Esempio n. 1
0
 /**
  * User login
  */
 public function indexAction()
 {
     //User has login yet
     if ($this->_user) {
         $this->session->remove('auth');
         unset($_SESSION);
     }
     $this->_addSocialLogin();
     //Regular login
     if ($this->request->isPost()) {
         $validation = new Validation();
         $validation->add('email', new Email());
         $messages = $validation->validate($this->request->getPost());
         if (count($messages)) {
             foreach ($messages as $message) {
                 $this->flashSession->error($message);
             }
             $this->response->redirect('/user/login/');
             return;
         }
         $email = strtolower($this->request->getPost('email', 'email'));
         $password = $this->request->getPost('password', 'string');
         if (Users::login($email, $password)) {
             $user = Users::getCurrentUser();
             $this->flashSession->success('Hi, ' . $user['full_name']);
             $this->response->redirect('/');
         } else {
             $this->flashSession->error('User or password not match!');
             $this->response->redirect('/user/login/');
         }
     }
 }
Esempio n. 2
0
 /**
  * Login Action
  */
 public function indexAction()
 {
     //User has login yet
     if ($this->_user) {
         $this->session->remove('auth');
         unset($_SESSION);
     }
     //Regular login
     if ($this->request->isPost()) {
         $validation = new Validation();
         $validation->add('email', new Email());
         $messages = $validation->validate($this->request->getPost());
         if (count($messages)) {
             foreach ($messages as $message) {
                 $this->flashSession->error($message);
             }
             return $this->response->redirect('/admin/user/login/');
         }
         $email = strtolower($this->request->getPost('email', 'email'));
         $password = $this->request->getPost('password', 'string');
         if (Users::login($email, $password)) {
             $this->response->redirect('/admin/');
         } else {
             $this->flashSession->error('m_user_message_login__user_or_password_do_not_match');
             return $this->response->redirect('/admin/user/login/');
         }
     }
     return null;
 }
Esempio n. 3
0
 /**
  * Profile view and edit
  *
  * @return bool
  */
 public function indexAction()
 {
     /**
      * @var $userData Users
      */
     $userData = Users::findFirst('user_id = ' . $this->_user['id']);
     $this->view->setVar('avatar', $userData->avatar);
     //If id not exist
     if (!$userData) {
         $this->flashSession->notice('m_system_user_message_user_not_exist');
         return $this->response->redirect('/admin/user/profile/');
     }
     $this->_toolbar->addSaveButton();
     $oldUserData = clone $userData;
     $userData->password = null;
     $form = new UserProfileForm($userData);
     $this->view->setVar('form', $form);
     if ($this->request->isPost()) {
         if ($form->isValid($_POST, $userData)) {
             $userData->email = $oldUserData->email;
             $newPassword = $this->request->getPost('password', 'string');
             $currentPassword = $this->request->getPost('current_password', 'string');
             $_POST['current_password'] = '';
             $_POST['password'] = '';
             $_POST['password_confirmation'] = '';
             if ($newPassword != '') {
                 if (Users::checkPassword($currentPassword, $userData->salt, $oldUserData->password)) {
                     $userData->generatePassword($newPassword);
                 } else {
                     $this->flashSession->notice('m_user_message_current_password_not_fount');
                     return null;
                 }
             } else {
                 $userData->password = $oldUserData->password;
             }
             if ($userData->save()) {
                 $this->_user['full_name'] = $userData->first_name . ' ' . $userData->last_name;
                 $avatarName = $this->uploadAvatar($userData);
                 if ($avatarName) {
                     $userData->avatar = $avatarName;
                     $userData->save();
                     $this->_user['avatar'] = $userData->avatar;
                 }
                 $this->session->set('auth', $this->_user);
                 $this->flashSession->success('m_user_message_update_user_successfully');
                 $this->response->redirect('/admin/user/profile/');
                 return true;
             } else {
                 $this->setFlashSession($userData->getMessages(), 'error');
                 $_POST['password'] = '';
                 $_POST['password_confirmation'] = '';
                 $this->flashSession->notice('m_system_user_message_update_user_failed');
             }
         } else {
             $this->setFlashSession($form->getMessages(), 'notice');
         }
     }
     return true;
 }
Esempio n. 4
0
 /**
  * Check item edit is is_super_admin
  *
  * @return bool
  */
 public function beforeSave()
 {
     //Cannot edit role id == 1 because Supper Administrator access all permission
     $auth = Users::getCurrentUser();
     if ($this->is_super_admin == 1 && $auth['is_super_admin'] != 1) {
         return false;
     }
     return true;
 }
Esempio n. 5
0
 /**
  * Front end html
  * @return string
  */
 public function widget()
 {
     $menu_items_left = [];
     $menu_items_right = [];
     if (Users::isLoggedIn()) {
         $isLogin = true;
     } else {
         $isLogin = false;
     }
     if (isset($this->options->menu_left) && $this->options->menu_left != null) {
         $menu_items_left = $this->_getMenu($this->options->menu_left, $isLogin);
     }
     if (isset($this->options->menu_right) && $this->options->menu_right != null) {
         $menu_items_right = $this->_getMenu($this->options->menu_right, $isLogin);
     }
     $this->view->setVar('menu_items_left', $menu_items_left);
     $this->view->setVar('menu_items_right', $menu_items_right);
 }
 public function indexAction()
 {
     if ($this->isLogin()) {
         $this->response->redirect('/');
         exit;
     }
     if ($this->request->isPost()) {
         $email = $this->request->getPost('email', null, '');
         if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
             /**
              * @var Users $user
              */
             $user = Users::findFirst(['conditions' => 'email = ?0', 'bind' => [$email]]);
             if ($user) {
                 $user->reset_password_token = $this->security->getToken(60) . '.' . base64_encode($email);
                 $user->reset_password_token_at = date('Y-m-d H:i:s');
                 $user->save();
                 //                    $mailer = ZEmail::getInstance();
                 //                    $mailer->setSubject(__('Reset your password'));
                 //                    $body = __('Hello');
                 //                    $body .= '<br /><br />To reset password account please click on the following link' . ':';
                 //                    $body .= '<br /><a href="' . BASE_URI . '/tao-mat-khau-moi/?token=' . $user->reset_password_token . '">' . BASE_URI . '/tao-mat-khau-moi/?token=' . $user->reset_password_token . '</a>';
                 //                    //$body .= '<br />' . __('We wish you a lot of success with your') . '!';
                 //                    $body .= '<br />';
                 //                    $mailer->setBody($body);
                 //                    $mailer->addRecipient($user->email);
                 //                    $mailer->sendEmail();
                 $this->flashSession->success(__('Please check your email to retrieve password'));
                 $this->response->redirect('/dang-nhap/');
                 exit;
             } else {
                 $this->flashSession->error('Email not found');
             }
         } else {
             $this->flashSession->error('Email invalid');
             exit;
         }
     }
 }
Esempio n. 7
0
 /**
  * Active admin user
  *
  * @param int $id
  */
 public function activeAction($id)
 {
     $id = intval($id);
     /**
      * @var Users $user
      */
     $user = Users::findFirst($id);
     if ($user) {
         if ($user->role_id == 1) {
             $this->flashSession->error('m_system_user_message_supper_admin_can_not_be_change');
         } else {
             $user->is_active = 1;
             if (!$user->active_account_at) {
                 $user->active_account_at = date('Y-m-d H:i:s');
             }
             if ($user->save()) {
                 $this->flashSession->success('m_system_user_message_active_user_successfully');
             } else {
                 $this->flashSession->success('m_system_user_message_active_user_failed');
             }
         }
     }
     $this->response->redirect('/admin/system/user/');
 }
Esempio n. 8
0
 /**
  * Check user logged in
  *
  * @return bool
  */
 public static function isLoggedIn()
 {
     return (bool) Users::getCurrentUser();
 }
Esempio n. 9
0
 /**
  * Active login with social
  *
  * @param $token
  * @return bool
  */
 public static function processActivateWithToken($token)
 {
     if (strlen($token) > 100) {
         /**
          * @var Users $user
          */
         $user = Users::findFirst(['conditions' => 'active_account_token = ?0', 'bind' => [$token]]);
         if ($user) {
             if ($user->active_account_type != '') {
                 if ($user->active_account_type == 'facebook') {
                     $user->is_active_facebook = 1;
                 } elseif ($user->active_account_type == 'google') {
                     $user->is_active_google = 1;
                 }
                 if (!$user->active_account_at) {
                     $user->active_account_at = date('Y-m-d H:i:s');
                 }
                 $user->active_account_type = null;
                 $user->active_account_token = null;
                 $user->is_active = 1;
                 if ($user->save()) {
                     $user->loginCurrentUSer();
                     return true;
                 }
             }
         }
     }
     return false;
 }
Esempio n. 10
0
 /**
  * Download database file
  *
  * @param null $base64Name
  * @return bool|\Phalcon\Http\ResponseInterface
  */
 public function downloadAction($base64Name = null)
 {
     if ($base64Name != null && isset($auth['id']) && $auth['id'] != 0) {
         /**
          * @var $user Users
          */
         $user = Users::findFirst(['conditions' => 'id = ?0', 'bind' => [(int) $this->_user['id']]]);
         if ($this->_user['is_supper_admin']) {
             $this->_toolbar->addBreadcrumb('m_system_system_manager');
             $this->_toolbar->addBreadcrumb('m_system_backup_database');
             $this->_toolbar->addHeaderPrimary('Download backup database');
             $this->_toolbar->addSaveButton('system|database|download', '/admin/system/database/download/', 'Download Database', 'glyphicon glyphicon-sort-by-attributes-alt');
             if ($this->request->isPost()) {
                 $password = $this->request->getPost('password');
                 if ($this->security->checkHash($password, $user->password) || md5($password) == $user->password) {
                     $fileName = base64_decode($base64Name);
                     $filePath = APP_DIR . '/backup/database/' . $fileName;
                     if (file_exists($filePath)) {
                         $fileType = filetype($filePath);
                         $fileSize = filesize($filePath);
                         $this->view->setRenderLevel(View::LEVEL_NO_RENDER);
                         header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
                         header('Content-Description: File Transfer');
                         header('Content-type: ' . $fileType);
                         header('Content-length: ' . $fileSize);
                         header('Content-Disposition: attachment; filename="' . $fileName . '"');
                         readfile($filePath);
                         die;
                     } else {
                         $this->flashSession->warning('File not exists');
                     }
                 } else {
                     $this->flashSession->warning('Please enter your current password');
                 }
             }
         } else {
             return $this->response->redirect('/admin/system/database/');
         }
     } else {
         return $this->response->redirect('/admin/system/database/');
     }
     return false;
 }
Esempio n. 11
0
 /**
  * Check Token Login
  *
  * @param $auth
  * @return bool
  */
 public function checkTokenLogin($auth)
 {
     if (!$auth) {
         return false;
     }
     $user = Users::findFirst(['conditions' => 'id = ?0 AND (token = ?1 OR token = ?2)', 'bind' => [$auth['id'], $auth['token'], '']]);
     if ($user) {
         return true;
     } else {
         return false;
     }
 }
Esempio n. 12
0
 /**
  * Delete role
  *
  * @return \Phalcon\Http\ResponseInterface
  */
 public function deleteAction()
 {
     if ($this->request->isPost()) {
         $ids = $this->request->getPost('ids', 'int', 'null');
         if (is_array($ids)) {
             ZArrayHelper::toInteger($ids);
             foreach ($ids as $id) {
                 /**
                  * @var UserRoles $userRole
                  */
                 $userRole = UserRoles::findFirst('role_id = ' . $id . ' AND is_super_admin != 1');
                 if ($userRole) {
                     //Check Admin role is being used
                     $user = Users::findFirst(['conditions' => 'role_id = :id:', 'bind' => ['id' => $id]]);
                     if (!$user) {
                         //Begin transaction
                         $this->db->begin();
                         $userRoleMapping = UserRoleMapping::find('role_id = ' . $id);
                         if (method_exists($userRoleMapping, 'delete') && $userRoleMapping->delete() == false) {
                             $this->db->rollback();
                             $this->flashSession->error('m_system_role_message_cannot_delete_role_mapping');
                             return $this->response->redirect('/admin/system/role/');
                         }
                         if ($userRole->delete() == false) {
                             $this->db->rollback();
                             $this->flashSession->error('m_system_role_message_cannot_delete_role');
                             return $this->response->redirect('/admin/system/role/');
                         }
                         //After all successfully, commit transaction
                         $this->db->commit();
                         $this->flashSession->success(__('m_system_role_message_delete_role_successfully', ["1" => $userRole->name]));
                     } else {
                         $this->flashSession->error('m_system_role_message_role_is_being_used_on_some_user');
                     }
                 } else {
                     $this->flashSession->error('m_system_role_message_super_administrator_cannot_delete');
                 }
             }
         }
     }
     return $this->response->redirect('/admin/system/role/');
 }