2011-05-02 12:20:56 +00:00
|
|
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
|
|
|
|
|
|
|
/**
|
|
|
|
* This class provides login capability
|
|
|
|
*
|
|
|
|
* @package lnApp
|
|
|
|
* @subpackage Page/Login
|
|
|
|
* @category Controllers
|
|
|
|
* @author Deon George
|
|
|
|
* @copyright (c) 2010 Deon George
|
|
|
|
* @license http://dev.leenooks.net/license.html
|
|
|
|
* @also [logout]
|
|
|
|
*/
|
2012-01-29 10:08:54 +00:00
|
|
|
class lnApp_Controller_Login extends Controller_TemplateDefault {
|
2011-07-13 22:59:32 +00:00
|
|
|
protected $auth_required = FALSE;
|
|
|
|
|
2011-05-02 12:20:56 +00:00
|
|
|
public function action_index() {
|
|
|
|
// If user already signed-in
|
|
|
|
if (Auth::instance()->logged_in()!= 0) {
|
|
|
|
// Redirect to the user account
|
2011-10-13 06:53:43 +00:00
|
|
|
Request::current()->redirect('user/welcome/index');
|
2011-05-02 12:20:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// If there is a post and $_POST is not empty
|
|
|
|
if ($_POST) {
|
2011-07-13 22:59:32 +00:00
|
|
|
// Store our details in a session key
|
|
|
|
Session::instance()->set(Kohana::config('auth.session_key'),$_POST['username']);
|
|
|
|
Session::instance()->set('password',$_POST['password']);
|
|
|
|
|
2011-05-02 12:20:56 +00:00
|
|
|
// If the post data validates using the rules setup in the user model
|
2011-05-14 07:35:33 +00:00
|
|
|
if (Auth::instance()->login($_POST['username'],$_POST['password'])) {
|
2011-05-02 12:20:56 +00:00
|
|
|
// Redirect to the user account
|
|
|
|
if ($redir = Session::instance()->get('afterlogin')) {
|
|
|
|
Session::instance()->delete('afterlogin');
|
2011-05-14 07:35:33 +00:00
|
|
|
Request::current()->redirect($redir);
|
2011-05-02 12:20:56 +00:00
|
|
|
|
|
|
|
} else
|
2011-10-13 06:53:43 +00:00
|
|
|
Request::current()->redirect('user/welcome/index');
|
2011-05-02 12:20:56 +00:00
|
|
|
|
|
|
|
} else {
|
|
|
|
SystemMessage::add(array(
|
|
|
|
'title'=>_('Invalid username or password'),
|
|
|
|
'type'=>'error',
|
|
|
|
'body'=>_('The username or password was invalid.')
|
|
|
|
));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
Block::add(array(
|
|
|
|
'title'=>_('Login to server'),
|
|
|
|
'body'=>View::factory('login'),
|
|
|
|
'style'=>array('css/login.css'=>'screen'),
|
|
|
|
));
|
|
|
|
|
|
|
|
Script::add(array('type'=>'stdin','data'=>'
|
|
|
|
$(document).ready(function() {
|
|
|
|
$("#ajxbody").click(function() {$("#ajBODY").load("'.$this->request->uri().'/"); return false;});
|
|
|
|
});'
|
|
|
|
));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function action_register() {
|
|
|
|
// If user already signed-in
|
|
|
|
if (Auth::instance()->logged_in()!= 0) {
|
|
|
|
// Redirect to the user account
|
2011-05-14 07:35:33 +00:00
|
|
|
Request::current()->redirect('welcome/index');
|
2011-05-02 12:20:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Instantiate a new user
|
|
|
|
$account = ORM::factory('account');
|
|
|
|
|
|
|
|
// If there is a post and $_POST is not empty
|
|
|
|
if ($_POST) {
|
|
|
|
// Check Auth
|
|
|
|
$status = $account->values($_POST)->check();
|
|
|
|
|
|
|
|
if (! $status) {
|
2011-07-13 22:59:32 +00:00
|
|
|
foreach ($account->validation()->errors('form/register') as $f => $r) {
|
2011-05-02 12:20:56 +00:00
|
|
|
// $r[0] has our reason for validation failure
|
|
|
|
switch ($r[0]) {
|
|
|
|
// Generic validation reason
|
|
|
|
default:
|
|
|
|
SystemMessage::add(array(
|
|
|
|
'title'=>_('Validation failed'),
|
|
|
|
'type'=>'error',
|
2011-07-13 22:59:32 +00:00
|
|
|
'body'=>sprintf(_('The defaults on your submission were not valid for field %s (%s).'),$f,$r)
|
2011-05-02 12:20:56 +00:00
|
|
|
));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$ido = ORM::factory('module')
|
|
|
|
->where('name','=','account')
|
|
|
|
->find();
|
|
|
|
|
|
|
|
$account->id = $ido->record_id->next_id($ido->id);
|
|
|
|
// Save the user details
|
|
|
|
if ($account->save()) {}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
SystemMessage::add(array(
|
|
|
|
'title'=>_('Already have an account?'),
|
|
|
|
'type'=>'info',
|
|
|
|
'body'=>_('If you already have an account, please login..')
|
|
|
|
));
|
|
|
|
|
|
|
|
Block::add(array(
|
|
|
|
'title'=>_('Register'),
|
2011-08-27 06:33:46 +00:00
|
|
|
'body'=>View::factory('register')
|
2011-05-02 12:20:56 +00:00
|
|
|
->set('account',$account)
|
2011-05-14 07:35:33 +00:00
|
|
|
->set('errors',$account->validation()->errors('form/register')),
|
2011-05-02 12:20:56 +00:00
|
|
|
));
|
|
|
|
|
|
|
|
$this->template->left = HTML::anchor('login','Login').'...';
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Enable user password reset
|
|
|
|
*/
|
|
|
|
public function action_reset() {
|
2011-08-31 06:54:44 +00:00
|
|
|
// Minutes to keep our token
|
|
|
|
$token_expire = 15;
|
|
|
|
|
2011-05-02 12:20:56 +00:00
|
|
|
// If user already signed-in
|
|
|
|
if (Auth::instance()->logged_in()!= 0) {
|
|
|
|
// Redirect to the user account
|
2011-05-14 07:35:33 +00:00
|
|
|
Request::current()->redirect('welcome/index');
|
2011-05-02 12:20:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// If the user posted their details to reset their password
|
|
|
|
if ($_POST) {
|
2012-02-22 08:15:46 +00:00
|
|
|
// If the username is correct, create a method token
|
|
|
|
if (! empty($_POST['username']) AND ($ao=ORM::factory('account',array('username'=>$_POST['username']))) AND $ao->loaded()) {
|
2011-10-12 03:52:04 +00:00
|
|
|
$mmto = ORM::factory('module_method_token')
|
|
|
|
->method(array('account','user_resetpassword'))
|
|
|
|
->account($ao)
|
2011-10-12 22:20:08 +00:00
|
|
|
->uses(2)
|
2011-10-12 03:52:04 +00:00
|
|
|
->expire(time()+$token_expire*60);
|
2011-05-02 12:20:56 +00:00
|
|
|
|
2011-10-12 03:52:04 +00:00
|
|
|
if ($mmto->generate()) {
|
2011-05-02 12:20:56 +00:00
|
|
|
// Send our email with the token
|
2011-09-17 10:45:08 +00:00
|
|
|
// @todo Need to provide an option if Email_Template is not installed/activited.
|
|
|
|
// @todo Need to provide an option if account_reset_password template doesnt exist.
|
2011-08-26 02:01:45 +00:00
|
|
|
$et = Email_Template::instance('account_reset_password');
|
2011-10-12 03:52:04 +00:00
|
|
|
$et->to = array('account'=>array($mmto->account_id));
|
2011-05-02 12:20:56 +00:00
|
|
|
$et->variables = array(
|
|
|
|
'SITE'=>URL::base(TRUE,TRUE),
|
|
|
|
'SITE_ADMIN'=>Config::sitename(),
|
|
|
|
'SITE_NAME'=>Config::sitename(),
|
2011-10-12 03:52:04 +00:00
|
|
|
'TOKEN'=>$mmto->token,
|
2011-08-31 06:54:44 +00:00
|
|
|
'TOKEN_EXPIRE_MIN'=>$token_expire,
|
2011-10-12 03:52:04 +00:00
|
|
|
'USER_NAME'=>sprintf('%s %s',$mmto->account->first_name,$mmto->account->last_name),
|
2011-05-02 12:20:56 +00:00
|
|
|
);
|
|
|
|
$et->send();
|
2011-09-27 11:22:13 +00:00
|
|
|
|
|
|
|
// Log the password reset
|
|
|
|
$ao->log('Password reset token sent');
|
2011-05-02 12:20:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Redirect to our password reset, the Auth will validate the token.
|
|
|
|
} elseif (! empty($_REQUEST['token'])) {
|
2011-05-14 07:35:33 +00:00
|
|
|
Request::current()->redirect(sprintf('user/account/resetpassword?token=%s',$_REQUEST['token']));
|
2011-05-02 12:20:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Show our token screen even if the email was invalid.
|
2012-02-22 08:15:46 +00:00
|
|
|
if (isset($_POST['username']))
|
2011-05-02 12:20:56 +00:00
|
|
|
Block::add(array(
|
|
|
|
'title'=>_('Reset your password'),
|
|
|
|
'body'=>View::factory('login_reset_sent'),
|
|
|
|
'style'=>array('css/login.css'=>'screen'),
|
|
|
|
));
|
|
|
|
else
|
2011-05-14 07:35:33 +00:00
|
|
|
Request::current()->redirect('login');
|
2011-05-02 12:20:56 +00:00
|
|
|
|
|
|
|
} else {
|
|
|
|
Block::add(array(
|
|
|
|
'title'=>_('Reset your password'),
|
|
|
|
'body'=>View::factory('login_reset'),
|
|
|
|
'style'=>array('css/login.css'=>'screen'),
|
|
|
|
));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function action_noaccess() {
|
|
|
|
SystemMessage::add(array(
|
|
|
|
'title'=>_('No access to requested resource'),
|
|
|
|
'type'=>'error',
|
|
|
|
'body'=>_('You do not have access to the requested resource, please contact your administrator.')
|
|
|
|
));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
?>
|