PageRenderTime 50ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/source/application/controller/Home/LoginController.php

http://sharebooks.googlecode.com/
PHP | 411 lines | 299 code | 72 blank | 40 comment | 42 complexity | 8235c735318e623c94839e039f26d5d9 MD5 | raw file
Possible License(s): LGPL-2.1 
    

  1. <?php
    2. 

  2. 

  3. // Business class to include
    4. 

  4. 

  5. class Home_LoginController extends TvcController
    6. 

  6. {
    7. 

  7.     const MENU_ITEM = Parameter::MENU_REGISTER;
    8. 

  8.     /*
    9. 

  9.      * Log in
    10. 

  10.      */
    11. 

  11.     function loginAction()
    12. 

  12.     {
    13. 

  13.         $smarty = TVC::load('smarty');
    14. 

  14.         $return_link = TVC_Request::get('return_link');
    15. 

  15.         $smarty->assign('register_link', APPLICATION_URL . '/login/register?affCd=AAAAA');
    16. 

  16. 

  17.         $login_time = TVC_Request::getIntNumber('login_time');
    18. 

  18. 

  19.         if(Parameter::$params['ALLOW_PUBLIC'])
    20. 

  20.         {
    21. 

  21.             setcookie("from_public_site", "1", time() + 3600*24*30, "/", DOMAIN);
    22. 

  22.         }
    23. 

  23. 

  24.         // get id of requested user
    25. 

  25.         $rid = TVC_Request::getIntNumber('rid');
    26. 

  26. 

  27.         // get salt value
    28. 

  28.         $salt_value = TVC_Request::get('sno');
    29. 

  29. 

  30.         // get id of user
    31. 

  31.         $id = TVC_Request::getIntNumber('id');
    32. 

  32. 

  33.         $error_code = null;
    34. 

  34.         $user = new User();
    35. 

  35. 

  36.         // if 3 parameters exist, do OneClick Login action
    37. 

  37.         if ($rid && $salt_value && $id)
    38. 

  38.         {
    39. 

  39. 

  40.             $user->get($id);
    41. 

  41. 

  42.             if (User::validateLoginByOneClick($rid, $salt_value, $id))
    43. 

  43.             {
    44. 

  44.                 //check user login without encoding password
    45. 

  45.                 $error_code = User::performLogin($user->email, $user->password, User::APPLICATION_PUBLIC , false);
    46. 

  46.             }
    47. 

  47.         }
    48. 

  48.         else
    49. 

  49.         {
    50. 

  50.             if (TVC_Request::isParamSet("login"))
    51. 

  51.             {
    52. 

  52.                 if(($login_time-1) >= Parameter::$params['NUMBER_OF_PASSWORD_ATTEMT'])
    53. 

  53.                 {
    54. 

  54. 

  55.                     $error_captcha = Utils::validateCaptcha(TVC_Request::get('captcha'));
    56. 

  56.                     if($error_captcha)
    57. 

  57.                     {
    58. 

  58.                         $error_code[] = $error_captcha;
    59. 

  59.                     }
    60. 

  60.                 }
    61. 

  61. 

  62.                 if(!$error_code)
    63. 

  63.                 {
    64. 

  64.                     //check user login.
    65. 

  65.                     $error_code = User::performLogin($_POST["login"], $_POST["pwd"], User::APPLICATION_PUBLIC);
    66. 

  66.                 }
    67. 

  67.             }
    68. 

  68.         }
    69. 

  69. 

  70.         if (!TVC_Session::exist('user_serialize'))
    71. 

  71.         {
    72. 

  72.             $smarty->assign("login_time", $login_time+1);
    73. 

  73.             $smarty->assign("turn_on_captcha", ($login_time >= Parameter::$params['NUMBER_OF_PASSWORD_ATTEMT'])?1:0);
    74. 

  74. 

  75.             //login fail
    76. 

  76.             $smarty->assign("return_link", $return_link);
    77. 

  77.             $smarty->assign("message_error", $error_code);
    78. 

  78.             $smarty->assign("login", (TVC_Request::isParamSet('login') ? TVC_Request::get('login') : ""));
    79. 

  79.             $smarty->display('home/login.html');
    80. 

  80.         }
    81. 

  81.         else
    82. 

  82.         {
    83. 

  83.             if (!$return_link)
    84. 

  84.             {
    85. 

  85.                 TVC::redirect(APPLICATION_URL."/home/home");
    86. 

  86.             }
    87. 

  87.             else
    88. 

  88.             {
    89. 

  89.                 TVC::redirect(APPLICATION_URL . $return_link);
    90. 

  90.             }
    91. 

  91.         }
    92. 

  92.     }
    93. 

  93. 

  94.     /*
    95. 

  95.      * Log in
    96. 

  96.      */
    97. 

  97. 

  98.     function loginDomainAction()
    99. 

  99.     {
    100. 

  100.         $available_lang = TVC_Config::get('I18N','AUTHORIZED_LANGUAGES');
    101. 

  101. 

  102.         if (TVC_Request::isParamSet("SID"))
    103. 

  103.         {
    104. 

  104.             session_destroy();
    105. 

  105.             $SID = TVC_Request::getString('SID');
    106. 

  106.             session_id($SID);
    107. 

  107.             session_start();
    108. 

  108. 

  109.             setcookie("from_other_site", "1", time() + 3600*24*30, "/", DOMAIN);
    110. 

  110. 

  111.             // set language
    112. 

  112.             if((TVC_Request::isParamSet("lang"))
    113. 

  113.             && (in_array(TVC_Request::getString("lang"), $available_lang)))
    114. 

  114.             {
    115. 

  115.                 $language = TVC_Request::getString("lang");
    116. 

  116.             }
    117. 

  117.             else
    118. 

  118.             {
    119. 

  119.                 $language = TVC_Config::get('I18N','DEFAULT_LANGUAGE');
    120. 

  120.             }
    121. 

  121. 

  122.             TVC::redirect(APPLICATION_URL."?language=".$language);
    123. 

  123.         }
    124. 

  124. 

  125.         $reponse = array();
    126. 

  126. 

  127.         if((TVC_Request::isParamSet("lang"))
    128. 

  128.         && (in_array(TVC_Request::getString("lang"), $available_lang)))
    129. 

  129.         {
    130. 

  130.             $language = TVC_Request::getString("lang");
    131. 

  131.         }
    132. 

  132.         else
    133. 

  133.         {
    134. 

  134.             $language = TVC_Config::get('I18N','DEFAULT_LANGUAGE');
    135. 

  135.         }
    136. 

  136. 

  137.         Utils::setIniLang($language);
    138. 

  138. 

  139.         if (TVC_Request::isParamSet("username"))
    140. 

  140.         {
    141. 

  141.             $error_code = User::performLogin(TVC_Request::getString('username'), TVC_Request::getString("password"), User::APPLICATION_PUBLIC);
    142. 

  142. 

  143.             if (TVC_Session::exist('user_serialize'))
    144. 

  144.             {
    145. 

  145.                 $reponse['status'] = 1;
    146. 

  146.                 $reponse['result'] = APPLICATION_URL.'/login/loginDomain/SID/'.session_id().'?lang='.$language;
    147. 

  147.             }
    148. 

  148.             else
    149. 

  149.             {
    150. 

  150.                 $reponse['status'] = 0;
    151. 

  151. 

  152.                 $error_label = array('_LB_USER_IS_NOT_ACTIVE' => _LB_USER_IS_NOT_ACTIVE,
    153. 

  153. 									'_LB_NOT_GRANTED' => _LB_NOT_GRANTED,
    154. 

  154. 									'_LB_INVALID_LOGIN_OR_PASSWORD' => _LB_INVALID_LOGIN_OR_PASSWORD
    155. 

  155.                 );
    156. 

  156. 

  157.                 $reponse['result'] = $error_label[$error_code[0]];
    158. 

  158.             }
    159. 

  159.         }
    160. 

  160.         else
    161. 

  161.         {
    162. 

  162.             $reponse['status'] = 0;
    163. 

  163.             $reponse['result'] = _LB_NOT_GRANTED;
    164. 

  164.         }
    165. 

  165. 

  166.         echo json_encode ($reponse);
    167. 

  167.     }
    168. 

  168. 

  169.     /*
    170. 

  170.      * Logout
    171. 

  171.      */
    172. 

  172.     function logoutAction()
    173. 

  173.     {
    174. 

  174.         TVC_Session::remove();
    175. 

  175.         Utils::resetAccessAuthentical();
    176. 

  176.         TVC::redirect(URL_MASTER_BO."/login/logout");
    177. 

  177.     }
    178. 

  178. 

  179.     public function logoutFromEDTAction()
    180. 

  180.     {
    181. 

  181.         TVC_Session::remove();
    182. 

  182.         Utils::resetAccessAuthentical();
    183. 

  183.         TVC::redirect(URL_MASTER_BO."/login/logoutFromPublic");
    184. 

  184.     }
    185. 

  185. 

  186.     public function logoutFromADVAction()
    187. 

  187.     {
    188. 

  188.         TVC_Session::remove();
    189. 

  189.         Utils::resetAccessAuthentical();
    190. 

  190.         TVC::redirect(URL_EDITOR_BO."/login/logoutFromPublic");
    191. 

  191.     }
    192. 

  192.     /**
    193. 

  193.      * Register a new member
    194. 

  194.      */
    195. 

  195.     public function registerAction()
    196. 

  196.     {
    197. 

  197.         $smarty  = TVC::load('smarty');
    198. 

  198.         $user	= new User();
    199. 

  199.         
    200. 

  200.         $act = TVC_Request::getIntNumber('act');
    201. 

  201.         if($act)
    202. 

  202.         {
    203. 

  203.             if($user->validateInputRegister())
    204. 

  204.             {
    205. 

  205.                 $user->password=sha1($user->password);
    206. 

  206.                 $user->activation_code = sha1($user->password);
    207. 

  207.                 $user->insert();
    208. 

  208.                 
    209. 

  209.                 //send activate email
    210. 

  210.                 $user->sendActivateEmail($user->id, $user->first_name." ".$user->last_name,$user->email,TVC_Request::get('user_pass'),$user->activation_code,
    211. 

  211. 										'home/mails/subscribe-mail-'.TVC_MultiLanguage::getLanguage().'.tpl');
    212. 

  212.                 TVC::redirect(APPLICATION_URL . '/login/notify');
    213. 

  213.             }
    214. 

  214.         }
    215. 

  215.         
    216. 

  216.         $language_code = TVC_Multilanguage::getLanguage();
    217. 

  217.         
    218. 

  218.         $sex = array(Parameter::MALE_SEX=>'_LB_MALE_SEX', Parameter::FEMALE_SEX=>'_LB_FEMALE_SEX', Parameter::NONE_SEX=>'_LB_NONE_SEX');
    219. 

  219. 		
    220. 

  220.         $smarty->assign('backlink', APPLICATION_URL .'/login/login');
    221. 

  221.         $smarty->assign('sex', $sex);
    222. 

  222.         $smarty->assign('user', $user);
    223. 

  223.         $smarty->assign('lang', $language_code);
    224. 

  224.         $smarty->display('home/user_register.html');
    225. 

  225.     }
    226. 

  226. 

  227.    
    228. 

  228. 

  229.     public function activateAction()
    230. 

  230.     {
    231. 

  231.         $user = new User();
    232. 

  232. 

  233.         $user->activateFromMail(TVC_Request::get('c'));
    234. 

  234. 

  235.         TVC::redirect(APPLICATION_URL . '/login/login');
    236. 

  236.     }
    237. 

  237. 

  238.     public function notifyAction()
    239. 

  239.     {
    240. 

  240.         $smarty  = TVC::load('smarty');
    241. 

  241. 

  242.         $smarty->display('home/registration_notice.html');
    243. 

  243.     }
    244. 

  244. 

  245.     public function generateCaptchaAction()
    246. 

  246.     {
    247. 

  247.         return Utils::generateCAPTCHA();
    248. 

  248.     }
    249. 

  249. 

  250.     public function forgotPasswordAction()
    251. 

  251.     {
    252. 

  252.         $smarty = TVC::load('smarty');
    253. 

  253.         $return_link = TVC_Request::get('return_link');
    254. 

  254. 

  255.         $act	 		= TVC_Request::get('act');
    256. 

  256.         $email	 		= TVC_Request::get('email');
    257. 

  257.         $captcha	 	= TVC_Request::get('captcha');
    258. 

  258.         $error_code = array();
    259. 

  259.         if($act)
    260. 

  260.         {
    261. 

  261.             //validate email
    262. 

  262.             if($email == "")
    263. 

  263.             {
    264. 

  264.                 $error_code[] = '_LB_EMAIL_IS_EMPTY';
    265. 

  265.             }
    266. 

  266.             elseif(strlen($email) > Parameter::MAX_LENGTH_NAME || !Utils::checkEmailValid($email) || !User::checkUserExist($email, true))
    267. 

  267.             {
    268. 

  268.                 $error_code[]='_LB_INVALID_EMAIL';
    269. 

  269.             }
    270. 

  270. 

  271.             $error_captcha = Utils::validateCaptcha($captcha);
    272. 

  272. 

  273.             if($error_captcha)
    274. 

  274.             {
    275. 

  275.                 $error_code[] = $error_captcha;
    276. 

  276.             }
    277. 

  277. 

  278.             if(count($error_code)==0)
    279. 

  279.             {
    280. 

  280.                 $user = new User();
    281. 

  281.                 $user->selectAdd();
    282. 

  282.                 $user->selectAdd("user.id user_id, concat(first_name, ' ', last_name) name, email, password");
    283. 

  283.                 $user->whereAdd("user.email='$email'");
    284. 

  284.                 $user->find(true);
    285. 

  285. 

  286.                 //- Disable the user & update activation code
    287. 

  287.                 $user->query("UPDATE user SET activation_code='".sha1($user->password)."'  WHERE email='$email'");
    288. 

  288. 

  289.                 //- Send an Email with a private link (key)
    290. 

  290.                 $user->sendActivateEmail($user->id_contact, $user->user_id, $user->name,$user->email,$user->password,$user->account_type,sha1($user->password),
    291. 

  291. 										'home/mails/forgot-password-mail-'.TVC_MultiLanguage::getLanguage().'.tpl', 1);
    292. 

  292. 

  293.                 $smarty->assign('sendMailSuccess', 1);
    294. 

  294.             }
    295. 

  295.         }
    296. 

  296. 

  297.         $smarty->assign('return_link', $return_link);
    298. 

  298.         $smarty->assign('email', $email);
    299. 

  299.         $smarty->assign('capstr', $captcha);
    300. 

  300. 

  301.         $smarty->assign("message_error", $error_code);
    302. 

  302. 

  303.         $smarty->display('home/forgot_password.html');
    304. 

  304. 

  305.     }
    306. 

  306.     
    307. 

  307.     /**
    308. 

  308.      * Check the user is exist
    309. 

  309.      * This function is called by AJAX
    310. 

  310.      *
    311. 

  311.      * @param String $email
    312. 

  312.      * @return boolean true is returned if the user is exist
    313. 

  313.      */
    314. 

  314.     public function checkEMailExist($email)
    315. 

  315.     {
    316. 

  316.         return User::checkEMailExist($email);
    317. 

  317.     }
    318. 

  318. 

  319.     /**
    320. 

  320.      * Check the contact is exist
    321. 

  321.      * This function is called by AJAX
    322. 

  322.      *
    323. 

  323.      * @param String $name
    324. 

  324.      * @return boolean true is returned if the user is exist
    325. 

  325.      */
    326. 

  326.     public function checkNameExist($first_name, $last_name)
    327. 

  327.     {
    328. 

  328.         return User::checkNameExist($first_name, $last_name);
    329. 

  329.     }
    330. 

  330.     
    331. 

  331.     public function renewPasswordAction()
    332. 

  332.     {
    333. 

  333.         $smarty = TVC::load('smarty');
    334. 

  334. 

  335.         $act=TVC_Request::get('act');
    336. 

  336.         $info_str=TVC_Request::get('c');
    337. 

  337. 

  338.         $error_code = array();
    339. 

  339. 

  340.         $user = new User();
    341. 

  341. 

  342.         if($info_str)
    343. 

  343.         {
    344. 

  344.             $info = explode(",",base64_decode($info_str));
    345. 

  345. 

  346.             $u_id = $info[1];
    347. 

  347.             $u_email = $info[2];
    348. 

  348.             $activation_code = $info[3];
    349. 

  349. 

  350.             $user->id = $u_id;
    351. 

  351.             $user->id_contact = $cid;
    352. 

  352.             $user->email = trim($u_email);
    353. 

  353.             $user->activation_code = $activation_code;
    354. 

  354.         }
    355. 

  355. 

  356.         if($act == 1)
    357. 

  357.         {
    358. 

  358.             $new_pwd = TVC_Request::get('new_pwd');
    359. 

  359.             $confirm_pwd = TVC_Request::get('confirm_pwd');
    360. 

  360. 

  361.             //validate user password
    362. 

  362. 

  363.             if($new_pwd == "")
    364. 

  364.             {
    365. 

  365.                 $error_code[] = '_LB_PASSWORD_IS_EMPTY';
    366. 

  366.             }
    367. 

  367.             else if(strlen($new_pwd) > Parameter::MAX_LENGTH_PASSWORD)
    368. 

  368.             {
    369. 

  369.                 $error_code[] = '_MSG_PASSWORD_IS_TOO_LONG';
    370. 

  370.             }
    371. 

  371.             else if(strlen($new_pwd) < Parameter::MIN_LENGTH_PASSWORD)
    372. 

  372.             {
    373. 

  373.                 $error_code[] = '_MSG_PASSWORD_IS_TOO_SHORT';
    374. 

  374.             }
    375. 

  375.             else if($confirm_pwd != $new_pwd)
    376. 

  376.             {
    377. 

  377.                 $error_code[] = '_LB_PASSWORD_DOESNT_MATCH';
    378. 

  378.             }
    379. 

  379. 

  380.             if(count($error_code) == 0)
    381. 

  381.             {
    382. 

  382.                 $user->password = sha1($new_pwd);
    383. 

  383.                 $user->is_disabled = 0;
    384. 

  384.                 $user->activation_code = '';
    385. 

  385.                 $user->update();
    386. 

  386. 

  387.                 $smarty->assign('renewSuccess',1);
    388. 

  388.             }
    389. 

  389.             else
    390. 

  390.             {
    391. 

  391.                 $smarty->assign('renewPassword',1);
    392. 

  392.             }
    393. 

  393. 

  394.             $smarty->assign("message_error", $error_code);
    395. 

  395.             $smarty->display('home/renew_password.html');
    396. 

  396.         }
    397. 

  397.         else
    398. 

  398.         {
    399. 

  399.             if($user->find(true))
    400. 

  400.             {
    401. 

  401.                 $smarty->assign("message_error", $error_code);
    402. 

  402.                 $smarty->assign('renewPassword',1);
    403. 

  403.                 $smarty->display('home/renew_password.html');
    404. 

  404.             }
    405. 

  405.             else
    406. 

  406.             {
    407. 

  407.                 TVC::redirect(APPLICATION_URL . '/login/login');
    408. 

  408.             }
    409. 

  409.         }
    410. 

  410.     }
    411. 

  411. }
    412. 

  412.