2009-05-10 10:50:39 +03:00
|
|
|
|
<?php
|
2014-10-08 08:20:29 +03:00
|
|
|
|
/*
|
|
|
|
|
* LiveStreet CMS
|
|
|
|
|
* Copyright © 2013 OOO "ЛС-СОФТ"
|
|
|
|
|
*
|
|
|
|
|
* ------------------------------------------------------
|
|
|
|
|
*
|
|
|
|
|
* Official site: www.livestreetcms.com
|
|
|
|
|
* Contact e-mail: office@livestreetcms.com
|
|
|
|
|
*
|
|
|
|
|
* GNU General Public License, version 2:
|
|
|
|
|
* http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
|
|
|
|
*
|
|
|
|
|
* ------------------------------------------------------
|
|
|
|
|
*
|
|
|
|
|
* @link http://www.livestreetcms.com
|
|
|
|
|
* @copyright 2013 OOO "ЛС-СОФТ"
|
|
|
|
|
* @author Maxim Mzhelskiy <rus.engine@gmail.com>
|
|
|
|
|
*
|
|
|
|
|
*/
|
2008-09-21 09:36:57 +03:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Обрабатывые авторизацию
|
|
|
|
|
*
|
2014-10-08 08:20:29 +03:00
|
|
|
|
* @package application.actions
|
2012-04-29 20:11:53 +03:00
|
|
|
|
* @since 1.0
|
2008-09-21 09:36:57 +03:00
|
|
|
|
*/
|
2014-10-08 11:49:34 +03:00
|
|
|
|
class ActionLogin extends Action
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* Инициализация
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
public function Init()
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* Устанавливаем дефолтный евент
|
|
|
|
|
*/
|
|
|
|
|
$this->SetDefaultEvent('index');
|
|
|
|
|
/**
|
|
|
|
|
* Отключаем отображение статистики выполнения
|
|
|
|
|
*/
|
|
|
|
|
Router::SetIsShowStats(false);
|
|
|
|
|
}
|
2012-04-05 13:15:33 +03:00
|
|
|
|
|
2014-10-08 11:49:34 +03:00
|
|
|
|
/**
|
|
|
|
|
* Регистрируем евенты
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
protected function RegisterEvent()
|
|
|
|
|
{
|
|
|
|
|
$this->AddEvent('index', 'EventLogin');
|
|
|
|
|
$this->AddEvent('exit', 'EventExit');
|
|
|
|
|
$this->AddEvent('reset', 'EventReset');
|
2013-09-28 13:55:40 +03:00
|
|
|
|
|
2014-10-08 11:49:34 +03:00
|
|
|
|
$this->AddEvent('ajax-login', 'EventAjaxLogin');
|
|
|
|
|
$this->AddEvent('ajax-reset', 'EventAjaxReset');
|
|
|
|
|
}
|
2013-09-28 13:55:40 +03:00
|
|
|
|
|
2014-10-08 11:49:34 +03:00
|
|
|
|
/**
|
|
|
|
|
* Ajax авторизация
|
|
|
|
|
*/
|
|
|
|
|
protected function EventAjaxLogin()
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* Устанвливаем формат Ajax ответа
|
|
|
|
|
*/
|
|
|
|
|
$this->Viewer_SetResponseAjax('json');
|
|
|
|
|
/**
|
|
|
|
|
* Логин и пароль являются строками?
|
|
|
|
|
*/
|
|
|
|
|
if (!is_string(getRequest('login')) or !is_string(getRequest('password'))) {
|
|
|
|
|
$this->Message_AddErrorSingle($this->Lang_Get('system_error'));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
/**
|
|
|
|
|
* Проверяем есть ли такой юзер по логину
|
|
|
|
|
*/
|
|
|
|
|
if ((func_check(getRequest('login'),
|
|
|
|
|
'mail') and $oUser = $this->User_GetUserByMail(getRequest('login'))) or $oUser = $this->User_GetUserByLogin(getRequest('login'))
|
|
|
|
|
) {
|
|
|
|
|
/**
|
|
|
|
|
* Выбираем сценарий валидации
|
|
|
|
|
*/
|
|
|
|
|
$oUser->_setValidateScenario('signIn');
|
|
|
|
|
/**
|
|
|
|
|
* Заполняем поля (данные)
|
|
|
|
|
*/
|
|
|
|
|
$oUser->setCaptcha(getRequestStr('captcha'));
|
|
|
|
|
/**
|
|
|
|
|
* Запускаем валидацию
|
|
|
|
|
*/
|
|
|
|
|
if ($oUser->_Validate()) {
|
|
|
|
|
/**
|
|
|
|
|
* Сверяем хеши паролей и проверяем активен ли юзер
|
|
|
|
|
*/
|
2013-09-28 13:55:40 +03:00
|
|
|
|
|
2014-10-08 11:49:34 +03:00
|
|
|
|
if ($oUser->getPassword() == func_encrypt(getRequest('password'))) {
|
|
|
|
|
if (!$oUser->getActivate()) {
|
2014-11-25 12:02:44 +02:00
|
|
|
|
$this->Message_AddErrorSingle($this->Lang_Get('auth.login.notices.error_not_activated',
|
2014-10-08 11:49:34 +03:00
|
|
|
|
array('reactivation_path' => Router::GetPath('registration') . 'reactivation')));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
$bRemember = getRequest('remember', false) ? true : false;
|
|
|
|
|
/**
|
|
|
|
|
* Убиваем каптчу
|
|
|
|
|
*/
|
|
|
|
|
unset($_SESSION['captcha_keystring_user_auth']);
|
|
|
|
|
/**
|
|
|
|
|
* Авторизуем
|
|
|
|
|
*/
|
|
|
|
|
$this->User_Authorization($oUser, $bRemember);
|
|
|
|
|
/**
|
|
|
|
|
* Определяем редирект
|
|
|
|
|
*/
|
|
|
|
|
$sUrl = Config::Get('module.user.redirect_after_login');
|
|
|
|
|
if (getRequestStr('return-path')) {
|
|
|
|
|
$sUrl = getRequestStr('return-path');
|
|
|
|
|
}
|
|
|
|
|
$this->Viewer_AssignAjax('sUrlRedirect', $sUrl ? $sUrl : Router::GetPath('/'));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
/**
|
|
|
|
|
* Получаем ошибки
|
|
|
|
|
*/
|
|
|
|
|
$this->Viewer_AssignAjax('aErrors', $oUser->_getValidateErrors());
|
|
|
|
|
}
|
2012-06-13 11:46:40 +03:00
|
|
|
|
|
2014-10-08 11:49:34 +03:00
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
$this->Message_AddErrorSingle($this->Lang_Get('auth.login.notices.error_login'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Обрабатываем процесс залогинивания
|
|
|
|
|
* По факту только отображение шаблона, дальше вступает в дело Ajax
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
protected function EventLogin()
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* Если уже авторизирован
|
|
|
|
|
*/
|
|
|
|
|
if ($this->User_GetUserCurrent()) {
|
|
|
|
|
Router::Location(Router::GetPath('/'));
|
|
|
|
|
}
|
|
|
|
|
$this->Viewer_AddHtmlTitle($this->Lang_Get('auth.login.title'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Обрабатываем процесс разлогинивания
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
protected function EventExit()
|
|
|
|
|
{
|
|
|
|
|
$this->Security_ValidateSendForm();
|
|
|
|
|
$this->User_Logout();
|
|
|
|
|
Router::Location(Router::GetPath('/'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Ajax запрос на восстановление пароля
|
|
|
|
|
*/
|
|
|
|
|
protected function EventAjaxReset()
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* Устанвливаем формат Ajax ответа
|
|
|
|
|
*/
|
|
|
|
|
$this->Viewer_SetResponseAjax('json');
|
|
|
|
|
/**
|
|
|
|
|
* Пользователь с таким емайлом существует?
|
|
|
|
|
*/
|
|
|
|
|
if ((func_check(getRequestStr('mail'), 'mail') and $oUser = $this->User_GetUserByMail(getRequestStr('mail')))) {
|
|
|
|
|
/**
|
|
|
|
|
* Формируем и отправляем ссылку на смену пароля
|
|
|
|
|
*/
|
|
|
|
|
$oReminder = Engine::GetEntity('User_Reminder');
|
|
|
|
|
$oReminder->setCode(func_generator(32));
|
|
|
|
|
$oReminder->setDateAdd(date("Y-m-d H:i:s"));
|
|
|
|
|
$oReminder->setDateExpire(date("Y-m-d H:i:s", time() + 60 * 60 * 24 * 7));
|
|
|
|
|
$oReminder->setDateUsed(null);
|
|
|
|
|
$oReminder->setIsUsed(0);
|
|
|
|
|
$oReminder->setUserId($oUser->getId());
|
|
|
|
|
if ($this->User_AddReminder($oReminder)) {
|
2014-11-25 12:02:44 +02:00
|
|
|
|
$this->Message_AddNotice($this->Lang_Get('auth.reset.notices.success_send_link'));
|
2014-10-08 11:49:34 +03:00
|
|
|
|
$this->Notify_SendReminderCode($oUser, $oReminder);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$this->Message_AddError($this->Lang_Get('auth.notices.error_bad_email'), $this->Lang_Get('error'));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Обработка напоминания пароля, подтверждение смены пароля
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
protected function EventReset()
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* Устанавливаем title страницы
|
|
|
|
|
*/
|
|
|
|
|
$this->Viewer_AddHtmlTitle($this->Lang_Get('auth.reset.title'));
|
|
|
|
|
/**
|
|
|
|
|
* Проверка кода на восстановление пароля и генерация нового пароля
|
|
|
|
|
*/
|
|
|
|
|
if (func_check($this->GetParam(0), 'md5')) {
|
|
|
|
|
/**
|
|
|
|
|
* Проверка кода подтверждения
|
|
|
|
|
*/
|
|
|
|
|
if ($oReminder = $this->User_GetReminderByCode($this->GetParam(0))) {
|
|
|
|
|
if (!$oReminder->getIsUsed() and strtotime($oReminder->getDateExpire()) > time() and $oUser = $this->User_GetUserById($oReminder->getUserId())) {
|
|
|
|
|
$sNewPassword = func_generator(7);
|
|
|
|
|
$oUser->setPassword(func_encrypt($sNewPassword));
|
|
|
|
|
if ($this->User_Update($oUser)) {
|
|
|
|
|
$oReminder->setDateUsed(date("Y-m-d H:i:s"));
|
|
|
|
|
$oReminder->setIsUsed(1);
|
|
|
|
|
$this->User_UpdateReminder($oReminder);
|
|
|
|
|
$this->Notify_SendReminderPassword($oUser, $sNewPassword);
|
|
|
|
|
$this->SetTemplateAction('reset_confirm');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$this->Message_AddErrorSingle($this->Lang_Get('auth.reset.alerts.error_bad_code'),
|
|
|
|
|
$this->Lang_Get('error'));
|
|
|
|
|
return Router::Action('error');
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-05-28 08:37:30 +03:00
|
|
|
|
}
|