/** * Check if user is binded to IP and compare it with his actual IP */ public function validateIP() { $user = $this->getUser(); if ($user and $user->bind_to_ip) { $ips = explode(',', $user->bind_to_ip); $ips = array_map('trim', $ips); if (!in_array(LittleBigHelper::getRealIp(), $ips)) { $this->addError('password', UserManagementModule::t('front', "You could not login from this IP")); } } }
/** * Save new record in DB and write unique token in session * * @param int $userId */ public static function newVisitor($userId) { $browser = new Browser(); $model = new self(); $model->user_id = $userId; $model->token = uniqid(); $model->ip = LittleBigHelper::getRealIp(); $model->language = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2) : null; $model->browser = $browser->getBrowser(); $model->os = $browser->getPlatform(); $model->user_agent = $browser->getUserAgent(); $model->visit_time = time(); $model->save(false); Yii::$app->session->set(self::SESSION_TOKEN, $model->token); }
/** * Make sure user will not deactivate himself and superadmin could not demote himself * Also don't let non-superadmin edit superadmin * * @inheritdoc */ public function beforeSave($insert) { if ($insert) { if (php_sapi_name() != 'cli') { $this->registration_ip = LittleBigHelper::getRealIp(); } $this->generateAuthKey(); } else { // Console doesn't have Yii::$app->user, so we skip it for console if (php_sapi_name() != 'cli') { if (Yii::$app->user->id == $this->id) { // Make sure user will not deactivate himself $this->status = static::STATUS_ACTIVE; // Superadmin could not demote himself if (Yii::$app->user->isSuperadmin and $this->superadmin != 1) { $this->superadmin = 1; } } // Don't let non-superadmin edit superadmin if (!Yii::$app->user->isSuperadmin and $this->oldAttributes['superadmin'] == 1) { return false; } } } // If password has been set, than create password hash if ($this->password) { $this->setPassword($this->password); } return parent::beforeSave($insert); }