diff options
| author | Sebastian Schmelzer | 2012-01-11 14:36:35 +0100 |
|---|---|---|
| committer | Sebastian Schmelzer | 2012-01-11 14:36:35 +0100 |
| commit | fca04a6dab252eb9e8c0a92ce3b7e14b32e68d1e (patch) | |
| tree | 6e6aaf749f34db8c7c7153c23ef85c57187430bb /application/modules/user/controllers/AuthController.php | |
| parent | API: mit addBootos kann man nun auch editieren (diff) | |
| download | pbs2-fca04a6dab252eb9e8c0a92ce3b7e14b32e68d1e.tar.gz pbs2-fca04a6dab252eb9e8c0a92ce3b7e14b32e68d1e.tar.xz pbs2-fca04a6dab252eb9e8c0a92ce3b7e14b32e68d1e.zip | |
format source files
Diffstat (limited to 'application/modules/user/controllers/AuthController.php')
| -rw-r--r-- | application/modules/user/controllers/AuthController.php | 477 |
1 files changed, 232 insertions, 245 deletions
diff --git a/application/modules/user/controllers/AuthController.php b/application/modules/user/controllers/AuthController.php index cc3fec4..ec5bb2b 100644 --- a/application/modules/user/controllers/AuthController.php +++ b/application/modules/user/controllers/AuthController.php @@ -1,261 +1,248 @@ -<?php +<? php /* * Copyright (c) 2011 - OpenSLX GmbH, RZ Uni Freiburg - * This program is free software distributed under the GPL version 2. - * See http://gpl.openslx.org/ - * - * If you have any feedback please consult http://feedback.openslx.org/ and - * send your suggestions, praise, or complaints to feedback@openslx.org - * - * General information about OpenSLX can be found at http://openslx.org/ - */ +* This program is free software distributed under the GPL version 2. +* See http://gpl.openslx.org/ +* +* If you have any feedback please consult http://feedback.openslx.org/ and +* send your suggestions, praise, or complaints to feedback@openslx.org +* +* General information about OpenSLX can be found at http://openslx.org/ +*/ -class User_AuthController extends Zend_Controller_Action -{ - protected $personmapper = null; - private $db = null; +class User_AuthController extends Zend_Controller_Action { + protected $personmapper = null; + private $db = null; - public function init() - { - $this->db = Zend_Db_Table::getDefaultAdapter(); - $this->personmapper = new Application_Model_PersonMapper(); - } + public function init() { + $this->db = Zend_Db_Table::getDefaultAdapter(); + $this->personmapper = new Application_Model_PersonMapper(); + } - public function indexAction() - { - $this->_helper-> viewRenderer-> setNoRender(); - $this->_helper->redirector('login', 'auth'); - } + public function indexAction() { + $this->_helper-> viewRenderer-> setNoRender(); + $this->_helper->redirector('login', 'auth'); + } - public function loginAction() - { - if (Zend_Auth::getInstance()->hasIdentity()) { - $this->_redirect('/user/'); - } else { - if (!isset($_POST["login"])){ - $loginForm = new user_Form_Login(); - } else { - $loginForm = new user_Form_Login($_POST); + public function loginAction() { + if (Zend_Auth::getInstance()->hasIdentity()) { + $this->_redirect('/user/'); + } else { + if (!isset($_POST["login"])) { + $loginForm = new user_Form_Login(); + } else { + $loginForm = new user_Form_Login($_POST); - if ($loginForm->isValid($_POST)) { + if ($loginForm->isValid($_POST)) { - $auth = Zend_Auth::getInstance(); + $auth = Zend_Auth::getInstance(); - $adapter = new Zend_Auth_Adapter_DbTable( $this->db, 'pbs_person', 'email', 'password', 'MD5(CONCAT(?, password_salt))'); - - $adapter->setIdentity($loginForm->getValue('email')); - $adapter->setCredential($loginForm->getValue('password')); + $adapter = new Zend_Auth_Adapter_DbTable( $this->db, 'pbs_person', 'email', 'password', 'MD5(CONCAT(?, password_salt))'); - $result = $auth->authenticate($adapter); + $adapter->setIdentity($loginForm->getValue('email')); + $adapter->setCredential($loginForm->getValue('password')); - if ($result->isValid()) { - $this->personmapper = new Application_Model_PersonMapper(); - $result = $this->personmapper->findBy(array('email' => Zend_Auth::getInstance()->getIdentity()),true); - $person = new Application_Model_Person($result[0]); - print_a('case1',$person); - $person->setID($result[0]['personID']); - $date = new DateTime(); - $person->setLogindate($date->getTimestamp()); - if($person->getSuspend()) { - $pbsNotifier = new Pbs_Notifier(); - $this->view->notification = $pbsNotifier->notify('Your Account is suspended', 'error'); - } else { - $this->personmapper->save($person); - $this->_helper->redirector('selectmembership', 'person'); - return; - } - } else { - $pbsNotifier = new Pbs_Notifier(); - $this->view->notification = $pbsNotifier->notify('Wrong Email or Password', 'error'); - } - } - } - $this->view->loginForm = $loginForm; - } - } + $result = $auth->authenticate($adapter); - public function logoutAction() - { - $this->_helper-> viewRenderer-> setNoRender(); - $auth = Zend_Auth::getInstance(); - $auth->clearIdentity(); - Zend_Session::namespaceUnset('userIDs'); - Zend_Session::forgetMe(); - $this->_helper->redirector('login', 'auth'); - return; - } + if ($result->isValid()) { + $this->personmapper = new Application_Model_PersonMapper(); + $result = $this->personmapper->findBy(array('email' => Zend_Auth::getInstance()->getIdentity()), true); + $person = new Application_Model_Person($result[0]); + print_a('case1', $person); + $person->setID($result[0]['personID']); + $date = new DateTime(); + $person->setLogindate($date->getTimestamp()); + if($person->getSuspend()) { + $pbsNotifier = new Pbs_Notifier(); + $this->view->notification = $pbsNotifier->notify('Your Account is suspended', 'error'); + } else { + $this->personmapper->save($person); + $this->_helper->redirector('selectmembership', 'person'); + return; + } + } else { + $pbsNotifier = new Pbs_Notifier(); + $this->view->notification = $pbsNotifier->notify('Wrong Email or Password', 'error'); + } + } + } + $this->view->loginForm = $loginForm; + } + } - public function registerAction() - { - if (Zend_Auth::getInstance()->hasIdentity()) { - $pbsNotifier = new Pbs_Notifier(); - $this->view->notification = $pbsNotifier->notify('Already logged in.', 'error'); - } else { - if (!isset($_POST["register"])){ - $registerForm = new user_Form_Register(); - } else { - foreach($_POST as $k => $v) { - if($v != '') { - $data[$k] = $v; - } - } - $registerForm = new user_Form_Register($data); - if ($registerForm->isValid($_POST)) { - $person = new Application_Model_Person($_POST); - $this->personmapper = new Application_Model_PersonMapper(); - $date = new DateTime(); - $person->setSuspend(0) - ->setRegisterdate($date->getTimestamp()) - ->setPasswordSalt(MD5($date->getTimestamp())) - ->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$')) - ->setPassword(MD5($person->getPassword() . $person->getPasswordSalt())); - try { - $this->personmapper->save($person); - }catch(Zend_Exception $e) - { - $pbsNotifier = new Pbs_Notifier(); - $this->view->notification = $pbsNotifier->notify('Email already registered', 'error'); - $this->view->registerForm = $registerForm; - return; - } - $this->_helper->redirector('login', 'auth'); - return; - } - } - $this->view->registerForm = $registerForm; - } - } + public function logoutAction() { + $this->_helper-> viewRenderer-> setNoRender(); + $auth = Zend_Auth::getInstance(); + $auth->clearIdentity(); + Zend_Session::namespaceUnset('userIDs'); + Zend_Session::forgetMe(); + $this->_helper->redirector('login', 'auth'); + return; + } - public function deleteAction() - { - if($this->_request->getParam('personID')) { - if(!Pbs_Acl::checkRight('peoa')) { - $this->_redirect('/user'); - } - $personID = $this->_request->getParam('personID'); - } else { - if(!Pbs_Acl::checkRight('pdo')) { - $this->_redirect('/user'); - } - $userIDsNamespace = Zend_Session::namespaceGet('userIDs'); - $personID = $userIDsNamespace['personID']; - } - if($_POST['confirmdelete']) { - if (isset($personID)){ - $this->personmapper = new Application_Model_PersonMapper(); - $person = $this->personmapper->find($personID); - print_r($person); - try { - $this->personmapper->delete($person); - }catch(Zend_Exception $e) - { - echo "Caught exception: " . get_class($e) . "<br/>"; - echo "Message: " . $e->getMessage() . "<br/>"; - return; - } - if($this->_request->getParam('personID')) { - $this->_helper->redirector('', 'person'); - } else { - $auth->clearIdentity(); - Zend_Session::namespaceUnset('userIDs'); - Zend_Session::forgetMe(); - $this->_helper->redirector('login', 'auth'); - } - return; - } - } else { - $deleteconfirmform = new user_Form_ConfirmDeleteAccount(); - $this->view->deleteconfirmform = $deleteconfirmform; - } - } + public function registerAction() { + if (Zend_Auth::getInstance()->hasIdentity()) { + $pbsNotifier = new Pbs_Notifier(); + $this->view->notification = $pbsNotifier->notify('Already logged in.', 'error'); + } else { + if (!isset($_POST["register"])) { + $registerForm = new user_Form_Register(); + } else { + foreach($_POST as $k => $v) { + if($v != '') { + $data[$k] = $v; + } + } + $registerForm = new user_Form_Register($data); + if ($registerForm->isValid($_POST)) { + $person = new Application_Model_Person($_POST); + $this->personmapper = new Application_Model_PersonMapper(); + $date = new DateTime(); + $person->setSuspend(0) + ->setRegisterdate($date->getTimestamp()) + ->setPasswordSalt(MD5($date->getTimestamp())) + ->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$')) + ->setPassword(MD5($person->getPassword() . $person->getPasswordSalt())); + try { + $this->personmapper->save($person); + } catch(Zend_Exception $e) { + $pbsNotifier = new Pbs_Notifier(); + $this->view->notification = $pbsNotifier->notify('Email already registered', 'error'); + $this->view->registerForm = $registerForm; + return; + } + $this->_helper->redirector('login', 'auth'); + return; + } + } + $this->view->registerForm = $registerForm; + } + } - public function recoverpasswordAction() - { - if (isset($_POST["savePassword"])){ - $personID = $_POST['personID']; - $recoverPasswordForm = new user_Form_NewPassword(array("personID" => $personID, $_POST)); - if ($recoverPasswordForm->isValid($_POST)) { - $this->personmapper = new Application_Model_PersonMapper(); - $person = $this->personmapper->find($personID); - $date = new DateTime(); - $person->setPassword($_POST['password']) - ->setPasswordSalt(MD5($date->getTimestamp())) - ->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$')) - ->setPassword(MD5($person->getPassword() . $person->getPasswordSalt())); - try { - $this->personmapper->save($person); - } catch(Zend_Exception $e) - { - echo "Caught exception: " . get_class($e) . "<br/>"; - echo "Message: " . $e->getMessage() . "<br/>"; - echo "Email Address already existing."; - return; - } - $this->_helper->redirector('login', 'auth'); - return; - } - } else if(isset($_GET['recoveryid'])) { - $recoveryid = $_GET['recoveryid']; - $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper(); - $passwordRecovery = $passwordRecoveryMapper->findBy(array("recoveryID" => $recoveryid),true); - if(count($passwordRecovery) > 0) { - $passwordRecoveryObject = new Application_Model_PasswordRecovery(); - $passwordRecoveryObject->setID($passwordRecovery[0]['personID']); - $passwordRecoveryObject->setRecoveryID($passwordRecovery[0]['recoveryID']); - $personID = $passwordRecoveryObject->getID(); - $recoverPasswordForm = new user_Form_NewPassword(array("personID" => $personID)); - try { - $passwordRecoveryMapper->delete($passwordRecoveryObject); - } catch(Zend_Exception $e) - { - echo "Caught exception: " . get_class($e) . "<br/>"; - echo "Message: " . $e->getMessage() . "<br/>"; - return; - } - } else { - $this->_helper->redirector('login', 'auth'); - return; - } - } else { - if (!isset($_POST["recoverPassword"])){ - $recoverPasswordForm = new user_Form_RecoverPassword(); - } else { - $recoverPasswordForm = new user_Form_RecoverPassword($_POST); - if ($recoverPasswordForm->isValid($_POST)) { - $recoverPasswordForm->getView()->url(); - $this->personmapper = new Application_Model_PersonMapper(); - $result = $this->personmapper->findBy(array('email' => $_POST['email']),true); - $person = new Application_Model_Person($result[0]); - $person->setID($result[0]['personID']); - $email = $person->getEmail(); - $name = $person->getFirstname() . ' ' . $person->getName(); - $url = $this->getRequest()->getScheme() . '://' . $this->getRequest()->getHttpHost() . $this->view->url(); - $recoveryid = randomString(100); - $mailbody = 'Um das Passwort zu ändern klicken Sie auf folgenden Link<br /><br /><a href="'. $url . '/auth/recoverpassword/?recoveryid='. $recoveryid . '">Passwort ändern</a>'; - $mail = new Zend_Mail(); - $mail->setBodyHtml($mailbody, 'utf8') - ->getBodyHtml()->getContent() - ->setFrom('admin@local', 'Admin') - ->addTo($email, $name) - ->setSubject('Password Wiederherstellung Preboot Server'); - $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper(); - $passwordRecoveryObject = new Application_Model_PasswordRecovery(); - $passwordRecoveryObject->setID($person->getID()) - ->setRecoveryID($recoveryid); - try { - $passwordRecoveryMapper->save($passwordRecoveryObject); - $mail->send(); - }catch(Zend_Exception $e) - { - echo "Caught exception: " . get_class($e) . "<br/>"; - echo "Message: " . $e->getMessage() . "<br/>"; - return; - } - $this->_helper->redirector('login', 'auth'); - return; - } - } - } - $this->view->recoverPasswordForm = $recoverPasswordForm; - } + public function deleteAction() { + if($this->_request->getParam('personID')) { + if(!Pbs_Acl::checkRight('peoa')) { + $this->_redirect('/user'); + } + $personID = $this->_request->getParam('personID'); + } else { + if(!Pbs_Acl::checkRight('pdo')) { + $this->_redirect('/user'); + } + $userIDsNamespace = Zend_Session::namespaceGet('userIDs'); + $personID = $userIDsNamespace['personID']; + } + if($_POST['confirmdelete']) { + if (isset($personID)) { + $this->personmapper = new Application_Model_PersonMapper(); + $person = $this->personmapper->find($personID); + print_r($person); + try { + $this->personmapper->delete($person); + } catch(Zend_Exception $e) { + echo "Caught exception: " . get_class($e) . "<br/>"; + echo "Message: " . $e->getMessage() . "<br/>"; + return; + } + if($this->_request->getParam('personID')) { + $this->_helper->redirector('', 'person'); + } else { + $auth->clearIdentity(); + Zend_Session::namespaceUnset('userIDs'); + Zend_Session::forgetMe(); + $this->_helper->redirector('login', 'auth'); + } + return; + } + } else { + $deleteconfirmform = new user_Form_ConfirmDeleteAccount(); + $this->view->deleteconfirmform = $deleteconfirmform; + } + } + + public function recoverpasswordAction() { + if (isset($_POST["savePassword"])) { + $personID = $_POST['personID']; + $recoverPasswordForm = new user_Form_NewPassword(array("personID" => $personID, $_POST)); + if ($recoverPasswordForm->isValid($_POST)) { + $this->personmapper = new Application_Model_PersonMapper(); + $person = $this->personmapper->find($personID); + $date = new DateTime(); + $person->setPassword($_POST['password']) + ->setPasswordSalt(MD5($date->getTimestamp())) + ->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$')) + ->setPassword(MD5($person->getPassword() . $person->getPasswordSalt())); + try { + $this->personmapper->save($person); + } catch(Zend_Exception $e) { + echo "Caught exception: " . get_class($e) . "<br/>"; + echo "Message: " . $e->getMessage() . "<br/>"; + echo "Email Address already existing."; + return; + } + $this->_helper->redirector('login', 'auth'); + return; + } + } else if(isset($_GET['recoveryid'])) { + $recoveryid = $_GET['recoveryid']; + $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper(); + $passwordRecovery = $passwordRecoveryMapper->findBy(array("recoveryID" => $recoveryid), true); + if(count($passwordRecovery) > 0) { + $passwordRecoveryObject = new Application_Model_PasswordRecovery(); + $passwordRecoveryObject->setID($passwordRecovery[0]['personID']); + $passwordRecoveryObject->setRecoveryID($passwordRecovery[0]['recoveryID']); + $personID = $passwordRecoveryObject->getID(); + $recoverPasswordForm = new user_Form_NewPassword(array("personID" => $personID)); + try { + $passwordRecoveryMapper->delete($passwordRecoveryObject); + } catch(Zend_Exception $e) { + echo "Caught exception: " . get_class($e) . "<br/>"; + echo "Message: " . $e->getMessage() . "<br/>"; + return; + } + } else { + $this->_helper->redirector('login', 'auth'); + return; + } + } else { + if (!isset($_POST["recoverPassword"])) { + $recoverPasswordForm = new user_Form_RecoverPassword(); + } else { + $recoverPasswordForm = new user_Form_RecoverPassword($_POST); + if ($recoverPasswordForm->isValid($_POST)) { + $recoverPasswordForm->getView()->url(); + $this->personmapper = new Application_Model_PersonMapper(); + $result = $this->personmapper->findBy(array('email' => $_POST['email']), true); + $person = new Application_Model_Person($result[0]); + $person->setID($result[0]['personID']); + $email = $person->getEmail(); + $name = $person->getFirstname() . ' ' . $person->getName(); + $url = $this->getRequest()->getScheme() . '://' . $this->getRequest()->getHttpHost() . $this->view->url(); + $recoveryid = randomString(100); + $mailbody = 'Um das Passwort zu ändern klicken Sie auf folgenden Link<br /><br /><a href="'. $url . '/auth/recoverpassword/?recoveryid='. $recoveryid . '">Passwort ändern</a>'; + $mail = new Zend_Mail(); + $mail->setBodyHtml($mailbody, 'utf8') + ->getBodyHtml()->getContent() + ->setFrom('admin@local', 'Admin') + ->addTo($email, $name) + ->setSubject('Password Wiederherstellung Preboot Server'); + $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper(); + $passwordRecoveryObject = new Application_Model_PasswordRecovery(); + $passwordRecoveryObject->setID($person->getID()) + ->setRecoveryID($recoveryid); + try { + $passwordRecoveryMapper->save($passwordRecoveryObject); + $mail->send(); + } catch(Zend_Exception $e) { + echo "Caught exception: " . get_class($e) . "<br/>"; + echo "Message: " . $e->getMessage() . "<br/>"; + return; + } + $this->_helper->redirector('login', 'auth'); + return; + } + } + } + $this->view->recoverPasswordForm = $recoverPasswordForm; + } } |