2014-02-18 12:10:29 +01:00
|
|
|
<?php
|
|
|
|
App::uses('Component', 'Controller');
|
|
|
|
class MiconwareSessionComponent extends Component {
|
|
|
|
|
|
|
|
public $components = array('Session');
|
2014-02-19 00:02:17 +01:00
|
|
|
public $self_worker_obj;
|
|
|
|
public $self_company_obj;
|
2014-02-18 12:10:29 +01:00
|
|
|
|
|
|
|
public function init($controller){
|
|
|
|
$controller->Security->requireSecure();
|
|
|
|
$this->User = ClassRegistry::init('User');
|
2014-02-19 00:02:17 +01:00
|
|
|
$this->refreshCache();
|
2014-02-18 12:10:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
public function initWeb($controller){
|
|
|
|
$controller->set("isLoggedin",$this->isLoggedin());
|
2014-02-19 00:02:17 +01:00
|
|
|
if($this->isLoggedin()){
|
|
|
|
$controller->set("WORKER",($this->self_worker_obj)?$this->self_worker_obj:false);
|
|
|
|
$controller->set("COMPANY",($this->self_company_obj)?$this->self_company_obj:false);
|
|
|
|
}
|
2014-02-18 12:10:29 +01:00
|
|
|
$controller->set("isStaff",$this->isStaff());
|
2014-04-15 19:47:57 +02:00
|
|
|
$controller->set("MEDIA",'/uploads');
|
|
|
|
$controller->set("strip_tags",'<p><a><img><span><div>');
|
2014-02-23 10:59:00 +01:00
|
|
|
$controller->set('default_sForm',array(
|
2014-02-18 12:10:29 +01:00
|
|
|
'inputDefaults' => array(
|
|
|
|
'div' => array('class' => 'control-group'),
|
|
|
|
'label' => array('class' => 'control-label'),
|
|
|
|
'between' => '<div class="controls">',
|
|
|
|
'after' => '</div>',
|
|
|
|
'class' => ''))
|
|
|
|
);
|
2014-03-15 01:52:07 +01:00
|
|
|
$controller->set('default_hForm',array(
|
|
|
|
'inputDefaults' => array(
|
2014-04-01 20:58:36 +02:00
|
|
|
'div' => true,
|
2014-03-28 16:22:19 +01:00
|
|
|
'label' => false,
|
|
|
|
'error' => false,
|
2014-03-15 01:52:07 +01:00
|
|
|
'class' => 'form-control '),
|
2014-04-01 20:58:36 +02:00
|
|
|
'class'=>'tableForm'
|
2014-03-15 01:52:07 +01:00
|
|
|
)
|
|
|
|
);
|
2014-02-23 10:59:00 +01:00
|
|
|
$controller->set('default_Form',array(
|
|
|
|
'inputDefaults' => array(
|
|
|
|
'div' => array('class' => 'form-group'),
|
2014-03-16 11:09:10 +01:00
|
|
|
'label' => array('class' => 'col-sm-3 control-label'),
|
|
|
|
'between' => '<div class="col-sm-9">',
|
2014-02-23 10:59:00 +01:00
|
|
|
'after' => '</div>',
|
2014-03-12 17:42:02 +01:00
|
|
|
'error' => array('attribute'=>array('wrap'=>'span','class'=>'help-block')),
|
2014-02-23 10:59:00 +01:00
|
|
|
'class' => 'form-control '))
|
|
|
|
);
|
2014-02-18 12:10:29 +01:00
|
|
|
}
|
2014-02-19 00:02:17 +01:00
|
|
|
public function refreshCache(){
|
|
|
|
if($this->isLoggedin()){
|
|
|
|
$self_company = false;
|
|
|
|
$this->self_worker_obj = $this->getApplication('DreamjobWorker');
|
|
|
|
if(!is_array($this->self_worker_obj) or count($this->self_worker_obj)<= 0){
|
|
|
|
$this->self_company_obj = $this->getApplication('DreamjobCompany');
|
|
|
|
$self_company = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
public function getCompany(){
|
|
|
|
return $this->self_company_obj;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getWorker(){
|
|
|
|
return $this->self_worker_obj;
|
|
|
|
}
|
2014-02-18 12:10:29 +01:00
|
|
|
|
|
|
|
public function isLoggedin(){
|
|
|
|
return $this->Session->check('user');
|
|
|
|
}
|
|
|
|
|
|
|
|
public function isStaff(){
|
2014-02-19 00:02:17 +01:00
|
|
|
return false;
|
2014-02-18 12:10:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
public function login($mail,$password){
|
|
|
|
$users=$this->User->find('first', array(
|
|
|
|
'fields' => array('User.id','User.password'),
|
2014-04-11 17:39:56 +02:00
|
|
|
'conditions' => array('User.mail' => $mail,'User.is_active'=>true)
|
2014-02-18 12:10:29 +01:00
|
|
|
));
|
|
|
|
if($this->validate_password($password,$users['User']['password']) and !$this->isLoggedin()){
|
2014-04-17 00:17:00 +02:00
|
|
|
$this->User->id = $users['User']['id'];
|
2014-04-17 00:07:50 +02:00
|
|
|
$result = $this->User->saveField('last_login', date("Y-m-d H:i:s"));
|
2014-04-17 00:01:54 +02:00
|
|
|
if($result)
|
|
|
|
$result = $this->Session->write('user',$users['User']['id']);
|
|
|
|
return $result;
|
2014-02-18 12:10:29 +01:00
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function logout(){
|
|
|
|
if($this->isLoggedin()){
|
|
|
|
$this->Session->delete('user');
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function setFlash($message,$element = 'flash',$params = array(),$key = 'flash') {
|
|
|
|
$this->Session->setFlash($message, $element,$params,$key);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function getApplication($appDirectory,$user_id=false){
|
|
|
|
if(!$user_id)
|
|
|
|
$user_id = $this->Session->read('user');
|
|
|
|
$this->$appDirectory = ClassRegistry::init($appDirectory);
|
|
|
|
return $this->$appDirectory->find('first',array(
|
|
|
|
'conditions' => array('AppUser.user_id' => $user_id)
|
|
|
|
));
|
|
|
|
}
|
2014-03-28 16:22:19 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public static function getOpeningCondition(){
|
|
|
|
return array('and'=>array(
|
|
|
|
'DreamjobJobOpening.active'=>true,
|
|
|
|
'DreamjobJobOpening.startdate <='=> date("Y-m-d"),
|
|
|
|
'DreamjobJobOpening.enddate >='=> date("Y-m-d", strtotime("+1 day"))
|
|
|
|
));
|
|
|
|
}
|
|
|
|
|
2014-04-08 19:28:07 +02:00
|
|
|
public static function generateKey($length=8){
|
2014-04-28 22:17:49 +02:00
|
|
|
return md5(mcrypt_create_iv($length, MCRYPT_DEV_URANDOM));
|
2014-04-08 19:28:07 +02:00
|
|
|
}
|
2014-03-28 16:22:19 +01:00
|
|
|
|
2014-02-18 12:10:29 +01:00
|
|
|
/**
|
|
|
|
* PasswordHasg
|
|
|
|
*/
|
2014-03-18 09:34:04 +01:00
|
|
|
public function create_hash($password)
|
2014-02-18 12:10:29 +01:00
|
|
|
{
|
|
|
|
$salt = base64_encode(mcrypt_create_iv(8, MCRYPT_DEV_URANDOM));
|
|
|
|
return "pbkdf2_sha1$10000$" . $salt . "$" .base64_encode($this->pbkdf2("sha1",$password,$salt,10000,20,true));
|
|
|
|
}
|
|
|
|
|
|
|
|
private function validate_password($password, $correct_hash)
|
|
|
|
{
|
|
|
|
$params = explode("$", $correct_hash);
|
|
|
|
if(count($params) < 4) return false;
|
|
|
|
$pbkdf2 = base64_decode($params[3]);
|
|
|
|
return $this->slow_equals($pbkdf2,$this->pbkdf2($params[0],$password,$params[2],(int)$params[1],strlen($pbkdf2),true));
|
|
|
|
}
|
|
|
|
|
|
|
|
private function slow_equals($a, $b)
|
|
|
|
{
|
|
|
|
$diff = strlen($a) ^ strlen($b);
|
|
|
|
for($i = 0; $i < strlen($a) && $i < strlen($b); $i++)
|
|
|
|
$diff |= ord($a[$i]) ^ ord($b[$i]);
|
|
|
|
return $diff === 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
private function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false)
|
|
|
|
{
|
|
|
|
$algorithm = strtolower(ltrim($algorithm,"pbkdf2_"));
|
|
|
|
if(!in_array($algorithm, hash_algos(), true))
|
|
|
|
die('PBKDF2 ERROR: Invalid hash algorithm.');
|
|
|
|
if($count <= 0 || $key_length <= 0)
|
|
|
|
die('PBKDF2 ERROR: Invalid parameters.');
|
|
|
|
if (function_exists("hash_pbkdf2")) {
|
|
|
|
if (!$raw_output)
|
|
|
|
$key_length = $key_length * 2;
|
|
|
|
return hash_pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output);
|
|
|
|
}
|
|
|
|
$hash_length = strlen(hash($algorithm, "", true));
|
|
|
|
$block_count = ceil($key_length / $hash_length);
|
|
|
|
$output = "";
|
|
|
|
for($i = 1; $i <= $block_count; $i++) {
|
|
|
|
$last = $salt . pack("N", $i);
|
|
|
|
$last = $xorsum = hash_hmac($algorithm, $last, $password, true);
|
|
|
|
for ($j = 1; $j < $count; $j++)
|
|
|
|
$xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true));
|
|
|
|
$output .= $xorsum;
|
|
|
|
}
|
|
|
|
if($raw_output)
|
|
|
|
return substr($output, 0, $key_length);
|
|
|
|
else
|
|
|
|
return bin2hex(substr($output, 0, $key_length));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
?>
|