/**
* Check user flash id
* @param string $id
* @return string
*/
public static function checkId($id)
{
$vals = array(self::contentInfo, self::contentError, self::contentSuccess, self::sidebarInfo, self::sidebarError, self::sidebarSuccess, self::sidebar1Info, self::sidebar1Error, self::sidebar1Success, self::sidebar2Info, self::sidebar2Error, self::sidebar2Success, self::topInfo, self::topError, self::topSuccess);
if ($id === true || !in_array($id, $vals)) {
Yii::log(W3::t('system', 'Uncommon parameter in method call: {method}.', array('{method}' => __METHOD__ . '(' . var_export($id, true) . ')')), 'w3', 'info');
}
return $id;
}
/**
* Set site language.
* This is a simple wrapper to {@link MParams::setLanguage($value)}.
* @param string $value
*/
public static function setLanguage($value)
{
if ((is_string($value) || is_int($value)) && array_key_exists($value, MParams::getAvailableLanguages())) {
MParams::setLanguage($value);
} else {
Yii::log(W3::t('system', 'Incorrect parameter in method call: {method}.', array('{method}' => __METHOD__ . '(' . var_export($value, true) . ')')), 'notice', 'w3');
}
}
/**
* Displays the login page
*/
public function actionLogin()
{
$form = new LoginForm();
// collect user input data
if (isset($_POST['LoginForm'])) {
if (isset($_POST['LoginForm']['loginWithField'])) {
// if user is logging with email, but param changed to username,
// we should try to log him in with email.
// if login attempt is unsuccessful, he will have to try again with username
LoginForm::$loginWithField = $_POST['LoginForm']['loginWithField'];
unset($_POST['LoginForm']['loginWithField']);
}
$form->attributes = $_POST['LoginForm'];
// validate user input and redirect to return page if valid
if ($form->validate()) {
// set the welcome message
MUserFlash::setTopSuccess(Yii::t('hint', '{screenName}, you have been successfully logged in.', array('{screenName}' => MHtml::wrapInTag(Yii::app()->user->screenName, 'strong'))));
// user was just authenticated, but let's check anyway
if (!Yii::app()->user->isGuest) {
// update user stats
if (($userDetails = UserDetails::model()->findByPk(Yii::app()->user->id)) !== null) {
$userDetails->saveAttributes(array('lastLoginTime' => time(), 'lastVisitTime' => time(), 'totalTimeLoggedIn' => $userDetails->totalTimeLoggedIn + 60));
} else {
// hmmm, user details does not exists
Yii::log(W3::t('system', 'Member with ID {userId} has no UserDetails record associated. Method called: {method}.', array('{userId}' => Yii::app()->user->id, '{method}' => __METHOD__ . '()')), 'error', 'w3');
}
}
// go to previous/profile page
$url = Yii::app()->homeUrl == Yii::app()->user->returnUrl ? array('site/index') : Yii::app()->user->returnUrl;
$this->redirect($url);
}
}
if (!Yii::app()->user->isGuest) {
// warn user if already logged in
MUserFlash::setTopInfo(Yii::t('hint', '{screenName}, this action will log you out from your current account.', array('{screenName}' => MHtml::wrapInTag(Yii::app()->user->screenName, 'strong'))));
}
// display the login form
$this->render($this->action->id, array('form' => $form));
}
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
* @param array of parameters
* @param boolean whether throw exception if model is not found
*/
public function loadModel($params = array(), $throwException = null)
{
if ($this->_model === null) {
// processing parameters
if (ctype_digit($params)) {
$id = $params;
} else {
if (isset($params['id'])) {
$id = $params['id'];
} else {
$id = $this->loadModelId();
}
}
$with = isset($params['with']) && $params['with'] !== null ? $params['with'] : $this->loadModelWith();
if ($throwException === null) {
$throwException = $this->loadModelThrowException();
}
// load the model
if ($id !== null) {
// calculate model name. e.g. for 'UserController' model should be 'User'
$class = get_class($this);
$modelName = isset($this->modelName) ? $this->modelName : null;
if ($modelName === null) {
$modelName = substr($class, -10) === 'Controller' ? substr($class, 0, strlen($class) - 10) : $class;
}
if (file_exists(Yii::app()->basePath . '/models/' . $modelName . '.php')) {
// find model by primary key
$ar = call_user_func(array($modelName, 'model'));
if ($with === array()) {
$this->_model = $ar->findByPk($id);
} else {
$this->_model = $ar->with($with)->findByPk($id);
}
} else {
// error - model class file is missing
Yii::log(W3::t('system', 'Class {class} does not exist. Method called: {method}.', array('{class}' => $modelName, '{method}' => get_class($this) . '->' . __FUNCTION__ . '()')), 'warning', 'w3');
}
}
if ($this->_model === null && $throwException) {
// if model is not found - throw 404
throw new CHttpException(404, 'The requested page does not exist.');
}
}
return $this->_model;
}
/**
* Authenticates the password.
* This is the 'authenticate' validator as declared in rules().
*/
public function authenticate($attribute, $params)
{
if (!$this->hasErrors()) {
$identity = new _CUserIdentity($this->{self::getLoggingWithField()}, $this->password);
$identity->authenticate();
switch ($identity->errorCode) {
case _CUserIdentity::ERROR_NONE:
// if user is already logged in
if (!Yii::app()->user->isGuest) {
// log user out from the current account. i want to sleep well, do you? ;)
Yii::app()->user->logout();
if (!Yii::app()->getSession()->getIsStarted()) {
// restore http session. this is necessary for login
Yii::app()->getSession()->open();
}
}
// remember for 30 days. makes sence only if auto-login is allowed
$duration = Yii::app()->user->allowAutoLogin && $this->rememberMe ? 3600 * 24 * 30 : 0;
// log user in and save in session all appended data
Yii::app()->user->login($identity, $duration);
// set user preferences (for welcome message, and so on)
if (isset(Yii::app()->user->interface) && !empty(Yii::app()->user->interface)) {
// set user preferred interface
W3::setInterface(Yii::app()->user->interface);
}
if (isset(Yii::app()->user->language) && !empty(Yii::app()->user->language)) {
// set user preferred language
W3::setLanguage(Yii::app()->user->language);
}
break;
case _CUserIdentity::ERROR_USERNAME_INVALID:
if (self::getLoggingWithField() === 'username') {
$this->addError('username', Yii::t('t', 'Username is incorrect.'));
} else {
if (self::getLoggingWithField() === 'email') {
$this->addError('email', Yii::t('t', 'Email is incorrect.'));
} else {
if (self::getLoggingWithField() === 'usernameOrEmail') {
$this->addError('usernameOrEmail', Yii::t('t', 'Username or email is incorrect.'));
}
}
}
break;
case _CUserIdentity::ERROR_ACCOUNT_IS_INACTIVE:
// set the error message
MUserFlash::setTopError(Yii::t('hint', 'We are sorry, but your member account is marked as "inactive". Inactive member accounts are temporarely inaccessible. {contactLink}.', array('{contactLink}' => CHtml::link(Yii::t('link', 'Contact us'), array('site/contact')))));
// add to username (first field in the login form) error css class
// and make the validate() to fail
$attribute = self::getLoggingWithField();
$attribute !== 'username' && $attribute !== 'email' && $attribute !== 'usernameOrEmail' && ($attribute = 'username');
$this->addError($attribute, '');
break;
case _CUserIdentity::ERROR_IS_NOT_ADMINISTRATOR:
// set the error message
MUserFlash::setTopError(Yii::t('hint', 'We are sorry, but your access type is {accessType}. Required access type: {requiredAccessType}.', array('{accessType}' => Yii::app()->controller->var->userAccessType, '{requiredAccessType}' => Yii::t('t', User::ADMINISTRATOR_T))));
unset(Yii::app()->controller->var->userAccessType);
// we do not need this any more
// add to username (first field in the login form) error css class
// and make the validate() to fail
$attribute = self::getLoggingWithField();
$attribute !== 'username' && $attribute !== 'email' && $attribute !== 'usernameOrEmail' && ($attribute = 'username');
$this->addError($attribute, '');
break;
case _CUserIdentity::ERROR_PASSWORD_INVALID:
default:
$this->addError('password', Yii::t('t', 'Password is incorrect.'));
break;
}
}
}
/**
* Site language.
* @param string $value
*/
public static function setLanguage($value)
{
$availableLanguages = self::getAvailableLanguages();
if ($value === self::_default) {
$value = self::$coreDefaultData['language'];
} else {
if (!is_string($value) && !is_int($value) || !array_key_exists($value, $availableLanguages)) {
$append = W3::t('system', 'Available languages: {availableLanguages}.', array('{availableLanguages}' => var_export($availableLanguages, true)));
self::log(array('method' => __METHOD__, 'value' => $value, 'append' => $append));
$value = self::$coreDefaultData['language'];
// set the wrong value to default
}
}
self::$coreData['language'] = $value;
Yii::app()->language = $value;
}
/**
* Update user interface.
* Accessible only to authenticated users and admin.
* If update is successful, the browser will be redirected to the 'show' page.
*/
public function actionUpdateInterface()
{
if (!Yii::app()->user->checkAccess($this->route, array('model' => $this->loadModel()))) {
// access denied
MUserFlash::setTopError(Yii::t('accessDenied', $this->route));
$this->redirect($this->getGotoUrl());
}
$pkIsPassed = isset($_GET['id']);
if (($model = $this->loadModel()) === null) {
// model not found
MUserFlash::setTopError(Yii::t('modelNotFound', $this->id));
$this->redirect($this->getGotoUrl());
}
// explicitly set model scenario to be current action
$model->setScenario($this->action->id);
if (is_object($model->details)) {
$model->details->setScenario($this->action->id);
}
// whether data is passed
if (isset($_POST['User'])) {
// collect user input data
$model->attributes = $_POST['User'];
// validate with the current action as scenario and save without validation
if (($validated = $model->validate()) !== false && ($saved = $model->save(false)) !== false) {
// take care of updateTime (this is not critical)
$model->details->saveAttributes(array('updateTime' => time()));
// update variables first defined in {@link _CUserIdentity} class
if ($model->isMe) {
// update user states in the session for {@link _CController::init}
Yii::app()->user->setState('interface', $model->interface);
// set user preferred interface
if (!empty($model->interface)) {
W3::setInterface($model->interface);
}
// we do not need to update user cookie any more because
// we overrode auto-login with {@link _CWebUser::restoreFromCookie}
}
// set success message
MUserFlash::setTopSuccess(Yii::t('hint', $model->isMe ? '{screenName}, new user interface has been applied.' : 'The user interface for member account "{screenName}" has been updated.', array('{screenName}' => MHtml::wrapInTag($model->screenName, 'strong'))));
// go to 'show' page
$this->redirect($model->isMe ? array('show') : array('show', 'id' => $model->id));
} else {
if ($validated && !$saved) {
// set error message
MUserFlash::setTopError(Yii::t('hint', $model->isMe ? 'Error! {screenName}, new user interface could not be applied.' : 'Error! The user interface for member account "{screenName}" could not be updated.', array('{screenName}' => MHtml::wrapInTag($model->screenName, 'strong'))));
Yii::log(W3::t('system', 'Could not save attributes of the {model} model. Model ID: {modelId}. Method called: {method}.', array('{model}' => get_class($model), '{modelId}' => $model->id, '{method}' => __METHOD__ . '()')), 'error', 'w3');
}
}
}
// display the update form
$this->render($this->action->id, array('model' => $model, 'pkIsPassed' => $pkIsPassed));
}
/**
* Deletes a particular model via ajax request.
* The report is printed out in the json format,
* and is displayed in a dialog.
*/
public function actionAjaxDelete()
{
if (!Yii::app()->request->isAjaxRequest) {
throw new CHttpException(400, Yii::t('http', 'Invalid request. Please do not repeat this request again.'));
exit;
}
if (!isset($_POST['id'])) {
// data not passed
$this->printJsonExit(array('status' => 'error', 'message' => Yii::t('hint', 'Error! Necessary data was not passed.')));
}
if (($model = $this->loadModel()) === null) {
// model not found
$this->printJsonExit(array('status' => 'error', 'message' => Yii::t('modelNotFoundById', $this->id, array('{id}' => MHtml::wrapInTag($_POST['id'], 'strong')))));
}
if ($model->delete()) {
// success
$this->printJson(array('status' => 'success', 'message' => Yii::t('hint', 'The time record number {id} has been successfully deleted.', array('{id}' => MHtml::wrapInTag($model->id, 'strong')))));
} else {
// error
$this->printJson(array('status' => 'error', 'message' => Yii::t('hint', 'Error! The time record number {id} could not be deleted.', array('{id}' => MHtml::wrapInTag($model->id, 'strong')))));
// save the error in the logs
Yii::log(W3::t('system', 'Could not delete the {model} model. Model ID: {modelId}. Method called: {method}.', array('{model}' => get_class($model), '{modelId}' => $model->id, '{method}' => __METHOD__ . '()')), 'error', 'w3');
}
}
/**
* Set user private data, such as 'accessType'.
* Save it in a static array on every page load,
* because this data can be changed by administrator at any time.
* Saving this data for optimization in a session array
* doesn't make much security sence, because session data
* can be accessed and changed from any point of the system,
* which doesn't make this data private any more.
*/
private static function setPrivateData()
{
// user is guest if he is not logged in
if (!Yii::app()->user->isGuest) {
if (($user = self::model()->findByPk(Yii::app()->user->id)) !== null) {
// just save it in a private array for later accessing by {@link getPrivateData}
self::$_privateData['accessLevel'] = $user->accessLevel;
self::$_privateData['accessType'] = $user->accessType;
} else {
// hmmm, user was not loaded? how's that possible...
Yii::log(W3::t('system', 'Could not load {model} model. Model ID: {modelId}. Method called: {method}.', array('{model}' => __CLASS__, '{modelId}' => Yii::app()->user->id, '{method}' => __METHOD__ . '()')), 'error', 'w3');
// still hoping that the model load above will get fixed,
// so we won't need to self::$_privateData=array();
}
}
}
/**
* Validate GS default number of columns.
* Sum of GS default content, sidebar1 & sidebar2 must be = GS default total.
*/
public static function validateDefaultNumberOfColumns()
{
if (self::defaultNumberOfColumnsContent + self::defaultNumberOfColumnsSidebar1 + self::defaultNumberOfColumnsSidebar2 != self::defaultNumberOfColumnsTotal) {
Yii::log(W3::t('system', 'Unacceptable values of layout constants... content: {content}, sidebar1: {sidebar1}, sidebar2: {sidebar2}, total: {total}. Method called: {method}.', array('{content}' => var_export(self::defaultNumberOfColumnsContent, true), '{sidebar1}' => var_export(self::defaultNumberOfColumnsSidebar1, true), '{sidebar2}' => var_export(self::defaultNumberOfColumnsSidebar2, true), '{total}' => var_export(self::defaultNumberOfColumnsTotal, true), '{method}' => __METHOD__ . '()')), 'error', 'w3');
}
}
