public function indexAction() { $registry = Zend_Registry::getInstance(); $auth = Zend_Auth::getInstance(); $config = $registry->get("config"); $sessionConfig = $config['resources']['session']; Ml_Model_AntiAttack::loadRules(); $credential = Ml_Model_Credential::getInstance(); $logger = Ml_Model_Logger::getInstance(); if ($auth->hasIdentity()) { return $this->_forward("goback"); } $request = $this->getRequest(); $form = $credential->loginForm(); if (Ml_Model_AntiAttack::ensureHuman()) { $ensureHuman = true; } else { $ensureHuman = false; } if ($request->isPost()) { ignore_user_abort(true); //A way to sign in only if captcha is right. This is a workaround to //signout if the captcha is wrong. // //I've decided to put the sign in code in the validator itself, //but couldn't find a way to make the password validator //load after the captcha one (but to let it come first in code, //and that's ugly on the screen) and get a result if the //validation worked. Notice that it is only useful when //the captcha is required. if ($form->isValid($request->getPost())) { //@see below $session = Ml_Model_Session::getInstance(); //rememberMe and ForgetMe already regenerates the ID if ($form->getElement("remember_me")->isChecked()) { Zend_Session::rememberMe($sessionConfig['cookie_lifetime']); } else { Zend_Session::ForgetMe(); } $session->associate($auth->getIdentity(), Zend_Session::getId()); $logger->log(array("action" => "login", "username" => $form->getValue("username"))); $this->_forward("goback"); } else { //@see above if ($auth->hasIdentity()) { $auth->clearIdentity(); } $logger->log(array("action" => "login_denied", "username" => $form->getValue("username"))); $this->view->errorlogin = true; } //@end of workaround } $challenge = $form->getElement("challenge"); //don't show missing value in the first time that asks for the captcha if (!$ensureHuman && is_object($challenge)) { $challenge->setErrorMessages(array("missingValue" => '')); } $this->view->loginform = $form; }
public function init() { $registry = Zend_Registry::getInstance(); $config = $registry->get("config"); $this->addElementPrefixPath('Ml_Validate', 'Ml/Validate/', Zend_Form_Element::VALIDATE); $this->addElementPrefixPath('Ml_Filter', 'Ml/Filter/', Zend_Form_Element::FILTER); $this->addElement('text', 'username', array('label' => 'Username or e-mail:', 'required' => true, 'autofocus' => 'autofocus', 'filters' => array('StringTrim', 'StringToLower'), 'validators' => array(array('validator' => 'username')))); $this->getElement("username")->setAttrib('required', 'required'); $this->addElement('password', 'password', array('label' => 'Password:'******'required' => true, 'filters' => array('StringTrim'), 'validators' => array(array('validator' => 'StringLength', 'options' => array(5, 20)), array('validator' => 'password')))); $this->getElement("password")->setAttrib('required', 'required'); $this->addElement('checkbox', 'remember_me', array('label' => 'Remember me')); if (Ml_Model_AntiAttack::ensureHuman()) { $this->addElement(Ml_Model_AntiAttack::captchaElement()); } $login = $this->addElement('submit', 'login', array('required' => false, 'ignore' => true, 'label' => 'Sign in', 'class' => 'btn primary')); if ($config['ssl']) { $this->getElement("login")->addValidator("Https"); //By default the submit element doesn't display a error decorator $this->getElement("login")->addDecorator("Errors"); } $this->getElement("username")->setAttrib('class', 'span3'); $this->getElement("password")->setAttrib('class', 'span3'); $this->setAttrib('class', 'form-stacked'); }