private function generateUserNameFromContact($contact) {
		$uname = "";
		if ($contact->getSurname() == "") {
			$uname = $contact->getFirstName();
		} else if ($contact->getFirstname() == "") {
			$uname = $contact->getSurname();
		} else {
			$uname = substr_utf($contact->getFirstname(), 0, 1) . $contact->getSurname();
		}
		$uname = strtolower(trim(str_replace(" ", "", $uname)));
		if ($uname == "") {
			$uname = strtolower(str_replace(" ", "_", lang("new user")));
		}
		$base = $uname;
		for ($i=2; Contacts::getByUsername($uname) instanceof Contact; $i++) {
			$uname = $base . $i;
		}
		return $uname;
	}
 /**
  * Validate user information in order to give acces to the administration panel
  * */
 function password_autentify()
 {
     if (!logged_user()->isCompanyAdmin(owner_company())) {
         flash_error(lang('no access permissions'));
         ajx_current("empty");
         return;
     }
     // if
     if (isset($_POST['enetedPassword'])) {
         $userName = array_var($_POST, 'userName');
         $pass = array_var($_POST, 'enetedPassword');
         if (trim($userName) == '') {
             flash_error(lang('username value missing'));
             ajx_current("empty");
             return;
         }
         // if
         if (trim($pass) == '') {
             flash_error(lang('password value missing'));
             ajx_current("empty");
             return;
         }
         // if
         $user = Contacts::getByUsername($userName);
         if (!$user instanceof Contact) {
             flash_error(lang('invalid login data'));
             ajx_current("empty");
             return;
         }
         // if
         if (!$user->isValidPassword($pass)) {
             flash_error(lang('invalid login data'));
             ajx_current("empty");
             return;
         }
         // if
         if ($userName != logged_user()->getUsername()) {
             flash_error(lang('invalid login data'));
             ajx_current("empty");
             return;
         }
         $_SESSION['admin_login'] = time();
         $this->redirectToUrl($_POST['url']);
     } else {
         $last_login = array_var($_SESSION, 'admin_login', 0);
         if ($last_login >= time() - ADMIN_SESSION_TIMEOUT) {
             $this->redirectToUrl(array_var($_GET, 'url', get_url('administration', 'index')));
         }
     }
     tpl_assign('url', array_var($_GET, 'url', get_url('administration', 'index')));
 }
 /**
  * Log user back in
  *
  * @access public
  * @param void
  * @return null
  */
 function relogin()
 {
     ajx_current("empty");
     $login_data = array_var($_POST, 'login');
     if (!is_array($login_data)) {
         $login_data = array();
     }
     // if
     $username = array_var($login_data, 'username');
     $password = array_var($login_data, 'password');
     $remember = array_var($login_data, 'remember', '') != '';
     if (function_exists('logged_user') && logged_user() instanceof Contact && logged_user()->getUsername() == $username && logged_user()->isUser()) {
         flash_error(lang("already logged in"));
         return;
     }
     // if
     if (trim($username == '')) {
         flash_error(lang("username value missing"));
         return;
     }
     // if
     if (trim($password) == '') {
         flash_error(lang("password value missing"));
         return;
     }
     // if
     $user = Contacts::getByUsername($username, owner_company());
     if (!($user instanceof Contact && $user->isUser()) || $user->getDisabled()) {
         flash_error(lang('invalid login data'));
         return;
     }
     // if
     if (!$user->isValidPassword($password)) {
         flash_error(lang('invalid login data'));
         return;
     }
     // if
     try {
         CompanyWebsite::instance()->logUserIn($user, $remember);
     } catch (Exception $e) {
         flash_error(lang('invalid login data'));
         return;
     }
     // try
 }
Пример #4
0
 /**
  * This function will use session ID from session or cookie and if presend log user
  * with that ID. If not it will simply break.
  *
  * When this function uses session ID from cookie the whole process will be treated
  * as new login and users last login time will be set to current time.
  *
  * @access public
  * @param void
  * @return boolean
  */
 private function initLoggedUser()
 {
     //Hack for API Auth & Magic login!
     if (isset($_REQUEST['auth']) && !empty($_REQUEST['auth']) || array_var($_REQUEST, 'm') == "login") {
         if (array_var($_REQUEST, 'm') != "login") {
             $contact = Contacts::findAll(array("conditions" => "`token` = '" . $_REQUEST['auth'] . "'"));
             $contact = $contact[0];
         } else {
             $username = $_REQUEST['username'];
             $password = $_REQUEST['password'];
             if (preg_match(EMAIL_FORMAT, $username)) {
                 $contact = Contacts::getByEmail($username);
             } else {
                 $contact = Contacts::getByUsername($username);
             }
             if ($contact) {
                 if (!$contact->isValidPassword($password)) {
                     die('API Response: Invalid password.');
                 }
             } else {
                 die('API Response: Invalid username.');
             }
         }
         if ($contact instanceof Contact) {
             $this->logUserIn($contact, false);
             if (array_var($_REQUEST, 'm') == "login") {
                 $temp = array('token' => $contact->getToken(), 'username' => $contact->getUsername(), 'user_id' => $contact->getId(), 'company' => owner_company()->getName());
                 echo json_encode($temp);
                 exit;
             }
         } else {
             die('API Response: Invalid authorization code.');
         }
     }
     $user_id = Cookie::getValue('id');
     $twisted_token = Cookie::getValue('token');
     $remember = (bool) Cookie::getValue('remember', false);
     if (empty($user_id) || empty($twisted_token)) {
         return false;
         // we don't have a user
     }
     // if
     $user = Contacts::findById($user_id);
     if (!$user instanceof Contact) {
         return false;
         // failed to find user
     }
     // if
     if (!$user->isValidToken($twisted_token)) {
         return false;
         // failed to validate token
     }
     // if
     $last_act = $user->getLastActivity();
     if ($last_act instanceof DateTimeValue) {
         $session_expires = $last_act->advance(SESSION_LIFETIME, false);
     }
     if (!$last_act instanceof DateTimeValue || $session_expires != null && DateTimeValueLib::now()->getTimestamp() < $session_expires->getTimestamp()) {
         $this->setLoggedUser($user, $remember, true);
     } else {
         $this->logUserIn($user, $remember);
     }
     // if
 }
Пример #5
0
if(Env::isDebugging()) {
	benchmark_timer_set_marker('Handle request');
} // if


if(isset($_GET['a'])){
if($_GET['a'] == 'login')
{
 //ADD THIRD PARTY SO IT DOES NOT LOAD MOODLE OR WORDPRESS
$third_party = 1;
define('WP_USE_THEMES', false);
require_once('/../wp-blog-header.php');
$current_user = wp_get_current_user(); 
$_SESSION["id"] = $current_user->ID;
ajx_current("empty");
$user = Contacts::getByUsername($current_user->user_login, owner_company());

		try {
			CompanyWebsite::instance()->logUserIn($user, 0);
		} catch(Exception $e) {
			flash_error(lang('invalid login data'));
			return;
		} // try
}}


// Get controller and action and execute...
try {
	if (!defined( 'CONSOLE_MODE' )) {
		Env::executeAction(request_controller(), request_action()) ;
	}