public function execute($filterChain) { $context = $this->getContext(); $session_user = $context->getUser(); $cookie_name = sfConfig::get('app_remember_key_cookie_name', 'c2corg_remember'); $cookie_value = $context->getRequest()->getCookie($cookie_name); if ($this->isFirstCall() && !$session_user->isConnected() && !is_null($cookie_value)) { c2cTools::log('{rememberFilter} user has a cookie, trying to auto login'); $remember_key = RememberKey::getKey($cookie_value); if ($remember_key) { c2cTools::log('{rememberFilter} user found from his cookie'); $user = $remember_key->getUser(); if ($user->exists()) { $session_user->signIn($user->get('private_data')->getLoginName(), $user->get('private_data')->getPassword(), true, true); } // User has signed in, and is now correctly in symfony session. However, forums // and several personnalization functions rely on cookies, that will be sent with the request, // but are not yet 'available' from javascript if the value expired from previous sessions (they will be on next page) // easiest solution is to force the browser to reload the current page // we only do this for GET requests $request = $this->getContext()->getRequest(); if ($request->getMethod() == sfRequest::GET) { // symfony 1.0 getUriPrefix is not working well with https on haproxy // it then tries to redirect to https://site.org:80, which is wrong $proto = $request->isSecure() ? 'https' : 'http'; $request_uri = $proto . '://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; $this->getContext()->getController()->redirect($request_uri); exit; } } else { // delete cookie value in client so that no more requests are made to the db sfContext::getInstance()->getResponse()->setCookie($cookie_name, ''); // log this c2cTools::log('{rememberFilter} user has unknown remember key!'); c2cActions::statsdIncrement('bad_remember_cookie', 'symfony.' . sfConfig::get('sf_environment') . '.users.'); } } $filterChain->execute(); }
public function signOut() { $context = sfContext::getInstance(); // remove cookies if exist $remember_cookie = sfConfig::get('app_remember_key_cookie_name', 'c2corg_remember'); $context->getResponse()->setCookie($remember_cookie, ''); $context->getResponse()->setCookie('temp_remember', ''); // remove remember key from db $remember_key = $context->getRequest()->getCookie($remember_cookie); if ($remember_key) { RememberKey::deleteKey($remember_key); } // delete attributes in session == remove credentials $this->getAttributeHolder()->clear(); // quit punbb session Punbb::signOut(); // remove logged $this->setAuthenticated(false); }
/** * Executes Edit action for user private data. */ public function executeEditPrivateData() { $user_id = $this->getUser()->getId(); // logged user id if (!($user_private_data = UserPrivateData::find($user_id))) { $this->setNotFoundAndRedirect(); } if ($this->getRequest()->getMethod() == sfRequest::POST) { // user private data update $email = trim($this->getRequestParameter('email')); $password = trim($this->getRequestParameter('password')); $nickname = trim($this->getRequestParameter('edit_nickname')); $nickname = preg_replace('#\\s+#', ' ', $nickname); $toponame = trim($this->getRequestParameter('edit_topo_name')); $toponame = preg_replace('#\\s+#', ' ', $toponame); $is_profile_public = $this->getRequestParameter('is_profile_public'); $conn = sfDoctrine::Connection(); try { if (!empty($password)) { $user_private_data->setPassword($password); // since the password has been changed, we remove all the remember me keys // attached to this user. RememberKey::deleteUserKeys($user_id); } if (!is_null($email)) { $old_email = $user_private_data->getEmail(); if ($old_email != $email) { Sympa::updateEmail($old_email, $email); $user_private_data->setEmail($email); } } if ($nickname != $user_private_data->getUsername()) { $user_private_data->setUsername($nickname); } if ($toponame != $user_private_data->getTopoName()) { $user_private_data->setTopoName($toponame); } $user_private_data->setIsProfilePublic(!empty($is_profile_public)); $user_private_data->save(); $conn->commit(); $this->statsdIncrement('success'); // update cache $this->clearCache('users', $user_id, false, 'view'); } catch (Exception $e) { $conn->rollback(); $this->statsdIncrement('failure'); } // update user session $this->getUser()->setAttribute('username', $user_private_data->get('topo_name')); // little js update if ($this->isAjaxCall()) { sfLoader::loadHelpers(array('Javascript', 'Tag')); // update the name to use (after the welcome) // and be sure to reset password value $js = javascript_tag("\$('#name_to_use').html('" . $user_private_data->get('topo_name') . "');\n \$('#current_password').val('')"); } else { $js = ""; } if (!empty($password)) { // user updated is password. We need to update the login to punbb Punbb::signIn($user_private_data->getId(), $user_private_data->password); } $lang = $this->getUser()->getCulture(); return $this->setNoticeAndRedirect('Your private information have been successfully updated', "@document_by_id_lang?module=users&id={$user_id}&lang={$lang}", null, $js); } else { // display form //$this->user = $user; $this->user_private_data = $user_private_data; $this->setPageTitle($this->__('User account update')); } }