/**
* Builds a page with login form.
*
* @param Request $request Incoming request.
* @return string Rendered page content.
*/
public function showFormAction(Request $request)
{
// Check if the operator already logged in
if ($this->getOperator()) {
// Redirect the operator to home page.
// TODO: Use a route for URI generation.
return $this->redirect($request->getUriForPath('/operator'));
}
$page = array('formisRemember' => true, 'version' => MIBEW_VERSION, 'errors' => $request->attributes->get('errors', array()));
// Try to get login from the request.
if ($request->request->has('login')) {
$page['formlogin'] = $request->request->get('login');
} elseif ($request->query->has('login')) {
$login = $request->query->get('login');
if (preg_match("/^(\\w{1,15})\$/", $login)) {
$page['formlogin'] = $login;
}
}
$page['localeLinks'] = get_locale_links();
$page['title'] = getlocal('Login');
$page['headertitle'] = getlocal('Mibew Messenger');
$page['show_small_login'] = false;
$page['fixedwrap'] = true;
return $this->render('login', $page);
}
/**
* Renders operator's home page.
*
* @param Request $request Incoming request
* @return string Rendered page content.
*/
public function dashboardAction(Request $request)
{
$operator = $this->getOperator();
$is_online = is_operator_online($operator['operatorid']);
$page = array('version' => MIBEW_VERSION, 'localeLinks' => get_locale_links(), 'needUpdate' => version_compare(Settings::get('dbversion'), MIBEW_VERSION, '<'), 'profilePage' => $this->generateUrl('operator_edit', array('operator_id' => $operator['operatorid'])), 'isOnline' => $is_online, 'warnOffline' => true, 'title' => getlocal('Home'), 'menuid' => 'main');
$page = array_merge($page, prepare_menu($operator));
return $this->render('index', $page);
}
function show_install_err($text)
{
global $page, $version, $errors, $webimroot;
$page = array('version' => $version, 'localeLinks' => get_locale_links("{$webimroot}/install/index.php"));
$errors = array($text);
start_html_output();
require '../view/install_err.php';
exit;
}
/**
* Generates a page for the first step of password recovery process.
*
* @param Request $request
* @return string Rendered page content
*/
public function indexAction(Request $request)
{
if ($this->getOperator()) {
// If the operator is logged in just redirect him to the home page.
return $this->redirect($request->getUriForPath('/operator'));
}
$page = array('version' => MIBEW_VERSION, 'title' => getlocal('Trouble Accessing Your Account?'), 'headertitle' => getlocal('Mibew Messenger'), 'show_small_login' => true, 'fixedwrap' => true, 'errors' => array());
$login_or_email = '';
if ($request->isMethod('POST')) {
// When HTTP GET method is used the form is just rendered but the
// user does not pass any data. Thus we need to prevent CSRF attacks
// only for POST requests
csrf_check_token($request);
}
if ($request->isMethod('POST') && $request->request->has('loginoremail')) {
$login_or_email = $request->request->get('loginoremail');
$to_restore = MailUtils::isValidAddress($login_or_email) ? operator_by_email($login_or_email) : operator_by_login($login_or_email);
if (!$to_restore) {
$page['errors'][] = getlocal('No such Operator');
}
$email = $to_restore['vcemail'];
if (count($page['errors']) == 0 && !MailUtils::isValidAddress($email)) {
$page['errors'][] = "Operator hasn't set his e-mail";
}
if (count($page['errors']) == 0) {
$token = sha1($to_restore['vclogin'] . (function_exists('openssl_random_pseudo_bytes') ? openssl_random_pseudo_bytes(32) : time() + microtime() . mt_rand(0, 99999999)));
// Update the operator
$to_restore['dtmrestore'] = time();
$to_restore['vcrestoretoken'] = $token;
update_operator($to_restore);
$href = $this->getRouter()->generate('password_recovery_reset', array('id' => $to_restore['operatorid'], 'token' => $token), UrlGeneratorInterface::ABSOLUTE_URL);
// Load mail templates and substitute placeholders there.
$mail_template = MailTemplate::loadByName('password_recovery', get_current_locale());
if (!$mail_template) {
throw new \RuntimeException('Cannot load "password_recovery" mail template');
}
$this->sendMail(MailUtils::buildMessage($email, $email, $mail_template->buildSubject(), $mail_template->buildBody(array(get_operator_name($to_restore), $href))));
$page['isdone'] = true;
return $this->render('password_recovery', $page);
}
}
$page['formloginoremail'] = $login_or_email;
$page['localeLinks'] = get_locale_links();
$page['isdone'] = false;
return $this->render('password_recovery', $page);
}
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../libs/common.php';
require_once '../libs/settings.php';
require_once 'dbinfo.php';
$page = array('version' => $version, 'localeLinks' => get_locale_links("{$webimroot}/install/index.php"));
$page['done'] = array();
$page['nextstep'] = false;
$page['nextnotice'] = false;
$page['soundcheck'] = false;
$errors = array();
function check_webimroot()
{
global $page, $errors, $webimroot;
$requestUri = $_SERVER["REQUEST_URI"];
if (!preg_match('/^(.*)\\/install(\\/[^\\/\\\\]*)?$/', $requestUri, $matches)) {
$errors[] = "Cannot detect application location: {$requestUri}";
return false;
}
$applocation = $matches[1];
if ($applocation != $webimroot) {
$errors = array();
$page = array('version' => $version);
$loginoremail = "";
if (isset($_POST['loginoremail'])) {
$loginoremail = getparam("loginoremail");
$torestore = is_valid_email($loginoremail) ? operator_by_email($loginoremail) : operator_by_login($loginoremail);
if (!$torestore) {
$errors[] = getlocal("no_such_operator");
}
$email = $torestore['vcemail'];
if (count($errors) == 0 && !is_valid_email($email)) {
$errors[] = "Operator hasn't set his e-mail";
}
if (count($errors) == 0) {
$token = md5(time() + microtime() . rand(0, 99999999));
$link = connect();
$query = "update {$mysqlprefix}chatoperator set dtmrestore = CURRENT_TIMESTAMP, vcrestoretoken = '{$token}' where operatorid = " . $torestore['operatorid'];
perform_query($query, $link);
$href = get_app_location(true, false) . "/operator/resetpwd.php?id=" . $torestore['operatorid'] . "&token={$token}";
webim_mail($email, $email, getstring("restore.mailsubj"), getstring2("restore.mailtext", array(get_operator_name($torestore), $href)), $link);
mysql_close($link);
$page['isdone'] = true;
require '../view/restore.php';
exit;
}
}
$page['formloginoremail'] = topage($loginoremail);
$page['localeLinks'] = get_locale_links("{$webimroot}/operator/restore.php");
$page['isdone'] = false;
start_html_output();
require '../view/restore.php';
if (check_login(false)) {
header("Location: {$mibewroot}/operator/");
exit;
}
$errors = array();
$page = array('formisRemember' => true, 'version' => $version);
if (isset($_POST['login']) && isset($_POST['password'])) {
$login = getparam('login');
$password = getparam('password');
$remember = isset($_POST['isRemember']) && $_POST['isRemember'] == "on";
$operator = operator_by_login($login);
if ($operator && isset($operator['vcpassword']) && check_password_hash($login, $password, $operator['vcpassword'])) {
$target = $password == '' ? "{$mibewroot}/operator/operator.php?op=" . intval($operator['operatorid']) : (isset($_SESSION['backpath']) ? $_SESSION['backpath'] : "{$mibewroot}/operator/index.php");
login_operator($operator, $remember, is_secure_request());
header("Location: {$target}");
exit;
} else {
$errors[] = getlocal("page_login.error");
$page['formlogin'] = $login;
}
} else {
if (isset($_GET['login'])) {
$login = getgetparam('login');
if (preg_match("/^(\\w{1,15})\$/", $login)) {
$page['formlogin'] = $login;
}
}
}
$page['localeLinks'] = get_locale_links("{$mibewroot}/operator/login.php");
start_html_output();
require '../view/login.php';
/**
* Renders installation error page.
*
* It is just a wrapper for {@link AbstractController::render()} method
* which adds several default values to $parameters array.
*
* @param string $template Name of the template which should be rendered
* @param array $parameters List of values that should be passed to the
* template.
* @return string Rendered page content
*/
protected function renderError($template, array $parameters = array())
{
// Add default values
$parameters += array('version' => MIBEW_VERSION, 'localeLinks' => get_locale_links(), 'title' => getlocal('Problem'), 'fixedwrap' => true);
return $this->render($template, $parameters);
}
/*
* This file is part of Mibew Messenger project.
*
* Copyright (c) 2005-2011 Mibew Messenger Community
* All rights reserved. The contents of this file are subject to the terms of
* the Eclipse Public License v1.0 which accompanies this distribution, and
* is available at http://www.eclipse.org/legal/epl-v10.html
*
* Alternatively, the contents of this file may be used under the terms of
* the GNU General Public License Version 2 or later (the "GPL"), in which case
* the provisions of the GPL are applicable instead of those above. If you wish
* to allow use of your version of this file only under the terms of the GPL, and
* not to allow others to use your version of this file under the terms of the
* EPL, indicate your decision by deleting the provisions above and replace them
* with the notice and other provisions required by the GPL.
*
* Contributors:
* Evgeny Gryaznov - initial API and implementation
*/
require_once '../libs/common.php';
require_once '../libs/operator.php';
$operator = check_login();
$link = connect();
loadsettings_($link);
$isonline = is_operator_online($operator['operatorid'], $link);
mysql_close($link);
$page = array('version' => $version, 'localeLinks' => get_locale_links("{$webimroot}/operator/index.php"), 'needUpdate' => $settings['dbversion'] != $dbversion, 'updateWizard' => "{$webimroot}/install/", 'newFeatures' => $settings['featuresversion'] != $featuresversion, 'featuresPage' => "{$webimroot}/operator/features.php", 'isOnline' => $isonline);
prepare_menu($operator);
start_html_output();
require '../view/menu.php';
<?php
/*
* This file is a part of Mibew Messenger.
*
* Copyright 2005-2015 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../libs/common.php';
require_once '../libs/operator.php';
$operator = check_login();
$link = connect();
loadsettings_($link);
$isonline = is_operator_online($operator['operatorid'], $link);
mysql_close($link);
$page = array('version' => $version, 'localeLinks' => get_locale_links("{$mibewroot}/operator/index.php"), 'needUpdate' => $settings['dbversion'] != $dbversion, 'needChangePassword' => check_password_hash($operator['vclogin'], '', $operator['vcpassword']), 'profilePage' => "{$mibewroot}/operator/operator.php?op=" . safe_htmlspecialchars($operator['operatorid']), 'updateWizard' => "{$mibewroot}/install/", 'newFeatures' => $settings['featuresversion'] != $featuresversion, 'featuresPage' => "{$mibewroot}/operator/features.php", 'isOnline' => $isonline);
prepare_menu($operator);
start_html_output();
require '../view/menu.php';
<?php
/*
* Copyright 2005-2013 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../libs/common.php';
require_once '../libs/operator.php';
$operator = check_login();
$link = connect();
loadsettings_($link);
$isonline = is_operator_online($operator['operatorid'], $link);
mysql_close($link);
$page = array('version' => $version, 'localeLinks' => get_locale_links("{$webimroot}/operator/index.php"), 'needUpdate' => $settings['dbversion'] != $dbversion, 'needChangePassword' => $operator['vcpassword'] == md5(''), 'profilePage' => "{$webimroot}/operator/operator.php?op=" . $operator['operatorid'], 'updateWizard' => "{$webimroot}/install/", 'newFeatures' => $settings['featuresversion'] != $featuresversion, 'featuresPage' => "{$webimroot}/operator/features.php", 'isOnline' => $isonline);
prepare_menu($operator);
start_html_output();
require '../view/menu.php';
