summaryrefslogtreecommitdiffstats
path: root/application/modules/user/controllers/AuthController.php
diff options
context:
space:
mode:
Diffstat (limited to 'application/modules/user/controllers/AuthController.php')
-rw-r--r--application/modules/user/controllers/AuthController.php477
1 files changed, 232 insertions, 245 deletions
diff --git a/application/modules/user/controllers/AuthController.php b/application/modules/user/controllers/AuthController.php
index cc3fec4..ec5bb2b 100644
--- a/application/modules/user/controllers/AuthController.php
+++ b/application/modules/user/controllers/AuthController.php
@@ -1,261 +1,248 @@
-<?php
+<? php
/*
* Copyright (c) 2011 - OpenSLX GmbH, RZ Uni Freiburg
- * This program is free software distributed under the GPL version 2.
- * See http://gpl.openslx.org/
- *
- * If you have any feedback please consult http://feedback.openslx.org/ and
- * send your suggestions, praise, or complaints to feedback@openslx.org
- *
- * General information about OpenSLX can be found at http://openslx.org/
- */
+* This program is free software distributed under the GPL version 2.
+* See http://gpl.openslx.org/
+*
+* If you have any feedback please consult http://feedback.openslx.org/ and
+* send your suggestions, praise, or complaints to feedback@openslx.org
+*
+* General information about OpenSLX can be found at http://openslx.org/
+*/
-class User_AuthController extends Zend_Controller_Action
-{
- protected $personmapper = null;
- private $db = null;
+class User_AuthController extends Zend_Controller_Action {
+ protected $personmapper = null;
+ private $db = null;
- public function init()
- {
- $this->db = Zend_Db_Table::getDefaultAdapter();
- $this->personmapper = new Application_Model_PersonMapper();
- }
+ public function init() {
+ $this->db = Zend_Db_Table::getDefaultAdapter();
+ $this->personmapper = new Application_Model_PersonMapper();
+ }
- public function indexAction()
- {
- $this->_helper-> viewRenderer-> setNoRender();
- $this->_helper->redirector('login', 'auth');
- }
+ public function indexAction() {
+ $this->_helper-> viewRenderer-> setNoRender();
+ $this->_helper->redirector('login', 'auth');
+ }
- public function loginAction()
- {
- if (Zend_Auth::getInstance()->hasIdentity()) {
- $this->_redirect('/user/');
- } else {
- if (!isset($_POST["login"])){
- $loginForm = new user_Form_Login();
- } else {
- $loginForm = new user_Form_Login($_POST);
+ public function loginAction() {
+ if (Zend_Auth::getInstance()->hasIdentity()) {
+ $this->_redirect('/user/');
+ } else {
+ if (!isset($_POST["login"])) {
+ $loginForm = new user_Form_Login();
+ } else {
+ $loginForm = new user_Form_Login($_POST);
- if ($loginForm->isValid($_POST)) {
+ if ($loginForm->isValid($_POST)) {
- $auth = Zend_Auth::getInstance();
+ $auth = Zend_Auth::getInstance();
- $adapter = new Zend_Auth_Adapter_DbTable( $this->db, 'pbs_person', 'email', 'password', 'MD5(CONCAT(?, password_salt))');
-
- $adapter->setIdentity($loginForm->getValue('email'));
- $adapter->setCredential($loginForm->getValue('password'));
+ $adapter = new Zend_Auth_Adapter_DbTable( $this->db, 'pbs_person', 'email', 'password', 'MD5(CONCAT(?, password_salt))');
- $result = $auth->authenticate($adapter);
+ $adapter->setIdentity($loginForm->getValue('email'));
+ $adapter->setCredential($loginForm->getValue('password'));
- if ($result->isValid()) {
- $this->personmapper = new Application_Model_PersonMapper();
- $result = $this->personmapper->findBy(array('email' => Zend_Auth::getInstance()->getIdentity()),true);
- $person = new Application_Model_Person($result[0]);
- print_a('case1',$person);
- $person->setID($result[0]['personID']);
- $date = new DateTime();
- $person->setLogindate($date->getTimestamp());
- if($person->getSuspend()) {
- $pbsNotifier = new Pbs_Notifier();
- $this->view->notification = $pbsNotifier->notify('Your Account is suspended', 'error');
- } else {
- $this->personmapper->save($person);
- $this->_helper->redirector('selectmembership', 'person');
- return;
- }
- } else {
- $pbsNotifier = new Pbs_Notifier();
- $this->view->notification = $pbsNotifier->notify('Wrong Email or Password', 'error');
- }
- }
- }
- $this->view->loginForm = $loginForm;
- }
- }
+ $result = $auth->authenticate($adapter);
- public function logoutAction()
- {
- $this->_helper-> viewRenderer-> setNoRender();
- $auth = Zend_Auth::getInstance();
- $auth->clearIdentity();
- Zend_Session::namespaceUnset('userIDs');
- Zend_Session::forgetMe();
- $this->_helper->redirector('login', 'auth');
- return;
- }
+ if ($result->isValid()) {
+ $this->personmapper = new Application_Model_PersonMapper();
+ $result = $this->personmapper->findBy(array('email' => Zend_Auth::getInstance()->getIdentity()), true);
+ $person = new Application_Model_Person($result[0]);
+ print_a('case1', $person);
+ $person->setID($result[0]['personID']);
+ $date = new DateTime();
+ $person->setLogindate($date->getTimestamp());
+ if($person->getSuspend()) {
+ $pbsNotifier = new Pbs_Notifier();
+ $this->view->notification = $pbsNotifier->notify('Your Account is suspended', 'error');
+ } else {
+ $this->personmapper->save($person);
+ $this->_helper->redirector('selectmembership', 'person');
+ return;
+ }
+ } else {
+ $pbsNotifier = new Pbs_Notifier();
+ $this->view->notification = $pbsNotifier->notify('Wrong Email or Password', 'error');
+ }
+ }
+ }
+ $this->view->loginForm = $loginForm;
+ }
+ }
- public function registerAction()
- {
- if (Zend_Auth::getInstance()->hasIdentity()) {
- $pbsNotifier = new Pbs_Notifier();
- $this->view->notification = $pbsNotifier->notify('Already logged in.', 'error');
- } else {
- if (!isset($_POST["register"])){
- $registerForm = new user_Form_Register();
- } else {
- foreach($_POST as $k => $v) {
- if($v != '') {
- $data[$k] = $v;
- }
- }
- $registerForm = new user_Form_Register($data);
- if ($registerForm->isValid($_POST)) {
- $person = new Application_Model_Person($_POST);
- $this->personmapper = new Application_Model_PersonMapper();
- $date = new DateTime();
- $person->setSuspend(0)
- ->setRegisterdate($date->getTimestamp())
- ->setPasswordSalt(MD5($date->getTimestamp()))
- ->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$'))
- ->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
- try {
- $this->personmapper->save($person);
- }catch(Zend_Exception $e)
- {
- $pbsNotifier = new Pbs_Notifier();
- $this->view->notification = $pbsNotifier->notify('Email already registered', 'error');
- $this->view->registerForm = $registerForm;
- return;
- }
- $this->_helper->redirector('login', 'auth');
- return;
- }
- }
- $this->view->registerForm = $registerForm;
- }
- }
+ public function logoutAction() {
+ $this->_helper-> viewRenderer-> setNoRender();
+ $auth = Zend_Auth::getInstance();
+ $auth->clearIdentity();
+ Zend_Session::namespaceUnset('userIDs');
+ Zend_Session::forgetMe();
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
- public function deleteAction()
- {
- if($this->_request->getParam('personID')) {
- if(!Pbs_Acl::checkRight('peoa')) {
- $this->_redirect('/user');
- }
- $personID = $this->_request->getParam('personID');
- } else {
- if(!Pbs_Acl::checkRight('pdo')) {
- $this->_redirect('/user');
- }
- $userIDsNamespace = Zend_Session::namespaceGet('userIDs');
- $personID = $userIDsNamespace['personID'];
- }
- if($_POST['confirmdelete']) {
- if (isset($personID)){
- $this->personmapper = new Application_Model_PersonMapper();
- $person = $this->personmapper->find($personID);
- print_r($person);
- try {
- $this->personmapper->delete($person);
- }catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "<br/>";
- echo "Message: " . $e->getMessage() . "<br/>";
- return;
- }
- if($this->_request->getParam('personID')) {
- $this->_helper->redirector('', 'person');
- } else {
- $auth->clearIdentity();
- Zend_Session::namespaceUnset('userIDs');
- Zend_Session::forgetMe();
- $this->_helper->redirector('login', 'auth');
- }
- return;
- }
- } else {
- $deleteconfirmform = new user_Form_ConfirmDeleteAccount();
- $this->view->deleteconfirmform = $deleteconfirmform;
- }
- }
+ public function registerAction() {
+ if (Zend_Auth::getInstance()->hasIdentity()) {
+ $pbsNotifier = new Pbs_Notifier();
+ $this->view->notification = $pbsNotifier->notify('Already logged in.', 'error');
+ } else {
+ if (!isset($_POST["register"])) {
+ $registerForm = new user_Form_Register();
+ } else {
+ foreach($_POST as $k => $v) {
+ if($v != '') {
+ $data[$k] = $v;
+ }
+ }
+ $registerForm = new user_Form_Register($data);
+ if ($registerForm->isValid($_POST)) {
+ $person = new Application_Model_Person($_POST);
+ $this->personmapper = new Application_Model_PersonMapper();
+ $date = new DateTime();
+ $person->setSuspend(0)
+ ->setRegisterdate($date->getTimestamp())
+ ->setPasswordSalt(MD5($date->getTimestamp()))
+ ->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$'))
+ ->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
+ try {
+ $this->personmapper->save($person);
+ } catch(Zend_Exception $e) {
+ $pbsNotifier = new Pbs_Notifier();
+ $this->view->notification = $pbsNotifier->notify('Email already registered', 'error');
+ $this->view->registerForm = $registerForm;
+ return;
+ }
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
+ }
+ $this->view->registerForm = $registerForm;
+ }
+ }
- public function recoverpasswordAction()
- {
- if (isset($_POST["savePassword"])){
- $personID = $_POST['personID'];
- $recoverPasswordForm = new user_Form_NewPassword(array("personID" => $personID, $_POST));
- if ($recoverPasswordForm->isValid($_POST)) {
- $this->personmapper = new Application_Model_PersonMapper();
- $person = $this->personmapper->find($personID);
- $date = new DateTime();
- $person->setPassword($_POST['password'])
- ->setPasswordSalt(MD5($date->getTimestamp()))
- ->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$'))
- ->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
- try {
- $this->personmapper->save($person);
- } catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "<br/>";
- echo "Message: " . $e->getMessage() . "<br/>";
- echo "Email Address already existing.";
- return;
- }
- $this->_helper->redirector('login', 'auth');
- return;
- }
- } else if(isset($_GET['recoveryid'])) {
- $recoveryid = $_GET['recoveryid'];
- $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper();
- $passwordRecovery = $passwordRecoveryMapper->findBy(array("recoveryID" => $recoveryid),true);
- if(count($passwordRecovery) > 0) {
- $passwordRecoveryObject = new Application_Model_PasswordRecovery();
- $passwordRecoveryObject->setID($passwordRecovery[0]['personID']);
- $passwordRecoveryObject->setRecoveryID($passwordRecovery[0]['recoveryID']);
- $personID = $passwordRecoveryObject->getID();
- $recoverPasswordForm = new user_Form_NewPassword(array("personID" => $personID));
- try {
- $passwordRecoveryMapper->delete($passwordRecoveryObject);
- } catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "<br/>";
- echo "Message: " . $e->getMessage() . "<br/>";
- return;
- }
- } else {
- $this->_helper->redirector('login', 'auth');
- return;
- }
- } else {
- if (!isset($_POST["recoverPassword"])){
- $recoverPasswordForm = new user_Form_RecoverPassword();
- } else {
- $recoverPasswordForm = new user_Form_RecoverPassword($_POST);
- if ($recoverPasswordForm->isValid($_POST)) {
- $recoverPasswordForm->getView()->url();
- $this->personmapper = new Application_Model_PersonMapper();
- $result = $this->personmapper->findBy(array('email' => $_POST['email']),true);
- $person = new Application_Model_Person($result[0]);
- $person->setID($result[0]['personID']);
- $email = $person->getEmail();
- $name = $person->getFirstname() . ' ' . $person->getName();
- $url = $this->getRequest()->getScheme() . '://' . $this->getRequest()->getHttpHost() . $this->view->url();
- $recoveryid = randomString(100);
- $mailbody = 'Um das Passwort zu ändern klicken Sie auf folgenden Link<br /><br /><a href="'. $url . '/auth/recoverpassword/?recoveryid='. $recoveryid . '">Passwort ändern</a>';
- $mail = new Zend_Mail();
- $mail->setBodyHtml($mailbody, 'utf8')
- ->getBodyHtml()->getContent()
- ->setFrom('admin@local', 'Admin')
- ->addTo($email, $name)
- ->setSubject('Password Wiederherstellung Preboot Server');
- $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper();
- $passwordRecoveryObject = new Application_Model_PasswordRecovery();
- $passwordRecoveryObject->setID($person->getID())
- ->setRecoveryID($recoveryid);
- try {
- $passwordRecoveryMapper->save($passwordRecoveryObject);
- $mail->send();
- }catch(Zend_Exception $e)
- {
- echo "Caught exception: " . get_class($e) . "<br/>";
- echo "Message: " . $e->getMessage() . "<br/>";
- return;
- }
- $this->_helper->redirector('login', 'auth');
- return;
- }
- }
- }
- $this->view->recoverPasswordForm = $recoverPasswordForm;
- }
+ public function deleteAction() {
+ if($this->_request->getParam('personID')) {
+ if(!Pbs_Acl::checkRight('peoa')) {
+ $this->_redirect('/user');
+ }
+ $personID = $this->_request->getParam('personID');
+ } else {
+ if(!Pbs_Acl::checkRight('pdo')) {
+ $this->_redirect('/user');
+ }
+ $userIDsNamespace = Zend_Session::namespaceGet('userIDs');
+ $personID = $userIDsNamespace['personID'];
+ }
+ if($_POST['confirmdelete']) {
+ if (isset($personID)) {
+ $this->personmapper = new Application_Model_PersonMapper();
+ $person = $this->personmapper->find($personID);
+ print_r($person);
+ try {
+ $this->personmapper->delete($person);
+ } catch(Zend_Exception $e) {
+ echo "Caught exception: " . get_class($e) . "<br/>";
+ echo "Message: " . $e->getMessage() . "<br/>";
+ return;
+ }
+ if($this->_request->getParam('personID')) {
+ $this->_helper->redirector('', 'person');
+ } else {
+ $auth->clearIdentity();
+ Zend_Session::namespaceUnset('userIDs');
+ Zend_Session::forgetMe();
+ $this->_helper->redirector('login', 'auth');
+ }
+ return;
+ }
+ } else {
+ $deleteconfirmform = new user_Form_ConfirmDeleteAccount();
+ $this->view->deleteconfirmform = $deleteconfirmform;
+ }
+ }
+
+ public function recoverpasswordAction() {
+ if (isset($_POST["savePassword"])) {
+ $personID = $_POST['personID'];
+ $recoverPasswordForm = new user_Form_NewPassword(array("personID" => $personID, $_POST));
+ if ($recoverPasswordForm->isValid($_POST)) {
+ $this->personmapper = new Application_Model_PersonMapper();
+ $person = $this->personmapper->find($personID);
+ $date = new DateTime();
+ $person->setPassword($_POST['password'])
+ ->setPasswordSalt(MD5($date->getTimestamp()))
+ ->setLoginPassword(crypt($person->getPassword(), '$6$'.randomString(8).'$'))
+ ->setPassword(MD5($person->getPassword() . $person->getPasswordSalt()));
+ try {
+ $this->personmapper->save($person);
+ } catch(Zend_Exception $e) {
+ echo "Caught exception: " . get_class($e) . "<br/>";
+ echo "Message: " . $e->getMessage() . "<br/>";
+ echo "Email Address already existing.";
+ return;
+ }
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
+ } else if(isset($_GET['recoveryid'])) {
+ $recoveryid = $_GET['recoveryid'];
+ $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper();
+ $passwordRecovery = $passwordRecoveryMapper->findBy(array("recoveryID" => $recoveryid), true);
+ if(count($passwordRecovery) > 0) {
+ $passwordRecoveryObject = new Application_Model_PasswordRecovery();
+ $passwordRecoveryObject->setID($passwordRecovery[0]['personID']);
+ $passwordRecoveryObject->setRecoveryID($passwordRecovery[0]['recoveryID']);
+ $personID = $passwordRecoveryObject->getID();
+ $recoverPasswordForm = new user_Form_NewPassword(array("personID" => $personID));
+ try {
+ $passwordRecoveryMapper->delete($passwordRecoveryObject);
+ } catch(Zend_Exception $e) {
+ echo "Caught exception: " . get_class($e) . "<br/>";
+ echo "Message: " . $e->getMessage() . "<br/>";
+ return;
+ }
+ } else {
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
+ } else {
+ if (!isset($_POST["recoverPassword"])) {
+ $recoverPasswordForm = new user_Form_RecoverPassword();
+ } else {
+ $recoverPasswordForm = new user_Form_RecoverPassword($_POST);
+ if ($recoverPasswordForm->isValid($_POST)) {
+ $recoverPasswordForm->getView()->url();
+ $this->personmapper = new Application_Model_PersonMapper();
+ $result = $this->personmapper->findBy(array('email' => $_POST['email']), true);
+ $person = new Application_Model_Person($result[0]);
+ $person->setID($result[0]['personID']);
+ $email = $person->getEmail();
+ $name = $person->getFirstname() . ' ' . $person->getName();
+ $url = $this->getRequest()->getScheme() . '://' . $this->getRequest()->getHttpHost() . $this->view->url();
+ $recoveryid = randomString(100);
+ $mailbody = 'Um das Passwort zu ändern klicken Sie auf folgenden Link<br /><br /><a href="'. $url . '/auth/recoverpassword/?recoveryid='. $recoveryid . '">Passwort ändern</a>';
+ $mail = new Zend_Mail();
+ $mail->setBodyHtml($mailbody, 'utf8')
+ ->getBodyHtml()->getContent()
+ ->setFrom('admin@local', 'Admin')
+ ->addTo($email, $name)
+ ->setSubject('Password Wiederherstellung Preboot Server');
+ $passwordRecoveryMapper = new Application_Model_PasswordRecoveryMapper();
+ $passwordRecoveryObject = new Application_Model_PasswordRecovery();
+ $passwordRecoveryObject->setID($person->getID())
+ ->setRecoveryID($recoveryid);
+ try {
+ $passwordRecoveryMapper->save($passwordRecoveryObject);
+ $mail->send();
+ } catch(Zend_Exception $e) {
+ echo "Caught exception: " . get_class($e) . "<br/>";
+ echo "Message: " . $e->getMessage() . "<br/>";
+ return;
+ }
+ $this->_helper->redirector('login', 'auth');
+ return;
+ }
+ }
+ }
+ $this->view->recoverPasswordForm = $recoverPasswordForm;
+ }
}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2026-02-27 16:25:38 +0100