iflrandevu/src/application/controllers/User.php

<?php defined('BASEPATH') OR exit('No direct script access allowed');

/* ----------------------------------------------------------------------------
 * Easy!Appointments - Open Source Web Scheduler
 *
 * @package     EasyAppointments
 * @author      A.Tselegidis <alextselegidis@gmail.com>
 * @copyright   Copyright (c) 2013 - 2018, Alex Tselegidis
 * @license     http://opensource.org/licenses/GPL-3.0 - GPLv3
 * @link        http://easyappointments.org
 * @since       v1.0.0
 * ---------------------------------------------------------------------------- */

use \EA\Engine\Types\NonEmptyText;
use \EA\Engine\Types\Email;

/**
 * User Controller
 *
 * @package Controllers
 */
class User extends CI_Controller {
    /**
     * Class Constructor
     */
    public function __construct()
    {
        parent::__construct();
        $this->load->library('session');

        // Set user's selected language.
        if ($this->session->userdata('language'))
        {
            $this->config->set_item('language', $this->session->userdata('language'));
            $this->lang->load('translations', $this->session->userdata('language'));
        }
        else
        {
            $this->lang->load('translations', $this->config->item('language')); // default
        }
    }

    /**
     * Default Method
     *
     * The default method will redirect the browser to the user/login URL.
     */
    public function index()
    {
        header('Location: ' . site_url('user/login'));
    }

    /**
     * Display the login page.
     */
    public function login()
    {
        $this->load->model('settings_model');

        $view['base_url'] = $this->config->item('base_url');
        $view['dest_url'] = $this->session->userdata('dest_url');

        if ( ! $view['dest_url'])
        {
            $view['dest_url'] = site_url('backend');
        }

        $view['company_name'] = $this->settings_model->get_setting('company_name');
        $this->load->view('user/login', $view);
    }

    /**
     * Display the logout page.
     */
    public function logout()
    {
        $this->load->model('settings_model');

        $this->session->unset_userdata('user_id');
        $this->session->unset_userdata('user_email');
        $this->session->unset_userdata('role_slug');
        $this->session->unset_userdata('username');
        $this->session->unset_userdata('dest_url');

        $view['base_url'] = $this->config->item('base_url');
        $view['company_name'] = $this->settings_model->get_setting('company_name');
        $this->load->view('user/logout', $view);
    }

    /**
     * Display the "forgot password" page.
     */
    public function forgot_password()
    {
        $this->load->model('settings_model');
        $view['base_url'] = $this->config->item('base_url');
        $view['company_name'] = $this->settings_model->get_setting('company_name');
        $this->load->view('user/forgot_password', $view);
    }

    /**
     * Display the "not authorized" page.
     */
    public function no_privileges()
    {
        $this->load->model('settings_model');
        $view['base_url'] = $this->config->item('base_url');
        $view['company_name'] = $this->settings_model->get_setting('company_name');
        $this->load->view('user/no_privileges', $view);
    }

    /**
     * [AJAX] Check whether the user has entered the correct login credentials.
     *
     * The session data of a logged in user are the following:
     *   - 'user_id'
     *   - 'user_email'
     *   - 'role_slug'
     *   - 'dest_url'
     */
    public function ajax_check_login()
    {
        try
        {
            if ( ! $this->input->post('username') || ! $this->input->post('password'))
            {
                throw new Exception('Invalid credentials given!');
            }

            $this->load->model('user_model');
            $user_data = $this->user_model->check_login($this->input->post('username'), $this->input->post('password'));

            if ($user_data)
            {
                $this->session->set_userdata($user_data); // Save data on user's session.
                $this->output
                    ->set_content_type('application/json')
                    ->set_output(json_encode(AJAX_SUCCESS));
            }
            else
            {
                $this->output
                    ->set_content_type('application/json')
                    ->set_output(json_encode(AJAX_FAILURE));
            }

        }
        catch (Exception $exc)
        {
            $this->output
                ->set_content_type('application/json')
                ->set_output(json_encode(['exceptions' => [exceptionToJavaScript($exc)]]));
        }
    }

    /**
     * Regenerate a new password for the current user, only if the username and
     * email address given correspond to an existing user in db.
     *
     * Required POST Parameters:
     *
     * - string $_POST['username'] Username to be validated.
     * - string $_POST['email'] Email to be validated.
     */
    public function ajax_forgot_password()
    {
        try
        {
            if ( ! $this->input->post('username') || ! $this->input->post('email'))
            {
                throw new Exception('You must enter a valid username and email address in '
                    . 'order to get a new password!');
            }

            $this->load->model('user_model');
            $this->load->model('settings_model');

            $new_password = $this->user_model->regenerate_password($this->input->post('username'),
                $this->input->post('email'));

            if ($new_password != FALSE)
            {
                $this->config->load('email');
                $email = new \EA\Engine\Notifications\Email($this, $this->config->config);
                $company_settings = [
                    'company_name' => $this->settings_model->get_setting('company_name'),
                    'company_link' => $this->settings_model->get_setting('company_link'),
                    'company_email' => $this->settings_model->get_setting('company_email')
                ];

                $email->sendPassword(new NonEmptyText($new_password), new Email($this->input->post('email')),
                    $company_settings);
            }

            $this->output
                ->set_content_type('application/json')
                ->set_output(json_encode($new_password != FALSE ? AJAX_SUCCESS : AJAX_FAILURE));
        }
        catch (Exception $exc)
        {
            $this->output
                ->set_content_type('application/json')
                ->set_output(json_encode(['exceptions' => [exceptionToJavaScript($exc)]]));
        }
    }
}
Direct file access must not be permitted. 2017-09-15 14:44:40 +03:00			`<?php defined('BASEPATH') OR exit('No direct script access allowed');`
Minor code format corrections. 2015-12-30 13:02:14 +02:00
			`/* ----------------------------------------------------------------------------`
			`* Easy!Appointments - Open Source Web Scheduler`
			`*`
			`* @package EasyAppointments`
			`* @author A.Tselegidis <alextselegidis@gmail.com>`
Updated copyright year in file headers. 2018-03-27 10:23:09 +03:00			`* @copyright Copyright (c) 2013 - 2018, Alex Tselegidis`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`* @license http://opensource.org/licenses/GPL-3.0 - GPLv3`
			`* @link http://easyappointments.org`
			`* @since v1.0.0`
			`* ---------------------------------------------------------------------------- */`

Renamed Alphanumeric type class to Text. 2016-11-09 21:56:24 +03:00			`use \EA\Engine\Types\NonEmptyText;`
Replaced the notifications library with the new one (fixes #178). 2016-07-16 17:56:02 +03:00			`use \EA\Engine\Types\Email;`

Minor code format corrections. 2015-12-30 13:02:14 +02:00			`/**`
			`* User Controller`
			`*`
			`* @package Controllers`
			`*/`
			`class User extends CI_Controller {`
			`/**`
			`* Class Constructor`
			`*/`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`public function __construct()`
			`{`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`parent::__construct();`
			`$this->load->library('session');`

			`// Set user's selected language.`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`if ($this->session->userdata('language'))`
			`{`
			`$this->config->set_item('language', $this->session->userdata('language'));`
			`$this->lang->load('translations', $this->session->userdata('language'));`
Reformatted code files. 2018-01-23 12:08:37 +03:00			`}`
			`else`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`{`
			`$this->lang->load('translations', $this->config->item('language')); // default`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`}`
			`}`

			`/**`
			`* Default Method`
			`*`
			`* The default method will redirect the browser to the user/login URL.`
			`*/`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`public function index()`
			`{`
Converted all the hard-coded urls to site_url() function calls. 2016-03-07 21:59:04 +02:00			`header('Location: ' . site_url('user/login'));`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`}`

			`/**`
			`* Display the login page.`
			`*/`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`public function login()`
			`{`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`$this->load->model('settings_model');`

			`$view['base_url'] = $this->config->item('base_url');`
			`$view['dest_url'] = $this->session->userdata('dest_url');`

Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`if ( ! $view['dest_url'])`
			`{`
Converted all the hard-coded urls to site_url() function calls. 2016-03-07 21:59:04 +02:00			`$view['dest_url'] = site_url('backend');`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`}`

			`$view['company_name'] = $this->settings_model->get_setting('company_name');`
			`$this->load->view('user/login', $view);`
			`}`

			`/**`
			`* Display the logout page.`
			`*/`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`public function logout()`
			`{`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`$this->load->model('settings_model');`

			`$this->session->unset_userdata('user_id');`
			`$this->session->unset_userdata('user_email');`
			`$this->session->unset_userdata('role_slug');`
			`$this->session->unset_userdata('username');`
			`$this->session->unset_userdata('dest_url');`

			`$view['base_url'] = $this->config->item('base_url');`
			`$view['company_name'] = $this->settings_model->get_setting('company_name');`
			`$this->load->view('user/logout', $view);`
			`}`

			`/**`
Refactor PHP controllers and models (use of protected members and corrections in docblock comments). 2016-04-27 09:21:40 +03:00			`* Display the "forgot password" page.`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`*/`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`public function forgot_password()`
			`{`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`$this->load->model('settings_model');`
			`$view['base_url'] = $this->config->item('base_url');`
			`$view['company_name'] = $this->settings_model->get_setting('company_name');`
			`$this->load->view('user/forgot_password', $view);`
			`}`

Refactor PHP controllers and models (use of protected members and corrections in docblock comments). 2016-04-27 09:21:40 +03:00			`/**`
			`* Display the "not authorized" page.`
			`*/`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`public function no_privileges()`
			`{`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`$this->load->model('settings_model');`
			`$view['base_url'] = $this->config->item('base_url');`
			`$view['company_name'] = $this->settings_model->get_setting('company_name');`
			`$this->load->view('user/no_privileges', $view);`
			`}`

			`/**`
			`* [AJAX] Check whether the user has entered the correct login credentials.`
			`*`
			`* The session data of a logged in user are the following:`
			`* - 'user_id'`
			`* - 'user_email'`
			`* - 'role_slug'`
			`* - 'dest_url'`
			`*/`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`public function ajax_check_login()`
			`{`
			`try`
			`{`
Integrated input class in controllers. 2017-09-19 16:44:32 +03:00			`if ( ! $this->input->post('username') \|\| ! $this->input->post('password'))`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`{`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`throw new Exception('Invalid credentials given!');`
			`}`

			`$this->load->model('user_model');`
Integrated input class in controllers. 2017-09-19 16:44:32 +03:00			`$user_data = $this->user_model->check_login($this->input->post('username'), $this->input->post('password'));`
Minor code format corrections. 2015-12-30 13:02:14 +02:00
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`if ($user_data)`
			`{`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`$this->session->set_userdata($user_data); // Save data on user's session.`
Integrated output class in controllers. 2017-09-20 17:09:01 +03:00			`$this->output`
			`->set_content_type('application/json')`
			`->set_output(json_encode(AJAX_SUCCESS));`
Reformatted code files. 2018-01-23 12:08:37 +03:00			`}`
			`else`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`{`
Integrated output class in controllers. 2017-09-20 17:09:01 +03:00			`$this->output`
			`->set_content_type('application/json')`
			`->set_output(json_encode(AJAX_FAILURE));`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`}`

Reformatted PHP files 2017-09-23 02:30:22 +03:00			`}`
			`catch (Exception $exc)`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`{`
Integrated output class in controllers. 2017-09-20 17:09:01 +03:00			`$this->output`
			`->set_content_type('application/json')`
			`->set_output(json_encode(['exceptions' => [exceptionToJavaScript($exc)]]));`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`}`
			`}`

			`/**`
			`* Regenerate a new password for the current user, only if the username and`
Spelling corrections 2016-10-10 19:29:48 +03:00			`* email address given correspond to an existing user in db.`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`*`
Adjusted phpdoc blocks in controller classes. 2017-09-06 16:22:11 +03:00			`* Required POST Parameters:`
			`*`
			`* - string $_POST['username'] Username to be validated.`
			`* - string $_POST['email'] Email to be validated.`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`*/`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`public function ajax_forgot_password()`
			`{`
			`try`
			`{`
Integrated input class in controllers. 2017-09-19 16:44:32 +03:00			`if ( ! $this->input->post('username') \|\| ! $this->input->post('email'))`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`{`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`throw new Exception('You must enter a valid username and email address in '`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`. 'order to get a new password!');`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`}`

			`$this->load->model('user_model');`
			`$this->load->model('settings_model');`

Integrated output class in controllers. 2017-09-20 17:09:01 +03:00			`$new_password = $this->user_model->regenerate_password($this->input->post('username'),`
			`$this->input->post('email'));`
Minor code format corrections. 2015-12-30 13:02:14 +02:00
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`if ($new_password != FALSE)`
			`{`
			`$this->config->load('email');`
Replaced the notifications library with the new one (fixes #178). 2016-07-16 17:56:02 +03:00			`$email = new \EA\Engine\Notifications\Email($this, $this->config->config);`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`$company_settings = [`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`'company_name' => $this->settings_model->get_setting('company_name'),`
			`'company_link' => $this->settings_model->get_setting('company_link'),`
			`'company_email' => $this->settings_model->get_setting('company_email')`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`];`
Replaced the notifications library with the new one (fixes #178). 2016-07-16 17:56:02 +03:00
Integrated output class in controllers. 2017-09-20 17:09:01 +03:00			`$email->sendPassword(new NonEmptyText($new_password), new Email($this->input->post('email')),`
			`$company_settings);`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`}`

Integrated output class in controllers. 2017-09-20 17:09:01 +03:00			`$this->output`
			`->set_content_type('application/json')`
			`->set_output(json_encode($new_password != FALSE ? AJAX_SUCCESS : AJAX_FAILURE));`
Reformatted PHP files 2017-09-23 02:30:22 +03:00			`}`
			`catch (Exception $exc)`
Autoformatted php files based on CodeIgniter style guide. 2017-09-15 14:36:37 +03:00			`{`
Integrated output class in controllers. 2017-09-20 17:09:01 +03:00			`$this->output`
			`->set_content_type('application/json')`
			`->set_output(json_encode(['exceptions' => [exceptionToJavaScript($exc)]]));`
Minor code format corrections. 2015-12-30 13:02:14 +02:00			`}`
			`}`
			`}`