public static function createAdmin($level, $email, $fName, $lName, $password, $username)
{
$db = Zend_Registry::get('my_db');
$zis = new ZitAdminDB($db);
$data = array(DBConvertor::convertCase('admin_username') => $username, DBConvertor::convertCase('admin_password') => $password, DBConvertor::convertCase('admin_level_id') => $level, DBConvertor::convertCase('first_name') => $fName, DBConvertor::convertCase('last_name') => $lName, DBConvertor::convertCase('email') => $email, DBConvertor::convertCase('zit_id') => 1);
if ($zis->insert($data)) {
return true;
} else {
return false;
}
}
public function loginAction()
{
$lic = isset($_REQUEST['lic']) ? $_REQUEST['lic'] : null;
$error_msg = 'Invalid Username or Password!';
if ($lic != $_SESSION['OPENZISKEYHOLE']) {
$this->view->msg = $error_msg . '!';
$this->_forward('error', 'error');
} else {
$zit = isset($_REQUEST['homepage']) ? $_REQUEST['homepage'] : null;
$db = ZitDBAdapter::getDBAdapter();
$f = new Zend_Filter_StripTags();
$request_username = $_REQUEST['loginUsername'];
$username = $f->filter($request_username);
$username2 = $f->filter($request_username);
$password = $f->filter($_REQUEST['loginPassword']);
if (empty($username) || empty($password) || $username == '' || $password == '') {
session_destroy();
Zend_Session::regenerateId();
$this->view->msg = $error_msg . '!!';
$this->_forward('error', 'error');
}
$authAdapter = new Zend_Auth_Adapter_DbTable($db);
switch (DB_TYPE) {
case 'mysql':
$authAdapter->setTableName('authenticate');
$authAdapter->setIdentityColumn('admin_username');
$authAdapter->setCredentialColumn('admin_password');
break;
case 'oci8':
$authAdapter->setTableName('AUTHENTICATE');
$authAdapter->setIdentityColumn('ADMIN_USERNAME');
$authAdapter->setCredentialColumn('ADMIN_PASSWORD');
break;
}
$authAdapter->setIdentity($username);
$authAdapter->setCredential($password);
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($authAdapter);
Zend_Session::regenerateId();
$username = $db->quote($username);
if (!$result->isValid()) {
$this->view->msg = $error_msg . "!" . "!";
$this->_forward('error', 'error');
} else {
session_regenerate_id();
$_SESSION['SERVER_GENERATED_SID'] = true;
$za = new ZitAdminDB($db);
$resultset = $za->fetchAll("admin_username = {$username}");
switch (DB_TYPE) {
case 'mysql':
// $query = "SELECT admin_level_id, admin_id, active FROM zit_admin WHERE admin_username = $username";
// $resultset = $db->fetchAll($query);
$ZSN->admin_level = $resultset[0]->admin_level_id;
$ZSN->admin_id = $resultset[0]->admin_id;
$_SESSION['ADMIN_LEVEL'] = $resultset[0]->admin_level_id;
$_SESSION['ADMIN_ID'] = $resultset[0]->admin_id;
$this->view->adminLevel = $resultset[0]->admin_level_id;
break;
case 'oci8':
// $query = "SELECT ADMIN_LEVEL_ID, ADMIN_ID, ACTIVE FROM ZIT_ADMIN WHERE admin_username = $username";
// $resultset = $db->fetchAll($query);
$ZSN->admin_level = $resultset[0]->ADMIN_LEVEL_ID;
$ZSN->admin_id = $resultset[0]->ADMIN_ID;
$_SESSION['ADMIN_LEVEL'] = $resultset[0]->ADMIN_LEVEL_ID;
$_SESSION['ADMIN_ID'] = $resultset[0]->ADMIN_ID;
$this->view->adminLevel = $resultset[0]->ADMIN_LEVEL_ID;
break;
}
$token = md5(uniqid());
$better_token = md5(uniqid(rand(), true));
$key = strtoupper($better_token);
$_SESSION['OPENZISKEYHOLE'] = $key;
$ZSN->key = $key;
$data = array('LAST_LOGIN' => new Zend_Db_Expr(DBConvertor::convertCurrentTime()), 'ATTEMPTS' => 0);
$where = 'admin_id = ' . $_SESSION['ADMIN_ID'];
$za->update($data, $where);
// $admin = new TB_ZitAdmin();
// $who = $admin->FetchRow->( "LOWER(ADMIN_USERNAME) = LOWER('$username')");
// print_r($who);
if ($zit == 1) {
$this->view->validUser = true;
$this->render('index');
} else {
$this->render('ajaxsuccessjson');
}
}
}
}
