summaryrefslogtreecommitdiffstats
path: root/application/modules/dev/controllers/AuthController.php
diff options
context:
space:
mode:
Diffstat (limited to 'application/modules/dev/controllers/AuthController.php')
-rw-r--r--application/modules/dev/controllers/AuthController.php475
1 files changed, 231 insertions, 244 deletions
diff --git a/application/modules/dev/controllers/AuthController.php b/application/modules/dev/controllers/AuthController.php
index bb59037..2e99cd7 100644
--- a/application/modules/dev/controllers/AuthController.php
+++ b/application/modules/dev/controllers/AuthController.php
@@ -1,247 +1,234 @@
-<?php
+<? php
/*
* Copyright (c) 2011 - OpenSLX GmbH, RZ Uni Freiburg
- * This program is free software distributed under the GPL version 2.
- * See http://gpl.openslx.org/
- *
- * If you have any feedback please consult http://feedback.openslx.org/ and
- * send your suggestions, praise, or complaints to feedback@openslx.org
- *
- * General information about OpenSLX can be found at http://openslx.org/
- */
-
-class dev_AuthController extends Zend_Controller_Action
-{
- protected $personmapper;
- private $db = null;
-
- public function init()
- {
- $this->db = Zend_Db_Table::getDefaultAdapter();
- $this->personmapper = new Application_Model_PersonMapper();
- }
-
- public function indexAction()
- {
- $this->_helper-> viewRenderer-> setNoRender();
- $this->_helper->redirector('login', 'auth');
- }
-
- public function loginAction()
- {
- if (Zend_Auth::getInstance()->hasIdentity()) {
- $this->_redirect('/dev/');
- } else {
- if (!isset($_POST["login"])){
- $loginForm = new dev_Form_AuthLogin();
- } else {
- $loginForm = new dev_Form_AuthLogin($_POST);
-
- if ($loginForm->isValid($_POST)) {
-
- $auth = Zend_Auth::getInstance();
-
- $adapter = new Zend_Auth_Adapter_DbTable(
- $this->db,
- 'pbs_person',
- 'email',
- 'password',
- 'MD5(CONCAT(?, password_salt))'
- );
-
-
- $adapter->setIdentity($loginForm->getValue('email'));
- $adapter->setCredential($loginForm->getValue('password'));
-
- $result = $auth->authenticate($adapter);
-
- // TODO: erweiterte fehlerbeschreibung des Users
-
- if ($result->isValid()) {
- $this->personmapper = new Application_Model_PersonMapper();
- $result = $this->personmapper->findBy(array('email' => Zend_Auth::getInstance()->getIdentity()),true);
- $person = new Application_Model_Person($result[0]);
- $person->setID($result[0]['personID']);
- $date = new DateTime();
- $person->setLogindate($date->getTimestamp());
- $this->personmapper->save($person);
- $this->_redirect('/dev/');
- return;
- } else {
- echo "Wrong Email or Password.";
- }
- }
- }
- $this->view->loginForm = $loginForm;
- }
- }
-
- public function registerAction()
- {
- if (Zend_Auth::getInstance()->hasIdentity()) {
- print_a('Already logged in.');
- } else {
- if (!isset($_POST["register"])){
- $registerForm = new dev_Form_AuthRegister();
- } else {
- $registerForm = new dev_Form_AuthRegister($_POST);
-
- if ($registerForm->isValid($_POST)) {
-
- $person = new Application_Model_Person($_POST);
- $this->personmapper = new Application_Model_PersonMapper();
-
- $date = new DateTime();
- $person->setRegisterdate($date->getTimestamp());
- $person->setPasswordSalt(MD5($date->getTimestamp()));
- $person->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
- print_a($person);
- try {
- $this->personmapper->save($person);
- }catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "<br/>";
- echo "Message: " . $e->getMessage() . "<br/>";
- echo "Email Address already existing..";
- return;
- }
- echo "Successfully registered. <br/>";
- echo "Continue to Login: <a href=\""."/dev/auth/login"."\">Login</a>";
- $this->_helper->redirector('login', 'auth');
- return;
- }
- }
- $this->view->registerForm = $registerForm;
- }
- }
-
- public function logoutAction()
- {
- $this->_helper-> viewRenderer-> setNoRender();
- $auth = Zend_Auth::getInstance();
- $auth->clearIdentity();
- Zend_Session::namespaceUnset('userIDs');
- Zend_Session::forgetMe();
- $this->_helper->redirector('login', 'auth');
- return;
- }
-
- public function recoverpasswordAction()
- {
- if (isset($_POST["savePassword"])){
- $personID = $_POST['personID'];
- $recoverPasswordForm = new dev_Form_NewPassword(array("personID" => $personID, $_POST));
- if ($recoverPasswordForm->isValid($_POST)) {
- $this->personmapper = new Application_Model_PersonMapper();
- $person = $this->personmapper->find($personID);
- $date = new DateTime();
- $person->setPassword($_POST['password']);
- $person->setPasswordSalt(MD5($date->getTimestamp()));
- $person->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
- try {
- $this->personmapper->save($person);
- } catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "<br/>";
- echo "Message: " . $e->getMessage() . "<br/>";
- echo "Email Address already existing.";
- return;
- }
- $this->_helper->redirector('login', 'auth');
- return;
- }
- } else if(isset($_GET['recoveryid'])) {
- $recoveryid = $_GET['recoveryid'];
- $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper();
- $passwordRecovery = $passwordRecoveryMapper->findBy(array("recoveryID" => $recoveryid),true);
- if(count($passwordRecovery) > 0) {
- $passwordRecoveryObject = new Application_Model_PasswordRecovery();
- $passwordRecoveryObject->setID($passwordRecovery[0]['personID']);
- $passwordRecoveryObject->setRecoveryID($passwordRecovery[0]['recoveryID']);
- $personID = $passwordRecoveryObject->getID();
- $recoverPasswordForm = new dev_Form_NewPassword(array("personID" => $personID));
- try {
- $passwordRecoveryMapper->delete($passwordRecoveryObject);
- } catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "<br/>";
- echo "Message: " . $e->getMessage() . "<br/>";
- return;
- }
- } else {
- $this->_helper->redirector('login', 'auth');
- return;
- }
- } else {
- if (!isset($_POST["recoverPassword"])){
- $recoverPasswordForm = new dev_Form_AuthRecoverPassword();
- } else {
- $recoverPasswordForm = new dev_Form_AuthRecoverPassword($_POST);
- if ($recoverPasswordForm->isValid($_POST)) {
- $recoverPasswordForm->getView()->url();
- $this->personmapper = new Application_Model_PersonMapper();
- $result = $this->personmapper->findBy('email', $_POST['email']);
- $person = new Application_Model_Person($result[0]);
- $person->setID($result[0]['personID']);
- $email = $person->getEmail();
- $name = $person->getFirstname() . ' ' . $person->getName();
- $url = $this->getRequest()->getScheme() . '://' . $this->getRequest()->getHttpHost() . $this->view->url();
- $recoveryid = randomString(100);
- $mailbody = 'Um das Passwort zu ändern klicken Sie auf folgenden Link<br /><br /><a href="'. $url . '/auth/recoverpassword/?recoveryid='. $recoveryid . '">Passwort ändern</a>';
- $mail = new Zend_Mail();
- $mail->setBodyHtml($mailbody, 'utf8');
- $mail->getBodyHtml()->getContent();
- $mail->setFrom('admin@local', 'Admin');
- $mail->addTo($email, $name);
- $mail->setSubject('Password Wiederherstellung Preboot Server');
- $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper();
- $passwordRecoveryObject = new Application_Model_PasswordRecovery();
- $passwordRecoveryObject->setID($person->getID());
- $passwordRecoveryObject->setRecoveryID($recoveryid);
- try {
- $passwordRecoveryMapper->save($passwordRecoveryObject);
- $mail->send();
- }catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "<br/>";
- echo "Message: " . $e->getMessage() . "<br/>";
- return;
- }
- $this->_helper->redirector('login', 'auth');
- return;
- }
- }
- }
- $this->view->recoverPasswordForm = $recoverPasswordForm;
- }
-
- public function deleteAction()
- {
- if($_POST['confirmdelete']) {
- $auth = Zend_Auth::getInstance();
- $result = $this->personmapper->findBy(array('email' => $auth->getIdentity()), true);
- $person = $result[0];
- $personID = $person["personID"];
- if (isset($personID)){
- $this->personmapper = new Application_Model_PersonMapper();
- $person = $this->personmapper->find($personID);
- try {
- $this->personmapper->delete($person);
- }catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "<br/>";
- echo "Message: " . $e->getMessage() . "<br/>";
- return;
- }
- $auth->clearIdentity();
- Zend_Session::namespaceUnset('userIDs');
- Zend_Session::forgetMe();
- $this->_helper->redirector('login', 'auth');
- return;
- }
- } else {
- $deleteconfirmform = new dev_Form_ConfirmDeleteAccount();
- $this->view->deleteconfirmform = $deleteconfirmform;
- }
- }
+* This program is free software distributed under the GPL version 2.
+* See http://gpl.openslx.org/
+*
+* If you have any feedback please consult http://feedback.openslx.org/ and
+* send your suggestions, praise, or complaints to feedback@openslx.org
+*
+* General information about OpenSLX can be found at http://openslx.org/
+*/
+
+class dev_AuthController extends Zend_Controller_Action {
+ protected $personmapper;
+ private $db = null;
+
+ public function init() {
+ $this->db = Zend_Db_Table::getDefaultAdapter();
+ $this->personmapper = new Application_Model_PersonMapper();
+ }
+
+ public function indexAction() {
+ $this->_helper-> viewRenderer-> setNoRender();
+ $this->_helper->redirector('login', 'auth');
+ }
+
+ public function loginAction() {
+ if (Zend_Auth::getInstance()->hasIdentity()) {
+ $this->_redirect('/dev/');
+ } else {
+ if (!isset($_POST["login"])) {
+ $loginForm = new dev_Form_AuthLogin();
+ } else {
+ $loginForm = new dev_Form_AuthLogin($_POST);
+
+ if ($loginForm->isValid($_POST)) {
+
+ $auth = Zend_Auth::getInstance();
+
+ $adapter = new Zend_Auth_Adapter_DbTable(
+ $this->db,
+ 'pbs_person',
+ 'email',
+ 'password',
+ 'MD5(CONCAT(?, password_salt))'
+ );
+
+
+ $adapter->setIdentity($loginForm->getValue('email'));
+ $adapter->setCredential($loginForm->getValue('password'));
+
+ $result = $auth->authenticate($adapter);
+
+ // TODO: erweiterte fehlerbeschreibung des Users
+
+ if ($result->isValid()) {
+ $this->personmapper = new Application_Model_PersonMapper();
+ $result = $this->personmapper->findBy(array('email' => Zend_Auth::getInstance()->getIdentity()), true);
+ $person = new Application_Model_Person($result[0]);
+ $person->setID($result[0]['personID']);
+ $date = new DateTime();
+ $person->setLogindate($date->getTimestamp());
+ $this->personmapper->save($person);
+ $this->_redirect('/dev/');
+ return;
+ } else {
+ echo "Wrong Email or Password.";
+ }
+ }
+ }
+ $this->view->loginForm = $loginForm;
+ }
+ }
+
+ public function registerAction() {
+ if (Zend_Auth::getInstance()->hasIdentity()) {
+ print_a('Already logged in.');
+ } else {
+ if (!isset($_POST["register"])) {
+ $registerForm = new dev_Form_AuthRegister();
+ } else {
+ $registerForm = new dev_Form_AuthRegister($_POST);
+
+ if ($registerForm->isValid($_POST)) {
+
+ $person = new Application_Model_Person($_POST);
+ $this->personmapper = new Application_Model_PersonMapper();
+
+ $date = new DateTime();
+ $person->setRegisterdate($date->getTimestamp());
+ $person->setPasswordSalt(MD5($date->getTimestamp()));
+ $person->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
+ print_a($person);
+ try {
+ $this->personmapper->save($person);
+ } catch(Zend_Exception $e) {
+ echo "Caught exception: " . get_class($e) . "<br/>";
+ echo "Message: " . $e->getMessage() . "<br/>";
+ echo "Email Address already existing..";
+ return;
+ }
+ echo "Successfully registered. <br/>";
+ echo "Continue to Login: <a href=\""."/dev/auth/login"."\">Login</a>";
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
+ }
+ $this->view->registerForm = $registerForm;
+ }
+ }
+
+ public function logoutAction() {
+ $this->_helper-> viewRenderer-> setNoRender();
+ $auth = Zend_Auth::getInstance();
+ $auth->clearIdentity();
+ Zend_Session::namespaceUnset('userIDs');
+ Zend_Session::forgetMe();
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
+
+ public function recoverpasswordAction() {
+ if (isset($_POST["savePassword"])) {
+ $personID = $_POST['personID'];
+ $recoverPasswordForm = new dev_Form_NewPassword(array("personID" => $personID, $_POST));
+ if ($recoverPasswordForm->isValid($_POST)) {
+ $this->personmapper = new Application_Model_PersonMapper();
+ $person = $this->personmapper->find($personID);
+ $date = new DateTime();
+ $person->setPassword($_POST['password']);
+ $person->setPasswordSalt(MD5($date->getTimestamp()));
+ $person->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
+ try {
+ $this->personmapper->save($person);
+ } catch(Zend_Exception $e) {
+ echo "Caught exception: " . get_class($e) . "<br/>";
+ echo "Message: " . $e->getMessage() . "<br/>";
+ echo "Email Address already existing.";
+ return;
+ }
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
+ } else if(isset($_GET['recoveryid'])) {
+ $recoveryid = $_GET['recoveryid'];
+ $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper();
+ $passwordRecovery = $passwordRecoveryMapper->findBy(array("recoveryID" => $recoveryid), true);
+ if(count($passwordRecovery) > 0) {
+ $passwordRecoveryObject = new Application_Model_PasswordRecovery();
+ $passwordRecoveryObject->setID($passwordRecovery[0]['personID']);
+ $passwordRecoveryObject->setRecoveryID($passwordRecovery[0]['recoveryID']);
+ $personID = $passwordRecoveryObject->getID();
+ $recoverPasswordForm = new dev_Form_NewPassword(array("personID" => $personID));
+ try {
+ $passwordRecoveryMapper->delete($passwordRecoveryObject);
+ } catch(Zend_Exception $e) {
+ echo "Caught exception: " . get_class($e) . "<br/>";
+ echo "Message: " . $e->getMessage() . "<br/>";
+ return;
+ }
+ } else {
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
+ } else {
+ if (!isset($_POST["recoverPassword"])) {
+ $recoverPasswordForm = new dev_Form_AuthRecoverPassword();
+ } else {
+ $recoverPasswordForm = new dev_Form_AuthRecoverPassword($_POST);
+ if ($recoverPasswordForm->isValid($_POST)) {
+ $recoverPasswordForm->getView()->url();
+ $this->personmapper = new Application_Model_PersonMapper();
+ $result = $this->personmapper->findBy('email', $_POST['email']);
+ $person = new Application_Model_Person($result[0]);
+ $person->setID($result[0]['personID']);
+ $email = $person->getEmail();
+ $name = $person->getFirstname() . ' ' . $person->getName();
+ $url = $this->getRequest()->getScheme() . '://' . $this->getRequest()->getHttpHost() . $this->view->url();
+ $recoveryid = randomString(100);
+ $mailbody = 'Um das Passwort zu ändern klicken Sie auf folgenden Link<br /><br /><a href="'. $url . '/auth/recoverpassword/?recoveryid='. $recoveryid . '">Passwort ändern</a>';
+ $mail = new Zend_Mail();
+ $mail->setBodyHtml($mailbody, 'utf8');
+ $mail->getBodyHtml()->getContent();
+ $mail->setFrom('admin@local', 'Admin');
+ $mail->addTo($email, $name);
+ $mail->setSubject('Password Wiederherstellung Preboot Server');
+ $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper();
+ $passwordRecoveryObject = new Application_Model_PasswordRecovery();
+ $passwordRecoveryObject->setID($person->getID());
+ $passwordRecoveryObject->setRecoveryID($recoveryid);
+ try {
+ $passwordRecoveryMapper->save($passwordRecoveryObject);
+ $mail->send();
+ } catch(Zend_Exception $e) {
+ echo "Caught exception: " . get_class($e) . "<br/>";
+ echo "Message: " . $e->getMessage() . "<br/>";
+ return;
+ }
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
+ }
+ }
+ $this->view->recoverPasswordForm = $recoverPasswordForm;
+ }
+
+ public function deleteAction() {
+ if($_POST['confirmdelete']) {
+ $auth = Zend_Auth::getInstance();
+ $result = $this->personmapper->findBy(array('email' => $auth->getIdentity()), true);
+ $person = $result[0];
+ $personID = $person["personID"];
+ if (isset($personID)) {
+ $this->personmapper = new Application_Model_PersonMapper();
+ $person = $this->personmapper->find($personID);
+ try {
+ $this->personmapper->delete($person);
+ } catch(Zend_Exception $e) {
+ echo "Caught exception: " . get_class($e) . "<br/>";
+ echo "Message: " . $e->getMessage() . "<br/>";
+ return;
+ }
+ $auth->clearIdentity();
+ Zend_Session::namespaceUnset('userIDs');
+ Zend_Session::forgetMe();
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
+ } else {
+ $deleteconfirmform = new dev_Form_ConfirmDeleteAccount();
+ $this->view->deleteconfirmform = $deleteconfirmform;
+ }
+ }
}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2026-02-27 14:11:00 +0100