|
@@ -26,26 +26,34 @@ class Theme_Auth_panel_biall_net { // TODO: implements AuthBaseInterface {
|
|
|
|
|
|
if (empty($login) || empty($pass)) throw new Exception("Proszę podać login i hasło!");
|
|
if (empty($login) || empty($pass)) throw new Exception("Proszę podać login i hasło!");
|
|
|
|
|
|
- // { // TODO: TEST
|
|
|
|
- // $login = "krzys.dworski@gmail.com"; // COMPANIES.user_mail_contact
|
|
|
|
- // $pass = "76022801989"; // COMPANIES.P_PESEL or COMPANIES.PASSWD varchar(100) --- table PANEL_KLIENTA_BN_AUTH
|
|
|
|
|
|
+ // $item = self::fetchUser($login);
|
|
|
|
+ // if (empty($item['PASSWD']) || 32 != strlen($item['PASSWD'])) {
|
|
|
|
+ // throw new Exception("Proszę użyć funkcji przypomnienia hasła");
|
|
// }
|
|
// }
|
|
|
|
|
|
- $item = self::fetchUser($login);
|
|
|
|
- if (empty($item['PASSWD']) || 32 != strlen($item['PASSWD'])) {
|
|
|
|
- throw new Exception("Proszę użyć funkcji przypomnienia hasła");
|
|
|
|
- }
|
|
|
|
|
|
+ // if (md5($pass) !== $item['PASSWD']) {
|
|
|
|
+ // throw new Exception("Proszę podać poprawny login i hasło!");
|
|
|
|
+ // }
|
|
|
|
|
|
- if (md5($pass) !== $item['PASSWD']) {
|
|
|
|
- throw new Exception("Proszę podać poprawny login i hasło!");
|
|
|
|
|
|
+ $userInfo = null;
|
|
|
|
+ $activeUsers = self::makeActiveUsers($login);
|
|
|
|
+ foreach ($activeUsers as $item) {
|
|
|
|
+ if (empty($item['PASSWD']) || 32 != strlen($item['PASSWD'])) {
|
|
|
|
+ continue; // throw new Exception("Proszę użyć funkcji przypomnienia hasła");
|
|
|
|
+ }
|
|
|
|
+ if (md5($pass) === $item['PASSWD']) {
|
|
|
|
+ $userInfo = $item;
|
|
|
|
+ break;
|
|
|
|
+ }
|
|
}
|
|
}
|
|
|
|
+ if (!$userInfo) throw new Exception("Proszę podać poprawny login i hasło!");
|
|
|
|
|
|
return (object)[
|
|
return (object)[
|
|
- 'ID' => $item['ID'],
|
|
|
|
- 'ADM_ACCOUNT' => $item['LOGIN'], // AUTHORIZE_USER, ADM_ACCOUNT
|
|
|
|
- 'ADM_NAME' => implode(" ", [ $item['P_NAME'], $item['P_NAME_SECOND'] ]), // ADM_NAME
|
|
|
|
|
|
+ 'ID' => $userInfo['ID'],
|
|
|
|
+ 'ADM_ACCOUNT' => $userInfo['LOGIN'], // AUTHORIZE_USER, ADM_ACCOUNT
|
|
|
|
+ 'ADM_NAME' => implode(" ", [ $userInfo['P_NAME'], $userInfo['P_NAME_SECOND'] ]), // ADM_NAME
|
|
'ADM_TECH_WORKER' => "", // ADM_TECH_WORKER
|
|
'ADM_TECH_WORKER' => "", // ADM_TECH_WORKER
|
|
- 'ADM_COMPANY' => $item['BILLING_OWNER'], // ADM_COMPANY
|
|
|
|
|
|
+ 'ADM_COMPANY' => $userInfo['BILLING_OWNER'], // ADM_COMPANY
|
|
'ADM_ADMIN_LEVEL' => 5, // ADM_ADMIN_LEVEL // > 5 will show msg for Kandydat
|
|
'ADM_ADMIN_LEVEL' => 5, // ADM_ADMIN_LEVEL // > 5 will show msg for Kandydat
|
|
'ADM_PHONE' => "", // ADM_PHONE
|
|
'ADM_PHONE' => "", // ADM_PHONE
|
|
'ADM_ADMIN_EXPIRE' => "", // ADM_ADMIN_EXPIRE
|
|
'ADM_ADMIN_EXPIRE' => "", // ADM_ADMIN_EXPIRE
|
|
@@ -53,6 +61,104 @@ class Theme_Auth_panel_biall_net { // TODO: implements AuthBaseInterface {
|
|
'EMPLOYEE_TYPE' => "Klient", // EMPLOYEE_TYPE // [ 'Pracownik','Kandydat','Partner','Anonymous','Kontakt','Skrypt' ]
|
|
'EMPLOYEE_TYPE' => "Klient", // EMPLOYEE_TYPE // [ 'Pracownik','Kandydat','Partner','Anonymous','Kontakt','Skrypt' ]
|
|
];
|
|
];
|
|
}
|
|
}
|
|
|
|
+ static function testAuth($login, $pass) {
|
|
|
|
+ $userInfo = null;
|
|
|
|
+ $activeUsers = self::makeActiveUsers($login);
|
|
|
|
+ foreach ($activeUsers as $item) {
|
|
|
|
+ if (empty($item['PASSWD']) || 32 != strlen($item['PASSWD'])) {
|
|
|
|
+ continue; // throw new Exception("Proszę użyć funkcji przypomnienia hasła");
|
|
|
|
+ }
|
|
|
|
+ if (md5($pass) === $item['PASSWD']) {
|
|
|
|
+ $userInfo = $item;
|
|
|
|
+ break;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (!$userInfo) throw new Exception("Proszę podać poprawny login i hasło!");
|
|
|
|
+ return $userInfo;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ // after auth set additional session variables
|
|
|
|
+ static function authorizedTrigger($login, $pass = '') {
|
|
|
|
+ $fetchAllUsers = self::fetchActiveUsers($login);
|
|
|
|
+ $_SESSION['PANEL_BN_USERS'] = (count($fetchAllUsers) > 1) ? array_map(function ($item) {
|
|
|
|
+ return [
|
|
|
|
+ 'ID' => $item['ID'],
|
|
|
|
+ 'LOGIN' => $item['LOGIN'],
|
|
|
|
+ 'P_NAME' => $item['P_NAME'],
|
|
|
|
+ 'P_NAME_SECOND' => $item['P_NAME_SECOND'],
|
|
|
|
+ 'BILLING_OWNER' => $item['BILLING_OWNER'],
|
|
|
|
+ ];
|
|
|
|
+ }, $fetchAllUsers) : [];
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ static function test_fetchAllUsers($login) {
|
|
|
|
+ $sqlTest = "
|
|
|
|
+ select c.ID
|
|
|
|
+ , c.user_mail_contact
|
|
|
|
+ , c.P_NAME, c.P_NAME_SECOND
|
|
|
|
+ , c.P_PESEL, c.P_NIP
|
|
|
|
+ , c.A_STATUS, c.STATUS
|
|
|
|
+ , c.A_CLASSIFIED, c.A_ADM_COMPANY
|
|
|
|
+ , c.BILLING_OWNER -- 1 BN, 3 NETDAY
|
|
|
|
+ from COMPANIES c
|
|
|
|
+ where c.user_mail_contact = :email
|
|
|
|
+ ";
|
|
|
|
+ return DB::getPDO()->tryHandleException([ __CLASS__, 'preparePanelBNAuthTables' ], 'fetchAll', [
|
|
|
|
+ $sqlTest, [ ':email' => $login ]
|
|
|
|
+ ]);
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ static function makeActiveUsers($login) {
|
|
|
|
+ $activeUsers = self::fetchActiveUsers($login);
|
|
|
|
+
|
|
|
|
+ foreach ($activeUsers as $idx => $item) {
|
|
|
|
+ if (!$item['ID_AUTH']) {
|
|
|
|
+ $activeUsers[$idx]['P_PESEL'] = trim(str_replace(' ', '', $item['P_PESEL']));
|
|
|
|
+ $activeUsers[$idx]['P_NIP'] = trim(str_replace([' ', '-'], '', $item['P_NIP']));
|
|
|
|
+ $passwd = (!empty($activeUsers[$idx]['P_PESEL'])) ? $activeUsers[$idx]['P_PESEL'] : $activeUsers[$idx]['P_NIP'];
|
|
|
|
+ $hashPass = ($passwd) ? md5($passwd) : null;
|
|
|
|
+ DB::getPDO()->insert('PANEL_KLIENTA_BN_AUTH', [
|
|
|
|
+ 'ID_BILLING_USERS' => $activeUsers[$idx]['ID'],
|
|
|
|
+ 'LOGIN' => $activeUsers[$idx]['user_mail_contact'],
|
|
|
|
+ 'PASSWD' => $hashPass,
|
|
|
|
+ 'A_RECORD_CREATE_DATE' => "NOW()",
|
|
|
|
+ ]);
|
|
|
|
+ $activeUsers[$idx]['ID_BILLING_USERS'] = $activeUsers[$idx]['ID'];
|
|
|
|
+ $activeUsers[$idx]['LOGIN'] = $activeUsers[$idx]['user_mail_contact'];
|
|
|
|
+ $activeUsers[$idx]['PASSWD'] = $hashPass;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ return $activeUsers;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ static function fetchActiveUsers($login) {
|
|
|
|
+ // TODO: filtr BN / NETDAY ?
|
|
|
|
+ // TODO: filtr ZGODA_NA mail/fv ?
|
|
|
|
+ $sql = "
|
|
|
|
+ select c.ID
|
|
|
|
+ , c.user_mail_contact
|
|
|
|
+ , c.P_NAME, c.P_NAME_SECOND
|
|
|
|
+ , c.P_PESEL, c.P_NIP
|
|
|
|
+ , c.A_STATUS, c.STATUS
|
|
|
|
+ , c.A_CLASSIFIED, c.A_ADM_COMPANY
|
|
|
|
+ , c.BILLING_OWNER -- 1 BN, 3 NETDAY
|
|
|
|
+ , p.ID as ID_AUTH
|
|
|
|
+ , p.LOGIN
|
|
|
|
+ , p.PASSWD
|
|
|
|
+ , p.REMIND_PASS_KEY
|
|
|
|
+ , p.REMIND_PASS_VALID_TILL
|
|
|
|
+ from COMPANIES c
|
|
|
|
+ left join PANEL_KLIENTA_BN_AUTH p on ( p.ID_BILLING_USERS = c.ID and p.LOGIN = c.user_mail_contact )
|
|
|
|
+ where c.user_mail_contact = :email
|
|
|
|
+ and c.A_CLASSIFIED = :acl
|
|
|
|
+ and c.A_ADM_COMPANY = :acl
|
|
|
|
+ ";
|
|
|
|
+ return DB::getPDO()->tryHandleException([ __CLASS__, 'preparePanelBNAuthTables' ], 'fetchAll', [
|
|
|
|
+ $sql, [ ':email' => $login, ':acl' => '27_BIALL-NET' ]
|
|
|
|
+ ]);
|
|
|
|
+ }
|
|
|
|
|
|
static function fetchUser($login) {
|
|
static function fetchUser($login) {
|
|
$item = DB::getPDO()->tryHandleException([ __CLASS__, 'preparePanelBNAuthTables' ], 'fetchFirst', [
|
|
$item = DB::getPDO()->tryHandleException([ __CLASS__, 'preparePanelBNAuthTables' ], 'fetchFirst', [
|
|
@@ -97,20 +203,44 @@ class Theme_Auth_panel_biall_net { // TODO: implements AuthBaseInterface {
|
|
return $item;
|
|
return $item;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+ static function sendRemindPasswd($email, $resetLink, $recipient) {
|
|
|
|
+ $recipient = "piotrl86+bn-test-remind@gmail.com"; // TODO: ($recipient) ? $recipient : $email
|
|
|
|
+
|
|
|
|
+ $headers = "MIME-Version: 1.0\n";
|
|
|
|
+ $headers .= "Content-Type: text/plain; charset=\"utf-8\"\n";
|
|
|
|
+ $headers .= 'From: Panel klienta BIALL-NET <noreply@biall-net.pl>' . "\r\n";
|
|
|
|
+ // $headers .= 'Bcc: piotrl86@gmail.com' . "\r\n";
|
|
|
|
+
|
|
|
|
+ $subject = "Panel BIALL-NET: Ustawianie nowego hasła";
|
|
|
|
+
|
|
|
|
+ $body = implode("\r\n\r\n", [
|
|
|
|
+ "Ktoś poprosił o wygenerowanie nowego hasła dla następującego konta:",
|
|
|
|
+ "Nazwa witryny: Panel klienta BIALL-NET",
|
|
|
|
+ "Nazwa użytkownika: {$email}",
|
|
|
|
+ "Jeśli to pomyłka po prostu zignoruj tego maila i nic się nie stanie.",
|
|
|
|
+ "Aby zresetować hasło, przejdź tutaj:",
|
|
|
|
+ "{$resetLink}",
|
|
|
|
+ ]);
|
|
|
|
+
|
|
|
|
+ mail($recipient, $subject, $body, $headers);
|
|
|
|
+ }
|
|
|
|
+
|
|
static function generateRemindKey($email) {
|
|
static function generateRemindKey($email) {
|
|
$remindKey = substr(md5($email . "" . date("Y-m-d H:i:s")), 0, 16);
|
|
$remindKey = substr(md5($email . "" . date("Y-m-d H:i:s")), 0, 16);
|
|
$remindTill = date("Y-m-d", mktime(0,0,0, date("m"), date("d") + 2, date("Y")));
|
|
$remindTill = date("Y-m-d", mktime(0,0,0, date("m"), date("d") + 2, date("Y")));
|
|
- $userInfo = self::fetchUser($email);
|
|
|
|
|
|
+ // $userInfo = self::fetchUser($email);
|
|
|
|
+ self::makeActiveUsers($email); // creates PANEL_KLIENTA_BN_AUTH if missing
|
|
DB::getPDO()->execSql("
|
|
DB::getPDO()->execSql("
|
|
update PANEL_KLIENTA_BN_AUTH
|
|
update PANEL_KLIENTA_BN_AUTH
|
|
set REMIND_PASS_KEY = :remind_key
|
|
set REMIND_PASS_KEY = :remind_key
|
|
, REMIND_PASS_VALID_TILL = :remind_till
|
|
, REMIND_PASS_VALID_TILL = :remind_till
|
|
, A_RECORD_UPDATE_DATE = NOW()
|
|
, A_RECORD_UPDATE_DATE = NOW()
|
|
- where ID_BILLING_USERS = :id_user
|
|
|
|
- and LOGIN = :login
|
|
|
|
|
|
+ where LOGIN = :login
|
|
|
|
+ -- and ID_BILLING_USERS = :id_user
|
|
", [
|
|
", [
|
|
- ':id_user' => $userInfo['ID'],
|
|
|
|
- ':login' => $userInfo['LOGIN'],
|
|
|
|
|
|
+ // ':id_user' => $userInfo['ID'],
|
|
|
|
+ // ':login' => $userInfo['LOGIN'],
|
|
|
|
+ ':login' => $email,
|
|
':remind_key' => $remindKey,
|
|
':remind_key' => $remindKey,
|
|
':remind_till' => $remindTill,
|
|
':remind_till' => $remindTill,
|
|
]);
|
|
]);
|
|
@@ -148,11 +278,12 @@ class Theme_Auth_panel_biall_net { // TODO: implements AuthBaseInterface {
|
|
, REMIND_PASS_VALID_TILL = '0000-00-00'
|
|
, REMIND_PASS_VALID_TILL = '0000-00-00'
|
|
, PASSWD = :hash_passwd
|
|
, PASSWD = :hash_passwd
|
|
, A_RECORD_UPDATE_DATE = NOW()
|
|
, A_RECORD_UPDATE_DATE = NOW()
|
|
- where ID_BILLING_USERS = :id_user
|
|
|
|
- and LOGIN = :login
|
|
|
|
|
|
+ where LOGIN = :login
|
|
|
|
+ -- and ID_BILLING_USERS = :id_user
|
|
", [
|
|
", [
|
|
- ':id_user' => $userInfo['ID'],
|
|
|
|
- ':login' => $userInfo['LOGIN'],
|
|
|
|
|
|
+ // ':id_user' => $userInfo['ID'],
|
|
|
|
+ // ':login' => $userInfo['LOGIN'],
|
|
|
|
+ ':login' => $email,
|
|
':hash_passwd' => md5($newPasswd),
|
|
':hash_passwd' => md5($newPasswd),
|
|
]);
|
|
]);
|
|
}
|
|
}
|