freenetis-github/application/controllers/login.php @ 18ac9009
8baed187 | Michal Kliment | <?php defined('SYSPATH') or die('No direct script access.');
|
|
/*
|
|||
* This file is part of open source system FreenetIS
|
|||
* and it is released under GPLv3 licence.
|
|||
*
|
|||
* More info about licence can be found:
|
|||
* http://www.gnu.org/licenses/gpl-3.0.html
|
|||
*
|
|||
* More info about project can be found:
|
|||
* http://www.freenetis.org/
|
|||
*
|
|||
*/
|
|||
/**
|
|||
* Controller performs user login and logout to system.
|
|||
*
|
|||
* @package Controller
|
|||
*/
|
|||
class Login_Controller extends Controller
|
|||
{
|
|||
/**
|
|||
* Hadles user login
|
|||
*
|
|||
* @param mixed $error
|
|||
*/
|
|||
c1bdc1c4 | Michal Kliment | public function index($error = FALSE, $success = FALSE)
|
|
8baed187 | Michal Kliment | {
|
|
c1bdc1c4 | Michal Kliment | cookie::set('testcookie', 'enabled', 3600);
|
|
// redirect if cookies not enabled to ensure that this is not the first
|
|||
// time when user access FreenetIS
|
|||
if (!isset($_COOKIE['testcookie']) && !isset($_GET['cookies_failed']))
|
|||
{
|
|||
url::redirect('login?cookies_failed=true');
|
|||
}
|
|||
8baed187 | Michal Kliment | ||
if ($this->input->post('submit') != '')
|
|||
{
|
|||
// test if cookie is enabled
|
|||
if (!isset($_COOKIE['testcookie']))
|
|||
{
|
|||
$error = __('Cookies must be enabled.');
|
|||
}
|
|||
else
|
|||
{
|
|||
// Check the username and password
|
|||
$user_model = new User_Model();
|
|||
$user_id = $user_model->login_request(
|
|||
$this->input->post('username'),
|
|||
$this->input->post('password')
|
|||
);
|
|||
// correct input?
|
|||
if ($user_id)
|
|||
{
|
|||
$user = ORM::factory('user')->where(array
|
|||
(
|
|||
'id' => $user_id
|
|||
))->find();
|
|||
$member = ORM::factory('member')->where(array
|
|||
(
|
|||
'id' => $user->member->id
|
|||
))->find();
|
|||
if ($member->locked)
|
|||
{
|
|||
$error = __('Your accout has been locked.').' '
|
|||
.__('Please contact administrator.');
|
|||
}
|
|||
else
|
|||
{
|
|||
$this->session->set('username', $this->input->post('username'));
|
|||
$this->session->set('user_id', $user_id);
|
|||
$user_model->clear();
|
|||
$user_model->find($user_id);
|
|||
$member_id = $user_model->member_id;
|
|||
$user_type = $user_model->type;
|
|||
$this->session->set('member_id', $user_model->member_id);
|
|||
$this->session->set('user_full_name', $user_model->get_full_name());
|
|||
$this->session->set('user_name', $user_model->name);
|
|||
$this->session->set('user_surname', $user_model->surname);
|
|||
$this->session->set('user_type', $user_type);
|
|||
$user_model->clear();
|
|||
$user_model->where(array
|
|||
(
|
|||
'member_id' => $member_id,
|
|||
'type!=' => User_Model::USER
|
|||
))->find();
|
|||
$this->session->set('member_login', $user_model->login);
|
|||
// information about users' last login is saved
|
|||
$login_log = new Login_log_Model();
|
|||
$login_log->user_id = $user_id;
|
|||
$login_log->time = date('Y-m-d H:i:s');
|
|||
$login_log->IP_address = server::remote_addr();
|
|||
$login_log->save();
|
|||
status::success('You have been successfully logged in.');
|
|||
if ($this->session->get('referer') != '')
|
|||
{
|
|||
url::redirect($this->session->get('referer'));
|
|||
}
|
|||
else
|
|||
{
|
|||
c1bdc1c4 | Michal Kliment | $favourite = ORM::factory('user_favourite_pages')->get_user_default_page($user_id);
|
|
if ($favourite)
|
|||
8baed187 | Michal Kliment | {
|
|
c1bdc1c4 | Michal Kliment | url::redirect($favourite->page);
|
|
8baed187 | Michal Kliment | }
|
|
else
|
|||
{
|
|||
c1bdc1c4 | Michal Kliment | if ($user_type != User_Model::USER)
|
|
{
|
|||
url::redirect('members/show/'.$member_id);
|
|||
}
|
|||
else
|
|||
{
|
|||
url::redirect('users/show/'.$user_id);
|
|||
}
|
|||
8baed187 | Michal Kliment | }
|
|
}
|
|||
}
|
|||
}
|
|||
else
|
|||
{
|
|||
$error = __('Username or password do not match.');
|
|||
}
|
|||
}
|
|||
}
|
|||
// check if is logged in
|
|||
if (isset($_SESSION['username']))
|
|||
{
|
|||
c1bdc1c4 | Michal Kliment | $favourite = ORM::factory('user_favourite_pages')->get_user_default_page($_SESSION['user_id']);
|
|
if ($favourite)
|
|||
8baed187 | Michal Kliment | {
|
|
c1bdc1c4 | Michal Kliment | url::redirect($favourite->page);
|
|
8baed187 | Michal Kliment | }
|
|
else
|
|||
{
|
|||
c1bdc1c4 | Michal Kliment | if ($_SESSION['username'] == $_SESSION['member_login'])
|
|
{
|
|||
url::redirect('members/show/'.$_SESSION['member_id']);
|
|||
}
|
|||
else
|
|||
{
|
|||
url::redirect('users/show/'.$_SESSION['user_id']);
|
|||
}
|
|||
8baed187 | Michal Kliment | }
|
|
}
|
|||
c1bdc1c4 | Michal Kliment | ||
// view
|
|||
8baed187 | Michal Kliment | $login = new View('login/index');
|
|
$login->title = __('Login to');
|
|||
$login->error = (!$error) ? $this->session->get_once('err_message') : $error;
|
|||
c1bdc1c4 | Michal Kliment | $login->success = $success;
|
|
// connnection request
|
|||
if (mb_strpos($this->session->get('referer'), 'connection_requests/add') !== FALSE &&
|
|||
!$error)
|
|||
{
|
|||
$login->error = __('For the connection request creation you must login to your account.');
|
|||
}
|
|||
$login->render(TRUE);
|
|||
8baed187 | Michal Kliment | }
|
|
/**
|
|||
* Function logs out user from the system.
|
|||
*/
|
|||
public function logout()
|
|||
{
|
|||
$this->session->destroy();
|
|||
c1bdc1c4 | Michal Kliment | $this->index(FALSE, __('You have been successfully logged out.'));
|
|
8baed187 | Michal Kliment | }
|
|
18ac9009 | Ondřej Fibich | /**
|
|
* Function shows page for changing one time password
|
|||
*/
|
|||
public function change_password()
|
|||
{
|
|||
$error = '';
|
|||
$user_model = new User_Model($this->user_id);
|
|||
if ($user_model->password_is_onetime != 1)
|
|||
{
|
|||
url::redirect('login');
|
|||
}
|
|||
if ($this->input->post('submit') != '')
|
|||
{
|
|||
if ($this->input->post('password') == $this->input->post('confirm_password'))
|
|||
{
|
|||
try
|
|||
{
|
|||
$user_model->transaction_start();
|
|||
$user_model->password_is_onetime = 0;
|
|||
$user_model->password = sha1($this->input->post('password'));
|
|||
$user_model->save_throwable();
|
|||
$user_model->transaction_commit();
|
|||
status::success('Password has been successfully changed');
|
|||
url::redirect('login');
|
|||
}
|
|||
catch (Exception $e)
|
|||
{
|
|||
$user_model->transaction_rollback();
|
|||
throw $e;
|
|||
}
|
|||
}
|
|||
else
|
|||
{
|
|||
$error = url_lang::lang('validation.matches', array(__('Password'), __('Confirm password')));
|
|||
}
|
|||
}
|
|||
$view = new View('login/change_password');
|
|||
$view->title = __('New password');
|
|||
$view->error = (!$error) ? $this->session->get_once('err_message') : $error;
|
|||
$view->render(TRUE);
|
|||
}
|
|||
8baed187 | Michal Kliment | }
|