function process(Vtiger_Request $request)
{
$currentUserModel = Users_Record_Model::getCurrentUserModel();
$baseUserId = $currentUserModel->getId();
$userId = $request->get('id');
$user = new Users();
$currentUser = $user->retrieveCurrentUserInfoFromFile($userId);
$name = $currentUserModel->getName();
$userName = $currentUser->column_fields['user_name'];
Vtiger_Session::set('AUTHUSERID', $userId);
Vtiger_Session::set('authenticated_user_id', $userId);
Vtiger_Session::set('user_name', $userName);
Vtiger_Session::set('full_user_name', $name);
$status = 'Switched';
if (Vtiger_Session::get('baseUserId') == '') {
Vtiger_Session::set('baseUserId', $baseUserId);
$status = 'Signed in';
} elseif ($userId == Vtiger_Session::get('baseUserId')) {
$baseUserId = $userId;
Vtiger_Session::set('baseUserId', '');
$status = 'Signed out';
} else {
$baseUserId = Vtiger_Session::get('baseUserId');
}
$dbLog = PearDatabase::getInstance('log');
$dbLog->insert('l_yf_switch_users', ['baseid' => $baseUserId, 'destid' => $userId, 'busername' => $currentUserModel->getName(), 'dusername' => $name, 'date' => date('Y-m-d H:i:s'), 'ip' => Vtiger_Functions::getRemoteIP(), 'agent' => $_SERVER['HTTP_USER_AGENT'], 'status' => $status]);
header('Location: index.php');
}
public function __construct($message = null, $code = 0)
{
parent::__construct($message, $code);
Vtiger_Session::init();
$request = new Vtiger_Request($_REQUEST);
$dbLog = PearDatabase::getInstance('log');
$userName = Vtiger_Session::get('full_user_name');
$dbLog->insert('o_yf_access_for_api', ['username' => empty($userName) ? '-' : $userName, 'date' => date('Y-m-d H:i:s'), 'ip' => Vtiger_Functions::getRemoteIP(), 'url' => Vtiger_Functions::getBrowserInfo()->url, 'agent' => $_SERVER['HTTP_USER_AGENT'], 'request' => json_encode($_REQUEST)]);
}
public static function checkBlocked()
{
$db = PearDatabase::getInstance();
$query = "SELECT * FROM `vtiger_bruteforce` LIMIT 1";
$result = $db->pquery($query, array());
$ip = Vtiger_Functions::getRemoteIP();
$now = date("Y-m-d H:i:s");
$bruteforceSettings = $db->query_result_rowdata($result, 0);
$attempsNumber = $bruteforceSettings['attempsnumber'];
$blockTime = $bruteforceSettings['timelock'];
$query = "SELECT count(login_id) as cn FROM `vtiger_loginhistory` vlh WHERE STATUS = 'Failed login' && user_ip = ? && unblock = 0 && (UNIX_TIMESTAMP(vlh.login_time) - UNIX_TIMESTAMP(ADDDATE(?, INTERVAL -{$blockTime} MINUTE))) > 0";
$result = $db->pquery($query, array($ip, $now));
if ($db->query_result_raw($result, 0, 'cn') >= $attempsNumber) {
return true;
}
return false;
}
/**
* Function to store the login history
* @param type $username
*/
public function saveLoginHistory($username, $status = 'Signed in', $browser = '')
{
$adb = PearDatabase::getInstance();
$userIPAddress = Vtiger_Functions::getRemoteIP();
$loginTime = date("Y-m-d H:i:s");
$browser = strlen($browser) ? $browser : '-';
$query = "INSERT INTO vtiger_loginhistory (user_name, user_ip, logout_time, login_time, status, browser) VALUES (?,?,?,?,?,?)";
$params = array($username, $userIPAddress, '0000-00-00 00:00:00', $loginTime, $status, $browser);
$adb->pquery($query, $params);
}
