function checkloginAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender(TRUE);
$session = SessionWrapper::getInstance();
$formvalues = $this->_getAllParams();
// debugMessage($formvalues);
# check that an email has been provided
if (isEmptyString(trim($this->_getParam("email")))) {
$session->setVar(ERROR_MESSAGE, $this->_translate->translate("profile_email_error"));
$session->setVar(FORM_VALUES, $this->_getAllParams());
// return to the home page
$this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
}
if (isEmptyString(trim($this->_getParam("password")))) {
$session->setVar(ERROR_MESSAGE, $this->_translate->translate("profile_password_error"));
$session->setVar(FORM_VALUES, $this->_getAllParams());
// return to the home page
$this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
}
# check which field user is using to login. default is username
$credcolumn = "username";
$login = (string) trim($this->_getParam("email"));
// $password = encode(sha1(trim($this->_getParam("password"))));
# check if credcolumn is emai
$validator = new Zend_Validate_EmailAddress();
if ($validator->isValid($login)) {
$usertable = new UserAccount();
if ($usertable->findByEmail($login)) {
$credcolumn = 'email';
}
}
if (stringContains('!@#', $login)) {
$credcolumn = 'trx';
$loginarray = explode('.', $login);
// debugMessage($loginarray);
$id = $loginarray[0];
}
// debugMessage($credcolumn); exit;
$browser = new Browser();
$audit_values = $browser_session = array("browserdetails" => $browser->getBrowserDetailsForAudit(), "browser" => $browser->getBrowser(), "version" => $browser->getVersion(), "useragent" => $browser->getUserAgent(), "os" => $browser->getPlatform(), "ismobile" => $browser->isMobile() ? '1' : 0, "ipaddress" => $browser->getIPAddress());
// debugMessage($audit_values);
if ($credcolumn == 'email' || $credcolumn == 'username') {
$authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Registry::get("dbAdapter"));
// define the table, fields and additional rules to use for authentication
$authAdapter->setTableName('useraccount');
$authAdapter->setIdentityColumn($credcolumn);
$authAdapter->setCredentialColumn('password');
$authAdapter->setCredentialTreatment("sha1(?) AND status = '1' ");
// set the credentials from the login form
$authAdapter->setIdentity($login);
$authAdapter->setCredential($this->_getParam("password"));
// new class to audit the type of Browser and OS that the visitor is using
if (!$authAdapter->authenticate()->isValid()) {
// debugMessage('invalid'); exit;
// add failed login to audit trail
$audit_values['module'] = 1;
$audit_values['usecase'] = '1.1';
$audit_values['transactiontype'] = USER_LOGIN;
$audit_values['status'] = "N";
$audit_values['transactiondetails'] = "Login for user with id '" . $this->_getParam("email") . "' failed. Invalid username or password";
// exit();
$this->notify(new sfEvent($this, USER_LOGIN, $audit_values));
// return to the home page
if (!isArrayKeyAnEmptyString(URL_FAILURE, $formvalues)) {
$session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
$this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
} else {
$session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
$this->_helper->redirector->gotoSimple('login', "user");
}
return false;
}
// user is logged in sucessfully so add information to the session
$user = $authAdapter->getResultRowObject();
$useraccount = new UserAccount();
$useraccount->populate($user->id);
}
// exit;
# trx login
if ($credcolumn == 'trx') {
$useraccount = new UserAccount();
$useraccount->populate($id);
// debugMessage($result); exit();
if (isEmptyString($useraccount->getID())) {
// return to the home page
if (!isArrayKeyAnEmptyString(URL_FAILURE, $formvalues)) {
$session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
$this->_helper->redirector->gotoUrl(decode($this->_getParam(URL_FAILURE)));
} else {
$session->setVar(ERROR_MESSAGE, "Invalid Email or Username or Password. <br />Please Try Again.");
$this->_helper->redirector->gotoSimple('login', "user");
}
return false;
}
}
// debugMessage($useraccount->toArray()); exit();
$session->setVar("userid", $useraccount->getID());
$session->setVar("username", $useraccount->getUserName());
$session->setVar("type", $useraccount->getType());
$session->setVar("companyid", $useraccount->getCompanyID());
$session->setVar("istimesheetuser", $useraccount->getIsTimesheetUser());
$session->setVar("browseraudit", $browser_session);
$session->setVar("user", json_encode($useraccount->toArray()));
$session->setVar("company", json_encode($useraccount->getCompany()->toArray()));
// clear user specific cache, before it is used again
$this->clearUserCache();
// Add successful login event to the audit trail
$audit_values['module'] = 1;
$audit_values['usecase'] = '1.1';
$audit_values['transactiontype'] = USER_LOGIN;
$audit_values['status'] = "Y";
$audit_values['userid'] = $useraccount->getID();
$audit_values['transactiondetails'] = "Login for user with id '" . $this->_getParam("email") . "' successful";
// $this->notify(new sfEvent($this, USER_LOGIN, $audit_values));
if (isEmptyString($this->_getParam("redirecturl"))) {
# forward to the dashboard
$this->_helper->redirector->gotoSimple("index", "dashboard");
} else {
# redirect to the page the user was coming from
if (!isEmptyString($this->_getParam(SUCCESS_MESSAGE))) {
$successmessage = decode($this->_getParam(SUCCESS_MESSAGE));
$session->setVar(SUCCESS_MESSAGE, $successmessage);
}
$this->_helper->redirector->gotoUrl(decode($this->_getParam("redirecturl")));
}
}
function processattendanceAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender(TRUE);
$session = SessionWrapper::getInstance();
$config = Zend_Registry::get("config");
$this->_translate = Zend_Registry::get("translate");
$validshift = false;
$formvalues = $this->_getAllParams();
/* $formvalues = array(
"id" => "",
"successmessage" => "Check-In Successfull",
"datein" => "Apr 24, 2015",
"timein" => "8:40 PM",
"inremarks" => "",
"status" => "",
"userid" => "93"
); */
// debugMessage($formvalues); // exit;
$id = decode($formvalues['id']);
$formvalues['id'] = $id;
$timesheet = new Timesheet();
$user = new UserAccount();
$user->populate($formvalues['userid']);
# no shift available at all on profile
// validate that user is checking into right shift
if (isEmptyString($id)) {
$checkindate = date('Y-m-d', strtotime($formvalues['datein']));
$checkintime = date('H:i:s', strtotime($formvalues['timein']));
$checkinfulldate = $checkindate . ' ' . $checkintime;
debugMessage('checkin: ' . $checkinfulldate);
// if user is already checkin, throw exception
if (isCheckedIn($formvalues['userid'], $checkindate)) {
$message = "Check-In failed. Active session already exists";
$session->setVar(ERROR_MESSAGE, $message);
exit;
}
$hasshift = false;
$scheduleentry = getSessionEntry($user->getID());
// debugMessage($scheduleentry);
if (!isEmptyString($scheduleentry['id']) && !isEmptyString($user->getShift()) && $scheduleentry['status'] == 1) {
$hasshift = true;
}
if ($hasshift) {
$shift = new ShiftSchedule();
$shift->populate($scheduleentry['id']);
// debugMessage($shift->toArray());
$validstartdate = $checkindate;
$validstarttime = !isEmptyString($shift->getStartTime()) ? $shift->getStartTime() : $shift->getSession()->getStartTime();
$validfullstartdate = $validstartdate . ' ' . $validstarttime;
debugMessage('startin: ' . $validfullstartdate);
# compute end date and time
$endtime = !isEmptyString($shift->getEndTime()) ? $shift->getEndTime() : $shift->getSession()->getEndTime();
$endday = $checkindate;
$starthr = date('H', strtotime($validstarttime));
//debugMessage($starthr);
$endhr = date('H', strtotime($endtime));
//debugMessage($endhr);
if ($endhr < $starthr) {
$nxtday = date('Y-m-d', strtotime($checkindate . " + 1 day"));
$endday = $nxtday;
}
$validenddate = $endday;
$validendtime = $endtime;
$validfullenddate = $validenddate . ' ' . $validendtime;
debugMessage('ending: ' . $validfullenddate);
// validate start and end dates for each session
$rangevalid = false;
if (strtotime($checkinfulldate) >= strtotime($shift->getStartDate() . ' 00:00:00')) {
$rangevalid = true;
if (!isEmptyString($shift->getEndDate())) {
$rangevalid = false;
if (strtotime($checkinfulldate) <= strtotime($shift->getEndDate() . ' 23:00:00')) {
$rangevalid = true;
}
}
}
// also check if the days of the week are in the valid range
if ($rangevalid) {
$todaywkno = date('w', strtotime($checkinfulldate));
// debugMessage($todaywkno);
$wkdaysprofiled = $user->getDaysOfWeekArray();
// debugMessage($wkdaysprofiled);
if (!isEmptyString($scheduleentry['workingdays'])) {
$wkdaysprofiled = explode(',', preg_replace('!\\s+!', '', trim($scheduleentry['workingdays'])));
// debugMessage($wkdaysprofiled);
}
if (count($wkdaysprofiled) > 0) {
if (!in_array($todaywkno, $wkdaysprofiled)) {
$rangevalid = false;
}
}
}
// now validate the time within the session
if ($rangevalid) {
if (strtotime($checkinfulldate) >= strtotime($validfullstartdate) && strtotime($checkinfulldate) < strtotime($validfullenddate)) {
$validshift = true;
$browser = new Browser();
$audit_values = $browser_session = array("browserdetails" => $browser->getBrowserDetailsForAudit(), "browser" => $browser->getBrowser(), "version" => $browser->getVersion(), "useragent" => $browser->getUserAgent(), "os" => $browser->getPlatform(), "ismobile" => $browser->isMobile() ? '1' : 0, "ipaddress" => $browser->getIPAddress());
$formvalues['sessionid'] = $scheduleentry['sessionid'];
$formvalues['ipaddress'] = $audit_values['ipaddress'];
$formvalues['browser_details'] = json_encode($audit_values);
}
}
}
}
/* if(!$validshift){
debugMessage('shift fail');
} else {
debugMessage('shift passed');
}
debugMessage($formvalues);
exit; */
if (isEmptyString($id)) {
$formvalues['createdby'] = $session->getVar('userid');
if (isArrayKeyAnEmptyString('isrequest', $formvalues)) {
$formvalues['isrequest'] = 0;
$formvalues['status'] = 0;
$formvalues['timesheetdate'] = date('Y-m-d', strtotime($formvalues['datein']));
} else {
$formvalues['isrequest'] = 1;
if (isArrayKeyAnEmptyString('status', $formvalues)) {
$formvalues['status'] = 2;
}
}
}
if (!isEmptyString($id)) {
$timesheet->populate($id);
$formvalues['lastupdatedby'] = $session->getVar('userid');
if (isArrayKeyAnEmptyString('isrequest', $formvalues)) {
if (isEmptyString($timesheet->getHours())) {
$timesheet->setHours($timesheet->getComputedHours());
}
$formvalues['isrequest'] = 0;
} else {
$formvalues['isrequest'] = 1;
}
$validshift = true;
}
if ($validshift) {
$timesheet->processPost($formvalues);
/* debugMessage($timesheet->toArray());
debugMessage('error '.$timesheet->getErrorStackAsString()); exit(); */
if ($timesheet->hasError()) {
$session->setVar(ERROR_MESSAGE, $timesheet->getErrorStackAsString());
} else {
try {
$timesheet->save();
$session->setVar(SUCCESS_MESSAGE, $this->_translate->translate($this->_getParam(SUCCESS_MESSAGE)));
} catch (Exception $e) {
$session->setVar(ERROR_MESSAGE, $e->getMessage());
}
}
} else {
$message = "Check-In failed. Invalid shift or session time detected. <br/> Contact admin for resolution.";
$session->setVar('contactadmin', 1);
if (isAdmin() || isCompanyAdmin()) {
$session->setVar('contactadmin', '');
$url = $this->view->baseUrl('config/shifts/tab/schedules/userid/' . $user->getID());
$message = 'Check-In failed. Invalid shift or session time detected. <br/> <a href="' . $url . '">Click here</a> to update schedule for ' . $user->getName();
}
$session->setVar(ERROR_MESSAGE, $message);
}
}
