Пример #1
0
    /**
     * Installing new database. Use only when auto-creating new site
     */
    public function recreateDefaults()
    {
        // Administrator group
        /** @var AdminUserGroup $group */
        $group = AdminUserGroupRepository::findOneEntityById(1);
        // If no any Admin group - create new empty group
        if (!$group || !$group->getUndeletable() || !$group->getCanSetPermissions() || !$group->getFullAccess()) {
            if ($group) {
                $group->is_superadmin = true;
                $group->setField('undeletable', 1)->setField('can_set_permissions', 1)->setField('structure_permissions', 1)->setFullAccess(1)->save();
            } else {
                // Delete all groups
                $group_collection = new AdminUserGroupRepository();
                $group_collection->deleteObjectCollection();
                // Drop auto-increment value
                $group_collection->alterTableResetAutoIncrement();
                // Create new Group for Admins
                $group = new AdminUserGroup();
                $group->is_superadmin = true;
                $group->loadDataFromArray(['undeletable' => 1, 'can_set_permissions' => 1, 'structure_permissions' => 1, 'full_access' => 1, 'title' => 'Developers']);
                $group->save();
                // Create new Group for Managers
                $group = new AdminUserGroup();
                $group->is_superadmin = true;
                $group->loadDataFromArray(['undeletable' => 0, 'can_set_permissions' => 1, 'structure_permissions' => 1, 'full_access' => 1, 'title' => 'Managers', 'default' => 1]);
                $group->save();
                echo '<br>Default User Group is created.<br>';
            }
        }
        unset($data);
        // Check we have any active Admin
        $users_collection = new AdminUserRepository();
        $users_collection->setWhereActive(1);
        $have_any_user = $users_collection->hasAnyObjectInCollection();
        // Check we have admin as first User
        $users_collection = new AdminUserRepository();
        $users_collection->setWhereActive(1);
        $users_collection->setWhereId(1);
        $users_collection->setWhereGroupId(1);
        $users_collection->setWhereLogin('neTpyceB');
        // Name of vendor repo owner
        $have_default_user = $users_collection->hasAnyObjectInCollection();
        // Recreate default User
        if (!$have_any_user || !$have_default_user) {
            //Remove all Users
            $users_collection = new AdminUserRepository();
            $users_collection->deleteObjectCollection();
            // Reset auto-increment
            $users_collection->alterTableResetAutoIncrement();
            // Create new default Developer
            $user = new AdminUser();
            $user->loadDataFromArray(['group_id' => 1, 'login' => 'neTpyceB', 'password' => $this->generateHash(''), 'active' => 1]);
            $user->save();
            // Create new default Manager
            $user = new AdminUser();
            $user->loadDataFromArray(['group_id' => 2, 'login' => 'manager', 'password' => $this->generateHash(''), 'active' => 1]);
            $user->save();
            echo '<br>Default User "manager" and empty password is created.
			<br>
			Please log in and change password.
			<br>';
        }
    }
Пример #2
0
 public function _login()
 {
     if (!$_POST || !isset($_POST['login'], $_POST['password']) || trim($_POST['login']) == '') {
         go('/');
     }
     //Check ban and log-in attempts
     $attempts_repo = new AdminUsersAttemptsEntityRepository();
     $attempts_repo->setWhereIp(IP_LONG);
     $attempts_obj = $attempts_repo->getFirstObjectFromCollection();
     if ($attempts_obj) {
         $attempts = $attempts_obj->getAsArray();
         // Got info, check times
         if ($attempts && $attempts['failed_attempts']) {
             if ($attempts['failed_attempts'] > self::MAX_FAILED_ATTEMPTS && $attempts['last_attempt_ts'] + self::MAX_BAN_TIME > NOW) {
                 die('IP banned, wait till ' . date('H:i:s', $attempts['last_attempt_ts'] + self::MAX_BAN_TIME));
             } elseif ($attempts['failed_attempts'] > self::FIRST_FAILED_ATTEMPTS && $attempts['last_attempt_ts'] + self::FIRST_BAN_TIME > NOW) {
                 die('IP banned, wait till ' . date('H:i:s', $attempts['last_attempt_ts'] + self::FIRST_BAN_TIME));
             }
         }
     }
     // Get user info
     $user_collection = new AdminUserRepository();
     $user_collection->setWhereLogin($_POST['login']);
     $user_collection->setWhereActive(1);
     $user_collection->setWherePassword(Users::getInstance()->generateHash($_POST['password']));
     /** @var AdminUser $user */
     $user = $user_collection->getFirstObjectFromCollection();
     if ($user) {
         // Removing user's bans
         $attempts_repo->deleteObjectCollection();
         // Auth in
         $this->initLogInProcess($user);
     } else {
         // Check if no user exist in system
         Users::getInstance()->recreateDefaults();
         // Log attempt
         if (!$attempts_obj || !$attempts_obj->getId()) {
             // Check exists already
             $attempts_obj = new AdminUsersAttemptsEntity();
             $attempts_obj->setIp(IP_LONG);
         }
         $attempts_obj->setLastAttemptTs(NOW);
         $attempts_obj->setFailedAttempts($attempts_obj->getFailedAttempts() + 1);
         $attempts_obj->save();
         go('/');
     }
 }