diff --git a/app/Controller/Component/MiconwareSessionComponent.php b/app/Controller/Component/MiconwareSessionComponent.php index a7c9785..c5a8965 100755 --- a/app/Controller/Component/MiconwareSessionComponent.php +++ b/app/Controller/Component/MiconwareSessionComponent.php @@ -81,4 +81,100 @@ class MiconwareSessionComponent extends Component { )); if($this->validate_password($password,$users['User']['password']) and !$this->isLoggedin()){ $this->User->id = $users['User']['id']; - $result = $this->User->saveField('la \ No newline at end of file + $result = $this->User->saveField('last_login', date("Y-m-d H:i:s")); + if($result) + $result = $this->Session->write('user',$users['User']['id']); + return $result; + } + return false; + } + + public function logout(){ + if($this->isLoggedin()){ + $this->Session->delete('user'); + return true; + } + return false; + } + + public function setFlash($message,$element = 'flash',$params = array(),$key = 'flash') { + $this->Session->setFlash($message, $element,$params,$key); + } + + public function getApplication($appDirectory,$user_id=false){ + if(!$user_id) + $user_id = $this->Session->read('user'); + $this->$appDirectory = ClassRegistry::init($appDirectory); + return $this->$appDirectory->find('first',array( + 'conditions' => array('AppUser.user_id' => $user_id) + )); + } + + + + public static function getOpeningCondition(){ + return array('and'=>array( + 'DreamjobJobOpening.active'=>true, + 'DreamjobJobOpening.startdate <='=> date("Y-m-d"), + 'DreamjobJobOpening.enddate >='=> date("Y-m-d", strtotime("+1 day")) + )); + } + + public static function generateKey($length=8){ + return md5(mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)); + } + + /** + * PasswordHasg + */ + public function create_hash($password) + { + $salt = base64_encode(mcrypt_create_iv(8, MCRYPT_DEV_URANDOM)); + return "pbkdf2_sha1$10000$" . $salt . "$" .base64_encode($this->pbkdf2("sha1",$password,$salt,10000,20,true)); + } + + private function validate_password($password, $correct_hash) + { + $params = explode("$", $correct_hash); + if(count($params) < 4) return false; + $pbkdf2 = base64_decode($params[3]); + return $this->slow_equals($pbkdf2,$this->pbkdf2($params[0],$password,$params[2],(int)$params[1],strlen($pbkdf2),true)); + } + + private function slow_equals($a, $b) + { + $diff = strlen($a) ^ strlen($b); + for($i = 0; $i < strlen($a) && $i < strlen($b); $i++) + $diff |= ord($a[$i]) ^ ord($b[$i]); + return $diff === 0; + } + + private function pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output = false) + { + $algorithm = strtolower(ltrim($algorithm,"pbkdf2_")); + if(!in_array($algorithm, hash_algos(), true)) + die('PBKDF2 ERROR: Invalid hash algorithm.'); + if($count <= 0 || $key_length <= 0) + die('PBKDF2 ERROR: Invalid parameters.'); + if (function_exists("hash_pbkdf2")) { + if (!$raw_output) + $key_length = $key_length * 2; + return hash_pbkdf2($algorithm, $password, $salt, $count, $key_length, $raw_output); + } + $hash_length = strlen(hash($algorithm, "", true)); + $block_count = ceil($key_length / $hash_length); + $output = ""; + for($i = 1; $i <= $block_count; $i++) { + $last = $salt . pack("N", $i); + $last = $xorsum = hash_hmac($algorithm, $last, $password, true); + for ($j = 1; $j < $count; $j++) + $xorsum ^= ($last = hash_hmac($algorithm, $last, $password, true)); + $output .= $xorsum; + } + if($raw_output) + return substr($output, 0, $key_length); + else + return bin2hex(substr($output, 0, $key_length)); + } +} +?>