public function getLoginCallbackFromJs() { $this->app->log->debug(get_class($this) . '->getLoginCallbackFromJs()'); $login_successful = false; if (Session::getDecoded(Session::FACEBOOK_ACCESS_TOKEN)) { $login_successful = FacebookModel::loginWithAccesstoken(); } else { $login_successful = FacebookModel::loginFromJs(); } $this->redirectAfterLogin($login_successful); }
/** * checks the email/verification code combination and set the user's activation status to true in the database * * @param string $user_name * @param string $ua_verification_code verification token * * @return bool success status */ public static function verifyNewUser($user_name, $ua_verification_code) { $dql = "UPDATE " . User::TABLE_NAME . " u SET u.active = 1, u.activationhash = NULL WHERE u.username = '******' AND u.activationhash = '" . $ua_verification_code . "'"; $numUpdated = DbResource::getEntityManager()->createQuery($dql)->execute(); if ($numUpdated == 1) { Session::add(Session::SESSION_FEEDBACK_POSITIVE, Text::get('FEEDBACK_ACCOUNT_ACTIVATION_SUCCESSFUL')); return true; } Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_ACCOUNT_ACTIVATION_FAILED')); return false; }
/** * renders the feedback messages into the view */ public function getFeedbackNegativeMessages() { // echo out the feedback messages (errors and success messages etc.), // they are in $_SESSION["feedback_positive"] and $_SESSION["feedback_negative"] // get the feedback (they are arrays, to make multiple positive/negative messages possible) $feedback_negative = Session::get(Session::SESSION_FEEDBACK_NEGATIVE); // delete these messages (as they are not needed anymore and we want to avoid to show them twice Session::set(Session::SESSION_FEEDBACK_NEGATIVE, null); return $feedback_negative; }
/** * Checks if the user is logged in or not * * @return bool user's login status */ public static function userIsLoggedIn() { return Session::get(Session::SESSION_USER_LOGGED_IN) ? true : false; }
/** * Returns the current state of the user's login * * @return bool user's login status */ public static function isUserLoggedIn() { return Session::userIsLoggedIn(); }
public static function loginWithAccessToken() { $access_token_string = Session::getDecoded(Session::FACEBOOK_ACCESS_TOKEN); $accessToken = new AccessToken($access_token_string); return self::loginWithAccessToken2($accessToken); }
/** * Edit the user's email * * @param $new_user_email * * @return bool success status */ public static function editUserEmail($new_user_email) { // email provided ? if (empty($new_user_email)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_EMAIL_FIELD_EMPTY')); return false; } // check if new email is same like the old one if ($new_user_email == Session::getDecoded(Session::SESSION_USER_EMAIL)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_EMAIL_SAME_AS_OLD_ONE')); return false; } // user's email must be in valid email format, also checks the length // @see http://stackoverflow.com/questions/21631366/php-filter-validate-email-max-length // @see http://stackoverflow.com/questions/386294/what-is-the-maximum-length-of-a-valid-email-address if (!filter_var($new_user_email, FILTER_VALIDATE_EMAIL)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_EMAIL_DOES_NOT_FIT_PATTERN')); return false; } // strip tags, just to be sure $new_user_email = substr(strip_tags($new_user_email), 0, 254); // check if user's email already exists if (self::doesEmailAlreadyExist($new_user_email)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_USER_EMAIL_ALREADY_TAKEN')); return false; } // write to database, if successful ... // ... then write new email to session, Gravatar too (as this relies to the user's email address) if (self::saveNewEmailAddress(Session::getDecoded(Session::SESSION_USER_NAME), $new_user_email)) { Session::set(Session::SESSION_USER_EMAIL, $new_user_email); Session::set(Session::SESSION_USER_GRAVATAR_IMAGE_URL, AvatarModel::getGravatarLinkByEmail($new_user_email)); Session::add(Session::SESSION_FEEDBACK_POSITIVE, Text::get('FEEDBACK_EMAIL_CHANGE_SUCCESSFUL')); return true; } Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_UNKNOWN_ERROR')); return false; }
/** * Removes the avatar image file from the filesystem * * @param string $userName * @return bool */ public static function deleteAvatarImageFile($userName) { $avatarId = $this->getIdForImage($userName); // Check if file exists if (!file_exists(Config::get('avatar.path') . $avatarId . ".jpg")) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get("FEEDBACK_AVATAR_IMAGE_DELETE_NO_FILE")); return false; } // Delete avatar file if (!unlink(Config::get('avatar.path') . $avatarId . ".jpg")) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get("FEEDBACK_AVATAR_IMAGE_DELETE_FAILED")); return false; } return true; }
/** * Validates current and new passwords * * @param string $user_name * @param string $user_password_current * @param string $user_password_new * @param string $user_password_repeat * * @return bool */ public static function validatePasswordChange($user_name, $user_password_current, $user_password_new, $user_password_repeat) { $user = UserModel::getByUsername($user_name); if ($user) { $user_password_hash = $user->getPwdhash(); } else { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_USER_DOES_NOT_EXIST')); return false; } if (!password_verify($user_password_current, $user_password_hash)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_PASSWORD_CURRENT_INCORRECT')); return false; } else { if (empty($user_password_new) || empty($user_password_repeat)) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_PASSWORD_FIELD_EMPTY')); return false; } else { if ($user_password_new !== $user_password_repeat) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_PASSWORD_REPEAT_WRONG')); return false; } else { if (strlen($user_password_new) < 6) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_PASSWORD_TOO_SHORT')); return false; } else { if ($user_password_current == $user_password_new) { Session::add(Session::SESSION_FEEDBACK_NEGATIVE, Text::get('FEEDBACK_PASSWORD_NEW_SAME_AS_CURRENT')); return false; } } } } } return true; }