/** * checks the email/verification code combination and set the user's activation status to true in the database * * @param string $user_name * @param string $ua_verification_code verification token * * @return bool success status */ public static function verifyNewUser($user_name, $ua_verification_code) { $dql = "UPDATE " . User::TABLE_NAME . " u SET u.active = 1, u.activationhash = NULL WHERE u.username = '******' AND u.activationhash = '" . $ua_verification_code . "'"; $numUpdated = DbResource::getEntityManager()->createQuery($dql)->execute(); if ($numUpdated == 1) { Session::add(Session::SESSION_FEEDBACK_POSITIVE, Text::get('FEEDBACK_ACCOUNT_ACTIVATION_SUCCESSFUL')); return true; } Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_ACCOUNT_ACTIVATION_FAILED')); return false; }
/** * performs the login via cookie (for DEFAULT user account, FACEBOOK-accounts are handled differently) * TODO add throttling here ? * * @param $cookie string The cookie "remember_me" * * @return bool success state */ public static function loginWithCookie($cookie) { // do we have a cookie ? if (!$cookie) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID')); return false; } // before list(), check it can be split into 3 strings. if (count(explode(':', $cookie)) !== 3) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID')); return false; } // check cookie's contents, check if cookie contents belong together or token is empty list($user_name, $token, $hash) = explode(':', $cookie); // decrypt user user_name $user_name = Encryption::decrypt($user_name); if ($hash !== hash('sha256', $user_name . ':' . $token) or empty($token) or empty($user_name)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID')); return false; } // get data of user that has this id and this token $user = UserModel::getUserDataByUserNameAndToken($user_name, $token); // if user with that id and exactly that cookie token exists in database if ($user) { // successfully logged in, so we write all necessary data into the session and set "user_logged_in" to true self::setSuccessfulLoginIntoSession($user->getUsername(), $user->getEmail(), $user->getAccounttype(), $user->getProvidertype()); // save timestamp of this login in the database line of that user self::saveTimestampOfLoginOfUser($user->getUsername()); // NOTE: we don't set another remember_me-cookie here as the current cookie should always // be invalid after a certain amount of time, so the user has to login with username/password // again from time to time. This is good and safe ! ;) Session::add(Session::SESSION_FEEDBACK_POSITIVE, Text::get('FEEDBACK_COOKIE_LOGIN_SUCCESSFUL')); return true; } else { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_COOKIE_INVALID')); return false; } }
private static function registerNewUserExternal($fb_graph_user, $accessToken) { $fb_id = $fb_graph_user->getId(); if (ExternalModel::getUserById($fb_id) !== null) { IubarFattureApp::getInstance()->log->debug('Fb user\'s id aleady in use'); Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_FB_ID_ALREADY_TAKEN')); return false; } if (ExternalModel::getUserByEmail($fb_id, UserModel::PROVIDER_TYPE_FB) !== null) { IubarFattureApp::getInstance()->log->debug('Fb user\'s id aleady in use'); Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_FB_EMAIL_ALREADY_TAKEN')); return false; } // write user data to database if (!self::writeNewFbUserToDatabase($fb_graph_user, $accessToken)) { IubarFattureApp::getInstance()->log->debug('Registrazione fallita'); Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_ACCOUNT_CREATION_FAILED')); return false; } return true; }
/** * Edit the user's email * * @param $new_user_email * * @return bool success status */ public static function editUserEmail($new_user_email) { // email provided ? if (empty($new_user_email)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_EMAIL_FIELD_EMPTY')); return false; } // check if new email is same like the old one if ($new_user_email == Session::getDecoded(Session::SESSION_USER_EMAIL)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_EMAIL_SAME_AS_OLD_ONE')); return false; } // user's email must be in valid email format, also checks the length // @see http://stackoverflow.com/questions/21631366/php-filter-validate-email-max-length // @see http://stackoverflow.com/questions/386294/what-is-the-maximum-length-of-a-valid-email-address if (!filter_var($new_user_email, FILTER_VALIDATE_EMAIL)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_EMAIL_DOES_NOT_FIT_PATTERN')); return false; } // strip tags, just to be sure $new_user_email = substr(strip_tags($new_user_email), 0, 254); // check if user's email already exists if (self::doesEmailAlreadyExist($new_user_email)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_USER_EMAIL_ALREADY_TAKEN')); return false; } // write to database, if successful ... // ... then write new email to session, Gravatar too (as this relies to the user's email address) if (self::saveNewEmailAddress(Session::getDecoded(Session::SESSION_USER_NAME), $new_user_email)) { Session::set(Session::SESSION_USER_EMAIL, $new_user_email); Session::set(Session::SESSION_USER_GRAVATAR_IMAGE_URL, AvatarModel::getGravatarLinkByEmail($new_user_email)); Session::add(Session::SESSION_FEEDBACK_POSITIVE, Text::get('FEEDBACK_EMAIL_CHANGE_SUCCESSFUL')); return true; } Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_UNKNOWN_ERROR')); return false; }
/** * Removes the avatar image file from the filesystem * * @param string $userName * @return bool */ public static function deleteAvatarImageFile($userName) { $avatarId = $this->getIdForImage($userName); // Check if file exists if (!file_exists(Config::get('avatar.path') . $avatarId . ".jpg")) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get("FEEDBACK_AVATAR_IMAGE_DELETE_NO_FILE")); return false; } // Delete avatar file if (!unlink(Config::get('avatar.path') . $avatarId . ".jpg")) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get("FEEDBACK_AVATAR_IMAGE_DELETE_FAILED")); return false; } return true; }
/** * Validates current and new passwords * * @param string $user_name * @param string $user_password_current * @param string $user_password_new * @param string $user_password_repeat * * @return bool */ public static function validatePasswordChange($user_name, $user_password_current, $user_password_new, $user_password_repeat) { $user = UserModel::getByUsername($user_name); if ($user) { $user_password_hash = $user->getPwdhash(); } else { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_USER_DOES_NOT_EXIST')); return false; } if (!password_verify($user_password_current, $user_password_hash)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_PASSWORD_CURRENT_INCORRECT')); return false; } else { if (empty($user_password_new) || empty($user_password_repeat)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_PASSWORD_FIELD_EMPTY')); return false; } else { if ($user_password_new !== $user_password_repeat) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_PASSWORD_REPEAT_WRONG')); return false; } else { if (strlen($user_password_new) < 6) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_PASSWORD_TOO_SHORT')); return false; } else { if ($user_password_current == $user_password_new) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_PASSWORD_NEW_SAME_AS_CURRENT')); return false; } } } } } return true; }