public function renewRestrictLogin($_user_no) { if (!RESTRICT_LOGIN || !$_user_no) { return; } $restrict = new RestrictLoginEntity(); $row = $restrict->sessionCheck($_user_no); if (!$row) { $restrict->db()->insertRecord($_user_no); } }
/** * login auth */ public function loginAction() { $e = $this->getEvent(); $storage = $e->getApplication()->getServiceManager()->get('Session\\Storage\\DbSessionStorage'); $storage->getSessionStorage()->regenerateId(true); $this->layout(''); $id = $this->params()->fromPost('login_id'); $pw = $this->params()->fromPost('login_pw'); $key = $this->params()->fromPost('key_id'); $token_id = $this->params()->fromPost('token_id'); $sess_token_id = $this->container()->get('token_id'); $uri = $this->container()->get('uri'); $this->container()->clear('token_id'); // when can't get require item if (!$id || !$pw || !$key || !$token_id || !$sess_token_id || $token_id != $sess_token_id) { return $this->redirect()->toRoute('app', array('controller' => 'index')); } $user = new UserEntity(); $row = $user->db()->getLoginInfo($id, $key); $success = false; $ngCount = false; $message = null; $toRoute = array('controller' => 'index'); if (!$row || !$row->user_no) { $message = "Unknown account"; // $message = "アカウントは不明です。"; } else { if (LOGIN_FAILED_COUNT && LOGIN_FAILED_COUNT <= $row->ng_count) { $message = "Account is locked"; // $message = "アカウントはロックされています。"; } else { if (!$row->login_pw || md5($row->login_pw . $token_id) != $pw) { $message = "Failed"; // $message = "ログインに失敗しました。"; $this->container()->set('forget', true); $ngCount = true; } else { if ($row->initial_flag || EXPIRE_PW < $row->past_day) { $message = "Please change password"; // $message = "パスワードの変更が必要です。"; $toRoute = array('controller' => 'index', 'action' => 'change-pw'); } else { $success = true; } } } } // save login error number if ($ngCount) { $user->db()->insertLoginFailed($row->user_no); } // check duplication login & limit duplication login data INSERT if (RESTRICT_LOGIN && $success) { $user->db()->deleteLocked($row->user_no); $restrict = new RestrictLoginEntity(); // cleaning $restrict->db()->clean(); $ret = $restrict->restrictCheck($row->user_no); if ('error' === $ret) { $this->container()->set('user_no', $row->user_no); $message = "Not logout"; // $message = "ログアウトしていません。"; $success = false; } else { if (!$ret) { $message = "Failed"; // $message = "ログインに失敗しました。"; $success = false; } } } // save error message if ($message) { $this->flashMessenger()->addMessage($message); } // failure auth if (!$success) { $this->container()->set('login_id', $id); return $this->redirect()->toRoute('app', $toRoute); } $this->container()->setContainer('user_auth'); $this->container()->set('user_no', $row->user_no); $this->container()->set('user_name', $row->user_name); $this->container()->set('branch_no', $row->branch_no); $this->container()->set('branch_name', $row->branch_name); $this->container()->set('timezone', $row->timezone); $this->container()->set('lang_id', $row->lang_id); $this->container()->set('resource_id', $row->resource_id); $this->container()->set('approver', $row->approver); $this->container()->set('admin', $row->admin); setcookie('lang_id', $row->lang_id, time() + 60 * 60 * 24 * 30, '/', BASE_DOMAIN); setcookie('resource_id', $row->resource_id, time() + 60 * 60 * 24 * 30, '/', BASE_DOMAIN); setcookie('timezone', $row->timezone, time() + 60 * 60 * 24 * 30, '/', BASE_DOMAIN); $this->container()->clean('index'); if ($uri) { return $this->redirect()->toUrl($uri); } else { return $this->redirect()->toRoute('app', array('controller' => 'menu', 'action' => 'top')); } $view = new ViewModel(); $view->setTerminal(true); return $view; }