/** * User login */ public function indexAction() { //User has login yet if ($this->_user) { $this->session->remove('auth'); unset($_SESSION); } $this->_addSocialLogin(); //Regular login if ($this->request->isPost()) { $validation = new Validation(); $validation->add('email', new Email()); $messages = $validation->validate($this->request->getPost()); if (count($messages)) { foreach ($messages as $message) { $this->flashSession->error($message); } $this->response->redirect('/user/login/'); return; } $email = strtolower($this->request->getPost('email', 'email')); $password = $this->request->getPost('password', 'string'); if (Users::login($email, $password)) { $user = Users::getCurrentUser(); $this->flashSession->success('Hi, ' . $user['full_name']); $this->response->redirect('/'); } else { $this->flashSession->error('User or password not match!'); $this->response->redirect('/user/login/'); } } }
/** * Check item edit is is_super_admin * * @return bool */ public function beforeSave() { //Cannot edit role id == 1 because Supper Administrator access all permission $auth = Users::getCurrentUser(); if ($this->is_super_admin == 1 && $auth['is_super_admin'] != 1) { return false; } return true; }
/** * Edit role * * @param int $id * @return null */ public function editAction($id) { $id = intval($id); //Add toolbar button $this->_toolbar->addSaveButton(); $this->_toolbar->addCancelButton('index'); /** * @var Users $currentEditUser */ $currentEditUser = Users::findFirst($id); //If id not exist if (!$currentEditUser || $currentEditUser->user_id == Users::getCurrentUser()['id']) { $this->flashSession->error('m_system_user_message_user_not_exist'); $this->response->redirect('/admin/system/user/'); return null; } $oldUserInfo = clone $currentEditUser; $currentEditUser->password = null; $form = new UserForm($currentEditUser); $this->view->setVar('admin_role', UserRoles::find()); if ($this->request->isPost()) { if ($_POST['password'] == '' && $_POST['password_confirmation'] == '') { //Return old password $_POST['password'] = $oldUserInfo->password; $_POST['password_confirmation'] = $_POST['password']; } if ($form->isValid($_POST, $currentEditUser)) { $currentEditUser->avatar = USER_AVATAR_DEFAULT; $currentEditUser->email = $oldUserInfo->email; $currentEditUser->password = $this->security->hash($_POST['password']); if ($currentEditUser->save()) { $this->flashSession->success('m_system_user_message_update_user_successfully'); return $this->response->redirect('/admin/system/user/'); } else { $this->flashSession->error('m_system_user_message_update_user_failed'); $this->setFlashSession($currentEditUser->getMessages(), 'error'); } } else { $this->setFlashSession($form->getMessages(), 'error'); } } $this->view->setVar('form', $form); $_POST['password'] = ''; $_POST['password_confirmation'] = ''; return true; }
/** * Check user logged in * * @return bool */ public static function isLoggedIn() { return (bool) Users::getCurrentUser(); }