function loginWithFacebook() { $fb_appid = Zend_Registry::get('config')->get('facebook_appid'); $fb_secret = Zend_Registry::get('config')->get('facebook_secret'); $fb = new Facebook\Facebook(['app_id' => $fb_appid, 'app_secret' => $fb_secret, 'default_graph_version' => 'v2.4']); $helper = $fb->getRedirectLoginHelper(); try { $accessToken = $helper->getAccessToken(); $_SESSION['fb_access_token'] = $accessToken; } catch (Facebook\Exceptions\FacebookResponseException $e) { // When Graph returns an error echo 'Graph returned an error: ' . $e->getMessage(); exit; } catch (Facebook\Exceptions\FacebookSDKException $e) { // When validation fails or other local issues echo 'Facebook SDK returned an error: ' . $e->getMessage(); exit; } if (!isset($accessToken)) { if ($helper->getError()) { header('HTTP/1.0 401 Unauthorized'); echo "Error: " . $helper->getError() . "\n"; echo "Error Code: " . $helper->getErrorCode() . "\n"; echo "Error Reason: " . $helper->getErrorReason() . "\n"; echo "Error Description: " . $helper->getErrorDescription() . "\n"; } else { header('HTTP/1.0 400 Bad Request'); echo 'Bad request'; } exit; } try { // Get the Facebook\GraphNodes\GraphUser object for the current user. // If you provided a 'default_access_token', the '{access-token}' is optional. $response = $fb->get('/me?fields=id,name,email', $accessToken->getValue()); } catch (Facebook\Exceptions\FacebookResponseException $e) { // When Graph returns an error echo 'Graph returned an error: ' . $e->getMessage(); exit; } catch (Facebook\Exceptions\FacebookSDKException $e) { // When validation fails or other local issues echo 'Facebook SDK returned an error: ' . $e->getMessage(); exit; } $fb_user = $response->getGraphUser(); $fb_user_email = $fb_user['email']; $fb_user_display_name = mb_strtolower(preg_replace("/[^A-Za-z0-9]/", '', $fb_user['name']), 'UTF-8'); $defaultres = 64; $bigres = Zend_Registry::get('config')->get('avatar_size') ? Zend_Registry::get('config')->get('avatar_size') : $defaultres; $fb_avatar = 'https://graph.facebook.com/v2.0/' . $fb_user['id'] . '/picture?width=' . $bigres . '&height=' . $bigres; if (!$fb_user_email) { Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('/'); return; } $emailAuthAdapter = Application_Plugin_Common::getEmailAuthAdapter($fb_user_email); $auth = Zend_Auth::getInstance(); $authStorage = $auth->getStorage(); $result = $auth->authenticate($emailAuthAdapter); if ($result->isValid()) { $Profiles = new Application_Model_Profiles(); $user_db_data = $Profiles->getProfileByField('email', $fb_user_email); // clear identity - force logout Zend_Auth::getInstance()->clearIdentity(); // check if account is activated if (!$Profiles->isActivated($user_db_data->name)) { Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Please activate your account first'), 'on'); // clear identity - force logout Zend_Auth::getInstance()->clearIdentity(); } elseif ($user_db_data->is_hidden) { Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('This account has been deleted or suspended'), 'off'); // clear identity - force logout Zend_Auth::getInstance()->clearIdentity(); } else { // everything ok, login user $user_data = $emailAuthAdapter->getResultRowObject(); Application_Plugin_Common::loginUser($user_data, $emailAuthAdapter, $authStorage); // trigger hooks $profile_id = $user_data->id; Zend_Registry::get('hooks')->trigger('hook_login', $profile_id); // flush url Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl(''); } } else { // User must create account first... // save tmp facebook data to session $session = new Zend_Session_Namespace('Default'); $session->fb_user_email = $fb_user_email; $session->fb_user_display_name = $fb_user_display_name; $session->fb_avatar = $fb_avatar; // go to register with facebook Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl('addons/' . basename(__DIR__) . '/?fb-register'); } }
/** * Login submit */ public function submitLoginForm($form) { if ($form->isValid($_POST)) { $Profiles = new Application_Model_Profiles(); $name_input = $form->getValue('name'); $password = $form->getValue('password'); $remember_me = $form->getValue('remember_me'); if ($remember_me == '0') { Zend_Session::ForgetMe(); } $user_test = $Profiles->getProfileByField('email', $name_input); // no user, try with name instead of email if (!isset($user_test)) { $user_test = $Profiles->getProfileByField('name', $name_input); } if (isset($user_test)) { $name = $user_test->name; $email = $user_test->email; } else { // show as alert to cover login modal error Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Invalid username or password'), 'on'); return; } if ($user_test->type != 'user' || !$email) { // show as alert to cover login modal error Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Invalid username or password'), 'on'); return; } $authAdapter = Application_Plugin_Common::getAuthAdapter(); $authAdapter->setIdentity($email)->setCredential($password); $auth = Zend_Auth::getInstance(); $authStorage = $auth->getStorage(); $result = $auth->authenticate($authAdapter); if ($result->isValid()) { // check if account is activated if (!$Profiles->isActivated($name)) { Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Please activate your account first'), 'off'); // build url $base_url = Application_Plugin_Common::getFullBaseUrl(); $resendactivation_link = $base_url . '/index/activate/resend/' . $user_test->name; Application_Plugin_Alerts::info('<a href="' . $resendactivation_link . '">' . Zend_Registry::get('Zend_Translate')->translate('Click here to resend the activation email') . '</a>', 'off', false); // clear identity - force logout Zend_Auth::getInstance()->clearIdentity(); } elseif ($user_test->is_hidden) { Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('This account has been deleted or suspended'), 'off'); // clear identity - force logout Zend_Auth::getInstance()->clearIdentity(); } else { // everything ok, login user $user_data = $authAdapter->getResultRowObject(); Application_Plugin_Common::loginUser($user_data, $authAdapter, $authStorage); // flush url Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector')->gotoUrl(''); } } else { // show as alert to cover login modal error Application_Plugin_Alerts::error(Zend_Registry::get('Zend_Translate')->translate('Invalid username or password'), 'on'); } } return $form; }