/** * Authenticates the identity contained in a request. Will use the `settings.userModel`, and `settings.fields` * to find POST data that is used to find a matching record in the `settings.userModel`. Will return false if * there is no post data, either username or password is missing, of if the scope conditions have not been met. * @author DaiNT * @date: 2013/05/23 * @param CakeRequest $request The request that contains login information. * @param CakeResponse $response Unused response object. * @return mixed. False on login failure. An array of User data on success. */ public function authenticate(CakeRequest $request, CakeResponse $response) { if (isset($request->data['type'])) { $type = $request->data['type']; if (!isset($this->settings['types'][$type])) { throw new Exception(__('Type %s login not setting', $type)); } $types = $this->settings['types']; $this->settings = array_merge(array('types' => $types), $types[$type]); } // if not set model in from then reset to request if (AppUtility::checkIsMobile()) { $this->settings['fields']['password'] = '******'; } $fields = $this->settings['fields']; $model = $this->settings['userModel']; $userName = Sanitize::paranoid($request->data[$model][$fields['username']]); $password = Sanitize::paranoid($request->data[$model][$fields['password']]); if (empty($request->data[$model])) { $request->data[$model] = array($fields['username'] => isset($userName) ? $userName : null, $fields['password'] => isset($password) ? $password : null); } $user = parent::authenticate($request, $response); if (!empty($user) && is_array($user) && isset($request->data[$model]['system_permission'])) { $user['system_permission'] = $request->data[$model]['system_permission']; } return $user; }
function createDirPath($path, $from_root = 0) { $path_full = $from_root ? '/' : '../' . WEBROOT_DIR; $result = array(); if ($path) { $arr_path = explode('/', $path); if (!empty($arr_path)) { foreach ($arr_path as $val) { if ($val) { $path_full .= '/' . $val; AppUtility::makeDir($path_full); } } } } return $path_full; }
/** * detail of user * @author: ThanhN * @date: 2016/02/23 */ function addCustomer() { $userLogin = $this->Auth->user(); // Check quuyen cua user if (!$this->Common->checkPermissionUser(AppConst::PERMISION_ADMIN, $userLogin, 'permission_user')) { $this->Session->setFlash(__("<div class='error-msg location_msg'>" . __("Bạn không có quyền vào trang này!") . "</div>")); $this->redirect('/users/error'); } $userData = array(); if ($this->request->is('post')) { $data = $this->request->data; debug($data); die; //remove html tag script, style, link $data = AppUtility::removeMetaTag($data); $data = Sanitize::clean($data); $arrError = $this->checkValidateFormAdd($data); if ($arrError == '') { try { $data = $this->processData($data); if ($this->saveData($data, $_FILES['user_image'])) { $this->Session->setFlash(__("<div class='success-msg location_msg'>" . __("Thêm mới khách hàng thành công") . "</div>")); $this->redirect('/Customer/listCustomer/'); } else { $this->Session->setFlash(__("<div class='error-msg-table location_msg'>" . __("Thêm mới khách hàng thất bại, hãy thử lại!") . "</div>")); $this->redirect('/Customer/listCustomer/'); } } catch (Exception $e) { $this->log($e->getMessage()); return false; } } else { $this->Session->setFlash(__("<div class='success-msg location_msg'>" . $arrError . "</div>")); $this->redirect('/Customer/listCustomer/'); } } // Get thông tin user $arrDataDoctor = array(); $arrDataMember = array(); $userData = $this->User->find("all", array('conditions' => array('delete_flag' => AppConst::USER_DELETE_FLAG_ACTIVE))); if (!empty($userData)) { foreach ($userData as $key => $value) { if ($value['User']['type_user'] == AppConst::TYPE_USER_BACSI) { $arrDataDoctor[$value['User']['id']] = $value['User']['name']; } if (in_array($value['User']['type_user'], array(AppConst::TYPE_USER_NHANVIEN, AppConst::TYPE_USER_LETAN, AppConst::TYPE_USER_KETOAN))) { $arrDataMember[$value['User']['id']] = $value['User']['name']; } } } $arrDadaDoctor = array(); $this->set('arrDataDoctor', $arrDataDoctor); $this->set('arrDataMember', $arrDataMember); $this->set('userLogin', $userLogin); $this->set('baseUrl', $this->base); }
/** * detail of user * @author: ThanhN * @date: 2016/02/23 */ function addUser() { // Check quuyen cua user if (!$this->Common->checkPermissionUser(AppConst::PERMISION_ADMIN, $this->Auth->user(), 'permission_user')) { $this->Session->setFlash(__("<div class='error-msg location_msg'>" . __("Bạn không có quyền vào trang này!") . "</div>")); $this->redirect('/users/error'); } $userData = array(); if ($this->request->is('post')) { $data = $this->request->data; //remove html tag script, style, link $data = AppUtility::removeMetaTag($data); $data = Sanitize::clean($data); $data = $data['User']; // Check trùng username $arrUserDB = $this->User->find("all", array('conditions' => array('User.username' => $data['username']))); if (!empty($arrUserDB)) { $this->Session->setFlash(__("<div class='error-msg-table location_msg'>" . __("Mã nhân viên thêm mới bị trùng, hãy thử với mã nhân viên khác!") . "</div>")); $this->redirect('/users/listUser/'); } $arrError = $this->checkValidateFormAdd($data); if ($arrError == '') { try { if ($this->saveData($data, $_FILES['user_image'])) { $this->Session->setFlash(__("<div class='success-msg location_msg'>" . __("Thêm mới user thành công") . "</div>")); $this->redirect('/users/listUser/'); } else { $this->Session->setFlash(__("<div class='error-msg-table location_msg'>" . __("Thêm mới user thất bại, hãy thử lại!") . "</div>")); $this->redirect('/users/listUser/'); } } catch (Exception $e) { $this->log($e->getMessage()); return false; } } else { $this->Session->setFlash(__("<div class='success-msg location_msg'>" . $arrError . "</div>")); $this->redirect('/users/listUser/'); } } $this->set('baseUrl', $this->base); }