public function process()
{
// TODO: There might be a cleaner way to handle honeypot errors
// instead of exiting, but it's good enough for now.
if ((string) $this->value != '') {
Typeframe::Log('Mailform submission blocked due to value in honeypot field');
exit;
}
}
/**
* Create an Auth object based on a user's auth setting or the default authentication method.
* @param string $usernameOrEmail The user name or email address of the user.
* @param string $field Which field to use (username, email, or either)
* @param string $method Default authentication method for nonexistent users (e.g., so users can authenticate through LDAP even if they don't have a user record yet)
* @return Auth
*/
public static function ForUser($usernameOrEmail, $field = 'either', $method = TYPEF_AUTH_DEFAULT)
{
switch ($field) {
case 'username':
$field = 'username';
break;
case 'email':
$field = 'email';
break;
default:
$field = 'username';
if (preg_match('/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,4}$/i', $usernameOrEmail)) {
$field = 'email';
}
break;
}
$users = new Model_User();
$users->where("{$field} = ?", $usernameOrEmail);
$obj = null;
if ($users->getTotal() == 0) {
$user = Model_User::Create();
$user[$field] = $usernameOrEmail;
$cls = 'Auth_' . $method;
} else {
if ($users->getTotal() > 1) {
Typeframe::Log("WARNING: {$usernameOrEmail} matches more than one {$field} in the user table.");
}
$user = $users->getFirst();
$userAuth = $user['auth'];
if (!$userAuth) {
$userAuth = 'Hash';
}
// Older users might have a blank auth field. Assume Hash
$cls = 'Auth_' . $userAuth;
}
if (!is_subclass_of($cls, 'Auth')) {
throw new Exception("{$cls} is not a subclass of Auth");
}
$obj = new $cls($user);
return $obj;
}
$user = $users->getFirst();
$userid = $user->get('userid');
$resetkey = randomID();
$expire = date('Y-m-d H:i:s', time() + 86400);
// create an entry in the password reset table
$reset = Model_UserReset::Create();
$reset->set('userid', $userid);
$reset->set('resetkey', $resetkey);
$reset->set('expire', $expire);
$reset->save();
// construct e-mail body
$mm = new Pagemill($pm->root()->fork());
$mm->setVariable('username', $user->get('username'));
$mm->setVariable('reseturl', sprintf('http://%s%s/password?userid=%d&resetkey=%s', $_SERVER['HTTP_HOST'], TYPEF_WEB_DIR, $userid, $resetkey));
$body = str_replace('&', '&', $mm->writeString('<pm:include template="/users/reset.eml" />', true));
// e-mail the user so they can reset their password
$mailer = new Mailer();
$mailer->Configure();
$mailer->IsHTML(true);
$mailer->AddAddress($_POST['email']);
$mailer->Subject = 'Request to Reset Password for ' . TYPEF_TITLE;
$mailer->Body = $body;
$mailer->Send();
$pm->setVariable('reset_email_sent', true);
Typeframe::Log('Request to reset password for ' . $_POST['email']);
} else {
$pm->setVariable('reset_email_failed', true);
}
}
// set template (controller is at root, but template lives in users directory
Typeframe::SetPageTemplate('/users/password-reset.html');
<?php
$db = Typeframe::Database();
$pm = Typeframe::Pagemill();
if ($_POST['cmd'] == 'login') {
$ftp = new Ftp();
if (!$ftp->connect(TYPEF_FTP_HOST)) {
Typeframe::Log("Failed to connect to FTP at '" . TYPEF_FTP_HOST . "'");
$pm->addLoop('errors', array('message' => "Could not connect to '" . TYPEF_FTP_HOST . "'"));
} else {
if (!$ftp->login($_POST['username'], $_POST['password'])) {
Typeframe::Log('FTP login failed');
$pm->addLoop('errors', array('message' => "Login failed."));
} else {
Typeframe::Log('FTP login succeeded');
$_SESSION['typef_ftp_user'] = $_POST['username'];
$_SESSION['typef_ftp_pass'] = $_POST['password'];
Typeframe::Redirect('FTP login confirmed.', $_POST['redirect']);
return;
}
}
$pm->setVariable('redirect', $_POST['redirect']);
}
/**
* Log out the current user.
*/
public function logout()
{
Typeframe::Log('User logged out');
unset($_SESSION['typef_user']);
if (defined('SESSION_DB') && SESSION_DB) {
Session::SetUID(0);
}
setcookie('typef_username', false, time() - 3600, '/');
setcookie('typef_passhash', false, time() - 3600, '/');
}
// if no resets or invalid user, report error
if (!$reset->exists() || !$user->exists()) {
Typeframe::Redirect('Invalid reset key.', TYPEF_WEB_DIR . '/', -1);
return;
}
// process form
if ('POST' == $_SERVER['REQUEST_METHOD']) {
// get password and password2
$password = trim(@$_POST['password']);
$password2 = trim(@$_POST['password2']);
// check for errors
if (!strlen($password) && !strlen($password2)) {
$pm->addLoop('errors', array('message' => 'A password is required.'));
} elseif ($password != $password2) {
$pm->addLoop('errors', array('message' => 'The passwords you entered did not match.'));
} else {
// reset it for this user
$user->set('password', $password);
$user->save();
$reset->delete();
Typeframe::User()->login($user->get('username'), $password);
Typeframe::Log('Password changed.');
Typeframe::Redirect('Your password has been reset.', TYPEF_WEB_DIR . '/', 1);
return;
}
}
$pm->setVariable('userid', $userid);
$pm->setVariable('username', $user->get('username'));
$pm->setVariable('resetkey', $resetkey);
// set template (controller is at root, but template lives in users directory
Typeframe::SetPageTemplate('/users/password-new.html');
<?php
Typeframe::SetPageTemplate('/users/login.html');
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$auth = Auth::ForUser($_POST['username']);
try {
$valid = $auth->validate($_POST['password']);
} catch (Exception $e) {
$valid = false;
}
if ($valid) {
$user = $auth->user();
$_SESSION['typef_user'] = $user->getArray(false);
if (!empty($_POST['remember'])) {
// Store cookie
setcookie('typef_userid', $user['userid'], time() + 60 * 60 * 24 * 30, '/');
setcookie('typef_passhash', $user['passhash'], time() + 60 * 60 * 24 * 30, '/');
}
if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], '/login') === false) {
$redirect = $_SERVER['HTTP_REFERER'];
} else {
$redirect = TYPEF_WEB_DIR . '/';
}
Typeframe::Log("{$user['username']} logged in");
Typeframe::Redirect('Login Successful! Welcome!', $redirect);
} else {
$pm->addLoop('errors', array('message' => 'Invalid login.'));
}
}
