/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
//user ip login more than X times can't login
$this->username = str_replace("'", "''", $this->username);
$iplogin = new IpLogins();
$iplogin->deleteOldRecords();
//if(!$iplogin->limitLoginTimes($this->username, Yii::app()->request->getUserHostAddress()))
if (!$iplogin->limitLoginTimes($this->username, Yii::app()->request->getUserHostAddress())) {
$this->errorCode = self::ERROR_FAILURE_MAX_TIMES;
return !$this->errorCode;
}
$record = Users::model()->findByAttributes(array('username' => $this->username, 'status' => $this->status, 'application_id' => $this->application_id));
if ($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (trim($record->password_hash) != md5(trim($this->password))) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
$record->login_attemp = $record->login_attemp + 1;
$record->update();
} else {
if ($record->status == 0) {
$this->errorCode = self::ERROR_USERNAME_BLOCKED;
} else {
$this->_id = $record->id;
$this->role_id = $record->role_id;
$this->_isAdmin = true;
$this->errorCode = self::ERROR_NONE;
// Update last IP and time
$record->last_logged_in = date('Y-m-d H:i:s');
$record->login_attemp = 0;
Yii::app()->session['LOGGED_USER'] = $record;
if (!$record->update()) {
Yii::log(print_r($record->getErrors(), true), 'error', 'AdminUserIdentity.authenticate');
}
/**
* DTOAN ghostkissboy12@gmail.com
* set cookie
*/
if (isset($_POST['AdminLoginForm']['rememberMe'])) {
if ($_POST['AdminLoginForm']['rememberMe'] == 1) {
ActiveRecord::setCookie(VERZ_COOKIE_ADMIN, $record, 'username');
}
}
}
}
}
if ($this->errorCode && $this->errorCode != self::ERROR_USERNAME_INVALID) {
//write ip and username
$iplogin->username = $this->username;
$iplogin->ip_address = Yii::app()->request->getUserHostAddress();
$iplogin->time_login = time();
$iplogin->save();
}
return !$this->errorCode;
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
//user ip login more than X times can't login
$iplogin = new IpLogins();
$iplogin->deleteOldRecords();
$record = Users::model()->findByAttributes(array('email' => $this->username));
if ($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (trim($record->password_hash) != md5(trim($this->password))) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
$record->login_attemp = $record->login_attemp + 1;
$record->update();
} else {
if ($record->status == 0) {
$this->errorCode = self::ERROR_USERNAME_BLOCKED;
} else {
$this->_id = $record->id;
$this->role_id = $record->role_id;
$this->_isAdmin = false;
$this->errorCode = self::ERROR_NONE;
// Update last IP and time
$record->last_logged_in = date('Y-m-d H:i:s');
$record->login_attemp = 0;
Yii::app()->session['LOGGED_USER'] = $record;
if (!$record->update()) {
Yii::log(print_r($record->getErrors(), true), 'error', 'MemberUserIdentity.authenticate');
}
}
}
}
if ($this->errorCode && $this->errorCode != self::ERROR_USERNAME_INVALID) {
//write ip and username
$iplogin->username = $this->username;
$iplogin->ip_address = Yii::app()->request->getUserHostAddress();
$iplogin->time_login = time();
$iplogin->save();
}
return !$this->errorCode;
}
public function authenticate_admin()
{
$this->username = str_replace("'", "''", $this->username);
//user ip login more than X times can't login
$iplogin = new IpLogins();
$iplogin->deleteOldRecords();
if (!$iplogin->limitLoginTimes($this->username, Yii::app()->request->getUserHostAddress())) {
$this->errorCode = self::ERROR_FAILURE_MAX_TIMES;
return !$this->errorCode;
}
$record = Users::model()->findByAttributes(array('nric_passportno_roc' => $this->username, 'role_id' => $this->role_id));
if ($record === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (trim($record->password_hash) != md5(trim($this->password))) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
$record->login_attemp = $record->login_attemp + 1;
$record->update();
} else {
if (($record->role_id == ROLE_REGISTER_MEMBER || $record->role_id == ROLE_TENANT || $record->role_id == ROLE_LANDLORD || $record->role_id == ROLE_AGENT) && $record->status == 0) {
// $this->errorCode= self::ERROR_USERNAME_BLOCKED;
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (($record->role_id == ROLE_REGISTER_MEMBER || $record->role_id == ROLE_TENANT || $record->role_id == ROLE_LANDLORD || $record->role_id == ROLE_AGENT) && $record->status == 2) {
$this->errorCode = self::ERROR_USERNAME_BLOCKED;
} else {
if ($record->role_id == ROLE_LANDLORD && $this->checkExpired($record)) {
$this->errorCode = self::ERROR_USERNAME_EXPIRED_LANDLORD;
} else {
if ($record->role_id == ROLE_TENANT && $this->checkExpired($record)) {
$this->errorCode = self::ERROR_USERNAME_EXPIRED_TENANT;
} else {
$this->_id = $record->id;
// $this->setState('title', $record->nick_name);
$this->errorCode = self::ERROR_NONE;
$this->_isAdmin = false;
// Update last IP and time
$record->last_logged_in = date('Y-m-d H:i:s');
$record->ip_address = Yii::app()->request->getUserHostAddress();
$record->login_attemp = 0;
Yii::app()->session['LOGGED_USER'] = $record;
if (!$record->update()) {
Yii::log(print_r($record->getErrors(), true), 'error', 'UserIdentity.authenticate_admin');
}
}
}
}
}
}
}
if ($this->errorCode && $this->errorCode != self::ERROR_USERNAME_INVALID) {
//write ip and username
$iplogin->username = $this->username;
$iplogin->ip_address = Yii::app()->request->getUserHostAddress();
$iplogin->time_login = time();
$iplogin->save();
}
if (isset($_POST['LoginForm']['rememberMe'])) {
if ($_POST['LoginForm']['rememberMe'] == 1 && $record != NULL) {
ActiveRecord::setCookie(VERZ_COOKIE_MEMBER, $record, 'nric_passportno_roc');
}
}
return !$this->errorCode;
}
