/**
* ACTION - User login.
*
* @access public
* @return View
* @since 1.0.2, 2013-12-07
* @version 1.0.7-dev, 2015-05-04
*/
public function actionLogin()
{
$this->setTitle(Core::getAppName() . ' - ' . __('Login form'));
$this->addBreadCrumb(__('Login form'));
$oLoggedUser = Model\User::getLoggedUser();
if ($oLoggedUser instanceof Model\User) {
Route::factory('user_profile')->redirectTo(['id' => $oLoggedUser->getId()]);
}
$failedLogins = \User\LoginFail::getCachedData();
if ($failedLogins > 4) {
return View::factory('base/alert')->set('sType', 'danger')->set('sMsg', __('to.many.incorrect.logins'));
}
$oLoginForm = Form::factory('login');
$oLoginForm->addField(Form\Field\Text::factory('login', $oLoginForm));
$oLoginForm->addField(Form\Field\Password::factory('password', $oLoginForm));
if ($oLoginForm->isSubmittedAndValid()) {
$sUsername = $oLoginForm->get('login');
$sPassword = $oLoginForm->get('password');
$sEncryptedPassword = Helper\Encrypter::factory()->encrypt($sUsername, $sPassword);
$oUser = DB::query("SELECT u FROM \\Model\\User u WHERE u.login = :login AND u.password = :pass")->param('login', $sUsername)->param('pass', $sEncryptedPassword)->single();
if ($oUser instanceof Model\User) {
Session::set('username', $sUsername);
Session::set('uid', (int) $oUser->getId());
$oUser->setLoginDateNOW();
DB::flush();
# Get role permissions for particular user and set them in session
\UserPermissions::reset();
Route::factory(Router::getCurrentRouteName())->redirectTo();
} else {
$currentUrl = Router::currentUrl();
$alert = __('You have entered wrong username or password. Try again.');
\User\LoginFail::addLoginFail();
Session::flash($currentUrl, $alert, 'danger');
}
}
$oLoginForm->addToSuffix(View::factory('user/frontend/login_links')->render());
return View::factory('base/form')->bind('oForm', $oLoginForm);
}
/**
* Encrypt users password.
*
* @static
* @author Krzysztof Trzos
* @access public
* @param string $sLogin
* @param string $sPassword
* @return string
* @since 3.4.1, 2015-01-26
* @version 3.4.1, 2015-01-26
*/
public static function encryptPassword($sLogin, $sPassword)
{
$oEncrypter = EncrypterHelper::factory();
return $oEncrypter->encrypt($sLogin, $sPassword);
}
/**
* STEP - Create superuser of this application.
*
* @access private
* @return void
* @since 1.0.0-alpha
* @version 1.0.0-alpha
*/
private function stepCreateUser()
{
// check if user was created earlier
if ($this->checkIfAdminCreated()) {
$this->parseJsonOutput('User created earlier.', 'error');
}
// connect to database
$oDbConn = new \PDO('mysql:host=' . $this->aCached['db_host'] . ';dbname=' . $this->aCached['db_name'], $this->aCached['db_user'], $this->aCached['db_pass']);
// get data from inputs
$userName = filter_input(INPUT_POST, 'user_name');
$userMail = filter_input(INPUT_POST, 'user_email');
$userPass = filter_input(INPUT_POST, 'user_pass');
$userPass2 = filter_input(INPUT_POST, 'user_pass2');
// data validation
if (empty($userName)) {
$this->parseJsonOutput('User login cannot be empty!', 'error');
}
if (empty($userMail)) {
$this->parseJsonOutput('User e-mail cannot be empty!', 'error');
}
if (empty($userPass)) {
$this->parseJsonOutput('User password cannot be empty!', 'error');
}
if (empty($userPass2)) {
$this->parseJsonOutput('Password must be confirmed!', 'error');
}
if ($userPass !== $userPass2) {
$this->parseJsonOutput('Passwords do not match.', 'error');
}
// encrypt password
require_once PATH_CORE . DS . 'Plethora' . DS . 'Helper' . DS . 'Encrypter.php';
$sEncrypted = Helper\Encrypter::factory()->encrypt($userName, $userPass);
// add user to database
$query = "INSERT INTO users (id, login, email, password, activation, registration_date) VALUES " . "(1, '" . $userName . "', '" . $userMail . "', '" . $sEncrypted . "', 1, NOW())";
$oDbConn->query($query);
// check if database returned an error
$aErrInfo = $oDbConn->errorInfo();
// if no error
if ($aErrInfo[0] === '00000') {
$this->setCachedSingle('step_done', 4);
$this->parseJsonOutput('User created. You can go to the next step.');
} elseif ($aErrInfo[0] === '23000') {
$this->parseJsonOutput('Table "users" is not empty. User with id == 1 already exists!', 'error');
} else {
$this->parseJsonOutput($aErrInfo[2], 'error');
}
}
