/** * @depends testCreate */ public function testsetAsLoged() { $id = DM\Users::create(array('name' => $this->testName, 'password' => 'qq')); $this->assertTrue(is_numeric($id), 'Cant create User'); \CB\User::setAsLoged($id, 'tests_key'); $this->assertTrue(\CB\User::isLoged(), ' Error: user is not logged'); $this->assertEquals($id, $_SESSION['user']['id'], 'Sessions user is not equal with setted users'); $this->assertEquals('tests_key', $_SESSION['key'], 'Sessions key is not equal with setted keys'); }
/** * get new notification records * @param array $p containing fromId property * @return json response */ public function getNew($p) { if (User::isLoged()) { $rez = array('success' => true, 'data' => array()); $this->prepareParams($p); $p['user_id'] = User::getId(); $fromId = empty($p['fromId']) ? false : intval($p['fromId']); $rez['data'] = $this->getRecords($p); $rez['lastSeenId'] = User::getUserConfigParam('lastSeenActionId', 0); User::setUserConfigParam('lastNotifyTime', Util\dateISOToMysql('now')); } else { $rez = array('success' => false); } return $rez; }
/** * set state * @param array $p */ public function set($p) { if (User::isLoged()) { $rez = array('success' => true); $state = User::getUserConfigParam('state', array()); if (!empty($p['value']) || isset($state[$p['name']])) { if (empty($p['value'])) { unset($state[$p['name']]); } else { $state[$p['name']] = $p['value']; } User::setUserConfigParam('state', $state); } } else { $rez = array('success' => false); } return $rez; }
/** * @depends test_getLoginUrl */ public function test_checkLogined() { unset($_SESSION['key']); $this->assertFalse(\CB\User::isLoged(), 'ERROR checkLogined \\CB\\Users::isLoged = true'); $url = $this->getUrl(); $this->assertTrue(isset($url), 'ERROR checkLogined getGoogleLoginUrl ' . $url); $uri = parse_url($url); $Oauth2Query = []; parse_str($uri['query'], $Oauth2Query); $_GET = $Oauth2Query; $state = \CB\Oauth2Utils::decodeState($Oauth2Query['state']); $state['email'] = $this->email; $_GET['state'] = \CB\Oauth2Utils::encodeState($state); $check = \CB\Oauth2Utils::checkLogined(); $this->assertTrue($check['success'], '\\CB\\Oauth2Utils::checkLogined() return success false'); $this->assertTrue($check['user_id'] == 1, '\\CB\\Oauth2Utils::checkLogined() WRONG USER ID'); $this->assertTrue($check['session_id'] == $state['state'], '\\CB\\Oauth2Utils::checkLogined() WRON SESSION ID'); $r = \CB\User::setAsLoged($check['user_id'], $check['session_id']); $this->assertTrue($r['success'], ' User can\'t be set as logined'); }
function doRpc($cdata) { $API = \CB\Cache::get('ExtDirectAPI'); if (!\CB\User::isLoged() && ($cdata['action'] != 'User' || $cdata['method'] != 'login') && !(php_sapi_name() == "cli")) { return array(array('type' => 'exception', 'name' => 'login', 'tid' => $cdata['tid'], 'action' => $cdata['action'], 'method' => $cdata['method'], 'result' => array('success' => false))); } try { if (!isset($API[$cdata['action']])) { throw new \Exception('Call to undefined action: ' . $cdata['action']); } $action = $cdata['action']; $a = $API[$action]; doAroundCalls($a['before'], $cdata); $method = $cdata['method']; $mdef = $a['methods'][$method]; if (!$mdef) { throw new \Exception("Call to undefined method: {$method} on action {$action}"); } doAroundCalls($mdef['before'], $cdata); $r = array('type' => 'rpc', 'tid' => $cdata['tid'], 'action' => $action, 'method' => $method); $action = str_replace('_', '\\', $action); $o = new $action(); $params = isset($cdata['data']) && is_array($cdata['data']) ? $cdata['data'] : array(); $r['result'] = call_user_func_array(array($o, $method), $params); doAroundCalls($mdef['after'], $cdata, $r); doAroundCalls($a['after'], $cdata, $r); } catch (\Exception $e) { $r['type'] = 'exception'; $r['result'] = array('success' => false, 'msg' => $e->getMessage()); if (\CB\IS_DEBUG_HOST) { $r['where'] = $e->getTraceAsString(); } //notify admin if (!(php_sapi_name() == "cli")) { @mail(Config::get('ADMIN_EMAIL'), 'Remote router exception on ' . Config::get('core_url'), var_export($r, true), 'From: ' . Config::get('SENDER_EMAIL') . "\r\n"); } } return $r; }
/** * catch server side errors and return json encoded exception * @return void */ function extDirectShutdownFunction() { $data = \CB\Cache::get('ExtDirectData'); $error = error_get_last(); if (in_array($error['type'], array(1, 4))) { $data['type'] = 'exception'; $data['result'] = array('success' => false); $data['msg'] = 'Internal server error.'; if (\CB\IS_DEBUG_HOST) { $data['msg'] = $error['message']; $data['where'] = print_r(debug_backtrace(false), true); } //notify admin if (!(php_sapi_name() == "cli")) { @mail(Config::get('ADMIN_EMAIL'), 'Remote router error on ' . Config::get('core_url'), var_export($data, true), 'From: ' . Config::get('SENDER_EMAIL') . "\r\n"); } echo Util\jsonEncode($data); } if (\CB\User::isLoged()) { \CB\User::updateLastActionTime(); } }
/** * send recovery password email for given user id * so that the user can set new password and enter the system * @param int $userId * @return boolean */ public static function sendResetPasswordMail($userId, $template = 'recover') { if (!is_numeric($userId) || User::isLoged() && !Security::canEditUser($userId)) { return false; } $mail = ''; $subject = ''; switch ($template) { case 'invite': $mail = System::getEmailTemplate('email_invite'); $subject = L\get('MailInviteSubject'); break; case 'recover': $mail = System::getEmailTemplate('password_recovery_email'); $subject = L\get('MailRecoverSubject'); break; default: return false; } if (empty($mail)) { return false; } $userData = User::getPreferences($userId); $userEmail = User::getEmail($userData); if (empty($userEmail)) { return false; } /* generating invite hash and sending mail */ $hash = User::generateRecoveryHash($userId, $userId . $userEmail . date(DATE_ISO8601)); $href = Util\getCoreHost() . 'recover/reset-password/?h=' . $hash; /* replacing placeholders in template and subject */ $replacements = array('{projectTitle}' => Config::getProjectName(), '{fullName}' => User::getDisplayName($userData), '{username}' => User::getUsername($userData), '{userEmail}' => $userEmail, '{creatorFullName}' => User::getDisplayName(), '{creatorUsername}' => User::getUsername(), '{creatorEmail}' => User::getEmail(), '{href}' => $href, '{link}' => '<a href="' . $href . '" >' . $href . '</a>'); $search = array_keys($replacements); $replace = array_values($replacements); $mail = str_replace($search, $replace, $mail); $subject = str_replace($search, $replace, $subject); return @System::sendMail($userEmail, $subject, $mail); }