public function prepareData() { $this->checkHTTPS(); $this->currentUser = CoreServices2::getAccess()->getCurrentUserData(); if (!$this->isUsagePermitted()) { $this->redirectToPermissionDeniedPage(); } $this->initAdditionalData(); $this->updateStats(); }
protected function prepareAdditionalData() { parent::prepareAdditionalData(); if (!empty($this->currentUser['id'])) { if (CoreServices2::getRequest()->getFromGet('logout') == 1) { CoreServices2::getAccess()->logout(); $this->redirectToHomePage(); } } }
protected function logAction($action) { $logRecord = $this->logDAO->getRecordTemplate(); $logRecord['adminId'] = CoreServices2::getAccess()->getCurrentUserId(); $logRecord['recordType'] = $this->recordType; $logRecord['recordId'] = CoreServices2::getAccess()->getCurrentUserId(); $logRecord['logTime'] = CoreUtils::getDateTime(); $logRecord['logIP'] = CoreServices2::getRequest()->getRealIP(); $logRecord['logOperation'] = $action; $this->logDAO->save($logRecord); }
protected function handleRequest() { $this->errorMessageContainer = $this->form->getValidationResults(); if (!$this->errorMessageContainer->isAnyErrorMessage()) { $this->setRecordValuesFromForm(); $this->record['userEraseRequestTime'] = CoreUtils::getDateTime(); $this->record['userState'] = 'forDeletion'; $this->dao->save($this->record); CoreServices2::getAccess()->logout(); $this->redirectToStep2(); } }
protected function handleLoginForm() { if (!empty($this->currentUser)) { // jeżeli ktoś jest już zalogowany a mimo to trafił na stronę logowania, // to być może chciał na przykład oglądać cudze dane. W takim przypadku // nie można go przekierować tam skąd przyszedł bo prawdopodobnie spowoduje // to zapętlenie przekierowań. Bezpiecznie i sensownie jest skierować // delikwenta na stronę główną. $this->redirectToHomePage(); } else { $this->loginForm = new CoreForm('post', CoreServices2::getUrl()->getCurrentExactAddress(), 'loginForm'); $this->createLoginFormFields(); if ($this->loginForm->isSubmitted()) { $this->addLoginFormValidators(); CoreServices2::getAccess()->logout(); $this->loginForm->setFieldValuesFromRequest(); $this->loginErrorMessageContainer = $this->loginForm->getValidationResults(); if (!$this->loginErrorMessageContainer->isAnyErrorMessage()) { $this->loginAndReload(); } } } }
protected function isControllerUsagePermitted() { $this->currentUserId = CoreServices2::getAccess()->getCurrentUserId(); return $this->getSessionName() == 'CMSSession' && !empty($this->currentUserId); }
protected function handleRequest() { $this->errorMessageContainer = $this->form->getValidationResults(); if (!$this->errorMessageContainer->isAnyErrorMessage()) { $this->setRecordValuesFromForm(); $this->record['userRegisterTime'] = CoreUtils::getDateTime(); $this->record['userState'] = 'active'; $this->record['userCredits'] = 0; $this->dao->save($this->record); CoreServices2::getAccess()->login($this->record['userEmail'], $this->record['userPassword']); if ($this->form->getField('subscribeNewsletter')->getValue()) { $this->subscribeNewsletter(); } $this->sendConfirmationEmail(); } }
protected function handleLoginForm() { if (!empty($this->currentUser['id'])) { if (CoreServices2::getRequest()->getFromGet('logout') == 1) { CoreServices2::getAccess()->logout(); $this->redirectToHomePage(); } } else { $currentPage = CoreServices2::getUrl()->getCurrentExactAddress(); $this->loginForm = new CoreForm('post', CoreServices2::getUrl()->getCurrentExactAddress(), 'loginForm'); $this->createLoginFormFields(); if ($this->loginForm->isSubmitted()) { //$this->addLoginFormValidators(); CoreServices2::getAccess()->logout(); $this->loginForm->setFieldValuesFromRequest(); $this->loginErrorMessageContainer = $this->loginForm->getValidationResults(); if (!$this->loginErrorMessageContainer->isAnyErrorMessage()) { $this->loginAndReload(); } } } }
protected function isControllerUsagePermitted() { $userId = CoreServices2::getAccess()->getCurrentUserId(); return !empty($userId); }
protected function handleRequest() { $this->errorMessageContainer = $this->form->getValidationResults(); if (!$this->errorMessageContainer->isAnyErrorMessage()) { $this->setRecordValuesFromForm(); $this->dao->save($this->record); $this->saveFileLists(); $optimaInterface = Optima_Interface::getInstance(); $optimaInterface->updateUserData($this->record); // Trzeba odświeżyć dane o użytkowniku przechowywane w sesji CoreServices2::getAccess()->logout(); if (!CoreServices2::getAccess()->login($this->record['userEmail'], $this->record['userPassword'])) { throw new CoreException('Unable to refresh user data stored in session'); } else { $this->redirectAddress = CoreServices2::getUrl()->getCurrentPageUrl('_sm', 'Save'); } } }
protected function logAction($action) { $recordType = $this->getRecordType(); if (!empty($recordType) && !empty($this->record['id'])) { $logRecord = $this->logDAO->getRecordTemplate(); $logRecord['adminId'] = CoreServices2::getAccess()->getCurrentUserId(); $logRecord['recordType'] = $recordType; // $this->recordOldValues['id'] może być puste, $this->record['id'] nie może. $logRecord['recordId'] = $this->record['id']; $logRecord['logTime'] = CoreUtils::getDateTime(); $logRecord['logIP'] = CoreServices2::getRequest()->getRealIP(); switch ($action) { case 'Save': case 'ChangeWithdrawDate': if (empty($this->recordOldValues['id'])) { $logRecord['logOperation'] = 'create'; } else { $logRecord['logOperation'] = 'modify'; } $logRecord['recordId'] = $this->record['id']; break; case 'DeleteAll': $logRecord['logOperation'] = 'delete'; break; default: $logRecord['logOperation'] = strtolower($action); break; } $this->logDAO->save($logRecord); } }
public function isCurrentUserAllowed(&$record, $updateDownloadObject) { CoreUtils::checkConstraint($record['id']); CoreUtils::checkConstraint($record['recordId']); $recordId = $record['id']; if (!$this->isProtectedFile($record)) { return true; } $this->freeModelsOfTheMonth[$record['recordId']] = false; $this->setMessage($recordId, false); $this->setErrorMessage($recordId, false); $sessionName = CoreServices2::getRequest()->getSessionName(); if (empty($sessionName)) { $this->setErrorMessage($recordId, 'emptySessionDownloadError'); return false; } $currentUser = CoreServices2::getAccess()->getCurrentUserData(); if (empty($currentUser['id'])) { $this->setErrorMessage($recordId, 'noUserDownloadError'); return false; } if ($sessionName == 'CMSSession') { return $this->isAdminAllowed($record); } $year = date("Y"); $month = date("n"); $modelOfTheMonthDAO = new ModelOfTheMonthDAO(); $modelOfTheMonthInfoRecord = $modelOfTheMonthDAO->getFreeModelOfTheMonth($year, $month); if (!empty($modelOfTheMonthInfoRecord['modelId']) && $modelOfTheMonthInfoRecord['modelId'] == $record['recordId']) { $this->freeModelsOfTheMonth[$record['recordId']] = true; if (!empty($updateDownloadObject)) { $downloadDAO = new DownloadDAO(); $downloadRecord = $downloadDAO->getRecordTemplate(); $modelDAO = new ModelDAO(); $modelRecord = $modelDAO->getRecordById($modelOfTheMonthInfoRecord['modelId']); CoreUtils::checkConstraint(!empty($modelRecord['id'])); $downloadRecord['userId'] = $currentUser['id']; $downloadRecord['modelId'] = $modelRecord['id']; $downloadRecord['fileId'] = $record['id']; $downloadRecord['downloadStartTime'] = CoreUtils::getDateTime(); $downloadRecord['downloadAttempts'] = 0; $downloadRecord['downloadCreditsCost'] = 0; $downloadRecord['downloadModelName'] = $modelRecord['modelName']; $downloadRecord['downloadFileTypeName'] = $record['modelFileTypeName']; $downloadRecord['downloadPaid'] = 0; $downloadRecord['downloadFree'] = 1; $downloadDAO->save($downloadRecord); } return true; } $downloadLogic = new DownloadLogic(); if (!empty($updateDownloadObject)) { $result = $downloadLogic->checkAndUpdateDownloadObject($currentUser['id'], $record); } else { $result = $downloadLogic->checkDownloadObject($currentUser['id'], $record); } if (!$result) { $this->setErrorMessage($recordId, $downloadLogic->getErrorMessage()); } else { $this->setMessage($recordId, $downloadLogic->getMessage()); } return $result; }
protected function handleRequest() { $this->errorMessageContainer = $this->form->getValidationResults(); if (!$this->errorMessageContainer->isAnyErrorMessage()) { if ($this->record['id']) { $this->record['userPasswordChangeCode'] = null; $this->record['userPassword'] = $this->form->getField('userPassword')->getValue(); $this->dao->save($this->record); CoreServices2::getAccess()->login($this->record['userEmail'], $this->record['userPassword']); $this->redirectAddress = CoreServices2::getUrl()->getCurrentPageUrl('_sm', 'Save', 'id', $this->record['id']); } } }