public function _remap()
{
if ($this->config->item('auth_two_factor_enable')) {
$_return_to = $this->input->get('return_to', TRUE);
$_remember = $this->input->get('remember', TRUE);
$_user_id = $this->uri->segment(3);
$_user = $this->user_model->get_by_id($_user_id);
if (!$_user) {
$this->session->set_flashdata('error', lang('auth_twofactor_token_unverified'));
if ($_return_to) {
redirect('auth/login?return_to=' . $_return_to);
return;
} else {
redirect('auth/login');
return;
}
}
$_salt = $this->uri->segment(4);
$_token = $this->uri->segment(5);
$_ip = $this->input->ip_address();
$_login_method = $this->uri->segment(6) ? $this->uri->segment(6) : 'native';
// Safety first
switch ($_login_method) {
case 'facebook':
case 'twitter':
case 'linkedin':
case 'native':
// All good, homies.
break;
default:
$_login_method = 'native';
break;
}
if ($this->auth_model->verify_two_factor_token($_user->id, $_salt, $_token, $_ip)) {
// Token is valid, generate a new one for the next request
$this->data['token'] = $this->auth_model->generate_two_factor_token($_user->id);
// Set data for the views
$this->data['user_id'] = $_user->id;
$this->data['login_method'] = $_login_method;
$this->data['return_to'] = $_return_to;
$this->data['remember'] = $_remember;
if ($this->input->post('answer')) {
// Validate the answer, if correct then log user in and forward, if not
// then generate a new token and show errors
$this->data['question'] = $this->user_model->get_security_question($_user->id);
$_valid = $this->user_model->validate_security_answer($this->data['question']->id, $_user->id, $this->input->post('answer'));
if ($_valid) {
// Set login data for this user
$this->user_model->set_login_data($_user->id);
// If we're remembering this user set a cookie
if ($_remember) {
$this->user_model->set_remember_cookie($_user->id, $_user->password, $_user->email);
}
// Update their last login and increment their login count
$this->user_model->update_last_login($_user->id);
// --------------------------------------------------------------------------
// Generate an event for this log in
create_event('did_log_in', $_user->id, 0, NULL, array('method' => $_login_method));
// --------------------------------------------------------------------------
// Say hello
if ($_user->last_login) {
$this->load->helper('date');
$_last_login = $this->config->item('auth_show_nicetime_on_login') ? nice_time(strtotime($_user->last_login)) : user_datetime($_user->last_login);
if ($this->config->item('auth_show_last_ip_on_login')) {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_with_ip', array($_user->first_name, $_last_login, $_user->last_ip)));
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome', array($_user->first_name, $_last_login)));
}
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_notime', array($_user->first_name)));
}
// --------------------------------------------------------------------------
// Delete the token we generated, its no needed, eh!
$this->auth_model->delete_two_factor_token($this->data['token']['id']);
// --------------------------------------------------------------------------
$_redirect = $_return_to != site_url() ? $_return_to : $_user->group_homepage;
redirect($_redirect);
return;
} else {
$this->data['error'] = lang('auth_twofactor_answer_incorrect');
// Ask away cap'n!
$this->data['page']->title = lang('auth_twofactor_answer_title');
$this->load->view('structure/header', $this->data);
$this->load->view('auth/security_question/ask', $this->data);
$this->load->view('structure/footer', $this->data);
}
} else {
// Determine whether the user has any security questions set
$this->data['question'] = $this->user_model->get_security_question($_user->id);
if ($this->data['question']) {
// Ask away cap'n!
$this->data['page']->title = 'Security Question';
$this->load->view('structure/header', $this->data);
$this->load->view('auth/security_question/ask', $this->data);
$this->load->view('structure/footer', $this->data);
} else {
// Auth config stuffz
$this->data['questions'] = $this->config->item('auth_two_factor_questions');
$this->data['num_questions'] = count($this->data['questions']) < $this->config->item('auth_two_factor_num_questions') ? count($this->data['questions']) : $this->config->item('auth_two_factor_num_questions');
$this->data['num_custom_questions'] = $this->config->item('auth_two_factor_num_custom_question');
if ($this->data['num_questions'] + $this->data['num_custom_questions'] <= 0) {
show_fatal_error('Two-factor auth is enabled, but no questions available', 'A user tried to set security questions but there are no questions available for them to choose. Please ensure auth.php is configured correctly.');
}
if ($this->input->post()) {
$this->load->library('form_validation');
for ($i = 0; $i < $this->data['num_questions']; $i++) {
$this->form_validation->set_rules('question[' . $i . '][question]', '', 'xss_clean|required|is_natural_no_zero');
$this->form_validation->set_rules('question[' . $i . '][answer]', '', 'xss_clean|trim|required');
}
for ($i = 0; $i < $this->data['num_custom_questions']; $i++) {
$this->form_validation->set_rules('custom_question[' . $i . '][question]', '', 'xss_clean|trim|required');
$this->form_validation->set_rules('custom_question[' . $i . '][answer]', '', 'xss_clean|trim|required');
}
$this->form_validation->set_message('required', lang('fv_required'));
$this->form_validation->set_message('is_natural_no_zero', lang('fv_required'));
if ($this->form_validation->run()) {
// Make sure that we have different questions
$_question_index = array();
$_question = (array) $this->input->post('question');
$_error = FALSE;
foreach ($_question as $q) {
if (array_search($q['question'], $_question_index) === FALSE) {
$_question_index[] = $q['question'];
} else {
$_error = TRUE;
break;
}
}
$_question_index = array();
$_question = (array) $this->input->post('custom_question');
foreach ($_question as $q) {
if (array_search($q['question'], $_question_index) === FALSE) {
$_question_index[] = $q['question'];
} else {
$_error = TRUE;
break;
}
}
if (!$_error) {
// Good arrows. Save questions
$_data = array();
if ($this->input->post('question')) {
foreach ($this->input->post('question') as $q) {
$_temp = new stdClass();
$_temp->question = isset($this->data['questions'][$q['question'] - 1]) ? $this->data['questions'][$q['question'] - 1] : NULL;
$_temp->answer = $q['answer'];
$_data[] = $_temp;
}
}
if ($this->input->post('custom_question')) {
foreach ((array) $this->input->post('custom_question') as $q) {
$_temp = new stdClass();
$_temp->question = trim($q['question']);
$_temp->answer = $q['answer'];
$_data[] = $_temp;
}
}
if ($this->user_model->set_security_questions($_user->id, $_data)) {
// Set login data for this user
$this->user_model->set_login_data($_user->id);
// If we're remembering this user set a cookie
if ($_remember) {
$this->user_model->set_remember_cookie($_user->id, $_user->password, $_user->email);
}
// Update their last login and increment their login count
$this->user_model->update_last_login($_user->id);
// --------------------------------------------------------------------------
// Generate an event for this log in
create_event('did_log_in', $_user->id, 0, NULL, array('method' => $_login_method));
// --------------------------------------------------------------------------
// Say hello
if ($_user->last_login) {
$this->load->helper('date');
$_last_login = $this->config->item('auth_show_nicetime_on_login') ? nice_time(strtotime($_user->last_login)) : user_datetime($_user->last_login);
if ($this->config->item('auth_show_last_ip_on_login')) {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_with_ip', array($_user->first_name, $_last_login, $_user->last_ip)));
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome', array($_user->first_name, $_last_login)));
}
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_notime', array($_user->first_name)));
}
// --------------------------------------------------------------------------
// Delete the token we generated, its no needed, eh!
$this->auth_model->delete_two_factor_token($this->data['token']['id']);
// --------------------------------------------------------------------------
$_redirect = $_return_to != site_url() ? $_return_to : $_user->group_homepage;
redirect($_redirect);
return;
} else {
$this->data['error'] = lang('auth_twofactor_question_set_fail') . ' ' . $this->user_model->last_error();
}
} else {
$this->data['error'] = lang('auth_twofactor_question_unique');
}
} else {
$this->data['error'] = lang('fv_there_were_errors');
}
}
// No questions, request they set them
$this->data['page']->title = lang('auth_twofactor_question_set_title');
$this->load->view('structure/header', $this->data);
$this->load->view('auth/security_question/set', $this->data);
$this->load->view('structure/footer', $this->data);
}
}
} else {
$this->session->set_flashdata('error', lang('auth_twofactor_token_unverified'));
$_query = array();
$_query['return_to'] = $_return_to;
$_query['remember'] = $_remember;
$_query = array_filter($_query);
if ($_query) {
$_query = '?' . http_build_query($_query);
} else {
$_query = '';
}
redirect('auth/login' . $_query);
}
} else {
show_404();
}
}
$_sentance[] = $item->user->first_name;
} else {
$_sentance[] = 'Someone';
}
$_sentance[] = $item->verb;
$_sentance[] = $item->article;
$_sentance[] = $item->title ? $item->item . ',' : $item->item;
if ($item->title) {
if ($item->url) {
$_sentance[] = '<strong>' . anchor($item->url, $item->title) . '</strong>';
} else {
$_sentance[] = $item->title;
}
}
echo implode(' ', $_sentance);
echo '<small>' . user_datetime($item->created) . '</small>';
echo '</li>';
}
?>
</ul>
</div>
</td>
<td style="max-width:50%;min-width:50%;width:50%;padding:0;padding-left:10px;vertical-align:top;background:#FFF !important;">
<p>
<strong>User Event Log</strong>
</p>
<p>
The 100 most recent events created by users.
</p>
<div style="max-height:350px;border:1px solid #CCC;background:#EFEFEF;padding:10px;">
<?php echo '<h2 class="title">' . anchor($post->url, $post->title) . '</h2>'; echo '<p class="date-author">'; echo 'Published ' . user_datetime($post->published) . ', '; echo 'by ' . $post->author->first_name . ' ' . $post->author->last_name; echo '</p>';
}
echo '</td>';
echo '<td class="title">';
// Title
echo $post->title;
// URL
echo '<small>' . anchor($post->url, $post->url, 'target="_blank"') . '</small>';
// Exceprt
if (app_setting('use_excerpt', 'blog')) {
echo '<small>' . $post->excerpt . '</small>';
}
echo '</td>';
if ($post->is_published) {
echo '<td class="status success">';
echo '<span class="ion-checkmark-circled"></span>';
echo '<small class="nice-time">' . user_datetime($post->published, 'Y-m-d', 'H:i:s') . '</small>';
echo '</td>';
} else {
echo '<td class="status error">';
echo '<span class="ion-close-circled"></span>';
echo '</td>';
}
// User common cells
$this->load->view('admin/_utilities/table-cell-user', $post->author);
$this->load->view('admin/_utilities/table-cell-datetime', array('datetime' => $post->modified));
echo '<td class="actions">';
echo anchor('admin/blog/edit/' . $post->id, lang('action_edit'), 'class="awesome small"');
echo anchor('admin/blog/delete/' . $post->id, lang('action_delete'), 'class="awesome small red confirm" data-title="Confirm Delete" data-body="Are you sure you want to delete this post?"');
echo '</td>';
echo '</tr>';
}
echo form_field($_field);
// --------------------------------------------------------------------------
// Log in count
$_field = array();
$_field['key'] = 'login_count';
$_field['label'] = lang('accounts_edit_basic_field_logincount_label');
$_field['default'] = $user_edit->login_count ? $user_edit->login_count : lang('accounts_edit_basic_field_not_logged_in');
$_field['required'] = FALSE;
$_field['readonly'] = TRUE;
echo form_field($_field);
// --------------------------------------------------------------------------
// Last Log in
$_field = array();
$_field['key'] = 'last_login';
$_field['label'] = lang('accounts_edit_basic_field_last_login_label');
$_field['default'] = $user_edit->last_login ? user_datetime($user_edit->last_login) : lang('accounts_edit_basic_field_not_logged_in');
$_field['required'] = FALSE;
$_field['readonly'] = TRUE;
echo form_field($_field);
// --------------------------------------------------------------------------
// Referral Code
$_field = array();
$_field['key'] = 'referral';
$_field['label'] = lang('accounts_edit_basic_field_referral_label');
$_field['default'] = $user_edit->referral;
$_field['required'] = FALSE;
$_field['readonly'] = TRUE;
echo form_field($_field);
// --------------------------------------------------------------------------
// Referred by
$_field = array();
/**
* Validate the supplied assets and if valid present the user with a reset form
*
* @access public
* @param int $id The ID fo the user to reset
* @param strgin hash The hash to validate against
* @return void
**/
private function _validate($id, $hash)
{
// Check auth credentials
$_user = $this->user_model->get_by_id($id);
// --------------------------------------------------------------------------
if ($_user !== FALSE && isset($_user->salt) && $hash == md5($_user->salt)) {
// Valid combination
if ($this->input->post()) {
// Validate data
$this->load->library('form_validation');
// --------------------------------------------------------------------------
// Define rules
$this->form_validation->set_rules('new_password', 'password', 'required|matches[confirm_pass]');
$this->form_validation->set_rules('confirm_pass', 'confirmation', 'required');
// --------------------------------------------------------------------------
// Set custom messages
$this->form_validation->set_message('required', lang('fv_required'));
$this->form_validation->set_message('matches', lang('fv_matches'));
// --------------------------------------------------------------------------
// Run validation
if ($this->form_validation->run()) {
// Validated, update user and login.
$_data['forgotten_password_code'] = NULL;
$_data['temp_pw'] = NULL;
$_data['password'] = $this->input->post('new_password');
$_remember = (bool) $this->input->get('remember');
// Reset the password
if ($this->user_model->update($id, $_data)) {
// Log the user in
switch (APP_NATIVE_LOGIN_USING) {
case 'EMAIL':
$_login = $this->auth_model->login($_user->email, $this->input->post('new_password'), $_remember);
break;
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
case 'USERNAME':
$_login = $this->auth_model->login($_user->username, $this->input->post('new_password'), $_remember);
break;
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
case 'BOTH':
default:
$_login = $this->auth_model->login($_user->email, $this->input->post('new_password'), $_remember);
break;
}
if ($_login) {
if ($this->config->item('auth_two_factor_enable')) {
$_query = array();
if ($this->input->get('return_to')) {
$_query['return_to'] = $this->input->get('return_to');
}
if ($_remember) {
$_query['remember'] = $_remember;
}
$_query = $_query ? '?' . http_build_query($_query) : '';
// Login was successful, redirect to the security questions page
redirect('auth/security_questions/' . $_login['user_id'] . '/' . $_login['two_factor_auth']['salt'] . '/' . $_login['two_factor_auth']['token'] . $_query);
} else {
// Say hello
if ($_login['last_login']) {
$this->load->helper('date');
$_last_login = $this->config->item('auth_show_nicetime_on_login') ? nice_time(strtotime($_login['last_login'])) : user_datetime($_login['last_login']);
if ($this->config->item('auth_show_last_ip_on_login')) {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_with_ip', array($_login['first_name'], $_last_login, $_login['last_ip'])));
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome', array($_login['first_name'], $_last_login)));
}
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_notime', array($_login['first_name'])));
}
// Log user in and forward to wherever they need to go
if ($this->input->get('return_to')) {
redirect($this->input->get('return_to'));
return;
} elseif ($_user->group_homepage) {
redirect($_user->group_homepage);
return;
} else {
redirect('/');
return;
}
}
} else {
$this->data['error'] = lang('auth_forgot_reset_badlogin', site_url('auth/login'));
}
} else {
$this->data['error'] = lang('auth_forgot_reset_badupdate', $this->user_model->last_error());
}
} else {
$this->data['error'] = lang('fv_there_were_errors');
}
}
// --------------------------------------------------------------------------
// Set data
$this->data['page']->title = lang('auth_title_reset');
$this->data['auth'] = new stdClass();
$this->data['auth']->id = $id;
$this->data['auth']->hash = $hash;
$this->data['return_to'] = $this->input->get('return_to');
$this->data['remember'] = $this->input->get('remember');
$this->data['message'] = lang('auth_forgot_temp_message');
// --------------------------------------------------------------------------
// Load the views
$this->load->view('structure/header', $this->data);
$this->load->view('auth/password/change_temp', $this->data);
$this->load->view('structure/footer', $this->data);
return;
}
// --------------------------------------------------------------------------
show_404();
}
echo '</ul>';
echo '<hr />';
echo '</li>';
}
}
}
if (app_setting('sidebar_popular_posts', 'blog') && !empty($widget->popular_posts)) {
echo '<li class="widget popular-posts clearfix">';
echo '<h3>Popular Posts</h3>';
echo '<ul class="popular-posts">';
foreach ($widget->popular_posts as $item) {
echo '<li>';
echo anchor($item->url, $item->title);
echo '<br />';
echo '<small class="meta">';
echo 'Published ' . user_datetime($item->published);
echo '</small>';
echo '</li>';
}
echo '</ul>';
echo '<hr />';
echo '</li>';
}
// --------------------------------------------------------------------------
// RSS
if (app_setting('rss_enabled', 'blog')) {
echo '<li class="text-center">';
echo anchor(app_setting('url', 'blog') . 'rss', '<span class="ion-social-rss"></span>', 'title="Subscribe via RSS"');
echo '<li>';
}
?>
/**
* Update a user's access token and log them in to the app
*
* @access public
* @param object $access_token The user's access token
* @return void
**/
protected function _login_user($access_token, $user)
{
// Load the auth lang file
$this->lang->load('auth', 'english');
// --------------------------------------------------------------------------
// Check if the user is suspended.
if ($user->is_suspended) {
$this->session->set_flashdata('error', lang('auth_login_fail_suspended'));
$this->_redirect($this->_return_to_fail);
return;
}
// --------------------------------------------------------------------------
// Update token
$_data['li_token'] = $access_token->access_token;
$this->user_model->update($user->id, $_data);
// --------------------------------------------------------------------------
// Two factor auth enabled?
if ($this->config->item('auth_two_factor_enable')) {
// Generate a token
$this->load->model('auth_model');
$_token = $this->auth_model->generate_two_factor_token($user->id);
if (!$_token) {
show_fatal_error('Failed to generate two-factor auth token', 'A user tried to login with LinkedIn and the system failed to generate a two-factor auth token.');
}
$_query = array();
$_query['return_to'] = $this->_return_to;
$_query = array_filter($_query);
if ($_query) {
$_query = '?' . http_build_query($_query);
} else {
$_query = '';
}
redirect('auth/security_questions/' . $user->id . '/' . $_token['salt'] . '/' . $_token['token'] . '/linkedin' . $_query);
} else {
// Set login details
$this->user_model->set_login_data($user->id);
// --------------------------------------------------------------------------
// Set welcome message
if ($user->last_login) {
$this->load->helper('date');
$_last_login = $this->config->item('auth_show_nicetime_on_login') ? nice_time(strtotime($user->last_login)) : user_datetime($user->last_login);
if ($this->config->item('auth_show_last_ip_on_login')) {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_with_ip', array($user->first_name, $_last_login, $user->last_ip)));
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome', array($user->first_name, $_last_login)));
}
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_notime', array($user->first_name)));
}
// --------------------------------------------------------------------------
// Update the last login
$this->user_model->update_last_login($user->id);
// --------------------------------------------------------------------------
// Create an event for this event
create_event('did_log_in', $user->id, 0, NULL, array('method' => 'linkedin'));
// --------------------------------------------------------------------------
// Delete register token
delete_cookie('liRegisterToken');
// --------------------------------------------------------------------------
// If no return to value is defined, default to the group homepage
if (!$this->_return_to) {
$this->_return_to = $user->group_homepage;
}
}
// --------------------------------------------------------------------------
// Redirect
$this->_redirect($this->_return_to);
return;
}
Your password has been changed, if you made this request you can safely ignore this email.
<?php
echo 'The request was made at ' . user_datetime($updated_at);
echo !empty($updated_by['id']) && $updated_by['id'] != $sent_to->id ? ' by ' . strtoupper($updated_by['name']) : '';
echo !empty($ip_address) ? ' from IP address ' . $ip_address : '';
echo '.';
?>
If it was not you who made this change, or you didn't request it, please IMMEDIATELY reset your password using the forgotten password facility (link below) and please let us know of any fraudulent activity on your account.
<?php
switch (APP_NATIVE_LOGIN_USING) {
case 'EMAIL':
$_identifier = $sent_to->email;
break;
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
case 'USERNAME':
$_identifier = $sent_to->username;
break;
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
case 'BOTH':
default:
$_identifier = $sent_to->email;
break;
}
?>
<?php
if ($datetime && $datetime != '0000-00-00 00:00:00') {
echo '<td class="datetime">';
echo '<span class="nice-time">' . user_datetime($datetime, 'Y-m-d', 'H:i:s') . '</span>';
echo '<small>' . user_datetime($datetime) . '</small>';
echo '</td>';
} else {
if (isset($nodata)) {
echo '<td class="datetime no-data">' . $nodata . '</td>';
} else {
echo '<td class="datetime no-data">—</td>';
}
}
case 'u.last_name':
echo '<strong>' . $member->last_name . ', ' . $member->first_name . '</strong>';
break;
default:
echo '<strong>' . $member->first_name . ' ' . $member->last_name . '</strong>';
break;
}
echo '<small>';
echo $member->email;
echo $member->email_is_verified ? img(array('src' => NAILS_ASSETS_URL . '/img/admin/icons/verified-email.png', 'class' => 'verified', 'rel' => 'tooltip', 'title' => lang('accounts_index_verified'))) : '';
echo $member->fb_id ? img(array('src' => NAILS_ASSETS_URL . '/img/admin/icons/verified-facebook.png', 'class' => 'verified', 'rel' => 'tooltip', 'title' => lang('accounts_index_social_connected', 'Facebook'))) : '';
echo $member->tw_id ? img(array('src' => NAILS_ASSETS_URL . '/img/admin/icons/verified-twitter.png', 'class' => 'verified', 'rel' => 'tooltip', 'title' => lang('accounts_index_social_connected', 'Twitter'))) : '';
echo $member->li_id ? img(array('src' => NAILS_ASSETS_URL . '/img/admin/icons/verified-linkedin.png', 'class' => 'verified', 'rel' => 'tooltip', 'title' => lang('accounts_index_social_connected', 'LinkedIn'))) : '';
echo '</small>';
if ($member->last_login) {
echo '<small>' . lang('accounts_index_last_login', array(user_datetime($member->last_login, 'Y-m-d', 'H:i:s'), $member->login_count)) . '</small>';
} else {
echo '<small>' . lang('accounts_index_last_nologins') . '</small>';
}
echo '</div>';
?>
</td>
<td class="group"><?php
echo $member->group_name;
?>
</td>
<!-- EXTRA COLUMNS -->
<?php
foreach ($columns as $col) {
$this->load->view('admin/accounts/utilities/user_row_column_' . $col['view']);
public function login()
{
$_email = $this->input->post('email');
$_password = $this->input->post('password');
$_remember = $this->input->post('remember');
$_out = array();
$_login = $this->auth_model->login($_email, $_password, $_remember);
if ($_login) {
/**
* User was recognised and permitted to log in. Final check to
* determine whether they are using a temporary password or not.
*
* $login will be an array containing the keys first_name, last_login, homepage;
* the key temp_pw will be present if they are using a temporary password.
*
**/
if (isset($_login['temp_pw'])) {
/**
* Temporary password detected, log user out and redirect to
* temp password reset page.
*
* temp_pw will be an array containing the user's ID and hash
*
**/
$_return_to = $this->data['return_to'] ? '?return_to=' . urlencode($this->data['return_to']) : NULL;
$this->auth_model->logout();
$_out['status'] = 401;
$_out['error'] = 'Temporary Password';
$_out['code'] = 2;
$_out['goto'] = site_url('auth/reset_password/' . $_login['temp_pw']['id'] . '/' . $_login['temp_pw']['hash'] . $_return_to);
} else {
// Finally! Send this user on their merry way...
$_first_name = $_login['first_name'];
if ($_login['last_login']) {
$this->load->helper('date');
$this->config->load('auth');
$_last_login = $this->config->item('auth_show_nicetime_on_login') ? nice_time(strtotime($_login['last_login'])) : user_datetime($_login['last_login']);
if ($this->config->item('auth_show_last_ip_on_login')) {
$_last_ip = $_login['last_ip'];
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_with_ip', array($_first_name, $_last_login, $_last_ip)));
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome', array($_first_name, $_last_login)));
}
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_notime', array($_first_name)));
}
$_redirect = $this->data['return_to'] ? $this->data['return_to'] : $_login['homepage'];
// --------------------------------------------------------------------------
// Generate an event for this log in
create_event('did_log_in', $_login['user_id'], 0, NULL, array('method' => 'api'));
// --------------------------------------------------------------------------
// Login failed
$_out['goto'] = site_url($_redirect);
}
} else {
// Login failed
$_out['status'] = 401;
$_out['error'] = $this->auth_model->get_errors();
$_out['code'] = 1;
}
// --------------------------------------------------------------------------
$this->_out($_out);
}
/**
* Log a user in using hashes of their user ID and password; easy way of
* automatically logging a user in from the likes of an email.
*
* @access public
* @param none
* @return void
**/
public function with_hashes()
{
if (!$this->config->item('auth_enable_hashed_login')) {
show_404();
}
// --------------------------------------------------------------------------
$_hash['id'] = $this->uri->segment(4);
$_hash['pw'] = $this->uri->segment(5);
if (empty($_hash['id']) || empty($_hash['pw'])) {
show_error($lang['auth_with_hashes_incomplete_creds']);
}
// --------------------------------------------------------------------------
/**
* If the user is already logged in we need to check to see if we check to see if they are
* attempting to login as themselves, if so we redirect, otherwise we log them out and try
* again using the hashes.
*
**/
if ($this->user_model->is_logged_in()) {
if (md5(active_user('id')) == $_hash['id']) {
// We are attempting to log in as who we're already logged in as, redirect normally
if ($this->data['return_to']) {
redirect($this->data['return_to']);
} else {
// Nowhere to go? Send them to their default homepage
redirect(active_user('group_homepage'));
}
} else {
// We are logging in as someone else, log the current user out and try again
$this->auth_model->logout();
redirect(preg_replace('/^\\//', '', $_SERVER['REQUEST_URI']));
}
return;
}
// --------------------------------------------------------------------------
/**
* The active user is a guest, we must look up the hashed user and log them in
* if all is ok otherwise we report an error.
*
**/
$_user = $this->user_model->get_by_hashes($_hash['id'], $_hash['pw']);
// --------------------------------------------------------------------------
if ($_user) {
// User was verified, log the user in
$this->user_model->set_login_data($_user->id);
// --------------------------------------------------------------------------
// Say hello
if ($_user->last_login) {
$this->load->helper('date');
$_last_login = $this->config->item('auth_show_nicetime_on_login') ? nice_time(strtotime($_user->last_login)) : user_datetime($_user->last_login);
if ($this->config->item('auth_show_last_ip_on_login')) {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_with_ip', array($_user->first_name, $_last_login, $_user->last_ip)));
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome', array($_user->first_name, $_user->last_login)));
}
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_notime', array($_user->first_name)));
}
// --------------------------------------------------------------------------
// Update their last login
$this->user_model->update_last_login($_user->id);
// --------------------------------------------------------------------------
// Redirect user
if ($this->data['return_to'] != site_url()) {
// We have somewhere we want to go
redirect($this->data['return_to']);
} else {
// Nowhere to go? Send them to their default homepage
redirect($_user->group_homepage);
}
} else {
// Bad lookup, invalid hash.
$this->session->set_flashdata('error', lang('auth_with_hashes_autologin_fail'));
redirect($this->data['return_to']);
}
}
} elseif ($object->mime == 'application/pdf') {
// PDF
echo '<span class="ion-document" style="font-size:14em"></span>';
$_fancybox_class = 'cdn-fancybox';
$_fancybox_type = 'iframe';
$_url = cdn_serve($object->id);
$_action = 'View';
} else {
// Generic file, force download
echo '<span class="ion-document" style="font-size:14em"></span>';
$_fancybox_class = '';
$_fancybox_type = '';
$_url = cdn_serve($object->id, TRUE);
$_action = 'Download';
}
echo '</div>';
// Filename
echo '<div class="details">';
echo '<span class="filename">' . $object->filename_display . '</span>';
echo '<div class="type"><strong>Type:</strong> ' . $object->mime . '</div>';
echo '<div class="filesize"><strong>Filesize:</strong> ' . format_bytes($object->filesize) . '</div>';
echo '<div class="created"><strong>Created:</strong> ' . user_datetime($object->created) . '</div>';
echo '<div class="modified"><strong>Modified:</strong> ' . user_datetime($object->modified) . '</div>';
echo '<div class="actions">';
echo '<a href="#" data-fieldid="' . $this->input->get('fieldid') . '" data-id="' . $object->id . '" data-bucket="' . $bucket->slug . '" data-file="' . $object->filename . '" class="awesome green small insert">Insert</a>';
echo anchor(site_url('cdn/manager/delete/' . $object->id . '?' . $_SERVER['QUERY_STRING'], page_is_secure()), 'Delete', 'class="awesome red small delete"');
echo anchor($_url, $_action, 'data-fancybox-title="' . $object->filename_display . '" data-fancybox-type="' . $_fancybox_type . '" class="' . $_fancybox_class . ' awesome small"');
echo '</div>';
echo '</div>';
echo '<div class="clear"></div>';
echo '</li>';
echo lang('accounts_edit_emails_th_verified');
?>
</th>
<th><?php
echo lang('accounts_edit_emails_th_date_added');
?>
</th>
<th><?php
echo lang('accounts_edit_emails_th_date_verified');
?>
</th>
</tr>
</thead>
<tbody>
<?php
foreach ($user_emails as $email) {
echo '<tr>';
echo '<td>' . mailto($email->email) . '</td>';
echo '<td>' . ($email->is_primary ? lang('yes') : lang('no')) . '</td>';
echo '<td>' . ($email->is_verified ? lang('yes') : lang('no')) . '</td>';
echo '<td>' . user_datetime($email->date_added) . '</td>';
echo '<td>' . ($email->is_verified ? user_datetime($email->date_added) : lang('accounts_edit_emails_td_not_verified')) . '</td>';
echo '</tr>';
}
?>
</tbody>
</table>
</div>
</fieldset>
echo '<div class="icon"><span class="ion-music-note" style="font-size:2.2em"></span></div>';
$_fancybox_class = 'cdn-fancybox';
$_fancybox_type = 'iframe';
$_url = cdn_serve($object->id);
$_action = 'Play';
} elseif ($object->mime == 'application/pdf') {
// PDF
echo '<div class="icon"><span class="ion-document" style="font-size:2.2em"></span></div>';
$_fancybox_class = 'cdn-fancybox';
$_fancybox_type = 'iframe';
$_url = cdn_serve($object->id);
$_action = 'View';
} else {
// Generic file, force download
echo '<div class="icon"><span class="ion-document" style="font-size:2.2em"></span></div>';
$_fancybox_class = '';
$_fancybox_type = '';
$_url = cdn_serve($object->id, TRUE);
$_action = 'Download';
}
echo $object->filename_display;
echo '</td>';
echo '<td class="mime">' . $object->mime . '</td>';
echo '<td class="filesize">' . format_bytes($object->filesize) . '</td>';
echo '<td class="modified">' . user_datetime($object->modified) . '</td>';
echo '<td class="actions">';
echo '<a href="#" data-fieldid="' . $this->input->get('fieldid') . '" data-id="' . $object->id . '" data-bucket="' . $bucket->slug . '" data-file="' . $object->filename . '" class="awesome green small insert">Insert</a>';
echo anchor(site_url('cdn/manager/delete/' . $object->id . '?' . $_SERVER['QUERY_STRING'], page_is_secure()), 'Delete', 'class="awesome red small delete"');
echo anchor($_url, $_action, 'data-fancybox-title="' . $object->filename_display . '" data-fancybox-type="' . $_fancybox_type . '" class="' . $_fancybox_class . ' awesome small"');
echo '</td>';
echo '</tr>';