<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
* BackendPro
*
* A website backend system for developers for PHP 4.3.2 or newer
*
* @package BackendPro
* @author Adam Price
* @copyright Copyright (c) 2008
* @license http://www.gnu.org/licenses/lgpl.html
* @link http://www.kaydoo.co.uk/projects/backendpro
* @filesource
*/
// ---------------------------------------------------------------------------
/**
* Auth_form_processing
*
* Authentication form processing class. This class performs
* all actions to provide the user with suitable forms to
* login/logout/register etc with the system.
*
* This file is only loaded the when the user goes to
* the auth controller.
*
* @package BackendPro
* @subpackage Libraries
*/
class Auth_form_processing
{
function Auth_form_processing()
{
// Get CI Instance
$this->CI = &get_instance();
$this->CI->load->helper('form');
// Load any files directly related to the authentication module
$this->CI->load->library('User_email');
$this->CI->bep_assets->load_asset_group('FORMS');
// Load any other helpers/libraries needed
$this->CI->load->library('validation');
log_message('debug','BackendPro : Auth_form_processing class loaded');
}
/**
* Login Form
*
* Display a login form for the user
*
* @access public
* @param string $container View file container
*/
function login_form($container)
{
// First lets see if they are logged in, if so run action for that user
if ( is_user() )
{
// If they have access to the control panel panel send them there
if( check('Control Panel',NULL,FALSE))
{
redirect($this->CI->config->item('userlib_action_admin_login'),'location');
}
// Otherwise run user action
redirect($this->CI->config->item('userlib_action_login'),'location');
}
// Lets see what login methods are allowed and setup the form as so
switch($this->CI->preference->item('login_field'))
{
case 'email':
$fields['login_field'] = $this->CI->lang->line('userlib_email');
$rules['login_field'] = 'trim|required|valid_email';
break;
case 'username':
$fields['login_field'] = $this->CI->lang->line('userlib_username');
$rules['login_field'] = 'trim|required';
break;
default:
$fields['login_field'] = $this->CI->lang->line('userlib_email_username');
$rules['login_field'] = 'trim|required';
break;
}
// Setup fields
$fields['password'] = $this->CI->lang->line('userlib_password');
$fields['recaptcha_response_field'] = $this->CI->lang->line('userlib_captcha');
$this->CI->validation->set_fields($fields);
// Set Rules
// Only run captcha check if needed
$rules['password'] = 'trim|required';
if($this->CI->preference->item('use_login_captcha'))
{
$rules['recaptcha_response_field'] = 'trim|required|valid_captcha';
}
$this->CI->validation->set_rules($rules);
if ( $this->CI->validation->run() === FALSE )
{
// Output any errors
$this->CI->validation->output_errors();
// TODO: There must be a better way to do this
$data['login_field'] = $fields['login_field'];
// Display page
$data['header'] = $this->CI->lang->line('userlib_login');
$data['captcha'] = ($this->CI->preference->item('use_login_captcha')?$this->_generate_captcha():'');
$data['page'] = $this->CI->config->item('backendpro_template_public') . 'form_login';
$data['module'] = 'auth';
$this->CI->load->view($container,$data);
if($this->CI->session->flashdata('requested_page') != "")
{
// Only remember the flashData if there was some in the first place
$this->CI->session->keep_flashdata('requested_page');
}
}
else
{
// Submit form
$this->_login();
}
}
/**
* Log User In
*
* Log the user into the system
*
* @access pubic
*/
function _login()
{
// Fetch what they entered in the login
$values['login_field'] = $this->CI->input->post('login_field');
$values['password'] = $this->CI->userlib->encode_password($this->CI->input->post('password'));
// See if a user exists with the given credentials
$result = $this->CI->user_model->validateLogin($values['login_field'],$values['password']);
if ( $result['valid'] )
{
// We we have a valid user
$user = $result['query']->row();
// Check if the users account hasn't been activated yet
if ( $user->active == 0 )
{
// NEEDS ACTIVATION
flashMsg('warning',$this->CI->lang->line('userlib_account_unactivated'));
redirect('auth/login','location');
}
// Everything is OK
// Save details to session
//@TODO: This dosn't seem very safe having the login code totaly exposed
$this->CI->userlib->set_userlogin($user->id);
//$this->_set_userlogin($user->id);
// If they asked to remember login, store details
if ( $this->CI->input->post('remember') )
{
set_cookie('autologin',
serialize(array('id'=>$user->id, 'login_field'=>$values['login_field'], 'password'=>$values['password'])),
$this->CI->preference->item('autologin_period')*86400);
}
flashMsg('success',$this->CI->lang->line('userlib_login_successfull'));
// Redirect to requested page
if(FALSE !== ($page = $this->CI->session->flashdata('requested_page')))
{
redirect($page,'location');
}
// If user has access to control panel
if ( check('Control Panel',NULL,FALSE))
{
redirect($this->CI->config->item('userlib_action_admin_login'),'location');
}
redirect($this->CI->config->item('userlib_action_login'),'location');
}
else
{
// Login details not valid
flashMsg('error',$this->CI->lang->line('userlib_login_failed'));
}
redirect('auth/login','location');
}
/**
* Logout User
*
* Log the user out from the system
*
* @access public
*/
function logout()
{
$this->CI->session->sess_destroy();
$this->CI->session->sess_create();
if ( is_user() )
{
// Failed to log user out
flashMsg('error',$this->CI->lang->line('userlib_logout_failed'));
redirect($this->CI->config->item('userlib_action_logout'),'location');
}
// Unset autologin variable
delete_cookie('autologin');
flashMsg('success',$this->CI->lang->line('userlib_logout_successfull'));
redirect($this->CI->config->item('userlib_action_logout'),'location');
}
/**
* Forgotten Password Form
*
* Display the form for the forgotten password page
*
* @access public
* @param string $container View file container
*/
function forgotten_password_form($container)
{
// Setup fields
$fields['email'] = $this->CI->lang->line('userlib_email');
$this->CI->validation->set_fields($fields);
// Set Rules
$rules['email'] = 'trim|required|valid_email';
$this->CI->validation->set_rules($rules);
if ( $this->CI->validation->run() === FALSE )
{
// Output any errors
$this->CI->validation->output_errors();
// Display page
$data['header'] = $this->CI->lang->line('userlib_forgotten_password');
$data['page'] = $this->CI->config->item('backendpro_template_public') . 'form_forgotten_password';
$data['module'] = 'auth';
$this->CI->load->view($container,$data);
$this->CI->session->keep_flashdata('requested_page');
}
else
{
// Submit form
$this->_forgotten_password();
}
}
/**
* Forgotten Password
*
* Set a new password for the user
*
* @access private
*/
function _forgotten_password()
{
$email = $this->CI->input->post('email');
if ($this->CI->user_model->validEmail($email))
{
// Valid Email
// Generate a new password
$this->CI->load->helper('string');
$password = random_string('alnum',$this->CI->preference->item('min_password_length'));
$encoded_password = $this->CI->userlib->encode_password($password);
// Email the new password to the user
$query = $this->CI->user_model->fetch('Users','username',NULL,array('email'=>$email));
$user = $query->row();
$data = array(
'username'=>$user->username,
'email'=>$email,
'password'=>$password,
'site_name'=>$this->CI->preference->item('site_name'),
'site_url'=>base_url()
);
$this->CI->user_email->send($email,$this->CI->lang->line('userlib_email_forgotten_password'),'public/email_forgotten_password',$data);
// Update password in database
$this->CI->user_model->update('Users',array('password'=>$encoded_password),array('email'=>$email));
flashMsg('success',$this->CI->lang->line('userlib_new_password_sent'));
}
else
{
// Email not found
flashMsg('error',$this->CI->lang->line('userlib_email_not_found'));
}
redirect($this->CI->config->item('userlib_action_forgotten_password','location'));
}
/**
* Process registration
*
* Creat the new user accounts for the registered user. When this
* is called all the data should be valid and no more checks should
* be needed
*
* @access private
*/
function _register()
{
// Build
$data['users']['username'] = $this->CI->input->post('username');
$data['users']['email'] = $this->CI->input->post('email');
$data['users']['password'] = $this->CI->userlib->encode_password($this->CI->input->post('password'));
$data['users']['group'] = $this->CI->preference->item('default_user_group');
$data['users']['created'] = date("Y-m-d H:i:s",time());
// Check how the account should be activated
switch($this->CI->preference->item('activation_method'))
{
case 'none':
// Send welcome email, account already activated
$data['users']['active'] = 1;
$activation_message = $this->CI->lang->line('userlib_no_activation');
break;
case 'admin':
// Admin must activate, do nothing
$activation_message = $this->CI->lang->line('userlib_admin_activation');
break;
default:
// Send email with activation link
$this->CI->load->helper('string');
$data['users']['activation_key'] = random_string('alnum',32);
$activation_message = sprintf($this->CI->lang->line('userlib_email_activation'), site_url('auth/activate/'.$data['users']['activation_key']), $this->CI->preference->item('account_activation_time'));
break;
}
$this->CI->db->trans_begin();
// Add user details to DB
$this->CI->user_model->insert('Users',$data['users']);
// Get the auto insert ID
$data['user_profiles']['user_id'] = $this->CI->db->insert_id();
// Add user_profile details to DB
$this->CI->user_model->insert('UserProfiles',$data['user_profiles']);
if ($this->CI->db->trans_status() === FALSE)
{
// Registration failed
$this->CI->db->trans_rollback();
flashMsg('error',$this->CI->lang->line('userlib_registration_failed'));
redirect('auth/register','location');
}
else
{
// User registered
$this->CI->db->trans_commit();
// Send email to user
$edata = array(
'username'=> $data['users']['username'],
'email'=> $data['users']['email'],
'password'=> $this->CI->input->post('password'),
'activation_message' => $activation_message,
'site_name'=>$this->CI->preference->item('site_name'),
'site_url'=>base_url()
);
$this->CI->user_email->send($data['users']['email'],$this->CI->lang->line('userlib_email_register'),'public/email_register',$edata);
flashMsg('success',$this->CI->lang->line('userlib_registration_success'));
redirect($this->CI->config->item('userlib_action_register'),'location');
}
}
/**
* Register form
*
* Display the register form to the user
*
* @access public
* @param string $container View file container
*/
function register_form($container)
{
if( ! $this->CI->preference->item('allow_user_registration'))
{
// If registration is not allowed
flashMsg('info',$this->CI->lang->line('userlib_registration_denied'));
redirect('auth/login','location');
}
// Setup fields
$fields['username'] = $this->CI->lang->line('userlib_username');
$fields['password'] = $this->CI->lang->line('userlib_password');
$fields['confirm_password'] = $this->CI->lang->line('userlib_confirm_password');
$fields['email'] = $this->CI->lang->line('userlib_email');
$fields['recaptcha_response_field'] = $this->CI->lang->line('userlib_captcha');
$this->CI->validation->set_fields($fields);
// Set Rules
$rules['username'] = 'trim|required|max_length[32]|spare_username';
$rules['password'] = 'trim|required|min_length['.$this->CI->preference->item('min_password_length').']|matches[confirm_password]';
$rules['email'] = 'trim|required|max_length[254]|valid_email|spare_email';
if($this->CI->preference->item('use_registration_captcha'))
{
$rules['recaptcha_response_field'] = 'trim|required|valid_captcha';
}
$this->CI->validation->set_rules($rules);
if ( $this->CI->validation->run() === FALSE )
{
// Output any errors
$this->CI->validation->output_errors();
// Display page
$data['header'] = $this->CI->lang->line('userlib_register');
$data['captcha'] = ($this->CI->preference->item('use_registration_captcha')?$this->_generate_captcha():'');
$data['page'] = $this->CI->config->item('backendpro_template_public') . 'form_register';
$data['module'] = 'auth';
$this->CI->load->view($container,$data);
}
else
{
// Submit form
$this->_register();
}
}
/**
* Activate User Account
*
* @access public
*/
function activate()
{
// Fetch code from url
$key = $this->CI->uri->segment(3);
if( $this->CI->user_model->activateUser($key) )
{
// Activation successful
flashMsg('success',$this->CI->lang->line('userlib_activation_success'));
redirect($this->CI->config->item('userlib_action_activation'),'location');
}
else
{
// Activation failed
flashMsg('error',$this->CI->lang->line('userlib_activation_failed'));
redirect('auth/login','location');
}
}
/**
* Generate Captcha Image
*
* @access private
* @return string
*/
function _generate_captcha()
{
$this->CI->bep_assets->load_asset('recaptcha');
$this->CI->load->module_library('recaptcha','Recaptcha');
return $this->CI->recaptcha->recaptcha_get_html();
}
}
/* End of file Auth_form_processing.php */
/* Location: ./modules/auth/libraries/Auth_form_processing.php */