/** * Change password * @param Difra\Param\AjaxString $oldpassword * @param Difra\Param\AjaxString $password1 * @param Difra\Param\AjaxString $password2 */ public function passwordAjaxActionAuth(Param\AjaxString $oldpassword, Param\AjaxString $password1, Param\AjaxString $password2) { $user = User::getCurrent(); if (!$user->verifyPassword($oldpassword)) { Ajaxer::status('oldpassword', Locales::get('auth/password/bad_old'), 'problem'); $ok = false; } else { $ok = true; } $reg = new Register(); $reg->setPassword1($password1->val()); $reg->setPassword2($password2->val()); if (!$reg->validatePasswords()) { if ($ok) { Ajaxer::status('oldpassword', Locales::get('auth/password/old_ok'), 'ok'); } $reg->callAjaxerEvents(); return; } if (!$ok) { return; } $user->setPassword($password1->val()); $this->afterPasswordChangeAjax(); }
public static function load() { if (Auth::getInstance()->isAuthorized()) { return; } if (!isset($_COOKIE['resume']) or strlen($_COOKIE['resume']) != 48) { return; } try { // find session in db $session = DB::getInstance()->fetchRow("SELECT `ip`, `user` FROM `user_session` WHERE `session`=?", [$_COOKIE['resume']]); if (empty($session)) { throw new Exception('Long session not found in database'); } // check ip if ($session['ip'] & ip2long(Users::IP_MASK) != ip2long($_SERVER['REMOTE_ADDR']) & ip2long(Users::IP_MASK)) { throw new Exception('Long session IP does not match'); } // find user $user = User::getById($session['user']); $user->login(); } catch (Exception $ex) { self::remove(); } }
/** * Verify password change link * @param $key * @param bool|false $returnUser * @return bool|User|string * @throws UsersException */ public static function verify($key, $returnUser = false) { $db = DB::getInstance(Users::getDB()); $data = $db->fetchRow('SELECT * FROM `user_recover` WHERE `recover`=?', [$key]); if (empty($data)) { throw new UsersException(self::RECOVER_INVALID); } if ($data['used']) { throw new UsersException(self::RECOVER_USED); } $date = $data['date_requested']; $date = explode(' ', $date); $day = explode('-', $date[0]); $time = explode(':', $date[1]); $day1 = mktime($time[0], $time[1], $time[2], $day[1], $day[2], $day[0]); if ($day1 and time() - $day1 > 3600 * Users::getRecoverTTL()) { throw new UsersException(self::RECOVER_OUTDATED); } return $returnUser ? User::getById($data['user']) : true; }
/** * Manual user activation * @param Param\AnyInt $id */ public function activateAjaxAction(Param\AnyInt $id) { User::getById($id->val())->activateManual(); Ajaxer::refresh(); }
/** * @param \Difra\Unify\Paginator $paginator * @return self[] * @throws \Difra\Exception */ public static function getList($paginator = null) { $db = DB::getInstance(Users::DB); if ($paginator) { $limits = $paginator->getPaginatorLimit(); $usersData = $db->fetch("SELECT * FROM `user` LIMIT {$limits[0]},{$limits[1]}"); $total = $db->fetchOne('SELECT COUNT(*) FROM `user`'); $paginator->setTotal($total); } else { $usersData = $db->fetch('SELECT * FROM `user`'); } $users = []; foreach ($usersData as $data) { $user = User::load($data); $users[] = $user; } return $users; }
/** * Log out (ajax) */ public function indexAjaxAction() { User::logout(); $this->afterLogoutAjax(); }
/** * Activate user * @param $key * @return bool * @throws Exception */ public static function activate($key) { $key = trim((string) $key); if (!$key) { throw new UsersException(self::ACTIVATE_NOTFOUND); } $db = DB::getInstance(Users::getDB()); $data = $db->fetchRow('SELECT * FROM `user` WHERE `activation`=? LIMIT 1', [(string) $key]); if (empty($data)) { throw new UsersException(self::ACTIVATE_NOTFOUND); } if ($data['active']) { throw new UsersException(self::ACTIVATE_USED); } // if ($data['registered'] < date('Y-m-d H:i:s', time() - Users::ACTIVATE_TTL)) { // throw new UsersException(self::ACTIVATE_TIMEOUT); // } $db->query("UPDATE `user` SET `active`='1',`activation`=NULL WHERE `activation`=?", [$key]); if (Config::getInstance()->getValue('auth', 'login_on_activate')) { $user = User::getById($data['id']); $user->login(); } return true; }