forked from ionize/ionize
/
user.php
150 lines (118 loc) · 3.66 KB
/
user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class User extends Base_Controller {
function __construct()
{
parent::__construct();
/*
* to avoid the loop, we have to reset the restrict array in the constructor
* Access()->somevar = array();
* somevar is the same as the configuration option
*/
Connect()->folder_protection = array();
$this->load->library('form_validation');
// Set individual errors delimiters to nothing
$this->form_validation->set_error_delimiters('','');
}
// ------------------------------------------------------------------------
/**
* By default, the controller will send the user to the login screen
*
*/
function index()
{
$this->login();
}
// ------------------------------------------------------------------------
/**
* Logs one user
*
*/
function login()
{
if( ! empty($_POST))
{
if($this->_try_validate_login())
{
// Deleting vars not present in the "users" table (Access lib)
unset($_POST['submit']);
unset($_POST['check']);
// Syntax talks from itself, isn't it? :)
// The login method will check for a 'remember_me' value
// If found it will remember the user until he log out.
// Remember time is specified time in the access config file (default is 7 days)
try
{
Connect()->login($_POST);
}
catch(Exception $e)
{
// Put the validation_errors string message to the flash session
$this->session->set_flashdata('validation_errors', $e->getMessage());
// Put the CodeIgniter validation_errors string message to the flash session
$this->session->set_flashdata('field_data', $this->form_validation->_field_data);
}
}
else
{
// Put the validation_errors string message to the flash session
$this->session->set_flashdata('validation_errors', $this->form_validation->error_string());
// Put the CodeIgniter form field data array to the flash session
$this->session->set_flashdata('field_data', $this->form_validation->_field_data);
}
redirect($_SERVER['HTTP_REFERER']);
}
}
// ------------------------------------------------------------------------
/**
* Logout the user and redirect to referer URL
*
*/
function logout()
{
Connect()->logout(base_url().Settings::get_lang());
}
// ------------------------------------------------------------------------
/**
* Anti spam
* If the field "name" is empty (not filled by javascript), message that javascript is needed
* Ensure that most of the bots could not use the form
*
*/
function antispam($str)
{
if ($str != config_item('form_antispam_key'))
{
$this->form_validation->set_message('antispam', lang('contact_form_javascript_needed'));
return false;
}
else
{
return true;
}
}
// ------------------------------------------------------------------------
private function _try_validate_login()
{
$rules = array(
array(
'field' => 'check',
'label' => 'check',
'rules' => 'callback_antispam'
),
array(
'field' => 'username',
'label' => lang('form_label_username'),
'rules' => 'trim|required|xss_clean'
),
array(
'field' => 'password',
'label' => lang('form_label_password'),
'rules' => 'trim|required|xss_clean'
)
);
$this->form_validation->set_rules($rules);
return ($this->form_validation->run() === true);
}
}
/* End of file user.php */
/* Location: ./application/controllers/user.php */