public function grantAction() { if (!$this->admin_is_on) { die('ACCESS DENIED!'); } $request = $this->getRequest(); $user_data = $request->getPost(); //$authAdapter = $this->getAuthAdapter(); # get the username and password from the form $username = trim($user_data['username']); $password = '******'; if (!strlen($username)) { echo $this->view->lang->_('MISSING USERNAME'); die; } # pass to the adapter the submitted username and password $authAdapter = $this->getAuthAdapter(); $authAdapter->setIdentity($username)->setCredential($password); $auth = Zend_Auth::getInstance(); $result = $auth->authenticate($authAdapter); # is the user a valid one? if ($this->admin_is_on) { # all info about this user from the login table # ommit only the password, we don't need that $user = new Application_Model_DbTable_Users(); $userInfo = $user->getUserInfo($username); # the default storage is a session with namespace Zend_Auth $authStorage = $auth->getStorage(); $authStorage->write($userInfo); if ($userInfo->role == Application_Model_DbTable_Users::$EMPLOYER) { $jobs = $user->getEmpJobs($userInfo->user_id); // print_r ($jobs);die; $user_jobs = new Zend_Session_Namespace('jobs'); foreach ($jobs as $id) { $user_jobs->jobs[] = $id->job_id; } $this->_redirect('/empconsole/'); } if ($userInfo->role == Application_Model_DbTable_Users::$SEEKER) { $this->_redirect('/sekconsole/'); } if ($userInfo->role == Application_Model_DbTable_Users::$ADMIN) { $this->_redirect('/addmin/'); } die('Invalid user account!'); } else { echo Zend_Json::encode(array('status' => false, 'msg' => $this->view->lang->_('WRONG LOGIN'))); die; } }
/** * This action check the user login * */ public function checkAction() { $request = $this->getRequest(); $user_data = $request->getPost(); //$authAdapter = $this->getAuthAdapter(); # get the username and password from the form $username = trim($user_data['username']); $password = trim($user_data['password']); $remember_me = isset($user_data['rememberme']) && $user_data['rememberme']; if (!strlen($username)) { $this->msger->addMessage('<div class="alert alert-danger text-center" role="alert"><button type="button" class="close" data-dismiss="alert">×</button>' . $this->lang->_('MISSING_USERNAME') . '</div>'); $this->_redirect('/'); } if (!strlen($password)) { $this->msger->addMessage('<div class="alert alert-danger text-center" role="alert"><button type="button" class="close" data-dismiss="alert">×</button>' . $this->lang->_('MISSING_PASSWORD') . '</div>'); $this->_redirect('/'); } # pass to the adapter the submitted username and password // $authAdapter = $this->getAuthAdapter(); // $authAdapter->setIdentity($username) // ->setCredential($password); $auth = Zend_Auth::getInstance(); // $result = $auth->authenticate($authAdapter); $user_DB = new Application_Model_DbTable_Users(); $user_Info = $user_DB->getUserInfo($username); if (!$user_Info) { $this->msger->addMessage('<div class="alert alert-danger text-center" role="alert"><button type="button" class="close" data-dismiss="alert">×</button>' . $this->lang->_('NOT_VERIFIED') . '</div>'); $this->_redirect('/'); } $hashed_password = $user_DB->getPassword($username); if ($this->hashequals($hashed_password, crypt($user_data['password'], $hashed_password))) { // # is the user a valid one? // if($result->isValid()) // { // # all info about this user from the login table // # ommit only the password, we don't need that // $userInfo = $authAdapter->getResultRowObject(null, 'password'); # the default storage is a session with namespace Zend_Auth $authStorage = $auth->getStorage(); $authStorage->write($user_Info); // print_r ($userInfo);die; // Throw signin event // topxiteHooksRegistry::dispatchEvent('onSignIn', $userInfo); # remeber me // $seconds = 6048000; // 70 days // if ($remember_me) { // Zend_Session::RememberMe($seconds); //} // else { // Zend_Session::ForgetMe(); //} // topxiteHooksRegistry::dispatchEvent('lastLogin', $userInfo); //$user = new Application_Model_DbTable_Users(); //$user->setLastLogin($userInfo->user_id); #check if user is admin $role = (string) $user_DB->getRole($username); $_SESSION['Default']['role'] = $role; if ($role == 'admin') { $_SESSION['Default']['entry'] = true; $this->_redirect('/entry'); } else { $this->_redirect('/fields'); } } else { $this->msger->addMessage('<div class="alert alert-danger text-center" role="alert"><button type="button" class="close" data-dismiss="alert">×</button>' . $this->lang->_('WRONG_LOGIN') . '</div>'); $this->_redirect('/'); } }