public function cookie_login() { if (isset($_COOKIE['mid']) && isset($_COOKIE['e']) && isset($_COOKIE['token'])) { $id = $this->decrypt($_COOKIE['mid']); $email = $this->decrypt($_COOKIE['e']); $token = $this->decrypt($_COOKIE['token']); $member = Members::findFirst(array('id = "' . trim($id) . '"', 'email = "' . trim($email) . '"')); //$member = Members::findFirst(array('id= "'.$id.'"', 'email="Yes"')); if ($member == true && $this->security->checkHash($token, $member->cookie_token)) { $userSession = get_object_vars($member); $userSession['type'] = 'Member'; $profilePic = MemberPhotos::findFirst(array('member_id="' . $userSession['id'] . '"', 'primary_pic="Yes"')); $userSession['primary_pic'] = $profilePic->file_path . $profilePic->filename; return $this->session->set('userSession', $userSession); } } }
public function set_primary_photoAction($id = null) { $this->view->disable(); $photos = MemberPhotos::findFirst($id); $userSession = $this->session->get('userSession'); if (!$photos || $userSession['id'] != $photos->member_id) { return $this->response->redirect('biz/add_photo/' . $userSession['id']); } else { $currentPhotos = MemberPhotos::find('member_id = "' . $userSession['id'] . '"'); foreach ($currentPhotos as $key => $currentPhoto) { $currentPhoto->primary_pic = 'No'; if (!$currentPhoto->update()) { $this->view->disable(); echo "failed to update current photo."; } } $photos->modified = date('Y-m-d H:i:s'); $photos->primary_pic = 'Yes'; if ($photos->update()) { $userSession['primary_pic'] = $photos->file_path . $photos->filename; $this->session->set('userSession', $userSession); $this->flash->success('<button type="button" class="close" data-dismiss="alert">×</button>Photo has been set as primary.'); return $this->response->redirect('biz/add_photo/' . $userSession['id']); } else { $this->view->disable(); echo "failed to modified data. "; } } }
/** * Login user * @return \Phalcon\Http\ResponseInterface */ public function advertiser_loginAction() { if ($this->request->isPost()) { // if($this->security->checkToken() == false){ // $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Invalid CSRF Token'); // return $this->response->redirect('login'); // } $this->view->disable(); $email = $this->request->getPost('email'); // $_POST $password = $this->request->getPost('password'); if (empty($email) || empty($password)) { $this->flash->warning('<button type="button" class="close" data-dismiss="alert">×</button>All fields required'); return $this->response->redirect(''); } $member = Members::findFirstByEmail($email); if ($member == true && $member == 'Advertiser' && $this->security->checkHash($password, $member->password)) { $emaiConfirmed = EmailConfirmations::findFirst(array('columns' => '*', 'conditions' => 'user_id = ?1 AND email=?2 AND confirmed = ?3', 'bind' => array(1 => $member->id, 2 => $email, 3 => 'Y'))); if (!$emaiConfirmed) { $this->flash->warning('<button type="button" class="close" data-dismiss="alert">×</button>You\'re email is not yet confirmed.'); return $this->response->redirect(''); } $userSession = get_object_vars($member); $profilePic = MemberPhotos::findFirst(array('member_id="' . $userSession['id'] . '"', 'primary_pic="Yes"')); $userSession['primary_pic'] = $profilePic->file_path . $profilePic->filename; $this->session->set('userSession', $userSession); //member id $cookie_name = "mid"; $cookie_value = $userSession['id']; $date_of_expiry = time() + 60 * 60 * 24 * 90; setcookie($cookie_name, $this->encrypt($cookie_value), $date_of_expiry, "/"); //email $cookie_name = "e"; $cookie_value = $userSession['email']; setcookie($cookie_name, $this->encrypt($cookie_value), $date_of_expiry, "/"); //cookie token $cookie_name = "token"; $cookie_token = substr(md5(uniqid(rand(), true)), 0, 20); setcookie($cookie_name, $this->encrypt($cookie_token), $date_of_expiry, "/"); $member->modified = date('Y-m-d H:i:s'); $member->cookie_token = $this->security->hash($cookie_token); if ($member->update()) { $this->flash->success('<button type="button" class="close" data-dismiss="alert">×</button>You are now logged in.'); $this->response->redirect('member/page/' . $userSession['id']); } } else { $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Incorrect username or password.'); $this->response->redirect(''); } } }