/** * Save access data specified for a user in UserManagement form (groups association) * * */ public function saveAccessData($p) { if (!User::isVerified()) { return array('success' => false, 'verify' => true); } if (!Security::canManage()) { throw new \Exception(L\get('Access_denied')); } $p = (array) $p; @($user_id = $this->extractId($p['id'])); /* analize groups: - for newly associated groups the access should be updated - for deassociated groups the access also should be reviewed/**/ /* get current user groups */ $current_groups = UsersGroups::getGroupIdsForUser($user_id); $updating_groups = Util\toNumericArray(@$p['groups']); $new_groups = array_diff($updating_groups, $current_groups); $deleting_groups = array_diff($current_groups, $updating_groups); foreach ($new_groups as $group_id) { DB\dbQuery('INSERT INTO users_groups_association (user_id, group_id, cid) VALUES($1, $2, $3) ON DUPLICATE KEY UPDATE uid = $3', array($user_id, $group_id, $_SESSION['user']['id'])) or die(DB\dbQueryError()); } if (!empty($deleting_groups)) { DB\dbQuery('DELETE FROM users_groups_association WHERE user_id = $1 AND group_id IN (' . implode(', ', $deleting_groups) . ')', $user_id) or die(DB\dbQueryError()); } Security::calculateUpdatedSecuritySets($user_id); Solr\Client::runBackgroundCron(); return array('success' => true); }
/** * set all sessions and cookie credentials after autentifications * @param type $userId */ public static function setAsLoged($userId, $key) { // $logActionType = 'login'; $coreName = Config::get('core_name'); $ips = '|' . Util\getIPs() . '|'; $_SESSION['ips'] = $ips; $_SESSION['key'] = $key; $_COOKIE['key'] = $_SESSION['key']; if (php_sapi_name() == "cli") { $_COOKIE['key'] = $_SESSION['key']; } else { setcookie('key', $_SESSION['key'], 0, '/' . $coreName . '/', $_SERVER['SERVER_NAME'], !empty($_SERVER['HTTPS']), true); } $rez = array('success' => true, 'user' => array()); $r = User::getPreferences($userId); if (!empty($r)) { $r['admin'] = Security::isAdmin($userId); $r['manage'] = Security::canManage($userId); $r['first_name'] = htmlentities($r['first_name'], ENT_QUOTES, 'UTF-8'); $r['last_name'] = htmlentities($r['last_name'], ENT_QUOTES, 'UTF-8'); //set default theme if (empty($r['cfg']['theme'])) { $r['cfg']['theme'] = 'classic'; } // do not expose security params unset($r['cfg']['security']); $rez['user'] = $r; $_SESSION['user'] = $r; if (php_sapi_name() == "cli") { $_COOKIE['key'] = $_SESSION['key']; } else { setcookie('L', $r['language']); } // set user groups $rez['user']['groups'] = UsersGroups::getGroupIdsForUser(); $_SESSION['user']['groups'] = $rez['user']['groups']; $_SESSION['user']['TSV_checked'] = true; } return $rez; }
/** * login method for user authentication * @param varchar $login username * @param varchar $pass password * @return array json responce */ public static function login($login, $pass) { $logActionType = 'login'; $ips = '|' . Util\getIPs() . '|'; $coreName = Config::get('core_name'); @(list($login, $loginAs) = explode('/', $login)); $_SESSION['ips'] = $ips; $_SESSION['key'] = md5($ips . $login . $pass . time()); $_COOKIE['key'] = $_SESSION['key']; setcookie('key', $_SESSION['key'], 0, '/' . $coreName . '/', $_SERVER['SERVER_NAME'], !empty($_SERVER['HTTPS']), true); $rez = array('success' => false); $user_id = false; /* try to authentificate */ $res = DB\dbQuery('CALL p_user_login($1, $2, $3)', array($login, $pass, $ips)) or die(DB\dbQueryError()); if (($r = $res->fetch_assoc()) && $r['status'] == 1) { $user_id = $r['user_id']; } $res->close(); DB\dbCleanConnection(); if ($user_id) { $rez = array('success' => true, 'user' => array()); if (!empty($loginAs) && $login == 'root') { $user_id = DM\User::getIdByName($loginAs); } $r = User::getPreferences($user_id); if (!empty($r)) { $r['admin'] = Security::isAdmin($user_id); $r['manage'] = Security::canManage($user_id); $r['first_name'] = htmlentities($r['first_name'], ENT_QUOTES, 'UTF-8'); $r['last_name'] = htmlentities($r['last_name'], ENT_QUOTES, 'UTF-8'); //set default theme if (empty($r['cfg']['theme'])) { $r['cfg']['theme'] = 'classic'; } // do not expose security params unset($r['cfg']['security']); $rez['user'] = $r; $_SESSION['user'] = $r; setcookie('L', $r['language']); // set user groups $rez['user']['groups'] = UsersGroups::getGroupIdsForUser(); $_SESSION['user']['groups'] = $rez['user']['groups']; } } else { //check if login exists and add user id to session for logging $user_id = DM\User::getIdByName($login); if (!empty($user_id)) { $_SESSION['user']['id'] = $user_id; $logActionType = 'login_fail'; } $rez['msg'] = L\get('Auth_fail'); } // $logParams = array( // 'type' => $logActionType // ,'data' => array( // 'id' => @$_SESSION['user']['id'] // ,'name' => @Util\coalesce($_SESSION['user']['name'], $login) // ,'result' => isset($_SESSION['user']) // ,'info' => 'user: '.$login."\nip: ".$ips // ) // ); // Log::add($logParams); return $rez; }