コード例 #1
0
ファイル: LoginController.php プロジェクト: yuxujian/YuNote
 public function loginAction()
 {
     $id = $this->getRequest()->getParam("id", "");
     $pwd = $this->getRequest()->getParam("pwd", "");
     if (empty($id)) {
         $this->view->err = "<font color='red'>用户名不能为空</font>";
         $this->_forward("index", "index");
         return;
     }
     if (empty($pwd)) {
         $this->view->err = "<font color='red'>密码不能为空</font>";
         $this->_forward("index", "index");
         return;
     }
     $users = new Users();
     $db = $users->getAdapter();
     $where = $db->quoteInto("id=?", $id) . $db->quoteInto("and pwd=?", md5($pwd));
     $loginuser = $users->fetchAll($where)->toArray();
     if (count($loginuser) > 0) {
         session_start();
         $_SESSION['loginuser'] = $loginuser[0]['name'];
         $_SESSION['userid'] = $loginuser[0]['id'];
         $this->_forward("hall", "hall");
     } else {
         $this->view->err = "<font color='red'>用户ID或密码不正确</font>";
         $this->_forward("index", "index");
         return;
     }
 }
コード例 #2
0
ファイル: IndexController.php プロジェクト: tolya199178/swift
 public function loginAction()
 {
     $goto = $this->getRequest()->getParam('goto');
     if (@$this->_me) {
         if ($goto) {
             $this->_redirect("/{$goto}");
         } else {
             $this->redirect("/track");
         }
     }
     $this->view->goto = $goto;
     if ($this->getRequest()->isPost()) {
         //Get form data from post array
         $data = $this->_request->getPost();
         if ($data['email'] == '' || $data['password'] == '') {
             $this->view->error = "Please provide your email address and password.";
             return false;
         }
         //Log user in to session
         $users = new Users();
         $auth = Zend_Auth::getInstance();
         $authAdapter = new Zend_Auth_Adapter_DbTable($users->getAdapter(), 'users');
         $authAdapter->setIdentityColumn('email')->setCredentialColumn('password');
         $authAdapter->setIdentity($data['email'])->setCredential(sha1($data['password']));
         $result = $auth->authenticate($authAdapter);
         if ($result->isValid()) {
             Zend_Session::rememberMe(31536000);
             $credentials = base64_encode(serialize(array('email' => $data['email'], 'password' => sha1($data['password']))));
             //Set login cookie
             setcookie('autl', $credentials, time() + 31536000, '', '.' . $_SERVER['HTTP_HOST']);
             $storage = new Zend_Auth_Storage_Session();
             $storage->write($authAdapter->getResultRowObject());
             $this->_redirect($data['goto']);
         } else {
             $this->view->error = "Invalid email or password. Please try again.";
         }
     }
 }
コード例 #3
0
ファイル: Authorise.php プロジェクト: rwebley/Beowulf---PAS
 public function isValid($value, $context = null)
 {
     $value = (string) $value;
     $this->_setValue($value);
     if (is_array($context)) {
         if (!isset($context['password'])) {
             return false;
         }
     }
     $dbAdapter = Zend_Registry::get('db');
     $this->_authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter);
     $this->_authAdapter->setTableName('users')->setIdentityColumn('username')->setCredentialColumn('password');
     // get "salt" for better security
     $salt = $this->_config->auth->salt;
     $password = sha1($salt . $context['password']);
     $this->_authAdapter->setIdentity($value);
     $this->_authAdapter->setCredential($password);
     $auth = Zend_Auth::getInstance();
     $result = $auth->authenticate($this->_authAdapter);
     if (!$result->isValid()) {
         $this->_error(self::NOT_AUTHORISED);
         return false;
     }
     //Updated the user table - this needs moving to the users model
     $users = new Users();
     $updateArray = array('visits' => new Zend_Db_Expr('visits + 1'), 'lastLogin' => Zend_Date::now()->toString('yyyy-MM-dd HH:mm'));
     $where = array();
     $where[] = $users->getAdapter()->quoteInto('username = ?', $value);
     $users->update($updateArray, $where);
     //Update login table needs moving to the login model
     $logins = new Logins();
     $data['loginDate'] = Zend_Date::now()->toString('yyyy-MM-dd HH:mm');
     $data['userAgent'] = $_SERVER['HTTP_USER_AGENT'];
     $data['ipAddress'] = $_SERVER['REMOTE_ADDR'];
     $data['username'] = $value;
     $insert = $logins->insert($data);
     return true;
 }
コード例 #4
0
 /** Upgrade an account
  * @access public
  * @return void
  */
 public function upgradeAction()
 {
     $allowed = array('public', 'member');
     if (in_array($this->getRole(), $allowed)) {
         $user = $this->getAccount();
         $form = new AccountUpgradeForm();
         $this->view->form = $form;
         if ($this->getRequest()->isPost() && $form->isValid($this->_request->getPost())) {
             if ($form->isValid($form->getValues())) {
                 $where = array();
                 $where[] = $this->_users->getAdapter()->quoteInto('id = ?', (int) $this->getAccount()->id);
                 $updateData = $form->getValues();
                 $updateData['higherLevel'] = 1;
                 $this->_users->update($updateData, $where);
                 $to = array(array('email' => $user->email, 'name' => $user->fullname));
                 $advisers = new Contacts();
                 $emails = $advisers->getAdvisersEmails();
                 $central = $advisers->getCentralEmails();
                 $emails = array_merge($to, $emails, $central);
                 $attachments = array(ROOT_PATH . '/public_html/documents/tac.pdf');
                 $assignData = array_merge($to[0], $form->getValues());
                 $toReferee = array(array('email' => $form->getValue('referenceEmail'), 'name' => $form->getValue('reference')));
                 //data, template, to, cc, from, bcc, attachments, subject
                 $this->sendAdvisers($assignData, $toReferee, $emails, $attachments);
                 $this->getFlash()->addMessage('Thank you! We have received your request.');
                 $this->redirect('/users/account/');
             } else {
                 $form->populate($form->getValues());
                 $this->getFlash()->addMessage('There are a few problems with your registration<br>
                 Please review and correct them.');
             }
         }
     } else {
         $this->getFlash()->addMessage('You can\'t request an upgrade as you already have ' . $this->getRole() . ' status!');
         $this->redirect('/users/account/');
     }
 }
コード例 #5
0
ファイル: UseradminController.php プロジェクト: jaybill/Bolts
 function testdataAction()
 {
     $request = new Bolts_Request($this->getRequest());
     if ($this->getRequest()->isPost()) {
         $errors = array();
         $data_path = $request->data_path;
         $data_file = $data_path . "/users.dat";
         $image_dir = $data_path . "/images";
         $users_table = new Users();
         $users_roles_table = new UsersRoles();
         if ($request->has("email_domain")) {
             $email_domain = $request->email_domain;
         } else {
             $email_domain = "nowhere.com";
         }
         if (!file_exists($data_file)) {
             $errors[] = $this->_T("Data file missing. Check path.");
         } else {
             $users = unserialize(file_get_contents($data_file));
             if (!is_array($users)) {
                 $errors[] = $this->_T("Data file is corrupt or something.");
             }
         }
         if (count($errors) == 0) {
             $old_users = $users_table->fetchAll();
             foreach ($old_users as $old_user) {
                 if ($users_table->getMetaData($old_user->username, "is_test_user") == "true") {
                     $where = $users_table->getAdapter()->quoteInto("username = ?", $old_user->username);
                     $users_table->delete($where);
                     $users_roles_table->delete($where);
                 }
             }
             $count = 0;
             foreach ($users as $user) {
                 $tmp_user = array();
                 foreach ($user as $key => $value) {
                     if ($key != "avatar") {
                         $tmp_user[$key] = $value;
                     }
                 }
                 $tmp_user['email'] = strtolower($tmp_user['username'] . "@" . $email_domain);
                 $tmp_user['password'] = "******";
                 $destination_path = $users_table->getAvatarPath($user['username']);
                 $destination_filename = $users_table->getAvatarPath($user['username'], true);
                 if (!is_dir($destination_path)) {
                     mkdir($destination_path, 0777, true);
                 }
                 if (file_exists($destination_filename)) {
                     unlink($destination_filename);
                 }
                 $source_image = $image_dir . "/" . $user['avatar'];
                 copy($source_image, $destination_filename);
                 $role_data = array("username" => $tmp_user['username'], "role_id" => $tmp_user['role_id']);
                 $users_roles_table->insert($role_data);
                 unset($tmp_user['role_id']);
                 $users_table->insert($tmp_user);
                 $users_table->setMetaData($tmp_user['username'], "is_test_user", "true");
                 $save_users[] = $user;
                 $count++;
             }
             $this->view->success = "User data loaded. Created " . $count . " users.";
             Bolts_Registry::set('test_data_path', $request->data_path);
             $this->view->data_path = Bolts_Registry::get('test_data_path');
             $this->view->email_domain = $email_domain;
         } else {
             $this->view->errors = $errors;
             $this->view->data_path = Zend_Registry::get('basepath') . "/tmp/testdata";
             $this->view->email_domain = $request->email_domain;
         }
     } else {
         $this->view->data_path = Zend_Registry::get('basepath') . "/tmp/testdata";
         $this->view->email_domain = "nowhere.com";
         $this->view->notice = $this->_T("Warning: If you are reinstalling the test data, the old test data will be overwritten. Users created outside the test data should not be affected.");
     }
 }
コード例 #6
0
 /** Reject a user's account
  */
 public function rejectAction()
 {
     if ($this->_getParam('id', false)) {
         $id = $this->_getParam('id');
         $form = new RejectUpgradeForm();
         $this->view->form = $form;
         if ($this->_request->isPost()) {
             $formData = $this->_request->getPost();
             if ($form->isValid($formData)) {
                 $fullname = $form->getValue('fullname');
                 $email = $form->getValue('email');
                 $userUpdateData = array();
                 $userUpdateData['updated'] = $this->getTimeForForms();
                 $userUpdateData['updatedBy'] = $this->getIdentityForForms();
                 $userUpdateData['higherLevel'] = 0;
                 $rejectData = array('status' => 'reject', 'message' => $form->getValue('message'), 'createdBy' => $this->getIdentityForForms(), 'created' => $this->getTimeForForms());
                 $users = new Users();
                 $where = array();
                 $where[] = $users->getAdapter()->quoteInto('id = ?', $id);
                 $users->update($userUpdateData, $where);
                 $approvals = new ApproveReject();
                 $approvals->insert($rejectData);
                 $message = $form->getValue('message');
                 $researchOutline = $form->getValue('researchOutline');
                 $role = $form->getValue('role');
                 $to = array(array('email' => $form->getValue('email'), 'name' => $form->getValue('fullname')));
                 $this->_helper->mailer($form->getValues(), 'upgradeRejected', $to);
                 $this->_flashMessenger->addMessage('Account rejected');
                 $this->_redirect('/admin/users/upgrades');
             } else {
                 $form->populate($formData);
             }
         } else {
             $id = (int) $this->_request->getParam('id', 0);
             if ($id > 0) {
                 $users = new Users();
                 $user = $users->fetchRow('id =' . $id);
                 if (count($user)) {
                     $form->populate($user->toArray());
                 } else {
                     throw new Pas_Exception_Param($this->_nothingFound);
                 }
             }
         }
     } else {
         throw new Pas_Exception_Param($this->_missingParameter);
     }
 }
コード例 #7
0
ファイル: UserController.php プロジェクト: richjoslin/rivety
	function registerAction()
	{
		$errors = array();
		$request = new RivetyCore_Request($this->getRequest());

		if ($this->_auth->hasIdentity()) $this->_redirect('/default/user/profile/username/' . $this->_identity->username);
		$users_table = new Users();
		$user = array();

		$pre_register_params = array();

		if ($request->has('url'))
		{
			$this->view->url_param = $request->url;
			$pre_register_params['return_url'] = $request->url;
		}
		else
		{
			$pre_register_params['return_url'] = false;
		}

		$pre_register_params = $this->_rivety_plugin->doFilter('default_pre_register', $pre_register_params); // FILTER HOOK
		foreach ($pre_register_params as $key=>$value)
		{
			if ($key == 'return_url') $this->view->url_param = $value;
			else $this->view->$key = $value;
		}

		if ($this->getRequest()->isPost())
		{
			$request->addValidator('username', 'Username is required.');
			$request->addValidator('email', 'Email address is required.');
			$request->addValidator('password', 'Password is required.');
			$request->addValidator('confirm', 'Password confirmation is required.');
			if (!$request->isValid()) $errors = array_merge($errors, $request->getValidationErrors());
			if (count($errors) == 0)
			{
				$user['username'] = $request->username;
				// if ($request->has('full_name'))
				// {
				// 	if (strlen($request->full_name) < 1) $user['full_name'] = $this->_T("Anonymous");
				// 	else $user['full_name'] = $request->full_name;
				// }
				// else
				// {
				// 	$user['full_name'] = $this->_T("Anonymous");
				// }
				$user['email'] = $request->email;
				$user['password'] = $request->password;
				$user['confirm'] = $request->confirm;

				// TODO: remove anything relating to birthday

				// if ($request->has('Birthday_Day') && $request->has('Birthday_Month') && $request->has('Birthday_Year'))
				// {
				// 	$user['birthday'] = strtotime($request->Birthday_Day ." ". $request->Birthday_Month ." ". $request->Birthday_Year);
				// }
				// else
				// {
				// 	$user['birthday'] = null;
				// }

				// validate username
				$username_validator = new Zend_Validate();
				$username_validator->addValidator(new Zend_Validate_StringLength(1, RivetyCore_Registry::get('username_length')));
				$username_validator->addValidator(new Zend_Validate_Alnum());

				if (!$username_validator->isValid($user['username']))
				{
					$show_username = "******".$user['username']."'";
					if (trim($user['username']) == "") $show_username = "******".$this->_T("empty")."]";
					$errors[] = $this->_T("%s is not a valid username. (Between %d and %d characters, only letters and numbers)",array($show_username,1,RivetyCore_Registry::get('username_length')));
					$this->screenAlert('error', $this->_T("%s is not a valid username. (Between %d and %d characters, only letters and numbers)",array($show_username,1,RivetyCore_Registry::get('username_length'))));
				}

				$user_where = $users_table->getAdapter()->quoteInto('username = ?', $user['username']);
				if ($users_table->getCountByWhereClause($user_where) > 0)
				{
					$errors[] = $this->_T("The username '%s' is already in use",$user['username']);
					$this->screenAlert('error', $this->_T("The username '%s' is already in use",$user['username']));
				}

				// validate email
				$email_validator = new Zend_Validate_EmailAddress();
				if (!$email_validator->isValid($user['email']))
				{
					$show_email = "'" . $user['email']."'";
					if (trim($user['email']) == "") $show_email = "[" . $this->_T("empty") . "]";
					$errors[] = $show_email . ' ' . $this->_T('is not a valid email.');
					$this->screenAlert('error', $show_email . ' ' . $this->_T('is not a valid email.'));
				}

				// make sure no one is using this email already
				$email_where = $users_table->getAdapter()->quoteInto('email = ?',$user['email']);
				if ($users_table->getCountByWhereClause($email_where) > 0)
				{
					$errors[] = $this->_T("Email is already in use.");
					$this->screenAlert('error', 'This email address is already in use.');
				}

				$password_validator = new Zend_Validate();
				$password_validator->addValidator(new Zend_Validate_StringLength(6, 32));
				// make sure password is at least six chars
				if (!$password_validator->isValid($user['password']))
				{
					$errors[] = $this->_T("Password must be between %d and %d characters", array(6, RivetyCore_Registry::get('password_length')));
					$this->screenAlert('error', $this->_T("Password must be between %d and %d characters", array(6, RivetyCore_Registry::get('password_length'))));
				}
				// if password is set, make sure it matches confirm
				if ($user['password'] != $user['confirm'])
				{
					$errors[] = $this->_T("Passwords don't match");
					$this->screenAlert('error', $this->_T("Passwords don't match"));
				}

				// // do we meet the minimum age?
				// $minimum_age = RivetyCore_Registry::get('minimum_registration_age', '13') ;
				// $years_ago = strtotime($minimum_age . ' years ago');
				// if ($user['birthday'] > $years_ago)
				// {
				// 	$errors[] = $this->_T("You must be at least %d years old to register.", $minimum_age);
				// }

				$params = array(
					'request' => $this->getRequest(),
					'user' => $user,
					'errors' => $errors,
				);
				$additional = $this->_rivety_plugin->doFilter($this->_mca, $params); // FILTER HOOK
				$errors = $additional['errors'];
				$user = $additional['user'];

				// convert birthday_ts to mysql date
				// $birthday_db = date(DB_DATETIME_FORMAT, $user['birthday']);
				if (count($errors) == 0)
				{
					$roles_table = new Roles();
					$users_roles_table = new UsersRoles();
					$default_role_shortname = RivetyCore_Registry::get('default_role_shortname');
					$role_data = array("username" => $user['username'], "role_id" => $roles_table->getIdByShortname($default_role_shortname));
					$users_roles_table->insert($role_data);

					$user_data = array(
						'username' => $user['username'],
						'email' => $user['email'],
						// 'full_name' => $user['full_name'],
						// 'birthday' => $birthday_db,
						'password' => $user['password'],
						'created_on' => date("Y-m-d H:i:s"),
						'ip' => getenv('REMOTE_ADDR'),
					);

					// if (array_key_exists('about_me', $additional['user']))
					// {
					// 	$user_data['about_me'] = $additional['user']['about_me'];
					// }

					// MAKE IT OFFICIAL
					$users_table->insert($user_data);

					// DO SOME PLUGINS
					$params = array(
						'user' => $user_data,
						'request' => $request,
						'username' => $user['username'],
						'autologin' => true,
						'autologin_username' => $user['username'],
						'autologin_password' => $user['password'],
						'autologin_password_hash' => md5($user['password']),
						'locale_code' => $this->locale_code,
					);
					$params = $this->_rivety_plugin->doFilter("default_post_register", $params); // FILTER HOOK
					$this->_rivety_plugin->doAction($this->_mca . "_post_register", $params); // ACTION HOOK (deprecated)

					// SET UP AUTO-LOGIN, OR DON'T
					if ($params['autologin'])
					{
						$appNamespace = new Zend_Session_Namespace('RivetyCore_Temp');
						$appNamespace->autoLogin = $params['autologin'];
						$appNamespace->autoLoginUsername = $params['autologin_username'];
						$appNamespace->autoLoginPassword = $params['autologin_password'];
						$appNamespace->autoLoginPasswordHash = $params['autologin_password_hash'];
					}

					// SEND THE USER ON THEIR WAY
					$url = '/default/user/postregister';
					// if there was a URL passed in then add that encoded URL as a param to the default redirect
					if ($request->has('url')) $url .= '/url/' . $request->url;
					$this->_redirect($url);
				}
			}
		}
		$this->view->user = $user;
		$this->view->pagetitle = $this->_T("Register");

		foreach ($errors as $error)
		{
			$this->screenAlert('error', $error);
		}
		$errors = null;

		switch ($this->format)
		{
			case 'json': die(!empty($this->screen_alerts) ? json_encode(array('messages' => $this->screen_alerts)) : '200 OK');
			default: break;
		}
	}
コード例 #8
0
 /** Edit person's data
  * @access public
  * @throws Exception
  */
 public function editAction()
 {
     if ($this->getParam('id', false)) {
         $form = new PeopleForm();
         $form->submit->setLabel('Update details');
         $this->view->form = $form;
         if ($this->getRequest()->isPost()) {
             if ($form->isValid($this->_request->getPost())) {
                 $updateData = $form->getValues();
                 $address = $form->getValue('address');
                 $address .= ',';
                 $address .= $form->getValue('city');
                 $address .= ',';
                 $address .= $form->getValue('county');
                 $address .= ',';
                 $address .= $form->getValue('postcode');
                 $coords = $this->geoCodeAddress($address);
                 $oldData = $this->getPeople()->fetchRow('id=' . $this->getParam('id'))->toArray();
                 if (array_key_exists('dbaseID', $updateData)) {
                     $users = new Users();
                     $userdetails = array('peopleID' => $oldData['secuid']);
                     $userdetails['canRecord'] = $updateData['canRecord'];
                     $whereUsers = $users->getAdapter()->quoteInto('id = ?', $updateData['dbaseID']);
                     $users->update($userdetails, $whereUsers);
                 }
                 $where = $this->getPeople()->getAdapter()->quoteInto('id = ?', $this->getParam('id'));
                 $merged = array_merge($updateData, $coords);
                 //Updated the people db table
                 $clean = $this->getPeople()->updateAndProcess($merged);
                 //Update the solr instance
                 $this->getPeople()->update($clean, $where);
                 $this->_helper->solrUpdater->update('people', $this->getParam('id'));
                 //Update the audit log
                 $this->_helper->audit($updateData, $oldData, 'PeopleAudit', $this->getParam('id'), $this->getParam('id'));
                 $this->getFlash()->addMessage('Person information updated!');
                 $this->redirect(self::REDIRECT . 'person/id/' . $this->getParam('id'));
             } else {
                 $form->populate($this->_request->getPost());
             }
         } else {
             $id = (int) $this->_request->getParam('id', 0);
             if ($id > 0) {
                 $form->populate($this->getPeople()->fetchRow('id=' . $id)->toArray());
             }
         }
     } else {
         throw new Exception($this->_missingParameter);
     }
 }
コード例 #9
0
ファイル: MembresController.php プロジェクト: bersace/strass
 function recouvrirAction()
 {
     $this->metas(array('DC.Title' => "Recouvrir l'accès à votre compte"));
     $token = $this->_getParam('confirmer');
     if ($token) {
         $t = new Users();
         try {
             $user = $t->findByRecoverToken($token);
         } catch (Strass_Db_Table_NotFound $e) {
             throw new Zend_Controller_Action_Exception("Jeton inconnu ou expiré", 404);
         }
         $this->view->set = $m = new Wtk_Form_Model('recouvrir');
         $i0 = $m->addString('nouveau', "Nouveau mot de passe");
         $i1 = $m->addString('confirmation', "Confirmer");
         $m->addConstraintRequired($i0);
         $m->addConstraintEqual($i1, $i0);
         $m->addNewSubmission('enregistrer', 'Enregistrer');
         if ($m->validate()) {
             $db = $t->getAdapter();
             $db->beginTransaction();
             try {
                 $this->view->individu = $individu = $user->findParentIndividus();
                 $user->username = $individu->adelec;
                 $user->setPassword($m->get('nouveau'));
                 $user->recover_token = null;
                 $user->save();
                 $this->logger->info("Recouvrement du compte", $this->_helper->Url('fiche', 'individus', null, array('individu' => $individu->slug)));
                 $db->commit();
             } catch (Exception $e) {
                 $db->rollBack();
                 throw $e;
             }
             $this->redirectSimple('index', 'unites');
         }
     } else {
         $this->view->send = $m = new Wtk_Form_Model('recouvrir');
         $m->addConstraintEMail($m->addString('adelec', "Votre adresse"));
         $m->addNewSubmission('envoyer', "Envoyer");
         if ($m->validate()) {
             $t = new Users();
             try {
                 $user = $t->findByEMail($m->get('adelec'));
             } catch (Zend_Db_Table_Exception $e) {
                 $m->errors[] = new Wtk_Form_Model_Exception('Adresse inconnue', $m->getInstance('adelec'));
                 return;
             }
             $individu = $user->findParentIndividus();
             $user->recover_token = md5(uniqid() . '-' . mt_rand(10000, 99999));
             /* Laisser une demi heure pour délivrer le message */
             $user->recover_deadline = time() + 30 * 60;
             $user->save();
             $this->view->mail = $mail = new Strass_Mail_Recover($user);
             $fn = trim(wtk_ucfirst($individu->prenom) . " " . $individu->capitalizedLastname());
             $mail->addTo($individu->adelec, $fn);
             $mail->send();
             $this->_helper->flash->info("Courriel envoyé", "Un courriel vous a été envoyé avec un lien vers la page " . "pour définir un nouveau mot de passe. Le lien expirera dans " . "une demi heure.");
             $this->redirectSimple('index', 'unites');
         }
     }
 }
コード例 #10
0
	function deleteAction()
	{
		$request = new RivetyCore_Request($this->getRequest());
		$users_table = new Users();
		$username = $request->username;
		if ($this->getRequest()->isPost()) {
			$del = strtolower($request->delete);
			if ($del == 'yes' && !is_null($username)) {
				$params = array('username' => $username, 'delete_row' => true);
				$params = $this->_rivety_plugin->doFilter($this->_mca . "_pre_delete", $params); // FILTER HOOK
				if ($params['delete_row']) {
					$where = $users_table->getAdapter()->quoteInto('username = ?', $username);
					$users_table->delete($where);
				}
				$this->_rivety_plugin->doAction($this->_mca . "_post_delete", $params); // ACTION HOOK
				$this->view->success = "User '".$username."' has been deleted.";
				$this->view->username = $username;
			} else {
				$this->_redirect('/default/useradmin/index');
			}
		} else {
			$this->view->notice = "Warning: You are about to delete user '".$username."'. This cannot be undone.";
			if (!is_null($username)) {
				$user = $users_table->fetchByUsername($username);
				if (!is_null($user)) {
					$this->view->user = $user->toArray();
					$this->view->username = $user->username;
				} else {
					$this->_redirect('/default/useradmin/index');
				}
			}
		}
	}
コード例 #11
0
ファイル: AuthController.php プロジェクト: jaybill/Bolts
 function loginAction()
 {
     $appNamespace = new Zend_Session_Namespace('Bolts_Temp');
     $frontcontroller = Zend_Controller_Front::getInstance();
     $request = $frontcontroller->getRequest();
     if ($request->has('url')) {
         $url_param = strip_tags($request->url);
         $this->view->requested_url = $url_param;
         $this->view->url_param = $url_param;
         $url_param = base64_decode($url_param);
         $this->view->url_param_decoded = $url_param;
     }
     $params = array('request' => $this->getRequest());
     $params = $this->_Bolts_plugin->doFilter($this->_mca . '_before', $params);
     // FILTER HOOK
     foreach ($params as $key => $value) {
         if ($key != 'request') {
             $this->view->{$key} = $value;
         }
     }
     unset($params);
     if ($this->getRequest()->isPost() or $appNamespace->autoLogin) {
         // collect the data from the user
         $filter = new Zend_Filter_StripTags();
         $appNamespace = new Zend_Session_Namespace('Bolts_Temp');
         if ($appNamespace->autoLogin) {
             $autologin = true;
             $username = $appNamespace->autoLoginUsername;
             $plain_password = $appNamespace->autoLoginPassword;
             $password = $appNamespace->autoLoginPasswordHash;
             $appNamespace->autoLogin = null;
             $appNamespace->autoLoginUsername = null;
             $appNamespace->autoLoginPassword = null;
             $appNamespace->autoLoginPasswordHash = null;
         } else {
             $username = $filter->filter($this->_request->getPost('username'));
             $plain_password = $filter->filter($this->_request->getPost('password'));
             $password = md5($plain_password);
         }
         // setup Zend_Auth adapter for a database table
         $dbAdapter = Zend_Db_Table::getDefaultAdapter();
         $authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter);
         $authAdapter->setTableName('bolts_users');
         $authAdapter->setIdentityColumn('username');
         $authAdapter->setCredentialColumn('password');
         // Set the input credential values to authenticate against
         $authAdapter->setIdentity($username);
         $authAdapter->setCredential($password);
         // do the authentication
         $auth = Zend_Auth::getInstance();
         try {
             $result = $auth->authenticate($authAdapter);
             if ($result->isValid()) {
                 $appNamespace->last_login = $username;
                 // success : store database row to auth's storage system
                 // (not the password though!)
                 $data = $authAdapter->getResultRowObject(null, 'password');
                 $auth->getStorage()->write($data);
                 Zend_Loader::loadClass('Zend_Session');
                 $defaultNamespace = new Zend_Session_Namespace('Zend_Auth');
                 $defaultNamespace->setExpirationSeconds(86400);
                 //update user last_login_on
                 $users_table = new Users();
                 $where = $users_table->getAdapter()->quoteInto('username = ?', $username);
                 $users_table->update(array('last_login_on' => date(DB_DATETIME_FORMAT)), $where);
                 $params = array('username' => $username, 'password' => $plain_password, 'locale_code' => $this->locale_code);
                 if (!empty($url_param)) {
                     $params['requested_url'] = $url_param;
                 } else {
                     $params['requested_url'] = null;
                 }
                 $this->_Bolts_plugin->doAction($this->_mca . '_success', $params);
                 // ACTION HOOK
                 $this->_Bolts_plugin->doAction($this->_mca . '_login_success', $params);
                 // ACTION HOOK (deprecated)
                 if ($this->_request->isXmlHttpRequest()) {
                     $user = $users_table->fetchByUsername($username)->toArray();
                     $this->view->json = Zend_Json::encode($user);
                     $this->_forward('loginajax', $request->controller, $request->module);
                     return;
                 }
                 if (!empty($params['requested_url'])) {
                     $this->_redirect($params['requested_url']);
                 } else {
                     // get the last viewed page, or default to the logged in user's profile page
                     // TODO - fix view states
                     // $this->_redirect(Bolts_Common::getViewState($this->session, 'last_visited', "/profile/" . $username));
                     $this->_redirect("/bolts/auth/loginredirect");
                 }
             } else {
                 // failure: clear database row from session
                 $appNamespace->last_login = null;
                 $this->view->errors = array($this->_T('Login failed.'));
                 $params = array('username' => $username);
                 $this->_Bolts_plugin->doAction($this->_mca . '_failure', $params);
                 // ACTION HOOK
                 $this->_Bolts_plugin->doAction($this->_mca . '_login_failure', $params);
                 // ACTION HOOK (deprecated)
             }
         } catch (Exception $e) {
             $appNamespace->last_login = null;
             $this->view->errors = array($e->getMessage());
         }
     }
     if ($this->_request->isXmlHttpRequest() && !empty($this->view->errors)) {
         $json = array('errors' => $this->view->errors);
         $this->view->json = Zend_Json::encode($json);
         $this->_forward('loginajax', $request->controller, $request->module);
         return;
     }
     $this->view->last_login = $appNamespace->last_login;
 }