/** * ACTION - User login. * * @access public * @return View * @since 1.0.2, 2013-12-07 * @version 1.0.7-dev, 2015-05-04 */ public function actionLogin() { $this->setTitle(Core::getAppName() . ' - ' . __('Login form')); $this->addBreadCrumb(__('Login form')); $oLoggedUser = Model\User::getLoggedUser(); if ($oLoggedUser instanceof Model\User) { Route::factory('user_profile')->redirectTo(['id' => $oLoggedUser->getId()]); } $failedLogins = \User\LoginFail::getCachedData(); if ($failedLogins > 4) { return View::factory('base/alert')->set('sType', 'danger')->set('sMsg', __('to.many.incorrect.logins')); } $oLoginForm = Form::factory('login'); $oLoginForm->addField(Form\Field\Text::factory('login', $oLoginForm)); $oLoginForm->addField(Form\Field\Password::factory('password', $oLoginForm)); if ($oLoginForm->isSubmittedAndValid()) { $sUsername = $oLoginForm->get('login'); $sPassword = $oLoginForm->get('password'); $sEncryptedPassword = Helper\Encrypter::factory()->encrypt($sUsername, $sPassword); $oUser = DB::query("SELECT u FROM \\Model\\User u WHERE u.login = :login AND u.password = :pass")->param('login', $sUsername)->param('pass', $sEncryptedPassword)->single(); if ($oUser instanceof Model\User) { Session::set('username', $sUsername); Session::set('uid', (int) $oUser->getId()); $oUser->setLoginDateNOW(); DB::flush(); # Get role permissions for particular user and set them in session \UserPermissions::reset(); Route::factory(Router::getCurrentRouteName())->redirectTo(); } else { $currentUrl = Router::currentUrl(); $alert = __('You have entered wrong username or password. Try again.'); \User\LoginFail::addLoginFail(); Session::flash($currentUrl, $alert, 'danger'); } } $oLoginForm->addToSuffix(View::factory('user/frontend/login_links')->render()); return View::factory('base/form')->bind('oForm', $oLoginForm); }
/** * Send user account recovery code. * * @access public * @param User $oUser * @since 1.0.0, 2015-02-17 * @version 2.1.0-dev * @return bool */ private function sendRecoveryCode(User $oUser) { $sUserAgent = filter_input(INPUT_SERVER, 'HTTP_USER_AGENT'); $sCodeToEncode = mb_strlen(uniqid()) * time() . $sUserAgent . $oUser->getLogin(); $sCode2 = sha1($sCodeToEncode); $sRecoveryCode = base64_encode($sCode2); DB::query('DELETE FROM \\Model\\User\\RecoveryCode r WHERE r.user = :user')->param('user', $oUser->getId())->execute(TRUE); $oRecoveryCode = new User\RecoveryCode(); $oRecoveryCode->setUser($oUser); $oRecoveryCode->setCode($sRecoveryCode); DB::persist($oRecoveryCode); DB::flush(); $sSubject = __('Account activation on :app', ['app' => Core::getAppName()]); $mailContent = View::factory("user/frontend/recovery/message")->render(['sLogin' => $oUser->getLogin(), 'sRecoveryCode' => $sRecoveryCode]); $mailView = View::factory('base/email'); $mailView->bind('sContent', $mailContent); $mailView->set('sTitle', $sSubject); return $oUser->sendEmail($sSubject, $mailView->render()); }
<?php /** * Content of e-mail with password reset link. * * @author Krzysztof Trzos * @package user * @subpackage views\frontend\recovery * @since 2015-02-17 * @version 2.1.0-dev */ use Plethora\Core; use Plethora\Helper; use Plethora\Route; $siteName = Core::getAppName(); $contactUrl = Helper\Html::a(Route::factory('contact')->url(), __('CONTACT')); ?> <?php /* @var $sRecoveryCode string */ /* @var $sLogin string */ ?> <?php $passRecoveryLink = Route::factory('password_recovery_code')->url(['code' => $sRecoveryCode]); ?> <p><?php echo __('Hello :login', ['login' => $sLogin]); ?> ,</p>
/* @var $sLogin string */ ?> <p>Witaj <b><?php echo $sLogin; ?> </b>!</p> <p>Na tego maila zarejestrowane zostało konto portalu <b><?php echo \Plethora\Core::getAppName(); ?> </b>. Nie jest jednak ono w pełni aktywne i, aby zakończyć rejestrację, należy kliknąć w poniższy link:</p> <p style="text-align: center;"> <a href="<?php echo \Plethora\Route::factory('account_activation')->url(['code' => $sActivationCode]); ?> " title="Link aktywacyjny konta"> <?php echo \Plethora\Route::factory('account_activation')->url(['code' => $sActivationCode]); ?> </a> </p> <p style="border-top: 1px solid rgb(102, 102, 102); font-size: 12px; padding-top: 5px; text-align: center;"> Jeżeli rejestracja konta nie została dokonania przez Ciebie, zgłoś to przez dział <a href="<?php echo \Plethora\Route::factory('contact')->url(); ?> " title="<?php echo \Plethora\Core::getAppName(); ?> - kontakt">KONTAKT</a>, a usuniemy Twój e-mail z naszej bazy danych. </p>
/** * Send user account activation code. * * @access public * @param string $sPassword * @param UserModel $oUser * @return bool * @throws \Plethora\Exception * @throws \Plethora\Exception\Fatal * @since 1.0.0 * @version 2.1.0-dev */ private function sendActivationCode($sPassword, UserModel $oUser) { $sUserAgent = filter_input(INPUT_SERVER, 'HTTP_USER_AGENT'); $sActivationCode1 = mb_strlen($sPassword) * time() . $sUserAgent . $oUser->getLogin(); $sActivationCode2 = sha1($sActivationCode1); $sActivationCode = base64_encode($sActivationCode2); $oActivationCode = new ActivationCodeModel(); $oActivationCode->setUser($oUser); $oActivationCode->setCode($sActivationCode); DB::persist($oActivationCode); DB::flush(); $sSubject = __(':appname - Activation link', ['appname' => Plethora\Core::getAppName()]); $mailContent = View::factory("user/frontend/register/message")->render(['sLogin' => $oUser->getLogin(), 'sActivationCode' => $sActivationCode]); $mailView = View::factory('base/email'); $mailView->bind('sContent', $mailContent); $mailView->set('sTitle', $sSubject); $mail = $mailView->render(); $oMessage = new Mail(); $oMessage->setSubject($sSubject); $oMessage->setFrom(Config::get('base.email')); $oMessage->setTo($oUser->getEmail()); $oMessage->setBody($mail, 'text/html'); return Mailer::factory()->send($oMessage); }