/**
* login action
*
* @ActionDefinition( file='auth.tpl', propel )
*/
public function login ()
{
if ( !isset( $_SESSION['profiles'] ) || !isset( $_SESSION['role'] ) ) {
// verify method
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
// validate form
if ( !isset( $this->request->email ) || !$this->request->email ) {
$this->response->exception = 'Provide an email';
} elseif ( !isset( $this->request->password ) ||
!$this->request->password ) {
$this->response->exception = 'Provide a password';
} else {
// check if account exists
$user = AuthUsersBss::getByEmail( $this->request->email );
if ( is_string( $user ) ) {
$this->response->exception = $user;
} else {
// check password
if ( $user['password'] == tlalokes_core_crypt( $this->request->password ) ) {
$_SESSION['user_id'] = $user['id'];
// check role
$role = AuthRolesBss::getByName( $user['role_name'] );
if ( $role['role_status'] == 1 ) {
// set access profile
$profiles = AuthAccessProfilesRolesBss::getProfilesByRole( $role['id'] );
if ( is_string( $profiles ) ) {
$this->response->exception = $profiles;
} else {
foreach( $profiles as $profile ) {
$_SESSION['profiles'][] = $profile['profile'];
}
}
unset( $profiles );
// set role
$_SESSION['role'] = $role['id'];
unset( $role );
$this->response->flag = true;
}
} else {
$this->response->exception = 'Password invalid';
}
}
}
}
} else {
$this->response->flag = true;
}
}
