/**
* validate_user
*
* @todo sqlではなくOrm\Model_Userを利用して取得しないか検討
* @param string $username_or_email
* @param string $password
* @access public
* @return bool
*/
public function validate_user($username_or_email = '', $password = '')
{
if (empty($username_or_email) || empty($password)) {
return false;
}
$username_or_email = trim($username_or_email);
$password = trim($password);
$password = \Auth::hash_password($password);
$placeholders = array('username_or_email' => $username_or_email, 'password' => $password);
$query = <<<QUERY
SELECT
*
FROM
users
WHERE
email = :username_or_email AND
password = :password AND
deleted_at IS NULL
QUERY;
$users = \DB::query($query)->parameters($placeholders)->as_object('Model_User')->execute()->as_array();
if (!is_null($users) && count($users) >= 1) {
$this->user = reset($users);
$this->user->last_login = Date::forge()->format('mysql');
// $this->user->salt = $this->create_salt();
$this->user->save();
Session::set('current_user', array('user_id' => $this->user->user_id));
return true;
}
return false;
}
/**
* ログイン処理
*
* @access public
* @param
* @return void
* @author kobayashi
*/
public function post_login()
{
$administrator = \Model_Administrator::query()->where('email', \Input::post('email'))->where('password', \Auth::hash_password(\Input::post('password')))->get_one();
if ($administrator) {
\Session::set('admin.administrator', $administrator);
\Response::redirect('/admin/index');
}
$view = \View::forge('admin/index/login');
$view->set('failed', true, false);
$this->template->content = $view;
}
public static function _validation_current_password($val, $options)
{
$encode_password = \Auth::hash_password($val);
$arrOption = explode('.', $options);
$table = $arrOption[0];
$pk = $arrOption[1];
$field = $arrOption[2];
$id = isset($arrOption[3]) ? $arrOption[3] : '';
$result = DB::select("LOWER (\"{$field}\"), {$pk}")->where($pk, '=', $id)->and_where($field, '=', $encode_password)->from($table)->execute()->current();
Validation::active()->set_message('current_password', 'パスワードが異なります。');
return !empty($result) ? true : false;
}
public static function login($email, $password, $remember)
{
$row = self::find_one_by(array('user_email' => $email, 'user_status' => St::VALID));
if (empty($row)) {
return false;
}
if ($row->user_password != Auth::hash_password($password)) {
return false;
}
$row->user_last_login = System::now();
$row->save();
Session::create();
$close = !(bool) $remember;
Session::set('expire_on_close', $close);
Session::set(self::$_table_name, $row);
return true;
}
/**
* ユーザ情報の登録
*
* @access private
* @param
* @return object
* @author kobayashi
* @author ida
*/
private function registerUser()
{
$data = $this->getUserData();
if (!$data) {
throw new Exception(\Model_Error::ER00402);
}
$user_id = \Input::post('user_id');
if (!empty($user_id)) {
$user = \Model_User::find(\Input::post('user_id'));
} else {
$user = \Model_User::forge();
}
$administrator_id = $this->administrator->administrator_id;
if (!empty($user_id)) {
$data['updated_user'] = $administrator_id;
unset($data['password']);
unset($data['created_at']);
unset($data['created_user']);
} else {
$data['created_user'] = $administrator_id;
$data['password'] = \Auth::hash_password($data['password']);
}
unset($data['mm_device']);
unset($data['mm_error_flag']);
unset($data['mobile_carrier']);
unset($data['mobile_uid']);
unset($data['last_login']);
$user->set($data)->save();
return $user;
}
/**
* validate old password
*
* @param mix $val value need to validate
* @return boolean result of validation
*
* @access public
* @since 1.0
* @version 1.0
* @author Bui Huu Phuc
*/
public static function _validation_old_password($val)
{
Validation::active()->set_message('old_password', __('message.this_:label_does_not_match_current_password'));
return Auth::get('password') === Auth::hash_password($val);
}
<?php
use Model_Administrator;
$data = array('administrator_id' => 1, 'last_name' => '楽市楽座', 'first_name' => '管理者', 'last_name_kana' => 'ラクイチラクザ', 'first_name_kana' => 'カンリシャ', 'email' => '*****@*****.**', 'password' => \Auth::hash_password('*****@*****.**'), 'created_user' => 0);
$model = Model_Administrator::forge($data);
$model->save();
<?php
use Model_User;
$seeds = array(array('email' => '*****@*****.**', 'password' => \Auth::hash_password('*****@*****.**'), 'last_name' => '新間', 'last_name_kana' => 'シンマ', 'first_name' => '楽市', 'first_name_kana' => 'ラクイチ', 'nick_name' => 'てすと', 'gender' => 1, 'prefecture_id' => 40, 'zip' => '160-0001', 'tel' => '03-1212-1212', 'address' => '東京都渋谷区道玄坂1-14-6 ヒューマックス渋谷ビル6階', 'mm_flag' => 1, 'register_status' => \REGISTER_STATUS_ACTIVATED), array('email' => '*****@*****.**', 'password' => \Auth::hash_password('*****@*****.**'), 'last_name' => '小林', 'last_name_kana' => 'コバヤシ', 'first_name' => '楽市', 'first_name_kana' => 'ラクイチ', 'nick_name' => 'テスト', 'prefecture_id' => 13, 'zip' => '144-1121', 'tel' => '03-1369-2480', 'gender' => 2, 'address' => '東京都渋谷区道玄坂1-14-6 ヒューマックス渋谷ビル6階', 'mm_flag' => 1, 'register_status' => \REGISTER_STATUS_ACTIVATED), array('email' => '*****@*****.**', 'password' => \Auth::hash_password('*****@*****.**'), 'last_name' => '井田', 'last_name_kana' => 'イダ', 'first_name' => '楽市', 'first_name_kana' => 'ラクイチ', 'nick_name' => 'テスト', 'prefecture_id' => 31, 'zip' => '160-0001', 'tel' => '03-1212-1212', 'gender' => 2, 'address' => '東京都渋谷区道玄坂1-14-6 ヒューマックス渋谷ビル6階', 'mm_flag' => 1, 'register_status' => \REGISTER_STATUS_ACTIVATED), array('email' => '*****@*****.**', 'password' => \Auth::hash_password('*****@*****.**'), 'last_name' => '市場', 'last_name_kana' => 'イチバ', 'first_name' => '楽市', 'first_name_kana' => 'ラクイチ', 'nick_name' => 'テスト', 'prefecture_id' => 31, 'zip' => '160-0001', 'tel' => '03-1212-1212', 'gender' => 2, 'address' => '東京都渋谷区道玄坂1-14-6 ヒューマックス渋谷ビル6階', 'mm_flag' => 1, 'register_status' => \REGISTER_STATUS_ACTIVATED));
foreach ($seeds as $line) {
\Model_User::forge($line)->save();
}
/**
* パスワード変更関数
*
* @param mixed $email
* @param mixed $password
* @param mixed $properties
* @static
* @access public
* @return void
* @author shimma
*/
public function changePassword($old_password, $new_password)
{
if ($this->password == \Auth::hash_password($old_password)) {
return $this->setPassword($new_password);
}
return false;
}
public function update()
{
$this->verify_csrf();
$d = $this->verify($this->get_form());
if (!$d) {
$this->action_edit();
return;
}
$now = System::now();
$user = null;
if ($d['ope'] == Ope::ADD) {
$user = Model_Db_User::anew();
$user->user_password = Auth::hash_password(Str::random('alnum', 6));
} else {
$user = Model_Db_User::by_id($d['id']);
}
$user->user_name = $d['name'];
$user->user_email = $d['email'];
$user->user_status = $d['status'];
$user->user_updated_at = $now;
$user->save();
$this->template->content = View_Smarty::forge('admin/user/do', $d);
}
public function action_do($type = 0)
{
$this->checkCsrf("admin");
try {
DB::start_transaction();
// 入力チェック
$val = $this->getForm($type)->validation();
if (!$val->run()) {
$this->invalid($val);
}
$data = $val->validated();
$adminId = $this->adminId();
// DB更新
$admin = Model_Db_Madmin::find_by_pk($adminId);
switch ($type) {
case SettingType::MAILADDRESS:
$admin->m_admin_mail_address = $data["mail_address_new"];
break;
case SettingType::PASSWORD:
if ($admin->m_admin_hashed_password != Auth::hash_password($data["password"])) {
$this->invalid2("password", "現在のパスワードが間違っています");
}
$admin->m_admin_hashed_password = Auth::hash_password($data["password_new"]);
break;
default:
}
$admin->m_admin_updated_at = System::now();
if ($admin->save() == 0) {
throw new Exception("設定情報更新に失敗しました");
}
// メール通知 ****************************************************
switch ($type) {
case SettingType::MAILADDRESS:
$title = "管理者メールアドレス変更のお知らせ";
$email = Email::forge();
$email->clear_addresses();
$email->from(Config::get("mail.addr_info"), Config::get("mail.addr_info_name"));
$email->to($data["mail_address_new"], $this->adminName() . "さん");
$email->subject(Config::get("mail.prefix") . $title);
$body = View_Smarty::forge("admin/mail/setting_mail");
$body->title = $title;
$body->name = $this->adminName();
$body->mail_address = $data["mail_address_new"];
$email->body($body);
Common::sendmail($email);
break;
case SettingType::PASSWORD:
$title = "管理者パスワード変更のお知らせ";
$email = Email::forge();
$email->clear_addresses();
$email->from(Config::get("mail.addr_info"), Config::get("mail.addr_info_name"));
$email->to($this->adminMail(), $this->adminName() . "さん");
$email->subject(Config::get("mail.prefix") . $title);
$body = View_Smarty::forge("admin/mail/setting_password");
$body->title = $title;
$body->name = $this->adminName();
$body->password = $data["password_new"];
$email->body($body);
Common::sendmail($email);
break;
default:
}
if ($type == SettingType::MAILADDRESS) {
//$this->dispInfo("入力したメールアドレス宛に確認メールを送信しました。\\nメールが届かない場合は、入力したメールアドレスを確認してください。");
} else {
//$this->dispInfo(SettingType::$name[$type] . "を更新しました");
}
$this->action_index(true);
DB::commit_transaction();
} catch (Exception $e) {
DB::rollback_transaction();
$this->error($e);
$this->action_index(false);
}
}