public function testInitSetsSaveHandler() { $saveHandler = $this->getMock('Zend_Session_SaveHandler_Interface'); $this->resource->setSaveHandler($saveHandler); $this->resource->init(); $this->assertSame($saveHandler, Zend_Session::getSaveHandler()); }
public function init() { $registry = Zend_Registry::getInstance(); $auth = Zend_Auth::getInstance(); $config = $registry->get("config"); $sessionConfig = $config['resources']['session']; $cookieLifetime = $sessionConfig['cookie_lifetime']; /* @todo fix issue of system with incoherent behavior when the session system has a issue, such as when the savehandler doesn't work as expected when it's off-line which results in differents catched / uncatched exception when the resource (page) loads */ $saveHandler = new Ml_Session_SaveHandler_PlusCache($registry->get("memCache"), $config['session']['prefix'], $config['lastActivity']['prefix']); Zend_Session::setSaveHandler($saveHandler); Zend_Session::getSaveHandler()->setLifetime($cookieLifetime, true); Zend_Session::start(); $defaultNamespace = new Zend_Session_Namespace(); if (!isset($defaultNamespace->initialized)) { Zend_Session::regenerateId(); $defaultNamespace->initialized = true; } if ($auth->hasIdentity()) { $people = Ml_Model_People::getInstance(); $signedUserInfo = $people->getById($auth->getIdentity()); $registry->set('signedUserInfo', $signedUserInfo); } $globalHash = Ml_Model_MagicCookies::getInstance()->getLast(true); $registry->set("globalHash", $globalHash); }
protected function _initSession() { if ($this->hasPluginResource('session') && !Zend_Session::getSaveHandler()) { Zend_Session::setSaveHandler($this->getPluginResource('session')->getSaveHandler()); } Zend_Session::start(); }
public function testNewInstance() { $application = new Zend_Application('tests', dirname(__FILE__) . '/application4.ini'); $application->bootstrap()->getBootstrap()->getResource('session'); $rediska = Zend_Session::getSaveHandler()->getRediska(); $this->assertEquals('default', $rediska->getOption('name')); $this->assertEquals(array(), Rediska_Manager::getAll()); }
/** * Singleton pattern implementation makes "new" unavailable * * @return void */ public final function __construct($config = array()) { $registry = Zend_Registry::getInstance(); $handler = $registry->get("memCache"); $this->_cache = $handler; $sessionHandler = Zend_Session::getSaveHandler(); $this->_sessionPrefix = $sessionHandler->getSessionPrefix(); $this->_lastActivityPrefix = $sessionHandler->getLastActivityPrefix(); parent::__construct($config); }
/** * Login authentication * @param username, password */ function kloginAction() { $this->_helper->layout()->disableLayout(); $request = $this->getRequest(); $userName = $request->getParam('u') ? $request->getParam('u') : ''; $password = $request->getParam('p') ? $request->getParam('p') : ''; $remember = $request->getParam('s') ? $request->getParam('s') : ''; $response = array(); $saveHandler = Zend_Session::getSaveHandler(); $saveHandler->setLifetime(3600)->setOverrideLifetime(true); Zend_Session::start(); $authMan = new Pandamp_Auth_Manager($userName, $password); $authResult = $authMan->authenticate(); $zendAuth = Zend_Auth::getInstance(); if ($zendAuth->hasIdentity()) { if ($authResult->isValid()) { Zend_Session::regenerateId(); $r = $this->getRequest(); $returnUrl = base64_decode($r->getParam('r')); if (!empty($returnUrl)) { if (strpos($returnUrl, '?')) { $sAddition = '&'; } else { $sAddition = '?'; Pandamp_Lib_Formater::writeLog(); if (isset($remember) && $remember == 'yes') { Zend_Session::rememberMe(3600); $hol = new Pandamp_Core_Hol_Auth(); $hol->user = $userName; $hol->user_pw = $password; $hol->save_login = $remember; $hol->login_saver(); } $this->_helper->getHelper('Cache')->removePagesTagged(array('entries', 'hold', 'warta', 'clinic')); $response['success'] = true; $response['message'] = "{$returnUrl}" . $sAddition . "PHPSESSID=" . Zend_Session::getId(); } } } else { if ($authResult->getCode() != -51) { // failure : clear database row from session Zend_Auth::getInstance()->clearIdentity(); } $messages = $authResult->getMessages(); $response['error'] = $messages[0]; $response['success'] = false; } } else { $response['failure'] = true; $messages = $authResult->getMessages(); $response['error'] = $messages[0]; } echo Zend_Json::encode($response); }
/** * @brief authenticateUser method - authenticates a given user with given password * @param string $username: user name * @param string $password: submitted plain text password * @return TRUE or FALSE * * Authenticates the given user with the given password and sets the authentication * singleton to its new state. Authentication is carried out using HASHing (using given * hash) and SALTing. */ public function authenticateUser($username, $password, $remember = false) { // first check if username or password are missing if (!$username) { throw new Exception('Username not given.'); } else { if (!$password) { throw new Exception('Password not given.'); } } // set username and password $this->_userAdapter->setIdentity($username); $this->_userAdapter->setCredential($password); // check authentification using the adapter $result = $this->_userAdapter->authenticate(); if ($result->isValid()) { // store user table row in auth object, but suppress password $row = $this->_userAdapter->getResultRowObject(null, 'password'); // get ip and user agent $row->ip = $this->getRemoteAddr(); $row->userAgent = $this->getUserAgent(); // get role and status $row->status = $this->getStatus($row->status_id); $row->role = $this->getRole($row->role_id); // get the auth singleton and its storage and store the row $storage = Zend_Auth::getInstance()->getStorage(); $storage->write($row); // extend login to two weeks, i.e. 1209600 s if ($remember) { // extend lifetime of the clients cookie Zend_Session::rememberMe(1209600); // extent the lifetime of the session in the database $saveHandler = Zend_Session::getSaveHandler(); $saveHandler->setLifetime(1209600, true); } return true; } else { return false; } }
public function loginAction() { // Already logged in if (Engine_Api::_()->user()->getViewer()->getIdentity()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('You are already signed in.'); if (null === $this->_helper->contextSwitch->getCurrentContext()) { $this->_helper->redirector->gotoRoute(array(), 'default', true); } return; } // Make form $this->view->form = $form = new User_Form_Login(); $form->setAction($this->view->url(array('return_url' => null))); $form->populate(array('return_url' => $this->_getParam('return_url'))); // Facebook login // if( User_Model_DbTable_Facebook::authenticate($form) ) { // // Facebook login succeeded, redirect to home // return $this->_helper->redirector->gotoRoute(array(), 'default', true); // } // Render $this->_helper->content->setEnabled(); // Not a post if (!$this->getRequest()->isPost()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken'); return; } // Form not valid if (!$form->isValid($this->getRequest()->getPost())) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data'); return; } // Check login creds extract($form->getValues()); // $email, $password, $remember $user_table = Engine_Api::_()->getDbtable('users', 'user'); $user_select = $user_table->select()->where('email = ?', $email); // If post exists $user = $user_table->fetchRow($user_select); // Get ip address $db = Engine_Db_Table::getDefaultAdapter(); $ipObj = new Engine_IP(); $ipExpr = new Zend_Db_Expr($db->quoteInto('UNHEX(?)', bin2hex($ipObj->toBinary()))); // Check if user exists if (empty($user)) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'); $form->addError(Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.')); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'no-member')); return; } // Check if user is verified and enabled if (!$user->enabled) { if (!$user->verified) { $this->view->status = false; $resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true); $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('This account still requires either email verification.'); $error .= ' '; $error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url); $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled')); return; } else { if (!$user->approved) { $this->view->status = false; $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('This account still requires admin approval.'); $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'disabled')); return; } } // Should be handled by hooks or payment //return; } // Handle subscriptions if (Engine_Api::_()->hasModuleBootstrap('payment')) { // Check for the user's plan $subscriptionsTable = Engine_Api::_()->getDbtable('subscriptions', 'payment'); if (!$subscriptionsTable->check($user)) { // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'unpaid')); // Redirect to subscription page $subscriptionSession = new Zend_Session_Namespace('Payment_Subscription'); $subscriptionSession->unsetAll(); $subscriptionSession->user_id = $user->getIdentity(); return $this->_helper->redirector->gotoRoute(array('module' => 'payment', 'controller' => 'subscription', 'action' => 'index'), 'default', true); } } // Run pre login hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginBefore', $user); foreach ((array) $event->getResponses() as $response) { if (is_array($response)) { if (!empty($response['error']) && !empty($response['message'])) { $form->addError($response['message']); } else { if (!empty($response['redirect'])) { $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } else { continue; } } // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'third-party')); // Return return; } } // Version 3 Import compatibility if (empty($user->password)) { $compat = Engine_Api::_()->getApi('settings', 'core')->getSetting('core.compatibility.password'); $migration = null; try { $migration = Engine_Db_Table::getDefaultAdapter()->select()->from('engine4_user_migration')->where('user_id = ?', $user->getIdentity())->limit(1)->query()->fetch(); } catch (Exception $e) { $migration = null; $compat = null; } if (!$migration) { $compat = null; } if ($compat == 'import-version-3') { // Version 3 authentication $cryptedPassword = self::_version3PasswordCrypt($migration['user_password_method'], $migration['user_code'], $password); if ($cryptedPassword === $migration['user_password']) { // Regenerate the user password using the given password $user->salt = (string) rand(1000000, 9999999); $user->password = $password; $user->save(); Engine_Api::_()->user()->getAuth()->getStorage()->write($user->getIdentity()); // @todo should we delete the old migration row? } else { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied')); return; } // End Version 3 authentication } else { $form->addError('There appears to be a problem logging in. Please reset your password with the Forgot Password link.'); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'v3-migration')); return; } } else { $authResult = Engine_Api::_()->user()->authenticate($email, $password); $authCode = $authResult->getCode(); Engine_Api::_()->user()->setViewer(); if ($authCode != Zend_Auth_Result::SUCCESS) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied')); // Register login Engine_Api::_()->getDbtable('logins', 'user')->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'bad-password')); return; } } // -- Success! -- // Register login $loginTable = Engine_Api::_()->getDbtable('logins', 'user'); $loginTable->insert(array('user_id' => $user->getIdentity(), 'email' => $email, 'ip' => $ipExpr, 'timestamp' => new Zend_Db_Expr('NOW()'), 'state' => 'success', 'active' => true)); $_SESSION['login_id'] = $login_id = $loginTable->getAdapter()->lastInsertId(); // Remember if ($remember) { $lifetime = 1209600; // Two weeks Zend_Session::getSaveHandler()->setLifetime($lifetime, true); Zend_Session::rememberMe($lifetime); } // Increment sign-in count Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins'); // Test activity @todo remove $viewer = Engine_Api::_()->user()->getViewer(); if ($viewer->getIdentity()) { $viewer->lastlogin_date = date("Y-m-d H:i:s"); if ('cli' !== PHP_SAPI) { $viewer->lastlogin_ip = $ipExpr; } $viewer->save(); Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login'); } // Assign sid to view for json context $this->view->status = true; $this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful'); $this->view->sid = Zend_Session::getId(); $this->view->sname = Zend_Session::getOptions('name'); // Run post login hook $event = Engine_Hooks_Dispatcher::getInstance()->callEvent('onUserLoginAfter', $viewer); // Do redirection only if normal context if (null === $this->_helper->contextSwitch->getCurrentContext()) { // Redirect by form $uri = $form->getValue('return_url'); if ($uri) { if (substr($uri, 0, 3) == '64-') { $uri = base64_decode(substr($uri, 3)); } return $this->_redirect($uri, array('prependBase' => false)); } // Redirect by session $session = new Zend_Session_Namespace('Redirect'); if (isset($session->uri)) { $uri = $session->uri; $opts = $session->options; $session->unsetAll(); return $this->_redirect($uri, $opts); } else { if (isset($session->route)) { $session->unsetAll(); return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset); } } // Redirect by hook foreach ((array) $event->getResponses() as $response) { if (is_array($response)) { if (!empty($response['error']) && !empty($response['message'])) { return $form->addError($response['message']); } else { if (!empty($response['redirect'])) { return $this->_helper->redirector->gotoUrl($response['redirect'], array('prependBase' => false)); } } } } // Just redirect to home return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general', true); } }
public function indexAction() { // Already logged in $viewer = Khcn_Api::_()->getViewer(); if ($viewer && $viewer->getIdentity()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Bạn đã đăng nhập.'); $this->_helper->redirector->gotoRoute(array(), 'default', true); return; } // Make form $this->view->form = $form = new Default_Form_Login(); $form->setAction($this->view->url(array('return_url' => null))); $form->populate(array('return_url' => $this->_getParam('return_url'))); // Not a post if (!$this->getRequest()->isPost()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken'); return; } // Form not valid if (!$form->isValid($this->getRequest()->getPost())) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data'); return; } // Check login creds extract($form->getValues()); // $Username, $Password, $Remember $userTable = Khcn_Api::_()->getItemTable('default_nguoi_dung'); $userSelect = $userTable->select()->where('ten_dang_nhap = ?', $Username); // If post exists $user = $userTable->fetchRow($userSelect); // Get ip address $db = Khcn_Db_Table::getDefaultAdapter(); // Check if user exists if (empty($user)) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.')); return; } // Check if user is verified and enabled if (!$user->enabled) { if (!$user->verified) { $this->view->status = false; $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('Vui lòng kích hoạt tài khoản thông qua email.'); $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); return; } else { if (!$user->approved) { $this->view->status = false; $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('Tài khoản của bạn cần được kích hoạt bởi admin.'); $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); return; } } // Should be handled by hooks or payment //return; } // Version 3 Import compatibility if (empty($user->mat_khau)) { $form->addError('Mật khẩu không hợp lệ. Vui lòng reset lại mật khẩu.'); return; } else { $authResult = Khcn_Api::_()->authenticate($Username, $Password); $authCode = $authResult->getCode(); Khcn_Api::_()->setViewer(); if ($authCode != Zend_Auth_Result::SUCCESS) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Tên đăng nhập hoặc mật khẩu không đúng.')); return; } } // -- Success! -- // Remember if (!empty($Remember)) { $lifetime = 1209600; // Two weeks Zend_Session::getSaveHandler()->setLifetime($lifetime, true); Zend_Session::rememberMe($lifetime); } // Test activity @todo remove $viewer = Khcn_Api::_()->getViewer(); if ($viewer && $viewer->getIdentity()) { $viewer->lan_dang_nhap_cuoi = date("Y-m-d H:i:s"); $viewer->save(); } // Assign sid to view for json context $this->view->status = true; $this->view->message = Zend_Registry::get('Zend_Translate')->_('Đăng nhập thành công'); $this->view->sid = Zend_Session::getId(); $this->view->sname = Zend_Session::getOptions('name'); // Do redirection only if normal context // Redirect by form $uri = $form->getValue('return_url'); if ($uri) { if (substr($uri, 0, 3) == '64-') { $uri = base64_decode(substr($uri, 3)); } return $this->_redirect($uri, array('prependBase' => false)); } // Redirect by session $session = new Zend_Session_Namespace('Redirect'); if (isset($session->uri)) { $uri = $session->uri; $opts = $session->options; $session->unsetAll(); return $this->_redirect($uri, $opts); } else { if (isset($session->route)) { $session->unsetAll(); return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset); } } // Just redirect to home return $this->_helper->redirector->gotoRoute(array(), null, true); }
public function loginAction() { //$this->_helper->layout->disableLayout(); $this->_helper->layout()->setLayout('layout-lgs'); $r = $this->getRequest(); //$returnTo = $r->getParam('returnTo'); //$this->view->returnTo = urlencode($returnTo); if ($r->isPost()) { $returnTo = $r->getParam('returnTo'); $this->view->returnTo = $returnTo; Zend_Session::rememberMe(86400); $saveHandler = Zend_Session::getSaveHandler(); $saveHandler->setLifetime(87500)->setOverrideLifetime(true); Zend_Session::start(); $username = $r->getParam('username'); $password = $r->getParam('password'); $registry = Zend_Registry::getInstance(); $application = $registry->get('application'); //ensure resource Session has/is initialized; //$application->getBootstrap()->bootstrap('identity'); $identity = $application->getBootstrap()->getResource('identity'); $authAdapter = $identity->authAdapter; $authAdapter->setIdentity($username)->setCredential($password); $auth = Zend_Auth::getInstance(); $authResult = $auth->authenticate($authAdapter); if ($authResult->isValid()) { Zend_Session::regenerateId(); // success : store database row to auth's storage $data = $authAdapter->getResultRowObject(); $auth->getStorage()->write($data); if (strpos($returnTo, '?')) { $sAddition = '&'; } else { $sAddition = '?'; } //[TODO] update last login date in tbl User //[TODO] update last login IP in tbl User $tblUser = new Kutu_Core_Orm_Table_User(); $row = $tblUser->fetchRow($tblUser->select()->where('username = ?', $username)); $ip = $this->real_ip_address(); $row->lastLoginIp = $ip; $today = date('Y-m-d h:i:s'); $row->lastLoginDate = $today; $row->save(); header("location: " . $returnTo . $sAddition . "PHPSESSID=" . Zend_Session::getId()); } else { if ($authResult->getCode() != -51) { // failure : clear database row from session Zend_Auth::getInstance()->clearIdentity(); } $this->view->errorMessage = "Login GAGAL"; } } else { Zend_Session::start(); $returnTo = $r->getParam('returnTo'); if (!empty($returnTo)) { $returnTo = urldecode($returnTo); $this->view->returnTo = $returnTo; } else { //$returnTo = KUTU_ROOT_URL.'/identity/account'; $returnTo = KUTU_ROOT_URL . '/pages'; $this->view->returnTo = $returnTo; } //check sudah login belum $auth = Zend_Auth::getInstance(); if ($auth->hasIdentity()) { //echo "punya identitas"; if (strpos($returnTo, '?')) { $sAddition = '&'; } else { $sAddition = '?'; } header("location: " . $returnTo . $sAddition . "PHPSESSID=" . Zend_Session::getId()); } } }
public function loginAction() { if ($this->isAuth()) { $this->_forward('index', 'index'); // если уже залогинен: action, controller return; } $form = new formLogin(); if ($this->_request->isPost()) { /* Проверяем валидность данных формы */ if ($form->isValid($this->_getAllParams())) { $db = Zend_Registry::get('db_bacula'); /** * Настраиваем правила выборки пользователей из БД * имя таблицы, название поля с идентификатором пользователя, название поля пароля * * [ $zendDb = null], [string $tableName = null], [string $identityColumn = null], * [string $credentialColumn = null], [string $credentialTreatment = null]) */ if (Zend_Registry::get('DB_ADAPTER') == 'PDO_SQLITE') { // Sqlite do not have MD5 function $authAdapter = new Zend_Auth_Adapter_DbTable($db, 'webacula_users', 'login', 'pwd', '? AND active = 1'); } else { $authAdapter = new Zend_Auth_Adapter_DbTable($db, 'webacula_users', 'login', 'pwd', 'MD5(?) AND active = 1'); } /* Передаем в адаптер данные пользователя */ $authAdapter->setIdentity($form->getValue('login')); $authAdapter->setCredential($form->getValue('pwd')); /* Собственно, процесс аутентификации */ $auth = Zend_Auth::getInstance(); $resultAuth = $auth->authenticate($authAdapter); /* Проверяем валидность результата */ if ($resultAuth->isValid()) { /* Пишем в сессию (default) необходимые нам данные (пароль обнуляем) */ $storage = $auth->getStorage(); $data = $authAdapter->getResultRowObject(array('id', 'login', 'role_id', 'role_name', 'email')); // find role name $table = new Wbroles(); $row = $table->find($data->role_id); if ($row->count() == 1) { $data->role_name = $row[0]['name']; } $storage->write($data); // обнуляем счетчик неудачных логинов if (isset($this->defNamespace->numLoginFails)) { $this->defNamespace->numLoginFails = 0; } // remember me if ($form->getValue('rememberme')) { Zend_Session::rememberMe(self::MAX_LIFETIME); Zend_Session::getSaveHandler()->setLifetime(self::MAX_LIFETIME); } // update user statistics $users = new Wbusers(); $users->updateLoginStat($data->login); // goto home page $this->_redirect('index/index'); } else { sleep(7); $this->view->msg = $this->view->translate->_("Username or password is incorrect"); // включаем счетчик, если кол-во неудачных логинов большое то включаем капчу $this->defNamespace->numLoginFails++; } } } /* Если данные не передавались или неверный логин, то выводим форму для авторизации */ $this->view->caption = sprintf($this->view->translate->_("Login with your %sWe%sbacula%s account"), '<font color="#00008B">', '</font><font color="#A80000">', '</font>'); $this->view->title = $this->view->translate->_('Login with your Webacula account'); $this->view->form = $form; // workaround for unit tests 'Action Helper by name Layout not found' if (!$this->_helper->hasHelper('layout')) { $this->render(); } }
public function loginAction() { // Already logged in if (Engine_Api::_()->user()->getViewer()->getIdentity()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('You are already signed in.'); if (null === $this->_helper->contextSwitch->getCurrentContext()) { $this->_helper->redirector->gotoRoute(array(), 'home'); } return; } // Make form $this->view->form = $form = new User_Form_Login(); $form->populate(array('return_url' => $this->_getParam('return_url'))); // Facebook login if (User_Model_DbTable_Facebook::authenticate($form)) { // Facebook login succeeded, redirect to home $this->_helper->redirector->gotoRoute(array(), 'home'); } // Not a post if (!$this->getRequest()->isPost()) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No action taken'); return; } // Form not valid if (!$form->isValid($this->getRequest()->getPost())) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid data'); return; } // Check login creds extract($form->getValues()); // $email, $password, $remember $user_table = Engine_Api::_()->getDbtable('users', 'user'); $user_select = $user_table->select()->where('email = ?', $email); // If post exists $user = $user_table->fetchRow($user_select); // Check if user exists if (empty($user)) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.'); $form->addError(Zend_Registry::get('Zend_Translate')->_('No record of a member with that email was found.')); return; } // Check if user is verified and enabled if (!$user->verified || !$user->enabled) { $this->view->status = false; $translate = Zend_Registry::get('Zend_Translate'); $error = $translate->translate('This account still requires either email verification or admin approval.'); if (!empty($user) && !$user->verified) { $resend_url = $this->_helper->url->url(array('action' => 'resend', 'email' => $email), 'user_signup', true); $error .= ' '; $error .= sprintf($translate->translate('Click <a href="%s">here</a> to resend the email.'), $resend_url); } $form->getDecorator('errors')->setOption('escape', false); $form->addError($error); return; } // Version 3 Import compatibility if (empty($user->password)) { $compat = Engine_Api::_()->getApi('settings', 'core')->getSetting('core.compatibility.password'); $migration = null; try { $migration = Engine_Db_Table::getDefaultAdapter()->select()->from('engine4_user_migration')->where('user_id = ?', $user->getIdentity())->limit(1)->query()->fetch(); } catch (Exception $e) { $migration = null; $compat = null; } if (!$migration) { $compat = null; } if ($compat == 'import-version-3') { // Version 3 authentication $cryptedPassword = self::_version3PasswordCrypt($migration['user_password_method'], $migration['user_code'], $password); if ($cryptedPassword === $migration['user_password']) { // Regenerate the user password using the given password $user->salt = (string) rand(1000000, 9999999); $user->password = $password; $user->save(); Engine_Api::_()->user()->getAuth()->getStorage()->write($user->getIdentity()); // @todo should we delete the old migration row? } else { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied')); return; } // End Version 3 authentication } else { $form->addError('There appears to be a problem logging in. Please reset your password with the Forgot Password link.'); return; } } else { $authResult = Engine_Api::_()->user()->authenticate($email, $password); $authCode = $authResult->getCode(); Engine_Api::_()->user()->setViewer(); if ($authCode != Zend_Auth_Result::SUCCESS) { $this->view->status = false; $this->view->error = Zend_Registry::get('Zend_Translate')->_('Invalid credentials'); $form->addError(Zend_Registry::get('Zend_Translate')->_('Invalid credentials supplied')); return; } } // -- Success! -- // Remember if ($remember) { $lifetime = 1209600; // Two weeks Zend_Session::getSaveHandler()->setLifetime($lifetime, true); Zend_Session::rememberMe($lifetime); } // Increment sign-in count Engine_Api::_()->getDbtable('statistics', 'core')->increment('user.logins'); // Test activity @todo remove $viewer = Engine_Api::_()->user()->getViewer(); if ($viewer->getIdentity()) { $viewer->lastlogin_date = date("Y-m-d H:i:s"); $viewer->lastlogin_ip = $_SERVER['REMOTE_ADDR']; $viewer->save(); Engine_Api::_()->getDbtable('actions', 'activity')->addActivity($viewer, $viewer, 'login'); } // Assign sid to view for json context $this->view->status = true; $this->view->message = Zend_Registry::get('Zend_Translate')->_('Login successful'); $this->view->sid = Zend_Session::getId(); $this->view->sname = Zend_Session::getOptions('name'); // Do redirection only if normal context if (null === $this->_helper->contextSwitch->getCurrentContext()) { // Redirect by form $uri = $form->getValue('return_url'); if ($uri) { return $this->_redirect($uri, array('prependBase' => false)); } // Redirect by session $session = new Zend_Session_Namespace('Redirect'); if (isset($session->uri)) { $uri = $session->uri; $opts = $session->options; $session->unsetAll(); return $this->_redirect($uri, $opts); } else { if (isset($session->route)) { $session->unsetAll(); return $this->_helper->redirector->gotoRoute($session->params, $session->route, $session->reset); } else { return $this->_helper->redirector->gotoRoute(array('action' => 'home'), 'user_general'); } } } }
public function __construct() { $savehandle = Zend_Session::getSaveHandler(); // self::$_ZEND_SESSION_NAMESPACE_EXPIRATION_SECONDS = $savehandle->getLifetime(); self::$_ZEND_SESSION_NAMESPACE_EXPIRATION_SECONDS = 3600; }
public function loginAction() { if ($this->isAuth()) { $this->_forward('index', 'index'); // если уже залогинен: action, controller return; } $form = new formLogin(); if ($this->_request->isPost()) { /* Проверяем валидность данных формы */ if ($form->isValid($this->_getAllParams())) { $users = new Wbusers(); $login = $form->getValue('login'); if ($users->checkPassword($login, $form->getValue('pwd'))) { $user = $users->fetchUser($login); $user[0]['pwd'] = ''; // пароль обнуляем $user = (object) $user[0]; /* Пишем в сессию (default) необходимые нам данные */ $auth = Zend_Auth::getInstance(); $storage = $auth->getStorage(); // find role name $storage->write($user); // обнуляем счетчик неудачных логинов if (isset($this->defNamespace->numLoginFails)) { $this->defNamespace->numLoginFails = 0; } // remember me if ($form->getValue('rememberme')) { Zend_Session::rememberMe(self::MAX_LIFETIME); Zend_Session::getSaveHandler()->setLifetime(self::MAX_LIFETIME); } // update user statistics $users->updateLoginStat($user->login); // goto home page $this->_redirect('index/index'); } else { sleep(7); $this->view->msg = $this->view->translate->_("Username or password is incorrect"); // включаем счетчик, если кол-во неудачных логинов большое то включаем капчу $this->defNamespace->numLoginFails++; } } } /* Если данные не передавались или неверный логин, то выводим форму для авторизации */ $this->view->caption = sprintf($this->view->translate->_("Login with your %sWe%sbacula%s account"), '<font color="#00008B">', '</font><font color="#A80000">', '</font>'); $this->view->title = $this->view->translate->_('Login with your Webacula account'); $this->view->form = $form; // workaround for unit tests 'Action Helper by name Layout not found' if (!$this->_helper->hasHelper('layout')) { $this->render(); } }