public static function sendEmail($scenario, $userId = "", $messageId = "", $tempPassword = "", $cc = "", $bcc = "") { $model = EmailTemplateApi::getTemplateByScenario($scenario); if ($userId) { $user = UserApi::getUser($userId); } if ($user) { $data["verification_link"] = SecurityUtils::getVerificationLink($user["activation_code"]); $data["email_id"] = $user["email_id"]; $data["name"] = UserApi::getNameByUserId($userId); } if ($tempPassword) { $data["temp_password"] = $tempPassword; } if ($messageId) { $message = PmbApi::loadMessage($messageId); } if ($message) { $data["message_subject"] = $message->subject; $data["message_content"] = $message->content; $data["message_from"] = UserApi::getNameByUserId($message->from_user_id); } if ($model) { $htmlEmail = self::changeTemplate($data, $model->body_html); $plainEmail = self::changeTemplate($data, $model->body_plain); $emailData["from_email"] = $model->from_email; $emailData["from_name"] = $model->from_name; $emailData["subject"] = $model->subject; $emailData["body_html"] = $htmlEmail; $emailData["body_plain"] = $plainEmail; return EmailQueueApi::addToQueue($user["email_id"], $cc, $bcc, "", $emailData); } return false; }
/** * __construct * * @param mixed $securityManager The security manager * * @access public * @return void */ public function __construct($securityManager = null) { $this->_context = new DefaultSubjectContext(); if ($securityManager === null) { $this->_securityManager = SecurityUtils::getSecurityManager(); } }
protected function afterLogin($fromCookie) { if (!$fromCookie) { $user = UserCredentials::model()->findByPK(Yii::app()->user->id); $user->last_login_time = new CDbExpression('NOW()'); $user->last_login_ip = SecurityUtils::getRealIp(); $user->save(); } }
public static function createUser($data) { $profile = new UserProfiles(); $profile->dob = '1988-11-11'; $profile->attributes = $data; $profile->salt = SecurityUtils::generateSalt($profile->email_id); $profile->activation_code = SecurityUtils::generateRandomString(10); $profile->registered_ip = SecurityUtils::getRealIp(); return $profile->save(); }
function haloDump($var) { $config = HaloEnv::get('config'); if ($config['dump']) { echo '<pre>'; $res = var_export($var, true); var_dump(SecurityUtils::escape($res)); echo '</pre>'; // echo '<pre>'. $var. '</pre>'; } }
/** * @param string $pass * @param string $salt * @param string $encPass * @return boolean * * This method compares user entered value with the value stored in DB. It encrypts the user input before comparison */ public static function comparePasswords($pass = null, $salt = null, $encPass = null) { if (null == $pass || null == $salt || null == $encPass) { return false; } if (SecurityUtils::encryptPassword($pass, $salt) === $encPass) { //if($pass === $encPass){ return true; } return false; }
public function exists($attribute, $params) { if ($this->id) { $user = UserCredentials::model()->findByPk($this->id); if ($user) { $password = SecurityUtils::encryptPassword($this->currentPassword, $user->salt); $criteria = new CDbCriteria(); $criteria->condition = 'password=:password'; $criteria->params = array(':password' => $password); if (!UserCredentials::model()->find($criteria)) { $this->addError('currentPassword', 'Please enter your current password !'); } } else { $this->addError('currentPassword', 'Sorry, could not process your password modification request at this time !'); } } else { $this->addError('currentPassword', 'Sorry, could not process your password modification request at this time !'); } }
public function postAction() { $db = $this->_helper->database->getAdapter(); $token = $this->getRequest()->getParam("token"); self::$logger->info("Logout requested for token ({$token})."); $response = array('success' => false, 'message' => 'An unknown error occurred'); $token_username = SecurityUtils::getUsernameForToken($db, $token); if (!isset($token_username)) { $response['success'] = false; $response['message'] = "Token ({$token}) does not match a user"; //throw new SecurityException("Token ($token) does not match a user"); } else { //$db->update('user', array('token' => null), 'username = ?'); $db->update('user', array('token' => null), $db->quoteInto('username = ?', $token_username)); $response['success'] = true; $response['message'] = "Logged out successfully."; setcookie('token', '', 0, '/'); } //sleep(2); // simulate network lag echo Zend_Json::encode($response); }
public function authenticate() { $user = UserCredentials::model()->findByAttributes(array('email_id' => $this->username)); if ($user === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if ($user->status != 'ACTIVE') { $this->errorCode = self::ERROR_USERNAME_INACTIVE; } else { if (!SecurityUtils::comparePasswords($this->password, $user->salt, $user->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_username = $user->email_id; $this->setState('id', $user->id); $this->setState('emailId', $user->email_id); $this->setState('last_login_time', $user->last_login_time); $this->errorCode = self::ERROR_NONE; } } } return !$this->errorCode; }
public function indexAction() { $db = $this->_helper->database->getAdapter(); //@TODO: handle the query with $this->_getParam(...) $action = $this->getRequest()->getParam("action"); self::$logger->info("security handling action ({$action})"); $response = array('success' => false); // fail by default // if ($action == 'validateToken') { // @TODO db lookup to validate token $token = $this->getRequest()->getParam("token"); $token_username = SecurityUtils::getUsernameForToken($db, $token); if (isset($token_username)) { $response = array('success' => true, 'username' => $token_username); } else { $response = array('success' => false, 'message' => 'Could not validate token'); setcookie('token', '', 0, '/'); } // } else { // self::$logger->emerg("Unknown action ($action)!"); // } echo Zend_Json::encode($response); }
public function registerMemeber($email, $name, $pwd) { $memberObj = new Member(); $memberObj->email = SecurityUtils::securityDBParam($email); $memberObj->name = SecurityUtils::securityDBParam($name); $memberObj->pwd = SecurityUtils::md5Password(SecurityUtils::securityDBParam($pwd)); if (empty($memberObj->email) || empty($memberObj->pwd)) { throw new MyException("registerMemeber : email or pwd is empty: email={$email} pwd={$pwd}"); } $this->saveMemberToDB($memberObj, true); }
public function postAction() { $this->_helper->viewRenderer->setNoRender(true); $db = $this->_helper->database->getAdapter(); // retrieve the guts of the bucket $name = $this->getRequest()->getParam("name"); $description = $this->getRequest()->getParam("description"); $dojo_version = $this->getRequest()->getParam("dojo_version"); $dj_config = $this->getRequest()->getParam("dj_config"); $html = $this->getRequest()->getParam("html"); $javascript = $this->getRequest()->getParam("javascript"); $css = $this->getRequest()->getParam("css"); $layers = $this->getRequest()->getParam("layers"); // prepare the guts of the bucket, used in each kind of insert/update later $bucket_contents = array('dojo_version' => $dojo_version, 'content_html' => $html, 'content_css' => $css, 'content_js' => $javascript, 'dj_config' => $dj_config, 'layers' => $layers); $response = array(); try { // We may not have been passed any identifying info $token = $this->getRequest()->getParam("token"); $namespace = $this->getRequest()->getParam("namespace"); $id = $this->getRequest()->getParam("id"); $version = $this->getRequest()->getParam("version"); self::$logger->info("postAction namespace ({$namespace}) id ({$id}) version ({$version})"); if (isset($_REQUEST['save'])) { // sanitize $namespace - may be empty for new buckets if (!isset($namespace) || $namespace == '' || $_REQUEST['save'] === 'fork') { self::$logger->debug("namespace not set or forking. Check token ({$token})"); if (isset($token) && $token != '') { $token_namespace = BucketUtils::getNamespaceForToken($db, $token); if ($token_namespace) { $namespace = $token_namespace; } } else { self::$logger->info("namespace not provided, default to 'public'"); $namespace = 'public'; } } SecurityUtils::verifyToken($db, $token, $namespace); if (!isset($id) || $id == '' || $_REQUEST['save'] === 'fork') { self::$logger->info("id not provided or forking, generating new random id"); $id = BucketUtils::generateId($db, $namespace); } if (!isset($version) || $_REQUEST['save'] === 'fork') { self::$logger->info("version not provided or forking, default to 0"); $version = 0; } if ($_REQUEST['save'] == 'new_version') { $version++; } // The bucket may not yet exist self::$logger->info("Running bucket count for namespace ({$namespace}) id ({$id})..."); $select = $db->select()->from('bucket', "COUNT(*) as cc")->where('namespace = ?', $namespace)->where('id = ?', $id); if ($db->fetchRow($select)->cc == 0) { // sandbox does not yet exist, create it self::$logger->info('bucket does not yet exist'); // Create the bucket $db->insert('bucket', array('namespace' => $namespace, 'id' => $id, 'name' => $name, 'description' => $description, 'latest_version' => $version)); } self::$logger->info("Running bucket_version count for namespace ({$namespace}) id ({$id}) version ({$version})..."); $select = $db->select()->from('bucket_version', "COUNT(*) as cc")->where('bucket_namespace = ?', $namespace)->where('bucket_id = ?', $id)->where('version = ?', $version); if ($db->fetchRow($select)->cc == 0) { // Create the initial version self::$logger->info("insert bucket_version"); $db->insert('bucket_version', array_merge(array('bucket_namespace' => $namespace, 'bucket_id' => $id, 'version' => $version), $bucket_contents)); } else { self::$logger->info("update bucket_version ({$version})"); $db->update('bucket_version', $bucket_contents, array('bucket_namespace = ?' => $namespace, 'bucket_id = ?' => $id, 'version = ?' => $version)); } // inform the caller of the new identity $response = array("success" => true, "namespace" => $namespace, "id" => $id, "version" => $version); } else { if (isset($_REQUEST['save'])) { // save_as_new was false, so overwrite existing version. $db->update('bucket_version', array_merge(array('bucket_namespace' => $namespace, 'bucket_id' => $id, 'version' => $version), $bucket_contents)); $response = array("success" => true, "namespace" => $namespace, "id" => $id, "version" => $version); } } $session = new Zend_Session_Namespace("runIframe"); $session->name = $name; $session->content_html = $bucket_contents['content_html']; $session->content_js = $bucket_contents['content_js']; $session->content_css = $bucket_contents['content_css']; $session->dojo_version = $bucket_contents['dojo_version']; $session->dj_config = $bucket_contents['dj_config']; $session->layers = $bucket_contents['layers']; $session->session_id = rand(1, 1000000); $response['session_id'] = $session->session_id; } catch (SecurityException $e) { $response['success'] = false; $response['exception'] = 'SecurityException'; $response['message'] = $e->getMessage(); } echo Zend_Json::encode($response); }
public static function sendEmail($to, $scenario, $data = "", $cc = "", $bcc = "") { $model = EmailTemplateApi::getTemplateByScenario($scenario); $template = array(); if ($model) { $template["home_link"] = Yii::app()->createAbsoluteUrl('/'); $template["signin_link"] = Yii::app()->createAbsoluteUrl('/account'); $template["logo_link"] = Yii::app()->createAbsoluteUrl('/') . Yii::app()->theme->baseUrl . '/images/logo-newsletter.jpg'; if ($data) { if (is_array($data)) { foreach ($data as $key => $value) { if ($key == "user") { $user = UserApi::getUser($value); if ($user) { $template["verification_link"] = SecurityUtils::getVerificationLink($user["activation_code"], $user["email_id"]); $template["email_id"] = $user["email_id"]; $template["name"] = UserApi::getNameByUserId($value); } continue; } else { if ($key == "temp_password") { $template["temp_password"] = $value; continue; } else { if ($key == "message") { $message = PmbApi::loadMessage($value); if ($message) { $template["message_subject"] = $message->subject; $template["message_content"] = $message->content; $template["message_body"] = $message->content; $template["message_from"] = UserApi::getNameByUserId($message->from_user_id); } continue; } else { if ($key == "feedback") { $user = UserApi::getUserById($value); $feedback = FeedbackApi::getLatestFeedback($toId, $entityId, $type); if ($user) { $template["first_name"] = $user->first_name; $template["feedback"] = $feedback->feedback; $template["specialist_rating"] = SpecialistRatingApi::getRating($specialist->user_id); } continue; } } } } } } } $htmlEmail = self::changeTemplate($template, $model->body_html); $plainEmail = self::changeTemplate($template, $model->body_plain); $emailData["from_email"] = $model->from_email; $emailData["from_name"] = $model->from_name; $emailData["subject"] = self::changeTemplate($template, $model->subject); $emailData["body_html"] = $htmlEmail; $emailData["body_plain"] = $plainEmail; return EmailQueueApi::addToQueue($to, $cc, $bcc, "", $emailData); } return false; }
public function postAction() { $db = $this->_helper->database->getAdapter(); $username = $this->getRequest()->getParam("username"); $password = $this->getRequest()->getParam("password"); // $loginButton = $this->getRequest()->getParam("loginButton"); // $registerButton = $this->getRequest()->getParam("registerButton"); $register = $this->getRequest()->getParam("register") == 'on'; // self::$logger->debug("loginButton $loginButton registerButton $registerButton"); self::$logger->debug("register? ({$register})"); $token = null; /* We set up token either by logging in, or registering a new account. */ $response = array('success' => false, 'message' => 'An unknown error occurred'); if (!$register) { self::$logger->debug("validate username (" . $username . ") password (" . $password . ")"); // $select_rs = $db->select() // ->from('user', 'id') // ->where('username = ?', $username)->fetchAll(); $sql = $db->quoteInto('select id, password from user where username = ?', $username); $select_rs = $db->fetchAll($sql); self::$logger->debug("found " . count($select_rs) . " rows for username ({$username})"); if (count($select_rs) == 0) { $response['success'] = false; $response['message'] = "Unknown user account '{$username}'."; } else { if (count($select_rs) > 1) { $response['success'] = false; $response['message'] = "Duplicate user account '{$username}'."; } else { $user_id = $select_rs[0]->id; self::$logger->debug("Found user id {$user_id} for username {$username}"); // check password against what's in DB //self::$logger->debug("first row: " . json_encode($select_rs[0])); if ($this->validate_password($password, $select_rs[0]->password)) { $response['success'] = true; $response['username'] = $username; $response['message'] = "You have logged on successfully."; } else { $response['success'] = false; $response['message'] = "Username or Password was not valid."; } } } } else { self::$logger->debug("CREATE NEW ACCOUNT username {$username} password {$password}"); $select = $db->select()->from('user', "COUNT(*) as cc")->where('username = ?', $username); if ($db->fetchRow($select)->cc == 0) { self::$logger->debug("Username doesn't already exist, OK to create account."); $first_name = $this->getRequest()->getParam("first_name"); $last_name = $this->getRequest()->getParam("last_name"); $email = $this->getRequest()->getParam("email"); if (!$first_name || strlen($first_name) == 0 || !$last_name || strlen($last_name) == 0 || !$email || strlen($email) == 0) { $response['message'] = "A required field was missing"; } else { self::$logger->debug("Inserting new user into database, password {$password} encrypts to (" . $this->encrypt_password($password) . ")..."); $db->insert('user', array('username' => $username, 'password' => $this->encrypt_password($password), 'role' => 'user', 'first_name' => $first_name, 'last_name' => $last_name, 'email' => $email)); $user_id = $db->lastInsertId(); self::$logger->debug("Returning success."); $response['success'] = true; $response['username'] = $username; $response['message'] = "Your user account was created successfully."; } } else { $response['success'] = false; $response['message'] = "The username already exists."; } } if ($response['success'] == true) { $token = SecurityUtils::generateToken(); self::$logger->debug("Updating username ({$username}) with token ({$token})..."); $db->update('user', array('token' => $token), "id = {$user_id}"); // 2 weeks = 60*60*24*7 = 604800 setcookie('token', $token, time() + 604800, '/'); // TODO pass 'secure' when we support https // $cookie = new Zend_Http_Cookie('token', // $token, // $_SERVER['SERVER_NAME'], // time() + 604800, // '/; secure'); // // $client->setCookie($cookie); $response['token'] = $token; } //sleep(2); // simulate network lag echo Zend_Json::encode($response); }
/** * getSession * * @param mixed $create The params to create. * * @access public * @return void */ public function getSession($create = true) { global $logger; if ($this->_session == null && $create == true) { $this->_session = SecurityUtils::getSecurityManager()->startSession(); } return $this->_session; }
public function actionForgotPassword() { if (!Yii::app()->user->isGuest) { $this->redirect('/home'); } $model = new ForgotPasswordForm(); if (isset($_POST) && isset($_POST['ForgotPasswordForm'])) { $model->attributes = $_POST['ForgotPasswordForm']; if ($model->validate()) { // Generate Password here and redirect $tempPass = SecurityUtils::generateRandomString(8); $user = UserCredentials::model()->find('email_id=:email', array(':email' => $model->email)); if ($user) { $user->salt = SecurityUtils::generateSalt($user->email_id); $user->password = SecurityUtils::encryptPassword($tempPass, $user->salt); if ($user->save()) { $data['temp_password'] = $tempPass; $data['user'] = $user->id; EmailApi::sendEmail($model->email, "ACCOUNT.RESET.PASSWORD", $data); Yii::app()->user->setFlash('success', "We have sent you a new password to your email.\n\t\t\t\t\t\t<br/> Please add " . Yii::app()->params['adminEmail'] . " to your whitelist."); $this->redirect('/home'); } } } } $this->render('forgotPassword', array('model' => $model)); }
public static function createUser($credential, $profile, $role = "Member") { $password = $credential->password; $credential->salt = SecurityUtils::generateSalt($credential->email_id); $credential->activation_code = SecurityUtils::generateRandomString(10); $credential->registered_ip = SecurityUtils::getRealIp(); $credential->password = SecurityUtils::encryptPassword($credential->password, $credential->salt); $credential->password_confirm = $credential->password; if ($credential->save()) { $profile->user_id = $credential->id; if ($profile->save()) { $assignment = new Assignments(); $assignment->itemname = $role; $assignment->userid = $credential->id; $assignment->data = 's:0:"";'; $assignment->save(); return array('credential' => $credential, 'profile' => $profile); } else { $credential->delete(); $credential->setIsNewRecord(true); return false; } } else { $credential->password = $password; $credential->password_confirm = $password; return false; } }
public function resolveSecurityManager() { global $logger; $securityManager = $this->getSecurityManager(); if ($securityManager == null) { $logger->debug("No SecurityManager available in subject context map. " + "Falling back to SecurityUtils.getSecurityManager() lookup."); try { $securityManager = SecurityUtils::getSecurityManager(); } catch (\Exception $e) { $logger->debug("No SecurityManager available via SecurityUtils. Heuristics exhausted."); } } return $securityManager; }