protected static function actionLogin()
{
if (empty($_POST)) {
self::redirect(App::getLink('Auth'));
}
$errors = array();
if (empty($_POST['email'])) {
$errors['email'] = App::t('Введите email');
} else {
if (!preg_match('/^[-A-Za-z0-9_\\.]+@[-A-Za-z0-9_\\.]+\\.[a-z0-9]{2,4}$/', $_POST['email'])) {
$errors['email'] = App::t('Некорректный email');
}
}
if (empty($_POST['password'])) {
$errors['password'] = App::t('Введите пароль');
}
if (empty($errors)) {
$user = UserModel::getByEmail($_POST['email']);
if (!$user) {
$errors['email'] = App::t('Пользователь не найден');
}
if ($user->password == md5($_POST['password'])) {
App::currentUser($user);
self::redirect('/');
} else {
$errors['password'] = App::t('Неверный пароль');
}
}
}
static function getByEmail($email)
{
if (!$email) {
return false;
}
$model = new UserModel();
$result = $model->getByEmail($email);
if (!$result) {
return false;
}
return $result[0];
}
public function authenticate()
{
if (!$this->Request->isPostBack()) {
throw forbiddenException($this->Request->requestMethod());
}
$Args = array_change_key_case($this->Form->formValues());
$UserModel = new UserModel();
// Look up the user.
$User = null;
if ($Email = val('email', $Args)) {
$User = $UserModel->getByEmail($Email);
} elseif ($Name = val('name', $Args)) {
$User = $UserModel->getByUsername($Name);
} else {
throw new Gdn_UserException("One of the following parameters required: Email, Name.", 400);
}
if (!$User) {
throw notFoundException('User');
}
// Check the password.
$PasswordHash = new Gdn_PasswordHash();
$Password = val('password', $Args);
try {
$PasswordChecked = $PasswordHash->CheckPassword($Password, val('Password', $User), val('HashMethod', $User));
// Rate limiting
Gdn::userModel()->RateLimit($User, $PasswordChecked);
if ($PasswordChecked) {
$this->setData('User', arrayTranslate((array) $User, array('UserID', 'Name', 'Email', 'PhotoUrl')));
if (val('session', $Args)) {
Gdn::session()->start($this->data('User.UserID'));
$this->setData('Cookie', array(c('Garden.Cookie.Name') => $_COOKIE[C('Garden.Cookie.Name')]));
}
} else {
throw new Exception(t('Invalid password.'), 401);
// Can't be a user exception.
}
} catch (Gdn_UserException $Ex) {
$this->Form->addError($Ex);
}
$this->render();
}
error_log('No responses ' . json_encode($all_responses));
continue;
}
$parsed_responses = json_decode(base64_decode($all_responses));
// acquire values
foreach ($parsed_responses->responses as $key => $resp) {
foreach ($resp as $key => $val) {
$curr_response_data = $resp->{$key};
$curr_token = $curr_response_data->token;
// token
$token = LimesurveyModel::getTokenByID($limesurvey_id, $curr_token);
if (!$token) {
continue;
}
$email = $token->email;
$user = UserModel::getByEmail($email);
// user got deleted
if (!$user) {
continue;
}
$user_type = UserModel::userType($user->ID);
$curr_role = $user->roles[0];
if (!array_key_exists($curr_role, $survey_questions)) {
continue;
}
$curr_role_questions = $survey_questions[$curr_role];
foreach ($curr_role_questions as $crqkey => $crquestion) {
$role_questions_counter['data'][$curr_role]['cumulative_question_scores'][$crquestion['q']['title']] += (double) $curr_response_data->{$crquestion}['q']['title'];
if ('company' === $user_type) {
$role_questions_counter['company_data'][$curr_role]['cumulative_question_scores'][$crquestion['q']['title']] += (double) $curr_response_data->{$crquestion}['q']['title'];
}
/**
* 绑定邮箱,发送邮箱验证信息
* PUT /user/1/email {email:"*****@*****.**"}
* @method GET_infoAction
* @param integer $id [description]
* @author NewFuture
*/
public function POST_emailAction($id = 0)
{
$id = $this->auth($id);
$response['status'] = 0;
if (!Input::post('email', $email, 'email')) {
$response['info'] = '无效邮箱';
} elseif (UserModel::getByEmail($email)) {
$response['info'] = '已经绑定过用户';
} elseif (!Safe::checkTry('bind_email_' . $id)) {
$response['info'] = '发送次数过多,12小时之后重试';
} else {
/*生成验证码*/
$name = UserModel::where('id', $id)->get('name');
$code = ['use_id' => $id, 'type' => 1];
$Code = new Model('code');
$Code->delete($code);
$code['code'] = $id . '_' . Random::word(16);
$code['content'] = $email;
/*发送邮件*/
if ($Code->insert($code) && Mail::sendVerify($email, $code['code'], $name)) {
$response['status'] = 1;
$response['info'] = '验证邮件成功发送至:' . $email;
} else {
$response['info'] = '邮件发送出错[最多还可重发' . Config::get('try.times') . '次]';
}
}
$this->response = $response;
}
/**
* Get a user ID using either a username or an email
*
* Note: If both a username and an email are specified, only the username
* will be used. This is to prevent abusing of the function by passing two
* parameters at a time and hoping to get a User ID.
*
* Based on initial work by Diego Zanella
* @link http://careers.stackoverflow.com/diegozanella
*
* @since 0.1.0
* @access public
* @param bool|string $username Username of the user whose ID we wish to get
* @param bool|string $email Email of the user whose ID we wish to get
* @return bool|int User ID if a username or an email has been
* specified, otherwise false
* @static
*/
public static function getUserID($username, $email)
{
$userModel = new UserModel();
// Look up the user ID using a username if one has been specified
if ($username) {
return $userModel->getByUsername($username)->UserID;
}
// Look up the user ID using an email if one has been specified
if ($email) {
return $userModel->getByEmail($email)->UserID;
}
return false;
}
