function checkloginAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(TRUE); $session = SessionWrapper::getInstance(); $formvalues = $this->_getAllParams(); // debugMessage($formvalues); # check that an email has been provided if (isEmptyString(trim($this->_getParam("email")))) { $session->setVar(ERROR_MESSAGE, $this->_translate->translate("profile_email_error")); $session->setVar(FORM_VALUES, $this->_getAllParams()); // return to the home page $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE))); } if (isEmptyString(trim($this->_getParam("password")))) { $session->setVar(ERROR_MESSAGE, $this->_translate->translate("profile_password_error")); $session->setVar(FORM_VALUES, $this->_getAllParams()); // return to the home page $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE))); } # check which field user is using to login. default is username $credcolumn = "username"; $login = (string) trim($this->_getParam("email")); // $password = encode(sha1(trim($this->_getParam("password")))); # check if credcolumn is emai $validator = new Zend_Validate_EmailAddress(); if ($validator->isValid($login)) { $usertable = new UserAccount(); if ($usertable->findByEmail($login)) { $credcolumn = 'email'; } } if (stringContains('!@#', $login)) { $credcolumn = 'trx'; $loginarray = explode('.', $login); // debugMessage($loginarray); $id = $loginarray[0]; } // debugMessage($credcolumn); exit; $browser = new Browser(); $audit_values = $browser_session = array("browserdetails" => $browser->getBrowserDetailsForAudit(), "browser" => $browser->getBrowser(), "version" => $browser->getVersion(), "useragent" => $browser->getUserAgent(), "os" => $browser->getPlatform(), "ismobile" => $browser->isMobile() ? '1' : 0, "ipaddress" => $browser->getIPAddress()); // debugMessage($audit_values); if ($credcolumn == 'email' || $credcolumn == 'username') { $authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Registry::get("dbAdapter")); // define the table, fields and additional rules to use for authentication $authAdapter->setTableName('useraccount'); $authAdapter->setIdentityColumn($credcolumn); $authAdapter->setCredentialColumn('password'); $authAdapter->setCredentialTreatment("sha1(?) AND status = '1' "); // set the credentials from the login form $authAdapter->setIdentity($login); $authAdapter->setCredential($this->_getParam("password")); // new class to audit the type of Browser and OS that the visitor is using if (!$authAdapter->authenticate()->isValid()) { // debugMessage('invalid'); exit; // add failed login to audit trail $audit_values['module'] = 1; $audit_values['usecase'] = '1.1'; $audit_values['transactiontype'] = USER_LOGIN; $audit_values['status'] = "N"; $audit_values['transactiondetails'] = "Login for user with id '" . $this->_getParam("email") . "' failed. Invalid username or password"; // exit(); $this->notify(new sfEvent($this, USER_LOGIN, $audit_values)); // return to the home page if (!isArrayKeyAnEmptyString(URL_FAILURE, $formvalues)) { $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again."); $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE))); } else { $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again."); $this->_helper->redirector->gotoSimple('login', "user"); } return false; } // user is logged in sucessfully so add information to the session $user = $authAdapter->getResultRowObject(); $useraccount = new UserAccount(); $useraccount->populate($user->id); } // exit; # trx login if ($credcolumn == 'trx') { $useraccount = new UserAccount(); $useraccount->populate($id); // debugMessage($result); exit(); if (isEmptyString($useraccount->getID())) { // return to the home page if (!isArrayKeyAnEmptyString(URL_FAILURE, $formvalues)) { $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again."); $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE))); } else { $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again."); $this->_helper->redirector->gotoSimple('login', "user"); } return false; } } // debugMessage($useraccount->toArray()); exit(); $session->setVar("userid", $useraccount->getID()); $session->setVar("username", $useraccount->getUserName()); $session->setVar("type", $useraccount->getType()); $session->setVar("companyid", $useraccount->getCompanyID()); $session->setVar("istimesheetuser", $useraccount->getIsTimesheetUser()); $session->setVar("browseraudit", $browser_session); $session->setVar("user", json_encode($useraccount->toArray())); $session->setVar("company", json_encode($useraccount->getCompany()->toArray())); // clear user specific cache, before it is used again $this->clearUserCache(); // Add successful login event to the audit trail $audit_values['module'] = 1; $audit_values['usecase'] = '1.1'; $audit_values['transactiontype'] = USER_LOGIN; $audit_values['status'] = "Y"; $audit_values['userid'] = $useraccount->getID(); $audit_values['transactiondetails'] = "Login for user with id '" . $this->_getParam("email") . "' successful"; // $this->notify(new sfEvent($this, USER_LOGIN, $audit_values)); if (isEmptyString($this->_getParam("redirecturl"))) { # forward to the dashboard $this->_helper->redirector->gotoSimple("index", "dashboard"); } else { # redirect to the page the user was coming from if (!isEmptyString($this->_getParam(SUCCESS_MESSAGE))) { $successmessage = decode($this->_getParam(SUCCESS_MESSAGE)); $session->setVar(SUCCESS_MESSAGE, $successmessage); } $this->_helper->redirector->gotoUrl(decode($this->_getParam("redirecturl"))); } }
function beforeUpdate() { $session = SessionWrapper::getInstance(); # set object data to class variable before update $user = new UserAccount(); $user->populate($this->getID()); $this->setPreUpdateData($user->toArray()); // exit; return true; }
function resetpasswordAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(TRUE); $session = SessionWrapper::getInstance(); $this->_translate = Zend_Registry::get("translate"); $id = decode($this->_getParam('id')); // debugMessage($id); $user = new UserAccount(); $user->populate($id); debugMessage($user->toArray()); // $formvalues = array('email'=>$user->getEmail()); $user->setEmail($user->getEmail()); // debugMessage('error '.$user->getErrorStackAsString()); exit(); if ($user->recoverPassword()) { $session->setVar(SUCCESS_MESSAGE, sprintf($this->_translate->translate('profile_change_password_admin_confirmation'), $user->getName())); // send a link to enable the user to recover their password // debugMessage('no error found '); $view = new Zend_View(); $url = $this->view->serverUrl($this->view->baseUrl('profile/view/id/' . encode($user->getID()))); $usecase = '1.9'; $module = '1'; $type = USER_RESET_PASSWORD; $details = "Reset password request. Reset link sent to <a href='" . $url . "' class='blockanchor'>" . $user->getName() . "</a>"; $browser = new Browser(); $audit_values = $session->getVar('browseraudit'); $audit_values['module'] = $module; $audit_values['usecase'] = $usecase; $audit_values['transactiontype'] = $type; $audit_values['userid'] = $session->getVar('userid'); $audit_values['url'] = $url; $audit_values['transactiondetails'] = $details; $audit_values['status'] = "Y"; // debugMessage($audit_values); $this->notify(new sfEvent($this, $type, $audit_values)); } else { $session->setVar(ERROR_MESSAGE, $user->getErrorStackAsString()); $session->setVar(FORM_VALUES, $this->_getAllParams()); // debugMessage('no error found '); } // exit(); $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_SUCCESS))); }