Exemplo n.º 1
0
 function checkloginAction()
 {
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender(TRUE);
     $session = SessionWrapper::getInstance();
     $formvalues = $this->_getAllParams();
     // debugMessage($formvalues);
     # check that an email has been provided
     if (isEmptyString(trim($this->_getParam("email")))) {
         $session->setVar(ERROR_MESSAGE, $this->_translate->translate("profile_email_error"));
         $session->setVar(FORM_VALUES, $this->_getAllParams());
         // return to the home page
         $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
     }
     if (isEmptyString(trim($this->_getParam("password")))) {
         $session->setVar(ERROR_MESSAGE, $this->_translate->translate("profile_password_error"));
         $session->setVar(FORM_VALUES, $this->_getAllParams());
         // return to the home page
         $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
     }
     # check which field user is using to login. default is username
     $credcolumn = "username";
     $login = (string) trim($this->_getParam("email"));
     // $password = encode(sha1(trim($this->_getParam("password"))));
     # check if credcolumn is emai
     $validator = new Zend_Validate_EmailAddress();
     if ($validator->isValid($login)) {
         $usertable = new UserAccount();
         if ($usertable->findByEmail($login)) {
             $credcolumn = 'email';
         }
     }
     if (stringContains('!@#', $login)) {
         $credcolumn = 'trx';
         $loginarray = explode('.', $login);
         // debugMessage($loginarray);
         $id = $loginarray[0];
     }
     // debugMessage($credcolumn); exit;
     $browser = new Browser();
     $audit_values = $browser_session = array("browserdetails" => $browser->getBrowserDetailsForAudit(), "browser" => $browser->getBrowser(), "version" => $browser->getVersion(), "useragent" => $browser->getUserAgent(), "os" => $browser->getPlatform(), "ismobile" => $browser->isMobile() ? '1' : 0, "ipaddress" => $browser->getIPAddress());
     // debugMessage($audit_values);
     if ($credcolumn == 'email' || $credcolumn == 'username') {
         $authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Registry::get("dbAdapter"));
         // define the table, fields and additional rules to use for authentication
         $authAdapter->setTableName('useraccount');
         $authAdapter->setIdentityColumn($credcolumn);
         $authAdapter->setCredentialColumn('password');
         $authAdapter->setCredentialTreatment("sha1(?) AND status = '1' ");
         // set the credentials from the login form
         $authAdapter->setIdentity($login);
         $authAdapter->setCredential($this->_getParam("password"));
         // new class to audit the type of Browser and OS that the visitor is using
         if (!$authAdapter->authenticate()->isValid()) {
             // debugMessage('invalid'); exit;
             // add failed login to audit trail
             $audit_values['module'] = 1;
             $audit_values['usecase'] = '1.1';
             $audit_values['transactiontype'] = USER_LOGIN;
             $audit_values['status'] = "N";
             $audit_values['transactiondetails'] = "Login for user with id '" . $this->_getParam("email") . "' failed. Invalid username or password";
             // exit();
             $this->notify(new sfEvent($this, USER_LOGIN, $audit_values));
             // return to the home page
             if (!isArrayKeyAnEmptyString(URL_FAILURE, $formvalues)) {
                 $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
                 $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
             } else {
                 $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
                 $this->_helper->redirector->gotoSimple('login', "user");
             }
             return false;
         }
         // user is logged in sucessfully so add information to the session
         $user = $authAdapter->getResultRowObject();
         $useraccount = new UserAccount();
         $useraccount->populate($user->id);
     }
     // exit;
     # trx login
     if ($credcolumn == 'trx') {
         $useraccount = new UserAccount();
         $useraccount->populate($id);
         // debugMessage($result); exit();
         if (isEmptyString($useraccount->getID())) {
             // return to the home page
             if (!isArrayKeyAnEmptyString(URL_FAILURE, $formvalues)) {
                 $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
                 $this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
             } else {
                 $session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
                 $this->_helper->redirector->gotoSimple('login', "user");
             }
             return false;
         }
     }
     // debugMessage($useraccount->toArray()); exit();
     $session->setVar("userid", $useraccount->getID());
     $session->setVar("username", $useraccount->getUserName());
     $session->setVar("type", $useraccount->getType());
     $session->setVar("companyid", $useraccount->getCompanyID());
     $session->setVar("istimesheetuser", $useraccount->getIsTimesheetUser());
     $session->setVar("browseraudit", $browser_session);
     $session->setVar("user", json_encode($useraccount->toArray()));
     $session->setVar("company", json_encode($useraccount->getCompany()->toArray()));
     // clear user specific cache, before it is used again
     $this->clearUserCache();
     // Add successful login event to the audit trail
     $audit_values['module'] = 1;
     $audit_values['usecase'] = '1.1';
     $audit_values['transactiontype'] = USER_LOGIN;
     $audit_values['status'] = "Y";
     $audit_values['userid'] = $useraccount->getID();
     $audit_values['transactiondetails'] = "Login for user with id '" . $this->_getParam("email") . "' successful";
     // $this->notify(new sfEvent($this, USER_LOGIN, $audit_values));
     if (isEmptyString($this->_getParam("redirecturl"))) {
         # forward to the dashboard
         $this->_helper->redirector->gotoSimple("index", "dashboard");
     } else {
         # redirect to the page the user was coming from
         if (!isEmptyString($this->_getParam(SUCCESS_MESSAGE))) {
             $successmessage = decode($this->_getParam(SUCCESS_MESSAGE));
             $session->setVar(SUCCESS_MESSAGE, $successmessage);
         }
         $this->_helper->redirector->gotoUrl(decode($this->_getParam("redirecturl")));
     }
 }
 function processattendanceAction()
 {
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender(TRUE);
     $session = SessionWrapper::getInstance();
     $config = Zend_Registry::get("config");
     $this->_translate = Zend_Registry::get("translate");
     $validshift = false;
     $formvalues = $this->_getAllParams();
     /* $formvalues = array(
       	 "id" => "",
       			"successmessage" => "Check-In Successfull",
       			"datein" => "Apr 24, 2015",
       			"timein" => "8:40 PM",
       			"inremarks" => "",
       			"status" => "",
       			"userid" => "93"
       	); */
     // debugMessage($formvalues);  //  exit;
     $id = decode($formvalues['id']);
     $formvalues['id'] = $id;
     $timesheet = new Timesheet();
     $user = new UserAccount();
     $user->populate($formvalues['userid']);
     # no shift available at all on profile
     // validate that user is checking into right shift
     if (isEmptyString($id)) {
         $checkindate = date('Y-m-d', strtotime($formvalues['datein']));
         $checkintime = date('H:i:s', strtotime($formvalues['timein']));
         $checkinfulldate = $checkindate . ' ' . $checkintime;
         debugMessage('checkin: ' . $checkinfulldate);
         // if user is already checkin, throw exception
         if (isCheckedIn($formvalues['userid'], $checkindate)) {
             $message = "Check-In failed. Active session already exists";
             $session->setVar(ERROR_MESSAGE, $message);
             exit;
         }
         $hasshift = false;
         $scheduleentry = getSessionEntry($user->getID());
         // debugMessage($scheduleentry);
         if (!isEmptyString($scheduleentry['id']) && !isEmptyString($user->getShift()) && $scheduleentry['status'] == 1) {
             $hasshift = true;
         }
         if ($hasshift) {
             $shift = new ShiftSchedule();
             $shift->populate($scheduleentry['id']);
             // debugMessage($shift->toArray());
             $validstartdate = $checkindate;
             $validstarttime = !isEmptyString($shift->getStartTime()) ? $shift->getStartTime() : $shift->getSession()->getStartTime();
             $validfullstartdate = $validstartdate . ' ' . $validstarttime;
             debugMessage('startin: ' . $validfullstartdate);
             # compute end date and time
             $endtime = !isEmptyString($shift->getEndTime()) ? $shift->getEndTime() : $shift->getSession()->getEndTime();
             $endday = $checkindate;
             $starthr = date('H', strtotime($validstarttime));
             //debugMessage($starthr);
             $endhr = date('H', strtotime($endtime));
             //debugMessage($endhr);
             if ($endhr < $starthr) {
                 $nxtday = date('Y-m-d', strtotime($checkindate . " + 1 day"));
                 $endday = $nxtday;
             }
             $validenddate = $endday;
             $validendtime = $endtime;
             $validfullenddate = $validenddate . ' ' . $validendtime;
             debugMessage('ending: ' . $validfullenddate);
             // validate start and end dates for each session
             $rangevalid = false;
             if (strtotime($checkinfulldate) >= strtotime($shift->getStartDate() . ' 00:00:00')) {
                 $rangevalid = true;
                 if (!isEmptyString($shift->getEndDate())) {
                     $rangevalid = false;
                     if (strtotime($checkinfulldate) <= strtotime($shift->getEndDate() . ' 23:00:00')) {
                         $rangevalid = true;
                     }
                 }
             }
             // also check if the days of the week are in the valid range
             if ($rangevalid) {
                 $todaywkno = date('w', strtotime($checkinfulldate));
                 // debugMessage($todaywkno);
                 $wkdaysprofiled = $user->getDaysOfWeekArray();
                 // debugMessage($wkdaysprofiled);
                 if (!isEmptyString($scheduleentry['workingdays'])) {
                     $wkdaysprofiled = explode(',', preg_replace('!\\s+!', '', trim($scheduleentry['workingdays'])));
                     // debugMessage($wkdaysprofiled);
                 }
                 if (count($wkdaysprofiled) > 0) {
                     if (!in_array($todaywkno, $wkdaysprofiled)) {
                         $rangevalid = false;
                     }
                 }
             }
             // now validate the time within the session
             if ($rangevalid) {
                 if (strtotime($checkinfulldate) >= strtotime($validfullstartdate) && strtotime($checkinfulldate) < strtotime($validfullenddate)) {
                     $validshift = true;
                     $browser = new Browser();
                     $audit_values = $browser_session = array("browserdetails" => $browser->getBrowserDetailsForAudit(), "browser" => $browser->getBrowser(), "version" => $browser->getVersion(), "useragent" => $browser->getUserAgent(), "os" => $browser->getPlatform(), "ismobile" => $browser->isMobile() ? '1' : 0, "ipaddress" => $browser->getIPAddress());
                     $formvalues['sessionid'] = $scheduleentry['sessionid'];
                     $formvalues['ipaddress'] = $audit_values['ipaddress'];
                     $formvalues['browser_details'] = json_encode($audit_values);
                 }
             }
         }
     }
     /* if(!$validshift){
       		 debugMessage('shift fail');
       	} else {
       		debugMessage('shift passed');
       	}
       	debugMessage($formvalues);
       	exit; */
     if (isEmptyString($id)) {
         $formvalues['createdby'] = $session->getVar('userid');
         if (isArrayKeyAnEmptyString('isrequest', $formvalues)) {
             $formvalues['isrequest'] = 0;
             $formvalues['status'] = 0;
             $formvalues['timesheetdate'] = date('Y-m-d', strtotime($formvalues['datein']));
         } else {
             $formvalues['isrequest'] = 1;
             if (isArrayKeyAnEmptyString('status', $formvalues)) {
                 $formvalues['status'] = 2;
             }
         }
     }
     if (!isEmptyString($id)) {
         $timesheet->populate($id);
         $formvalues['lastupdatedby'] = $session->getVar('userid');
         if (isArrayKeyAnEmptyString('isrequest', $formvalues)) {
             if (isEmptyString($timesheet->getHours())) {
                 $timesheet->setHours($timesheet->getComputedHours());
             }
             $formvalues['isrequest'] = 0;
         } else {
             $formvalues['isrequest'] = 1;
         }
         $validshift = true;
     }
     if ($validshift) {
         $timesheet->processPost($formvalues);
         /* debugMessage($timesheet->toArray());
         		 debugMessage('error '.$timesheet->getErrorStackAsString()); exit(); */
         if ($timesheet->hasError()) {
             $session->setVar(ERROR_MESSAGE, $timesheet->getErrorStackAsString());
         } else {
             try {
                 $timesheet->save();
                 $session->setVar(SUCCESS_MESSAGE, $this->_translate->translate($this->_getParam(SUCCESS_MESSAGE)));
             } catch (Exception $e) {
                 $session->setVar(ERROR_MESSAGE, $e->getMessage());
             }
         }
     } else {
         $message = "Check-In failed. Invalid shift or session time detected. <br/> Contact admin for resolution.";
         $session->setVar('contactadmin', 1);
         if (isAdmin() || isCompanyAdmin()) {
             $session->setVar('contactadmin', '');
             $url = $this->view->baseUrl('config/shifts/tab/schedules/userid/' . $user->getID());
             $message = 'Check-In failed. Invalid shift or session time detected. <br/> <a href="' . $url . '">Click here</a> to update schedule for ' . $user->getName();
         }
         $session->setVar(ERROR_MESSAGE, $message);
     }
 }