative', Text::get('FEEDBACK_USERNAME_FIELD_EMPTY')); return false; } else { if (empty($user_password_new) || empty($user_password_repeat)) { Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_FIELD_EMPTY')); return false; } else { if ($user_password_new !== $user_password_repeat) { Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_REPEAT_WRONG')); return false; } else { if (strlen($user_password_new) < 6) { Session::add('feedback_negative', Text::get('FEEDBACK_PASSWORD_TOO_SHORT')); return false; } } } } return true; }
/** * performs the login via cookie (for DEFAULT user account, FACEBOOK-accounts are handled differently) * TODO add throttling here ? * * @param $cookie string The cookie "remember_me" * * @return bool success state */ public static function loginWithCookie($cookie) { if (!$cookie) { Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID')); return false; } // check cookie's contents, check if cookie contents belong together or token is empty list($user_id, $token, $hash) = explode(':', $cookie); if ($hash !== hash('sha256', $user_id . ':' . $token) or empty($token)) { Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID')); return false; } // get data of user that has this id and this token $result = UserModel::getUserDataByUserIdAndToken($user_id, $token); if ($result) { // successfully logged in, so we write all necessary data into the session and set "user_logged_in" to true self::setSuccessfulLoginIntoSession($result->user_id, $result->user_name, $result->user_email, $result->user_account_type); // save timestamp of this login in the database line of that user self::saveTimestampOfLoginOfUser($result->user_name); Session::add('feedback_positive', Text::get('FEEDBACK_COOKIE_LOGIN_SUCCESSFUL')); return true; } else { Session::add('feedback_negative', Text::get('FEEDBACK_COOKIE_INVALID')); return false; } }
/** * Handles what happens when user moves to URL/service/all. This returns all servives in the system. */ public function delete($service_id) { //get request data $id = ''; $service_name = ''; $service_type = ''; $short_code = ''; $criteria = ''; $service_endpoint = ''; $delivery_notification_endpoint = ''; $interface_name = ''; $data = array('id' => $id, 'service_id' => $service_id, 'service_name' => $service_name, 'service_type' => $service_type, 'short_code' => $short_code, 'criteria' => $criteria, 'service_endpoint' => $service_endpoint, 'delivery_notification_endpoint' => $delivery_notification_endpoint, 'interface_name' => $interface_name); //log the event $this->logger->debug('{class_mame}|{method_name}|{service_id}|request-data', array('class_mame' => __CLASS__, 'method_name' => __FUNCTION__, 'request-data' => json_encode($data))); if (null !== Request::post('action', true)) { //form submitted, processing to happen below $service_model = new ServiceModel($this->logger); $result = $service_model->deleteService($service_id); $data['result'] = $result; //success if ($result['result'] == 0) { Session::add('feedback_positive', 'Service deleted successfully'); } else { Session::add('feedback_negative', 'Service deletion failed. Error: ' . $result['result'] . ' - ' . $result['resultDesc']); } //log the event $this->logger->debug('{class_mame}|{method_name}|{service_id}|edit-service-result|result:{result}|result_desc:{result_desc}', array('class_mame' => __CLASS__, 'method_name' => __FUNCTION__, 'result' => $result['result'], 'result_desc' => $result['resultDesc'], 'result_desc' => json_encode($result))); } else { //load servive data from windows $service_model = new ServiceModel($this->logger); $result = $service_model->getService($service_id); $data['result'] = $result; //successful loading of service if ($result['result'] == 0) { $data = json_decode(json_encode($result['service']), true); } else { Session::add('feedback_negative', 'Service ' . $service_id . ' loading failed. Error: ' . $result['result'] . ' - ' . $result['resultDesc']); } //log the event $this->logger->debug('{class_mame}|{method_name}|{service_id}|result|{result}|{result_desc}', array('class_mame' => __CLASS__, 'method_name' => __FUNCTION__, 'result' => $result['result'], 'result_desc' => $result['resultDesc'])); } $this->View->render('servicemanager/delete', $data); }
/** * Edit the user's email * * @param $new_user_email * * @return bool success status */ public static function editUserEmail($new_user_email) { // email provided ? if (empty($new_user_email)) { Session::add('feedback_negative', Text::get('FEEDBACK_EMAIL_FIELD_EMPTY')); return false; } // check if new email is same like the old one if ($new_user_email == Session::get('user_email')) { Session::add('feedback_negative', Text::get('FEEDBACK_EMAIL_SAME_AS_OLD_ONE')); return false; } // user's email must be in valid email format, also checks the length // @see http://stackoverflow.com/questions/21631366/php-filter-validate-email-max-length // @see http://stackoverflow.com/questions/386294/what-is-the-maximum-length-of-a-valid-email-address if (!filter_var($new_user_email, FILTER_VALIDATE_EMAIL)) { Session::add('feedback_negative', Text::get('FEEDBACK_EMAIL_DOES_NOT_FIT_PATTERN')); return false; } // strip tags, just to be sure $new_user_email = substr(strip_tags($new_user_email), 0, 254); // check if user's email already exists if (UserModel::doesEmailAlreadyExist($new_user_email)) { Session::add('feedback_negative', Text::get('FEEDBACK_USER_EMAIL_ALREADY_TAKEN')); return false; } // write to database, if successful ... // ... then write new email to session, Gravatar too (as this relies to the user's email address) if (UserModel::saveNewEmailAddress(Session::get('user_id'), $new_user_email)) { Session::set('user_email', $new_user_email); Session::set('user_gravatar_image_url', AvatarModel::getGravatarLinkByEmail($new_user_email)); Session::add('feedback_positive', Text::get('FEEDBACK_EMAIL_CHANGE_SUCCESSFUL')); return true; } Session::add('feedback_negative', Text::get('FEEDBACK_UNKNOWN_ERROR')); return false; }