/** * Show the registration form */ public function index() { // Signup Step 1 if (Member::currentUser()) { return $this->redirect(Security::default_login_dest()); } // Signup nur zulassen, wenn TwitterUserData Session gesetzt wurde if (!($user = Session::get('TwitterUserData'))) { return $this->redirect('home/index'); } if (isset($user->screen_name) && !Session::get('FormInfo.TwitterSignupForm.Nickname')) { Session::set('FormInfo.TwitterSignupForm.Nickname', $user->screen_name); } return $this->customise(new ArrayData(array('Title' => _t('RfrTwitterConnect.SIGNUPTITLE', 'RfrTwitterConnect.SIGNUPTITLE'), 'Content' => _t('RfrTwitterConnect.SIGNUPCONTENT', 'RfrTwitterConnect.SIGNUPCONTENT'), 'Form' => $this->TwitterSignupForm())))->renderWith(array('Twitter_signup', 'Twitter', $this->stat('template_main'), $this->stat('template'))); }
/** * Overidden, added call to redirectByGroup(). * * Login in the user and figure out where to redirect the browser. * * The $data has this format * array( * 'AuthenticationMethod' => 'MemberAuthenticator', * 'Email' => '*****@*****.**', * 'Password' => '1nitialPassword', * 'BackURL' => 'test/link', * [Optional: 'Remember' => 1 ] * ) * * * @param array $data * @return void */ protected function logInUserAndRedirect($data) { Session::clear('SessionForms.MemberLoginForm.Email'); Session::clear('SessionForms.MemberLoginForm.Remember'); if (Member::currentUser()->isPasswordExpired()) { if (isset($_REQUEST['BackURL']) && ($backURL = $_REQUEST['BackURL'])) { Session::set('BackURL', $backURL); } $cp = new ChangePasswordForm($this->controller, 'ChangePasswordForm'); $cp->sessionMessage('Your password has expired. Please choose a new one.', 'good'); return $this->controller->redirect('Security/changepassword'); } // Absolute redirection URLs may cause spoofing if (isset($_REQUEST['BackURL']) && $_REQUEST['BackURL'] && Director::is_site_url($_REQUEST['BackURL'])) { return $this->controller->redirect($_REQUEST['BackURL']); } // Spoofing attack, redirect to homepage instead of spoofing url if (isset($_REQUEST['BackURL']) && $_REQUEST['BackURL'] && !Director::is_site_url($_REQUEST['BackURL'])) { return $this->controller->redirect(Director::absoluteBaseURL()); } // If a default login dest has been set, redirect to that. if (Security::default_login_dest()) { return $this->controller->redirect(Director::absoluteBaseURL() . Security::default_login_dest()); } // redirect by group if (singleton('Group')->hasExtension('GroupLoginDataExtension')) { $this->redirectByGroup(); } // Redirect the user to the page where he came from $member = Member::currentUser(); if ($member) { $firstname = Convert::raw2xml($member->FirstName); if (!empty($data['Remember'])) { Session::set('SessionForms.MemberLoginForm.Remember', '1'); $member->logIn(true); } else { $member->logIn(); } Session::set('Security.Message.message', _t('Member.WELCOMEBACK', "Welcome Back, {firstname}", array('firstname' => $firstname))); Session::set("Security.Message.type", "good"); } Controller::curr()->redirectBack(); }
public function doSignup(array $data) { if (!($user = Session::get('TwitterUserData'))) { return $this->controller->redirect('twitter/error'); } $o_Member = new Member(); $this->saveInto($o_Member); $o_Member->SocialConnectType = 'twitter'; $o_Member->TwitterID = $user['id']; $o_Member->Locale = i18n::get_locale(); Config::inst()->update('Member', 'deactivate_send_validation_mail', false); $o_Member->Verified = true; $o_Member->VerificationEmailSent = true; Config::inst()->update('Member', 'deactivate_send_validation_mail', true); $o_Member->write(); Config::inst()->update('Member', 'deactivate_send_validation_mail', false); $o_Member->addToFrontendGroup(); Session::clear('TwitterUserData'); $o_Member->logIn(); // return Director::redirect($this->URLSegment.'/profile'); // We use Email Verified Member return $this->controller->redirect(Security::default_login_dest()); }
/** * Login form handler method * * This method is called when the user clicks on "Log in" * * @param array $data Submitted data */ public function dologin($data) { if ($this->performLogin($data)) { Session::clear('SessionForms.MemberLoginForm.Email'); Session::clear('SessionForms.MemberLoginForm.Remember'); if (Member::currentUser()->isPasswordExpired()) { if (isset($_REQUEST['BackURL']) && ($backURL = $_REQUEST['BackURL'])) { Session::set('BackURL', $backURL); } $cp = new ChangePasswordForm($this->controller, 'ChangePasswordForm'); $cp->sessionMessage('Your password has expired. Please choose a new one.', 'good'); Director::redirect('Security/changepassword'); } elseif (isset($_REQUEST['BackURL']) && $_REQUEST['BackURL'] && Director::is_site_url($_REQUEST['BackURL'])) { Director::redirect($_REQUEST['BackURL']); } elseif (Security::default_login_dest()) { Director::redirect(Director::absoluteBaseURL() . Security::default_login_dest()); } else { $member = Member::currentUser(); if ($member) { $firstname = Convert::raw2xml($member->FirstName); if (!empty($data['Remember'])) { Session::set('SessionForms.MemberLoginForm.Remember', '1'); $member->logIn(true); } else { $member->logIn(); } Session::set('Security.Message.message', sprintf(_t('Member.WELCOMEBACK', "Welcome Back, %s"), $firstname)); Session::set("Security.Message.type", "good"); } Director::redirectBack(); } } else { Session::set('SessionForms.MemberLoginForm.Email', $data['Email']); Session::set('SessionForms.MemberLoginForm.Remember', isset($data['Remember'])); if (isset($_REQUEST['BackURL'])) { $backURL = $_REQUEST['BackURL']; } else { $backURL = null; } if ($backURL) { Session::set('BackURL', $backURL); } if ($badLoginURL = Session::get("BadLoginURL")) { Director::redirect($badLoginURL); } else { // Show the right tab on failed login $loginLink = Director::absoluteURL(Security::Link("login")); if ($backURL) { $loginLink .= '?BackURL=' . urlencode($backURL); } Director::redirect($loginLink . '#' . $this->FormName() . '_tab'); } } }
/** * Set the default login dest * This is the URL that users will be redirected to after they log in, * if they haven't logged in en route to access a secured page. * * By default, this is set to the homepage */ public static function set_default_login_dest($dest) { self::$default_login_dest = $dest; }
/** * Login form handler method * * This method is called when the user clicks on "Log in" * * @param array $data Submitted data */ public function createorupdateaccount($data, $form) { $passwordOK = true; if (!$passwordOK) { Session::set('Security.Message.message', _t('Member.PASSWORDINVALID', "Your password is not valid.")); $loginLink = Director::absoluteURL(Security::Link("login")); if ($backURL) { $loginLink .= '?BackURL=' . urlencode($backURL); } Director::redirect($loginLink . '#' . $this->FormName() . '_tab'); } if ($this->createOrUpdateUser($data, $form)) { Session::clear('SessionForms.MemberLoginForm.EmailSignup'); Session::clear('SessionForms.MemberLoginForm.FirstNameSignup'); Session::clear('SessionForms.MemberLoginForm.SurnameSignup'); Session::clear('SessionForms.MemberLoginForm.RememberSignup'); if (!isset($_REQUEST['BackURL'])) { if (Session::get("BackURL")) { $_REQUEST['BackURL'] = Session::get("BackURL"); } } Session::clear("BackURL"); if (isset($_REQUEST['BackURL']) && $_REQUEST['BackURL'] && Director::is_site_url($_REQUEST['BackURL'])) { Director::redirect($_REQUEST['BackURL']); } elseif (Security::default_login_dest()) { Director::redirect(Director::absoluteBaseURL() . Security::default_login_dest()); } else { $member = Member::currentUser(); if ($member) { $firstname = Convert::raw2xml($member->FirstName); if (!empty($data['RememberSignup'])) { Session::set('SessionForms.MemberLoginForm.RememberSignup', '1'); $member->logIn(true); } else { $member->logIn(); } Session::set('Security.Message.message', sprintf(_t('Member.THANKYOUFORCREATINGACCOUNT', "Thank you for creating an account, %s"), $firstname)); Session::set("Security.Message.type", "good"); } Director::redirectBack(); } } else { Session::set('Security.Message.message', _t('Member.MEMBERALREADYEXISTS', "A member with this email already exists.")); Session::set("Security.Message.type", "error"); Session::set('SessionForms.MemberLoginFormWithSignup.EmailSignupSignup', $data['EmailSignup']); Session::set('SessionForms.MemberLoginFormWithSignup.FirstNameSignup', $data['FirstNameSignup']); Session::set('SessionForms.MemberLoginFormWithSignup.SurnameSignup', $data['SurnameSignup']); Session::set('SessionForms.MemberLoginFormWithSignup.RememberSignup', isset($data['RememberSignup'])); if (isset($_REQUEST['BackURL'])) { $backURL = $_REQUEST['BackURL']; } else { $backURL = null; } if ($backURL) { Session::set('BackURL', $backURL); } if ($badLoginURL = Session::get("BadLoginURL")) { Director::redirect($badLoginURL); } else { // Show the right tab on failed login $loginLink = Director::absoluteURL(Security::Link("login")); if ($backURL) { $loginLink .= '?BackURL=' . urlencode($backURL); } Director::redirect($loginLink . '#' . $this->FormName() . '_tab'); } } }