/** * Profile view and edit * * @return bool */ public function indexAction() { /** * @var $userData Users */ $userData = Users::findFirst('user_id = ' . $this->_user['id']); $this->view->setVar('avatar', $userData->avatar); //If id not exist if (!$userData) { $this->flashSession->notice('m_system_user_message_user_not_exist'); return $this->response->redirect('/admin/user/profile/'); } $this->_toolbar->addSaveButton(); $oldUserData = clone $userData; $userData->password = null; $form = new UserProfileForm($userData); $this->view->setVar('form', $form); if ($this->request->isPost()) { if ($form->isValid($_POST, $userData)) { $userData->email = $oldUserData->email; $newPassword = $this->request->getPost('password', 'string'); $currentPassword = $this->request->getPost('current_password', 'string'); $_POST['current_password'] = ''; $_POST['password'] = ''; $_POST['password_confirmation'] = ''; if ($newPassword != '') { if (Users::checkPassword($currentPassword, $userData->salt, $oldUserData->password)) { $userData->generatePassword($newPassword); } else { $this->flashSession->notice('m_user_message_current_password_not_fount'); return null; } } else { $userData->password = $oldUserData->password; } if ($userData->save()) { $this->_user['full_name'] = $userData->first_name . ' ' . $userData->last_name; $avatarName = $this->uploadAvatar($userData); if ($avatarName) { $userData->avatar = $avatarName; $userData->save(); $this->_user['avatar'] = $userData->avatar; } $this->session->set('auth', $this->_user); $this->flashSession->success('m_user_message_update_user_successfully'); $this->response->redirect('/admin/user/profile/'); return true; } else { $this->setFlashSession($userData->getMessages(), 'error'); $_POST['password'] = ''; $_POST['password_confirmation'] = ''; $this->flashSession->notice('m_system_user_message_update_user_failed'); } } else { $this->setFlashSession($form->getMessages(), 'notice'); } } return true; }
/** * Login * * @param string $email * @param string $password * @return bool */ public static function login($email, $password) { /** * @var Users $user */ $user = Users::findFirst(['conditions' => 'is_active = 1 AND email = ?0', 'bind' => [$email]]); /** * @var \Phalcon\Security $security */ $security = Di::getDefault()->get('security'); if ($user && Users::checkPassword($password, $user->salt, $user->password)) { $token = $security->getToken(); /** * @var UserRoles $role */ $role = UserRoles::findFirst($user->role_id); $acl = json_decode($role->acl, true); /** * @var \ZCMS\Core\ZSession $session */ $session = Di::getDefault()->get('session'); $session->set('auth', ['full_name' => $user->first_name . ' ' . $user->last_name, 'email' => $user->email, 'id' => $user->user_id, 'role' => $user->role_id, 'rules' => $acl['rules'], 'gender' => $user->gender, 'linkAccess' => $acl['links'], 'language' => $user->language_code, 'avatar' => $user->avatar, 'token' => $token, 'coin' => (double) $user->coin, 'created_at' => date('Y-m-d', strtotime($user->created_at)), 'is_super_admin' => $role->is_super_admin, 'last_use_admin' => time()]); return true; } return false; }