function checkloginAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender(TRUE);
$session = SessionWrapper::getInstance();
$formvalues = $this->_getAllParams();
// debugMessage($formvalues);
# check that an email has been provided
if (isEmptyString(trim($this->_getParam("email")))) {
$session->setVar(ERROR_MESSAGE, $this->_translate->translate("profile_email_error"));
$session->setVar(FORM_VALUES, $this->_getAllParams());
// return to the home page
$this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
}
if (isEmptyString(trim($this->_getParam("password")))) {
$session->setVar(ERROR_MESSAGE, $this->_translate->translate("profile_password_error"));
$session->setVar(FORM_VALUES, $this->_getAllParams());
// return to the home page
$this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
}
# check which field user is using to login. default is username
$credcolumn = "username";
$login = (string) trim($this->_getParam("email"));
// $password = encode(sha1(trim($this->_getParam("password"))));
# check if credcolumn is emai
$validator = new Zend_Validate_EmailAddress();
if ($validator->isValid($login)) {
$usertable = new UserAccount();
if ($usertable->findByEmail($login)) {
$credcolumn = 'email';
}
}
if (stringContains('!@#', $login)) {
$credcolumn = 'trx';
$loginarray = explode('.', $login);
// debugMessage($loginarray);
$id = $loginarray[0];
}
// debugMessage($credcolumn); exit;
$browser = new Browser();
$audit_values = $browser_session = array("browserdetails" => $browser->getBrowserDetailsForAudit(), "browser" => $browser->getBrowser(), "version" => $browser->getVersion(), "useragent" => $browser->getUserAgent(), "os" => $browser->getPlatform(), "ismobile" => $browser->isMobile() ? '1' : 0, "ipaddress" => $browser->getIPAddress());
// debugMessage($audit_values);
if ($credcolumn == 'email' || $credcolumn == 'username') {
$authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Registry::get("dbAdapter"));
// define the table, fields and additional rules to use for authentication
$authAdapter->setTableName('useraccount');
$authAdapter->setIdentityColumn($credcolumn);
$authAdapter->setCredentialColumn('password');
$authAdapter->setCredentialTreatment("sha1(?) AND status = '1' ");
// set the credentials from the login form
$authAdapter->setIdentity($login);
$authAdapter->setCredential($this->_getParam("password"));
// new class to audit the type of Browser and OS that the visitor is using
if (!$authAdapter->authenticate()->isValid()) {
// debugMessage('invalid'); exit;
// add failed login to audit trail
$audit_values['module'] = 1;
$audit_values['usecase'] = '1.1';
$audit_values['transactiontype'] = USER_LOGIN;
$audit_values['status'] = "N";
$audit_values['transactiondetails'] = "Login for user with id '" . $this->_getParam("email") . "' failed. Invalid username or password";
// exit();
$this->notify(new sfEvent($this, USER_LOGIN, $audit_values));
// return to the home page
if (!isArrayKeyAnEmptyString(URL_FAILURE, $formvalues)) {
$session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
$this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
} else {
$session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
$this->_helper->redirector->gotoSimple('login', "user");
}
return false;
}
// user is logged in sucessfully so add information to the session
$user = $authAdapter->getResultRowObject();
$useraccount = new UserAccount();
$useraccount->populate($user->id);
}
// exit;
# trx login
if ($credcolumn == 'trx') {
$useraccount = new UserAccount();
$useraccount->populate($id);
// debugMessage($result); exit();
if (isEmptyString($useraccount->getID())) {
// return to the home page
if (!isArrayKeyAnEmptyString(URL_FAILURE, $formvalues)) {
$session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
$this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
} else {
$session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
$this->_helper->redirector->gotoSimple('login', "user");
}
return false;
}
}
// debugMessage($useraccount->toArray()); exit();
$session->setVar("userid", $useraccount->getID());
$session->setVar("username", $useraccount->getUserName());
$session->setVar("type", $useraccount->getType());
$session->setVar("companyid", $useraccount->getCompanyID());
$session->setVar("istimesheetuser", $useraccount->getIsTimesheetUser());
$session->setVar("browseraudit", $browser_session);
$session->setVar("user", json_encode($useraccount->toArray()));
$session->setVar("company", json_encode($useraccount->getCompany()->toArray()));
// clear user specific cache, before it is used again
$this->clearUserCache();
// Add successful login event to the audit trail
$audit_values['module'] = 1;
$audit_values['usecase'] = '1.1';
$audit_values['transactiontype'] = USER_LOGIN;
$audit_values['status'] = "Y";
$audit_values['userid'] = $useraccount->getID();
$audit_values['transactiondetails'] = "Login for user with id '" . $this->_getParam("email") . "' successful";
// $this->notify(new sfEvent($this, USER_LOGIN, $audit_values));
if (isEmptyString($this->_getParam("redirecturl"))) {
# forward to the dashboard
$this->_helper->redirector->gotoSimple("index", "dashboard");
} else {
# redirect to the page the user was coming from
if (!isEmptyString($this->_getParam(SUCCESS_MESSAGE))) {
$successmessage = decode($this->_getParam(SUCCESS_MESSAGE));
$session->setVar(SUCCESS_MESSAGE, $successmessage);
}
$this->_helper->redirector->gotoUrl(decode($this->_getParam("redirecturl")));
}
}
function beforeUpdate()
{
$session = SessionWrapper::getInstance();
# set object data to class variable before update
$user = new UserAccount();
$user->populate($this->getID());
$this->setPreUpdateData($user->toArray());
// exit;
return true;
}
function resetpasswordAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender(TRUE);
$session = SessionWrapper::getInstance();
$this->_translate = Zend_Registry::get("translate");
$id = decode($this->_getParam('id'));
// debugMessage($id);
$user = new UserAccount();
$user->populate($id);
debugMessage($user->toArray());
// $formvalues = array('email'=>$user->getEmail());
$user->setEmail($user->getEmail());
// debugMessage('error '.$user->getErrorStackAsString()); exit();
if ($user->recoverPassword()) {
$session->setVar(SUCCESS_MESSAGE, sprintf($this->_translate->translate('profile_change_password_admin_confirmation'), $user->getName()));
// send a link to enable the user to recover their password
// debugMessage('no error found ');
$view = new Zend_View();
$url = $this->view->serverUrl($this->view->baseUrl('profile/view/id/' . encode($user->getID())));
$usecase = '1.9';
$module = '1';
$type = USER_RESET_PASSWORD;
$details = "Reset password request. Reset link sent to <a href='" . $url . "' class='blockanchor'>" . $user->getName() . "</a>";
$browser = new Browser();
$audit_values = $session->getVar('browseraudit');
$audit_values['module'] = $module;
$audit_values['usecase'] = $usecase;
$audit_values['transactiontype'] = $type;
$audit_values['userid'] = $session->getVar('userid');
$audit_values['url'] = $url;
$audit_values['transactiondetails'] = $details;
$audit_values['status'] = "Y";
// debugMessage($audit_values);
$this->notify(new sfEvent($this, $type, $audit_values));
} else {
$session->setVar(ERROR_MESSAGE, $user->getErrorStackAsString());
$session->setVar(FORM_VALUES, $this->_getAllParams());
// debugMessage('no error found ');
}
// exit();
$this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_SUCCESS)));
}
