/** * DEPRECATED This should only be called once, to load into $app['currentUser']. So $USER_CURRENT & $USER_CURRENT_LOADED shouldn't be needed. * At some point in future, remove this function and put the logic into code that just writes to $app['currentUser'] only. * * @return UserAccountModel|null */ function userGetCurrent() { global $USER_CURRENT, $USER_CURRENT_LOADED, $WEBSESSION; if (!$USER_CURRENT_LOADED) { if ($WEBSESSION->has('userID') && $WEBSESSION->get('userID') > 0) { $uar = new UserAccountRepository(); $USER_CURRENT = $uar->loadByID($WEBSESSION->get('userID')); if ($USER_CURRENT && $USER_CURRENT->getIsClosedBySysAdmin()) { $USER_CURRENT = null; } } else { if (isset($_COOKIE['userID']) && isset($_COOKIE['userKey'])) { $uarmr = new UserAccountRememberMeRepository(); $uarm = $uarmr->loadByUserAccountIDAndAccessKey($_COOKIE['userID'], $_COOKIE['userKey']); if ($uarm) { $uar = new UserAccountRepository(); $USER_CURRENT = $uar->loadByID($uarm->getUserAccountId()); if ($USER_CURRENT && $USER_CURRENT->getIsClosedBySysAdmin()) { $USER_CURRENT = null; } if ($USER_CURRENT) { userLogIn($USER_CURRENT); } } } } $USER_CURRENT_LOADED = true; } return $USER_CURRENT; }
function login(Request $request, Application $app) { $form = $app['form.factory']->create(new LogInUserForm()); $this->processThingsToDoAfterGetUser($request, $app); if ('POST' == $request->getMethod()) { $form->bind($request); if ($form->isValid()) { $data = $form->getData(); $userRepository = new UserAccountRepository(); $user = null; // We are deliberately very forgiving about people putting the wrong thing in the wrong field. if ($data['email']) { $user = $userRepository->loadByUserNameOrEmail($data['email']); } if (!$user && $data['username']) { $user = $userRepository->loadByUserNameOrEmail($data['username']); } if ($user) { if ($user->checkPassword($data['password'])) { if ($user->getIsClosedBySysAdmin()) { $form->addError(new FormError('There was a problem with this account and it has been closed: ' . $user->getClosedBySysAdminReason())); $app['monolog']->addError("Login attempt - account " . $user->getId() . ' - closed.'); } else { userLogIn($user); $this->actionThingsToDoAfterGetUser($app, $user); if ($data['rememberme']) { $uarmr = new UserAccountRememberMeRepository(); $uarm = $uarmr->create($user); $uarm->sendCookies(); } return $app->redirect("/"); } } else { $app['monolog']->addError("Login attempt - account " . $user->getId() . ' - password wrong.'); $form->addError(new FormError('User and password not recognised')); } } else { $app['monolog']->addError("Login attempt - unknown account"); $form->addError(new FormError('User and password not recognised')); } } } $this->parameters['form'] = $form->createView(); return $app['twig']->render('index/user/login.html.twig', $this->parameters); }