iflrandevu/src/application/controllers/user.php

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

/* ----------------------------------------------------------------------------
 * Easy!Appointments - Open Source Web Scheduler
 * 
 * @package     EasyAppointments
 * @author      A.Tselegidis <alextselegidis@gmail.com>
 * @copyright   Copyright (c) 2013 - 2015, Alex Tselegidis
 * @license     http://opensource.org/licenses/GPL-3.0 - GPLv3 
 * @link        http://easyappointments.org
 * @since       v1.0.0
 * ---------------------------------------------------------------------------- */

/**
 * User Controller 
 *
 * @package Controllers
 */
class User extends CI_Controller {
    public function __construct() {
        parent::__construct();
        $this->load->library('session');
        
        // Set user's selected language.
        if ($this->session->userdata('language')) {
        	$this->config->set_item('language', $this->session->userdata('language'));
        	$this->lang->load('translations', $this->session->userdata('language'));
        } else {
        	$this->lang->load('translations', $this->config->item('language')); // default
        }
    }
    
    public function index() {
        header('Location: ' . $this->config->item('base_url') . '/index.php/user/login');
    }
    
    public function login() {
        $this->load->model('settings_model');
        
        $view['base_url'] = $this->config->item('base_url');
        $view['dest_url'] = $this->session->userdata('dest_url');
        
        if (!$view['dest_url']) {
            $view['dest_url'] = $view['base_url'] . '/index.php/backend';
        }
        
        $view['company_name'] = $this->settings_model->get_setting('company_name');
        $this->load->view('user/login', $view);
    }
    
    public function logout() {
        $this->load->model('settings_model');
        
        $this->session->unset_userdata('user_id');
        $this->session->unset_userdata('user_email');
        $this->session->unset_userdata('role_slug');
        $this->session->unset_userdata('username');
        $this->session->unset_userdata('dest_url');
        
        $view['base_url'] = $this->config->item('base_url');
        $view['company_name'] = $this->settings_model->get_setting('company_name');
        $this->load->view('user/logout', $view);
    }
    
    public function forgot_password() {
        $this->load->model('settings_model');
        $view['base_url'] = $this->config->item('base_url');
        $view['company_name'] = $this->settings_model->get_setting('company_name');
        $this->load->view('user/forgot_password', $view);
    }
    
    public function no_privileges() {
        $this->load->model('settings_model');
        $view['base_url'] = $this->config->item('base_url');
        $view['company_name'] = $this->settings_model->get_setting('company_name');
        $this->load->view('user/no_privileges', $view);
    }
    
    /**
     * [AJAX] Check whether the user has entered the correct login credentials.
     * 
     * The session data of a logged in user are the following:
     *      'user_id'
     *      'user_email'
     *      'role_slug'
     *      'dest_url'
     */
    public function ajax_check_login() {
        try {
            if (!isset($_POST['username']) || !isset($_POST['password'])) {
                throw new Exception('Invalid credentials given!');
            }
            
            $this->load->model('user_model');
            $user_data = $this->user_model->check_login($_POST['username'], $_POST['password']);
            
            if ($user_data) {
                $this->session->set_userdata($user_data); // Save data on user's session.
                echo json_encode(AJAX_SUCCESS);
            } else {
                echo json_encode(AJAX_FAILURE);
            }
            
        } catch(Exception $exc) {
            echo json_encode(array(
                'exceptions' => array(exceptionToJavaScript($exc))
            ));
        }
    }
    
    /**
     * Regenerate a new password for the current user, only if the username and 
     * email address given corresond to an existing user in db.
     * 
     * @param string $_POST['username'] 
     * @param string $_POST['email']
     */
    public function ajax_forgot_password() {
        try {
            if (!isset($_POST['username']) || !isset($_POST['email'])) {
                throw new Exception('You must enter a valid username and email address in '
                        . 'order to get a new password!');
            }
            
            $this->load->model('user_model');
            $this->load->model('settings_model');
            
            $new_password = $this->user_model->regenerate_password($_POST['username'], $_POST['email']);
            
            if ($new_password != FALSE) {
                $this->load->library('notifications');
                $company_settings = array(
                    'company_name' => $this->settings_model->get_setting('company_name'),
                    'company_link' => $this->settings_model->get_setting('company_link'),
                    'company_email' => $this->settings_model->get_setting('company_email')
                );
                $this->notifications->send_password($new_password, $_POST['email'], $company_settings);
            }
            
            echo ($new_password != FALSE) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
        } catch(Exception $exc) {
            echo json_encode(array(
                'exceptions' => array(exceptionToJavaScript($exc))
            ));
        }
    }
}

/* End of file user.php */
/* Location: ./application/controllers/user.php */
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');`

Added credentials docblock banner. 2015-07-20 22:41:24 +03:00			`/* ----------------------------------------------------------------------------`
			`* Easy!Appointments - Open Source Web Scheduler`
			`*`
			`* @package EasyAppointments`
			`* @author A.Tselegidis <alextselegidis@gmail.com>`
			`* @copyright Copyright (c) 2013 - 2015, Alex Tselegidis`
			`* @license http://opensource.org/licenses/GPL-3.0 - GPLv3`
			`* @link http://easyappointments.org`
			`* @since v1.0.0`
			`* ---------------------------------------------------------------------------- */`

Added @package tag to controllers. 2015-07-08 01:33:33 +03:00			`/**`
			`* User Controller`
			`*`
			`* @package Controllers`
			`*/`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`class User extends CI_Controller {`
			`public function __construct() {`
			`parent::__construct();`
			`$this->load->library('session');`
Added language selection functionality to backend pages. 2013-12-23 18:55:42 +02:00
			`// Set user's selected language.`
			`if ($this->session->userdata('language')) {`
			`$this->config->set_item('language', $this->session->userdata('language'));`
			`$this->lang->load('translations', $this->session->userdata('language'));`
			`} else {`
			`$this->lang->load('translations', $this->config->item('language')); // default`
			`}`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`}`

			`public function index() {`
Fixed URLs with index.php value (work without mod_rewrite) 2015-05-21 00:18:46 +03:00			`header('Location: ' . $this->config->item('base_url') . '/index.php/user/login');`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`}`

			`public function login() {`
Translated user pages (login, logout, forgot password). 2013-12-19 12:28:10 +02:00			`$this->load->model('settings_model');`

* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`$view['base_url'] = $this->config->item('base_url');`
			`$view['dest_url'] = $this->session->userdata('dest_url');`
* Completed login + logout operation. * Updated the way the system stores passwords in db. 2013-09-23 18:42:36 +03:00
			`if (!$view['dest_url']) {`
Fixed URLs with index.php value (work without mod_rewrite) 2015-05-21 00:18:46 +03:00			`$view['dest_url'] = $view['base_url'] . '/index.php/backend';`
* Completed login + logout operation. * Updated the way the system stores passwords in db. 2013-09-23 18:42:36 +03:00			`}`

Translated user pages (login, logout, forgot password). 2013-12-19 12:28:10 +02:00			`$view['company_name'] = $this->settings_model->get_setting('company_name');`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`$this->load->view('user/login', $view);`
			`}`

			`public function logout() {`
Translated user pages (login, logout, forgot password). 2013-12-19 12:28:10 +02:00			`$this->load->model('settings_model');`

* Completed login + logout operation. * Updated the way the system stores passwords in db. 2013-09-23 18:42:36 +03:00			`$this->session->unset_userdata('user_id');`
			`$this->session->unset_userdata('user_email');`
			`$this->session->unset_userdata('role_slug');`
			`$this->session->unset_userdata('username');`
			`$this->session->unset_userdata('dest_url');`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00
* Completed login + logout operation. * Updated the way the system stores passwords in db. 2013-09-23 18:42:36 +03:00			`$view['base_url'] = $this->config->item('base_url');`
Translated user pages (login, logout, forgot password). 2013-12-19 12:28:10 +02:00			`$view['company_name'] = $this->settings_model->get_setting('company_name');`
* Completed login + logout operation. * Updated the way the system stores passwords in db. 2013-09-23 18:42:36 +03:00			`$this->load->view('user/logout', $view);`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`}`

			`public function forgot_password() {`
Translated user pages (login, logout, forgot password). 2013-12-19 12:28:10 +02:00			`$this->load->model('settings_model');`
* Added "Forgot Password" procedure. * Started working on the installation page. * Fixed minor bugs in backend pages. 2013-10-11 18:58:46 +03:00			`$view['base_url'] = $this->config->item('base_url');`
Translated user pages (login, logout, forgot password). 2013-12-19 12:28:10 +02:00			`$view['company_name'] = $this->settings_model->get_setting('company_name');`
* Added "Forgot Password" procedure. * Started working on the installation page. * Fixed minor bugs in backend pages. 2013-10-11 18:58:46 +03:00			`$this->load->view('user/forgot_password', $view);`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`}`

			`public function no_privileges() {`
Translated user pages (login, logout, forgot password). 2013-12-19 12:28:10 +02:00			`$this->load->model('settings_model');`
* The user can now see the reason when a validation fails (during an add() procedure). * Fixed service - provider connection in backend/calendar appointment modal. * Backend notification messages on top are now disappearing after a few seconds (excluding cases where there are action items - the user must close the notification) * The user will be able to select an existing customer from the backend/calendar appointment modal when creating a new appointment record. * Started work on user privileges and on how the system performs according to that. 2013-09-26 19:06:57 +03:00			`$view['base_url'] = $this->config->item('base_url');`
Translated user pages (login, logout, forgot password). 2013-12-19 12:28:10 +02:00			`$view['company_name'] = $this->settings_model->get_setting('company_name');`
* The user can now see the reason when a validation fails (during an add() procedure). * Fixed service - provider connection in backend/calendar appointment modal. * Backend notification messages on top are now disappearing after a few seconds (excluding cases where there are action items - the user must close the notification) * The user will be able to select an existing customer from the backend/calendar appointment modal when creating a new appointment record. * Started work on user privileges and on how the system performs according to that. 2013-09-26 19:06:57 +03:00			`$this->load->view('user/no_privileges', $view);`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`}`

			`/**`
			`* [AJAX] Check whether the user has entered the correct login credentials.`
* The user can now see the reason when a validation fails (during an add() procedure). * Fixed service - provider connection in backend/calendar appointment modal. * Backend notification messages on top are now disappearing after a few seconds (excluding cases where there are action items - the user must close the notification) * The user will be able to select an existing customer from the backend/calendar appointment modal when creating a new appointment record. * Started work on user privileges and on how the system performs according to that. 2013-09-26 19:06:57 +03:00			`*`
			`* The session data of a logged in user are the following:`
			`* 'user_id'`
			`* 'user_email'`
			`* 'role_slug'`
			`* 'dest_url'`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`*/`
			`public function ajax_check_login() {`
			`try {`
			`if (!isset($_POST['username']) \|\| !isset($_POST['password'])) {`
			`throw new Exception('Invalid credentials given!');`
			`}`

			`$this->load->model('user_model');`
* Completed login + logout operation. * Updated the way the system stores passwords in db. 2013-09-23 18:42:36 +03:00			`$user_data = $this->user_model->check_login($_POST['username'], $_POST['password']);`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00
			`if ($user_data) {`
			`$this->session->set_userdata($user_data); // Save data on user's session.`
			`echo json_encode(AJAX_SUCCESS);`
			`} else {`
* Completed login + logout operation. * Updated the way the system stores passwords in db. 2013-09-23 18:42:36 +03:00			`echo json_encode(AJAX_FAILURE);`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`}`

			`} catch(Exception $exc) {`
			`echo json_encode(array(`
			`'exceptions' => array(exceptionToJavaScript($exc))`
			`));`
			`}`
			`}`
* Added "Forgot Password" procedure. * Started working on the installation page. * Fixed minor bugs in backend pages. 2013-10-11 18:58:46 +03:00
			`/**`
			`* Regenerate a new password for the current user, only if the username and`
			`* email address given corresond to an existing user in db.`
			`*`
			`* @param string $_POST['username']`
			`* @param string $_POST['email']`
			`*/`
			`public function ajax_forgot_password() {`
			`try {`
			`if (!isset($_POST['username']) \|\| !isset($_POST['email'])) {`
			`throw new Exception('You must enter a valid username and email address in '`
			`. 'order to get a new password!');`
			`}`

			`$this->load->model('user_model');`
			`$this->load->model('settings_model');`

			`$new_password = $this->user_model->regenerate_password($_POST['username'], $_POST['email']);`

			`if ($new_password != FALSE) {`
			`$this->load->library('notifications');`
			`$company_settings = array(`
			`'company_name' => $this->settings_model->get_setting('company_name'),`
			`'company_link' => $this->settings_model->get_setting('company_link'),`
			`'company_email' => $this->settings_model->get_setting('company_email')`
			`);`
			`$this->notifications->send_password($new_password, $_POST['email'], $company_settings);`
			`}`

			`echo ($new_password != FALSE) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);`
			`} catch(Exception $exc) {`
			`echo json_encode(array(`
			`'exceptions' => array(exceptionToJavaScript($exc))`
			`));`
			`}`
			`}`
* Finished with backend/settings page. * Started user login and privileges management. 2013-09-20 16:58:11 +03:00			`}`

			`/* End of file user.php */`
			`/* Location: ./application/controllers/user.php */`