public function cookie_login()
{
if (isset($_COOKIE['mid']) && isset($_COOKIE['e']) && isset($_COOKIE['token'])) {
$id = $this->decrypt($_COOKIE['mid']);
$email = $this->decrypt($_COOKIE['e']);
$token = $this->decrypt($_COOKIE['token']);
$member = Members::findFirst(array('id = "' . trim($id) . '"', 'email = "' . trim($email) . '"'));
//$member = Members::findFirst(array('id= "'.$id.'"', 'email="Yes"'));
if ($member == true && $this->security->checkHash($token, $member->cookie_token)) {
$userSession = get_object_vars($member);
$userSession['type'] = 'Member';
$profilePic = MemberPhotos::findFirst(array('member_id="' . $userSession['id'] . '"', 'primary_pic="Yes"'));
$userSession['primary_pic'] = $profilePic->file_path . $profilePic->filename;
return $this->session->set('userSession', $userSession);
}
}
}
public function set_primary_photoAction($id = null)
{
$this->view->disable();
$photos = MemberPhotos::findFirst($id);
$userSession = $this->session->get('userSession');
if (!$photos || $userSession['id'] != $photos->member_id) {
return $this->response->redirect('biz/add_photo/' . $userSession['id']);
} else {
$currentPhotos = MemberPhotos::find('member_id = "' . $userSession['id'] . '"');
foreach ($currentPhotos as $key => $currentPhoto) {
$currentPhoto->primary_pic = 'No';
if (!$currentPhoto->update()) {
$this->view->disable();
echo "failed to update current photo.";
}
}
$photos->modified = date('Y-m-d H:i:s');
$photos->primary_pic = 'Yes';
if ($photos->update()) {
$userSession['primary_pic'] = $photos->file_path . $photos->filename;
$this->session->set('userSession', $userSession);
$this->flash->success('<button type="button" class="close" data-dismiss="alert">×</button>Photo has been set as primary.');
return $this->response->redirect('biz/add_photo/' . $userSession['id']);
} else {
$this->view->disable();
echo "failed to modified data. ";
}
}
}
/**
* Login user
* @return \Phalcon\Http\ResponseInterface
*/
public function advertiser_loginAction()
{
if ($this->request->isPost()) {
// if($this->security->checkToken() == false){
// $this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Invalid CSRF Token');
// return $this->response->redirect('login');
// }
$this->view->disable();
$email = $this->request->getPost('email');
// $_POST
$password = $this->request->getPost('password');
if (empty($email) || empty($password)) {
$this->flash->warning('<button type="button" class="close" data-dismiss="alert">×</button>All fields required');
return $this->response->redirect('');
}
$member = Members::findFirstByEmail($email);
if ($member == true && $member == 'Advertiser' && $this->security->checkHash($password, $member->password)) {
$emaiConfirmed = EmailConfirmations::findFirst(array('columns' => '*', 'conditions' => 'user_id = ?1 AND email=?2 AND confirmed = ?3', 'bind' => array(1 => $member->id, 2 => $email, 3 => 'Y')));
if (!$emaiConfirmed) {
$this->flash->warning('<button type="button" class="close" data-dismiss="alert">×</button>You\'re email is not yet confirmed.');
return $this->response->redirect('');
}
$userSession = get_object_vars($member);
$profilePic = MemberPhotos::findFirst(array('member_id="' . $userSession['id'] . '"', 'primary_pic="Yes"'));
$userSession['primary_pic'] = $profilePic->file_path . $profilePic->filename;
$this->session->set('userSession', $userSession);
//member id
$cookie_name = "mid";
$cookie_value = $userSession['id'];
$date_of_expiry = time() + 60 * 60 * 24 * 90;
setcookie($cookie_name, $this->encrypt($cookie_value), $date_of_expiry, "/");
//email
$cookie_name = "e";
$cookie_value = $userSession['email'];
setcookie($cookie_name, $this->encrypt($cookie_value), $date_of_expiry, "/");
//cookie token
$cookie_name = "token";
$cookie_token = substr(md5(uniqid(rand(), true)), 0, 20);
setcookie($cookie_name, $this->encrypt($cookie_token), $date_of_expiry, "/");
$member->modified = date('Y-m-d H:i:s');
$member->cookie_token = $this->security->hash($cookie_token);
if ($member->update()) {
$this->flash->success('<button type="button" class="close" data-dismiss="alert">×</button>You are now logged in.');
$this->response->redirect('member/page/' . $userSession['id']);
}
} else {
$this->flash->error('<button type="button" class="close" data-dismiss="alert">×</button>Incorrect username or password.');
$this->response->redirect('');
}
}
}
