/** * Login user * */ public function kloginAction() { $this->_helper->getHelper('viewRenderer')->setNoRender(); $this->_helper->getHelper('layout')->disableLayout(); $response = array(); $request = $this->getRequest(); /** * Redirect to dashboard if user has logged in already */ if ($request->isPost()) { $username = $request->getPost('u'); $password = $request->getPost('p'); $remember = $request->getPost('s'); $authMan = new Pandamp_Auth_Manager($username, $password); $authResult = $authMan->authenticate(); $zendAuth = Zend_Auth::getInstance(); if ($zendAuth->hasIdentity()) { if ($authResult->isValid()) { $returnUrl = base64_decode($request->getPost('r')); if (!empty($returnUrl)) { if (strpos($returnUrl, '?')) { $sAddition = '&'; } else { $sAddition = '?'; } $data = array('success' => true, 'msg' => 'Logging in', 'message' => "{$returnUrl}" . $sAddition . "PHPSESSID=" . Zend_Session::getId()); Pandamp_Lib_Formater::writeLog(); // to help thwart session fixation/hijacking // @modifiedDate 2014-09-15 17:01 if (isset($remember) && $remember == 'yes') { /*$hol = new Pandamp_Core_Hol_Auth(); $hol->user = $username; $hol->user_pw = $password; $hol->save_login = $remember; $hol->login_saver();*/ // remember the session for 604800s = 7 days Zend_Session::rememberMe(604800); } else { // do not remember the session // Zend_Session::forgetMe(); } $this->_helper->FlashMessenger('Successful authentication'); } } else { if ($authResult->getCode() != -51) { Zend_Auth::getInstance()->clearIdentity(); } $messages = $authResult->getMessages(); $data = array('error' => $messages[0], 'success' => false); } } else { $messages = $authResult->getMessages(); $data = array('error' => $messages[0], 'failure' => true); } } $this->getResponse()->setBody(Zend_Json::encode($data)); }
/** * Login authentication * @param username, password */ function kloginAction() { $this->_helper->layout()->disableLayout(); $request = $this->getRequest(); $userName = $request->getParam('u') ? $request->getParam('u') : ''; $password = $request->getParam('p') ? $request->getParam('p') : ''; $remember = $request->getParam('s') ? $request->getParam('s') : ''; $response = array(); $saveHandler = Zend_Session::getSaveHandler(); $saveHandler->setLifetime(3600)->setOverrideLifetime(true); Zend_Session::start(); $authMan = new Pandamp_Auth_Manager($userName, $password); $authResult = $authMan->authenticate(); $zendAuth = Zend_Auth::getInstance(); if ($zendAuth->hasIdentity()) { if ($authResult->isValid()) { Zend_Session::regenerateId(); $r = $this->getRequest(); $returnUrl = base64_decode($r->getParam('r')); if (!empty($returnUrl)) { if (strpos($returnUrl, '?')) { $sAddition = '&'; } else { $sAddition = '?'; Pandamp_Lib_Formater::writeLog(); if (isset($remember) && $remember == 'yes') { Zend_Session::rememberMe(3600); $hol = new Pandamp_Core_Hol_Auth(); $hol->user = $userName; $hol->user_pw = $password; $hol->save_login = $remember; $hol->login_saver(); } $this->_helper->getHelper('Cache')->removePagesTagged(array('entries', 'hold', 'warta', 'clinic')); $response['success'] = true; $response['message'] = "{$returnUrl}" . $sAddition . "PHPSESSID=" . Zend_Session::getId(); } } } else { if ($authResult->getCode() != -51) { // failure : clear database row from session Zend_Auth::getInstance()->clearIdentity(); } $messages = $authResult->getMessages(); $response['error'] = $messages[0]; $response['success'] = false; } } else { $response['failure'] = true; $messages = $authResult->getMessages(); $response['error'] = $messages[0]; } echo Zend_Json::encode($response); }