/**
* Remove particular menu item after form submit (if form data is valid).
*
* @access protected
* @since 1.2.0-dev
* @version 1.2.0-dev
*/
protected function alterDelete()
{
$item = $this->getModel();
/* @var $item \Model\Menu\Item */
$item->remove();
DB::flush();
$controller = Router::getParam('controller');
$id = $item->getMenu()->getId();
$url = Route::backendUrl($controller, 'list', $id);
Session::flash($url, __('Menu item has been deleted successfully.'));
}
/**
* Action used to do multileveled sort on model entities.
*
* @access public
* @since 1.0.0-alpha
* @version 1.0.0-alpha
*/
public function actionSortList()
{
// check access
if (!\UserPermissions::hasPerm('backend_ajax_sort_list')) {
Route::factory('home')->redirectTo();
}
// @TODO: check permissions
$sObjects = filter_input(INPUT_POST, 'objects');
$sModel = filter_input(INPUT_POST, 'model');
$aObjectsTmp = [];
$aOrderNumber = [];
// if list of objects is empty
if (empty($sObjects)) {
$this->setStatus('error');
return __('List of objects is empty.');
}
// parse objects array from query string
parse_str($sObjects, $aObjectsTmp);
$aObjects = $aObjectsTmp['object'];
// rewrite each object
foreach ($aObjects as $iID => $sParentID) {
if ($sParentID === 'null') {
$sParentID = 0;
}
$iParentID = (int) $sParentID;
if (!isset($aOrderNumber[$iParentID])) {
$aOrderNumber[$iParentID] = 0;
}
$aObjects[$iID] = ['order_parent' => $iParentID, 'order' => $aOrderNumber[$iParentID]];
$aOrderNumber[$iParentID]++;
}
// check if particular model has `order` property
if (!property_exists($sModel, 'order_number')) {
$this->setStatus('error');
return __('Wrong node type.');
}
// get all model instances
$aEntities = DB::query('SELECT t FROM ' . $sModel . ' t WHERE t.id IN (:list)')->param('list', array_keys($aObjects))->execute();
foreach ($aEntities as $oEntity) {
/* @var $oEntity ModelCore|ModelCore\Traits\Sortable */
$aObjData = $aObjects[$oEntity->getId()];
$oEntity->setOrderNumber($aObjData['order']);
$oEntity->setOrderParent($aObjData['order_parent']);
$oEntity->save();
DB::flush();
}
return 'saved';
}
/**
* ACTION - User login.
*
* @access public
* @return View
* @since 1.0.2, 2013-12-07
* @version 1.0.7-dev, 2015-05-04
*/
public function actionLogin()
{
$this->setTitle(Core::getAppName() . ' - ' . __('Login form'));
$this->addBreadCrumb(__('Login form'));
$oLoggedUser = Model\User::getLoggedUser();
if ($oLoggedUser instanceof Model\User) {
Route::factory('user_profile')->redirectTo(['id' => $oLoggedUser->getId()]);
}
$failedLogins = \User\LoginFail::getCachedData();
if ($failedLogins > 4) {
return View::factory('base/alert')->set('sType', 'danger')->set('sMsg', __('to.many.incorrect.logins'));
}
$oLoginForm = Form::factory('login');
$oLoginForm->addField(Form\Field\Text::factory('login', $oLoginForm));
$oLoginForm->addField(Form\Field\Password::factory('password', $oLoginForm));
if ($oLoginForm->isSubmittedAndValid()) {
$sUsername = $oLoginForm->get('login');
$sPassword = $oLoginForm->get('password');
$sEncryptedPassword = Helper\Encrypter::factory()->encrypt($sUsername, $sPassword);
$oUser = DB::query("SELECT u FROM \\Model\\User u WHERE u.login = :login AND u.password = :pass")->param('login', $sUsername)->param('pass', $sEncryptedPassword)->single();
if ($oUser instanceof Model\User) {
Session::set('username', $sUsername);
Session::set('uid', (int) $oUser->getId());
$oUser->setLoginDateNOW();
DB::flush();
# Get role permissions for particular user and set them in session
\UserPermissions::reset();
Route::factory(Router::getCurrentRouteName())->redirectTo();
} else {
$currentUrl = Router::currentUrl();
$alert = __('You have entered wrong username or password. Try again.');
\User\LoginFail::addLoginFail();
Session::flash($currentUrl, $alert, 'danger');
}
}
$oLoginForm->addToSuffix(View::factory('user/frontend/login_links')->render());
return View::factory('base/form')->bind('oForm', $oLoginForm);
}
/**
* Send user account recovery code.
*
* @access public
* @param User $oUser
* @since 1.0.0, 2015-02-17
* @version 2.1.0-dev
* @return bool
*/
private function sendRecoveryCode(User $oUser)
{
$sUserAgent = filter_input(INPUT_SERVER, 'HTTP_USER_AGENT');
$sCodeToEncode = mb_strlen(uniqid()) * time() . $sUserAgent . $oUser->getLogin();
$sCode2 = sha1($sCodeToEncode);
$sRecoveryCode = base64_encode($sCode2);
DB::query('DELETE FROM \\Model\\User\\RecoveryCode r WHERE r.user = :user')->param('user', $oUser->getId())->execute(TRUE);
$oRecoveryCode = new User\RecoveryCode();
$oRecoveryCode->setUser($oUser);
$oRecoveryCode->setCode($sRecoveryCode);
DB::persist($oRecoveryCode);
DB::flush();
$sSubject = __('Account activation on :app', ['app' => Core::getAppName()]);
$mailContent = View::factory("user/frontend/recovery/message")->render(['sLogin' => $oUser->getLogin(), 'sRecoveryCode' => $sRecoveryCode]);
$mailView = View::factory('base/email');
$mailView->bind('sContent', $mailContent);
$mailView->set('sTitle', $sSubject);
return $oUser->sendEmail($sSubject, $mailView->render());
}
/**
* Make some operations when form was checked with validator and this
* particular field was valid.
*
* @access public
* @param string $sLang
* @since 1.0.0-alpha
* @version 1.0.0-alpha
*/
public function afterValidationWhenValid($sLang)
{
// get trough all filebrokers and check if some of them have files to upload
$allDefaultValuesForLang = Arrays::get($this->aFileBrokers, $sLang, []);
foreach ($allDefaultValuesForLang as $i => &$broker) {
/* @var $broker ModelCore\FileBroker */
$dataBatch = $broker->getTempData();
if ($dataBatch !== []) {
// generate FILE instance from particular batch of sent file
$file = $this->createFileBySentData($dataBatch);
$file->save();
DB::flush();
// this flush is used to save temporary file in DB
Arrays::createMultiKeys($this->aFileTemp, $sLang . '.' . $i, $file);
$broker->setFile($file)->clearTempData();
}
}
// }
}
/**
* Send user account activation code.
*
* @access public
* @param string $sPassword
* @param UserModel $oUser
* @return bool
* @throws \Plethora\Exception
* @throws \Plethora\Exception\Fatal
* @since 1.0.0
* @version 2.1.0-dev
*/
private function sendActivationCode($sPassword, UserModel $oUser)
{
$sUserAgent = filter_input(INPUT_SERVER, 'HTTP_USER_AGENT');
$sActivationCode1 = mb_strlen($sPassword) * time() . $sUserAgent . $oUser->getLogin();
$sActivationCode2 = sha1($sActivationCode1);
$sActivationCode = base64_encode($sActivationCode2);
$oActivationCode = new ActivationCodeModel();
$oActivationCode->setUser($oUser);
$oActivationCode->setCode($sActivationCode);
DB::persist($oActivationCode);
DB::flush();
$sSubject = __(':appname - Activation link', ['appname' => Plethora\Core::getAppName()]);
$mailContent = View::factory("user/frontend/register/message")->render(['sLogin' => $oUser->getLogin(), 'sActivationCode' => $sActivationCode]);
$mailView = View::factory('base/email');
$mailView->bind('sContent', $mailContent);
$mailView->set('sTitle', $sSubject);
$mail = $mailView->render();
$oMessage = new Mail();
$oMessage->setSubject($sSubject);
$oMessage->setFrom(Config::get('base.email'));
$oMessage->setTo($oUser->getEmail());
$oMessage->setBody($mail, 'text/html');
return Mailer::factory()->send($oMessage);
}
/**
* Save new Model data. Method created for "public" uses, when needed to
* make a save in, for example, controller.
*
* @access protected
* @param Form $oForm
* @throws Exception
* @throws Exception\Fatal
* @since 1.0.0-alpha
* @version 1.0.0-alpha
*/
protected function makeSaveProtected(Form &$oForm)
{
$oConfig = $this->getConfig();
try {
$this->beforeSave($oForm);
$this->getModel()->save();
DB::flush();
if ($oConfig == NULL || $oConfig->isReloading() === TRUE) {
$sUrl = $oConfig->getAction() === NULL ? $oForm->getAttribute('action') : $oConfig->getAction();
$sComm = $oConfig->getMessage() === NULL ? __('Form data submitted.') : $oConfig->getMessage();
Session::flash($sUrl, $sComm);
}
} catch (Exception $e) {
if (Config::get('base.mode') == 'development') {
throw $e;
} else {
throw new Exception\Fatal(__('Error occured while saving data in database.'));
}
}
}
/**
* Remove particular entity after form submit and if form is valid.
*
* @access protected
* @since 1.0.0-alpha
* @version 1.0.0-alpha
*/
protected function alterDelete()
{
$this->getModel()->remove();
DB::flush();
$sController = Router::getParam('controller');
$sID = Router::getParam('id', NULL);
$sExtra = Router::getParam('extra', NULL);
$sURL = Route::factoryBackendURL($sController, 'list', $sID, $sExtra);
Session::flash($sURL, __('Entry has been deleted successfully.'));
}
