/**
* Change password
* @param Difra\Param\AjaxString $oldpassword
* @param Difra\Param\AjaxString $password1
* @param Difra\Param\AjaxString $password2
*/
public function passwordAjaxActionAuth(Param\AjaxString $oldpassword, Param\AjaxString $password1, Param\AjaxString $password2)
{
$user = User::getCurrent();
if (!$user->verifyPassword($oldpassword)) {
Ajaxer::status('oldpassword', Locales::get('auth/password/bad_old'), 'problem');
$ok = false;
} else {
$ok = true;
}
$reg = new Register();
$reg->setPassword1($password1->val());
$reg->setPassword2($password2->val());
if (!$reg->validatePasswords()) {
if ($ok) {
Ajaxer::status('oldpassword', Locales::get('auth/password/old_ok'), 'ok');
}
$reg->callAjaxerEvents();
return;
}
if (!$ok) {
return;
}
$user->setPassword($password1->val());
$this->afterPasswordChangeAjax();
}
public static function load()
{
if (Auth::getInstance()->isAuthorized()) {
return;
}
if (!isset($_COOKIE['resume']) or strlen($_COOKIE['resume']) != 48) {
return;
}
try {
// find session in db
$session = DB::getInstance()->fetchRow("SELECT `ip`, `user` FROM `user_session` WHERE `session`=?", [$_COOKIE['resume']]);
if (empty($session)) {
throw new Exception('Long session not found in database');
}
// check ip
if ($session['ip'] & ip2long(Users::IP_MASK) != ip2long($_SERVER['REMOTE_ADDR']) & ip2long(Users::IP_MASK)) {
throw new Exception('Long session IP does not match');
}
// find user
$user = User::getById($session['user']);
$user->login();
} catch (Exception $ex) {
self::remove();
}
}
/**
* Verify password change link
* @param $key
* @param bool|false $returnUser
* @return bool|User|string
* @throws UsersException
*/
public static function verify($key, $returnUser = false)
{
$db = DB::getInstance(Users::getDB());
$data = $db->fetchRow('SELECT * FROM `user_recover` WHERE `recover`=?', [$key]);
if (empty($data)) {
throw new UsersException(self::RECOVER_INVALID);
}
if ($data['used']) {
throw new UsersException(self::RECOVER_USED);
}
$date = $data['date_requested'];
$date = explode(' ', $date);
$day = explode('-', $date[0]);
$time = explode(':', $date[1]);
$day1 = mktime($time[0], $time[1], $time[2], $day[1], $day[2], $day[0]);
if ($day1 and time() - $day1 > 3600 * Users::getRecoverTTL()) {
throw new UsersException(self::RECOVER_OUTDATED);
}
return $returnUser ? User::getById($data['user']) : true;
}
/**
* Manual user activation
* @param Param\AnyInt $id
*/
public function activateAjaxAction(Param\AnyInt $id)
{
User::getById($id->val())->activateManual();
Ajaxer::refresh();
}
/**
* @param \Difra\Unify\Paginator $paginator
* @return self[]
* @throws \Difra\Exception
*/
public static function getList($paginator = null)
{
$db = DB::getInstance(Users::DB);
if ($paginator) {
$limits = $paginator->getPaginatorLimit();
$usersData = $db->fetch("SELECT * FROM `user` LIMIT {$limits[0]},{$limits[1]}");
$total = $db->fetchOne('SELECT COUNT(*) FROM `user`');
$paginator->setTotal($total);
} else {
$usersData = $db->fetch('SELECT * FROM `user`');
}
$users = [];
foreach ($usersData as $data) {
$user = User::load($data);
$users[] = $user;
}
return $users;
}
/**
* Log out (ajax)
*/
public function indexAjaxAction()
{
User::logout();
$this->afterLogoutAjax();
}
/**
* Activate user
* @param $key
* @return bool
* @throws Exception
*/
public static function activate($key)
{
$key = trim((string) $key);
if (!$key) {
throw new UsersException(self::ACTIVATE_NOTFOUND);
}
$db = DB::getInstance(Users::getDB());
$data = $db->fetchRow('SELECT * FROM `user` WHERE `activation`=? LIMIT 1', [(string) $key]);
if (empty($data)) {
throw new UsersException(self::ACTIVATE_NOTFOUND);
}
if ($data['active']) {
throw new UsersException(self::ACTIVATE_USED);
}
// if ($data['registered'] < date('Y-m-d H:i:s', time() - Users::ACTIVATE_TTL)) {
// throw new UsersException(self::ACTIVATE_TIMEOUT);
// }
$db->query("UPDATE `user` SET `active`='1',`activation`=NULL WHERE `activation`=?", [$key]);
if (Config::getInstance()->getValue('auth', 'login_on_activate')) {
$user = User::getById($data['id']);
$user->login();
}
return true;
}
