MTrackWeb/Login.php

[web.mtrack] / MTrackWeb / Login.php

<?php

require_once 'MTrackWeb.php';


class MTrackWeb_Login extends MTrackWeb
{
    var $template = 'login.html';
    
    function getAuth()
    {
        return true;
    }
    
    function get($u='', $ar=array())
    {
        
        if (!empty($_REQUEST['logout'])) {
            if ($this->getAuthUser()) {
                $this->getAuthUser()->logout();
            }
            header('location: ' . $this->baseURL);
            exit;
            
            
        }
        if (!isset($_REQUEST['ajax_body'])) {
            $this->title = "Login";
            return;
        }
        $this->masterTemplate = 'login.html';
        
        if (!empty($u)) {
            /** ---------- reset passwords ----- */
            $uu = explode('/', $u);
            if ($uu[0] != 'Reset') {
                $this->err('404', 'Invalid URL');
            }
            $u = DB_DataObject::factory('Person');
            if (!$u->get($uu[1])) {
                $this->err('404', 'Invalid URL');
            }
            $uu[2] = (int) $uu[2];
            
            if ($uu[2] <  (time() - (60 * 60 * 24 * 2))) { // older than 2 days.
                HTML_FlexyFramework::run('ForgotPassword', array('errors' => array('reset_expired' => 1)));
                exit;
            }
           // print_R($u->genPassKey($uu[2]));
            if ($uu[3] != $u->genPassKey($uu[2])) {
                HTML_FlexyFramework::run('ForgotPassword', array('errors' => array('reset_invalid' => 1)));
                exit;
            }
            // do reset!!!.
            
            $pp = clone($u);
            $u->generatePassword();
            $u->update($pp);
            $u->sendTemplate('reset_password', $this);
            
            $this->warnings = array('password_sent' => true);
            
        }
        
        if (!empty($ar)) {
            foreach($ar as $k=>$v) {
                $this->$k = $v;
            }
        }
        
        
        
        if (!empty($_POST)) {
            require_once 'HTML/Template/Flexy/Factory.php';
            $this->elements = HTML_Template_Flexy_Factory::fromArray( $_POST ,$this->elements);
            
        }
        
        return;
    }
    function errmsg($str) {
        
        return $this->jerr($str);
        
    }
    /**
     * AJAX ONLY?
     */
    function post()
    {
        
        if (!empty($_POST['refresh'])) {
            @session_start();
            $this->jok("refreshed");
        }
        
        $u = DB_DataObject::factory('Person');
        //$u->active = 1;
        $u->whereAdd('LENGTH(passwd) > 1');
        //$u->company_id = $this->company->id;
        
        if (empty($_REQUEST['username'])) { //|| (strpos($_REQUEST['username'], '@') < 1)) {
             $this->jerr('Missing username');
            
        }
         
        $u->email = $_REQUEST['username'];
        if ($u->count() > 1 || !$u->find(true)) {
           $this->jerr('Bad Username / Password combination');
            
        }
        
        //if (!$u->active) {
        //    return $this->errmsg('disabled');
        //}
        
        if ($u->checkPassword($_REQUEST['password'])) {
            $u->login();
            $this->addEvent("LOGIN");
            //if (!empty($_REQUEST['lang']) && $_REQUEST['lang'] != $u->lang) {
            //    $uu = clone($u);
            ////    $uu->lang = $_REQUEST['lang'];
            //    $uu->update();
            //}
             // log it..
             $this->jok('OK');
            HTML_FlexyFramework::run(''); // 
            
            //$this->sendAuthUserDetails();
            exit;

            //exit;
        }
        
         
        $this->jerr('Bad Username / Password combination'); // - " . htmlspecialchars(print_r($_POST,true))."'");
        
    }
    
    
    
    
}