|
@@ -24,35 +24,28 @@ class Theme_Auth_panel_biall_net { // TODO: implements AuthBaseInterface {
|
|
|
|
|
|
static function login($login, $pass) { // @return User object or null
|
|
static function login($login, $pass) { // @return User object or null
|
|
|
|
|
|
- if (empty($login) || empty($pass)) throw new Exception("Proszę podać poprawny login i hasło!");
|
|
|
|
|
|
+ if (empty($login) || empty($pass)) throw new Exception("Proszę podać login i hasło!");
|
|
|
|
|
|
- { // TODO: TEST
|
|
|
|
- $login = "krzys.dworski@gmail.com"; // COMPANIES.user_mail_contact
|
|
|
|
- $pass = "76022801989"; // TODO: COMPANIES.P_PESEL or COMPANIES.PASSWD varchar(100) ?
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
- $item = DB::getPDO()->fetchFirst("
|
|
|
|
- select c.ID, c.user_mail_contact, c.P_PESEL, c.PASSWD
|
|
|
|
- from COMPANIES c
|
|
|
|
- where c.user_mail_contact like :email
|
|
|
|
- ", [
|
|
|
|
- ':email' => $login,
|
|
|
|
- ]);
|
|
|
|
- // [ID] => 12807
|
|
|
|
- // [user_mail_contact] => krzys.dworski@gmail.com
|
|
|
|
- // [P_PESEL] => 76022801989
|
|
|
|
- // [PASSWD] => 76022801989
|
|
|
|
|
|
+ // { // TODO: TEST
|
|
|
|
+ // $login = "krzys.dworski@gmail.com"; // COMPANIES.user_mail_contact
|
|
|
|
+ // $pass = "76022801989"; // COMPANIES.P_PESEL or COMPANIES.PASSWD varchar(100) --- table PANEL_KLIENTA_BN_AUTH
|
|
|
|
+ // }
|
|
|
|
|
|
- throw new Exception("TODO: Proszę podać poprawny login i hasło!");
|
|
|
|
|
|
+ $item = self::fetchUser($login);
|
|
|
|
+ if (empty($item['PASSWD']) || 32 != strlen($item['PASSWD'])) {
|
|
|
|
+ throw new Exception("Proszę użyć funkcji przypomnienia hasła");
|
|
|
|
+ }
|
|
|
|
|
|
- return null;
|
|
|
|
|
|
+ if (md5($pass) !== $item['PASSWD']) {
|
|
|
|
+ throw new Exception("Proszę podać poprawny login i hasło!");
|
|
|
|
+ }
|
|
|
|
|
|
return (object)[
|
|
return (object)[
|
|
- 'ID' => "", // ADM_ID
|
|
|
|
- 'ADM_ACCOUNT' => "", // AUTHORIZE_USER, ADM_ACCOUNT
|
|
|
|
- 'ADM_NAME' => "", // ADM_NAME
|
|
|
|
|
|
+ 'ID' => $item['ID'],
|
|
|
|
+ 'ADM_ACCOUNT' => $item['LOGIN'], // AUTHORIZE_USER, ADM_ACCOUNT
|
|
|
|
+ 'ADM_NAME' => implode(" ", [ $item['P_NAME'], $item['P_NAME_SECOND'] ]), // ADM_NAME
|
|
'ADM_TECH_WORKER' => "", // ADM_TECH_WORKER
|
|
'ADM_TECH_WORKER' => "", // ADM_TECH_WORKER
|
|
- 'ADM_COMPANY' => "", // ADM_COMPANY
|
|
|
|
|
|
+ 'ADM_COMPANY' => $item['BILLING_OWNER'], // ADM_COMPANY
|
|
'ADM_ADMIN_LEVEL' => "", // ADM_ADMIN_LEVEL
|
|
'ADM_ADMIN_LEVEL' => "", // ADM_ADMIN_LEVEL
|
|
'ADM_PHONE' => "", // ADM_PHONE
|
|
'ADM_PHONE' => "", // ADM_PHONE
|
|
'ADM_ADMIN_EXPIRE' => "", // ADM_ADMIN_EXPIRE
|
|
'ADM_ADMIN_EXPIRE' => "", // ADM_ADMIN_EXPIRE
|
|
@@ -61,4 +54,145 @@ class Theme_Auth_panel_biall_net { // TODO: implements AuthBaseInterface {
|
|
];
|
|
];
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+ static function fetchUser($login) {
|
|
|
|
+ $item = DB::getPDO()->tryHandleException([ __CLASS__, 'preparePanelBNAuthTables' ], 'fetchFirst', [
|
|
|
|
+ "
|
|
|
|
+ select c.ID, c.user_mail_contact, c.P_PESEL
|
|
|
|
+ -- , c.PASSWD
|
|
|
|
+ , c.P_NAME, c.P_NAME_SECOND
|
|
|
|
+ , c.BILLING_OWNER -- 1 BN, 3 NETDAY
|
|
|
|
+ , c.is_firma
|
|
|
|
+ , c.P_NIP
|
|
|
|
+ , p.ID as ID_AUTH
|
|
|
|
+ , p.LOGIN
|
|
|
|
+ , p.PASSWD
|
|
|
|
+ , p.REMIND_PASS_KEY
|
|
|
|
+ , p.REMIND_PASS_VALID_TILL
|
|
|
|
+ from COMPANIES c
|
|
|
|
+ left join PANEL_KLIENTA_BN_AUTH p on ( p.ID_BILLING_USERS = c.ID and p.LOGIN = c.user_mail_contact )
|
|
|
|
+ where c.user_mail_contact like :email
|
|
|
|
+ ",
|
|
|
|
+ [
|
|
|
|
+ ':email' => $login,
|
|
|
|
+ ]
|
|
|
|
+ ]);
|
|
|
|
+ if (!$item) throw new Exception("BŁĄD: Brak zarejestrowanego użytkownika o wprowadzonym adresie email.");
|
|
|
|
+
|
|
|
|
+ if (!$item['ID_AUTH']) {
|
|
|
|
+ $passwd = (!empty($item['P_PESEL'])) ? $item['P_PESEL'] : $item['P_NIP'];
|
|
|
|
+ $hashPass = ($passwd) ? md5($passwd) : null;
|
|
|
|
+ DB::getPDO()->insert('PANEL_KLIENTA_BN_AUTH', [
|
|
|
|
+ 'ID_BILLING_USERS' => $item['ID'],
|
|
|
|
+ 'LOGIN' => $item['user_mail_contact'],
|
|
|
|
+ 'PASSWD' => $hashPass,
|
|
|
|
+ 'A_RECORD_CREATE_DATE' => "NOW()",
|
|
|
|
+ ]);
|
|
|
|
+ $item['ID_BILLING_USERS'] = $item['ID'];
|
|
|
|
+ $item['LOGIN'] = $item['user_mail_contact'];
|
|
|
|
+ $item['PASSWD'] = $hashPass;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ return $item;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ static function generateRemindKey($email) {
|
|
|
|
+ $remindKey = substr(md5($email . "" . date("Y-m-d H:i:s")), 0, 16);
|
|
|
|
+ $remindTill = date("Y-m-d", mktime(0,0,0, date("m"), date("d") + 2, date("Y")));
|
|
|
|
+ $userInfo = self::fetchUser($email);
|
|
|
|
+ DB::getPDO()->execSql("
|
|
|
|
+ update PANEL_KLIENTA_BN_AUTH
|
|
|
|
+ set REMIND_PASS_KEY = :remind_key
|
|
|
|
+ , REMIND_PASS_VALID_TILL = :remind_till
|
|
|
|
+ , A_RECORD_UPDATE_DATE = NOW()
|
|
|
|
+ where ID_BILLING_USERS = :id_user
|
|
|
|
+ and LOGIN = :login
|
|
|
|
+ ", [
|
|
|
|
+ ':id_user' => $userInfo['ID'],
|
|
|
|
+ ':login' => $userInfo['LOGIN'],
|
|
|
|
+ ':remind_key' => $remindKey,
|
|
|
|
+ ':remind_till' => $remindTill,
|
|
|
|
+ ]);
|
|
|
|
+ return $remindKey;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ static function setPasswd($email, $newPasswd, $remindKey) {
|
|
|
|
+ if (empty($email)) throw new Exception("Missing login!");
|
|
|
|
+ if (empty($newPasswd)) throw new Exception("Missing password!");
|
|
|
|
+ if (empty($remindKey)) throw new Exception("Missing remindKey!");
|
|
|
|
+
|
|
|
|
+ // TODO: validate password!
|
|
|
|
+ if (strlen($newPasswd) < 8) throw new Exception("Hasło musi się składać z co najmniej 8 znaków");
|
|
|
|
+
|
|
|
|
+ $userInfo = self::fetchUser($email);
|
|
|
|
+
|
|
|
|
+ // DBG::nicePrint([
|
|
|
|
+ // 'c1' => empty($userInfo['REMIND_PASS_KEY']),
|
|
|
|
+ // 'c2' => $userInfo['REMIND_PASS_KEY'] !== $remindKey,
|
|
|
|
+ // 'c2.L' => $userInfo['REMIND_PASS_KEY'],
|
|
|
|
+ // 'c2.R' => $remindKey,
|
|
|
|
+ // 'c3' => date("Y-m-d") > $userInfo['REMIND_PASS_VALID_TILL'],
|
|
|
|
+ // 'c3.L' => date("Y-m-d"),
|
|
|
|
+ // 'c3.R' => $userInfo['REMIND_PASS_VALID_TILL'],
|
|
|
|
+ // 'user' => $userInfo,
|
|
|
|
+ // ], 'DBG');
|
|
|
|
+ if (empty($userInfo['REMIND_PASS_KEY'])
|
|
|
|
+ || $userInfo['REMIND_PASS_KEY'] !== $remindKey
|
|
|
|
+ || date("Y-m-d") > $userInfo['REMIND_PASS_VALID_TILL']
|
|
|
|
+ ) throw new Exception("Odnośnik do resetowania hasła wydaje się być niesprawny. Proszę użyć funkcji przypomnienia hasła.");
|
|
|
|
+
|
|
|
|
+ DB::getPDO()->execSql("
|
|
|
|
+ update PANEL_KLIENTA_BN_AUTH
|
|
|
|
+ set REMIND_PASS_KEY = ''
|
|
|
|
+ , REMIND_PASS_VALID_TILL = '0000-00-00'
|
|
|
|
+ , PASSWD = :hash_passwd
|
|
|
|
+ , A_RECORD_UPDATE_DATE = NOW()
|
|
|
|
+ where ID_BILLING_USERS = :id_user
|
|
|
|
+ and LOGIN = :login
|
|
|
|
+ ", [
|
|
|
|
+ ':id_user' => $userInfo['ID'],
|
|
|
|
+ ':login' => $userInfo['LOGIN'],
|
|
|
|
+ ':hash_passwd' => md5($newPasswd),
|
|
|
|
+ ]);
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ static function preparePanelBNAuthTables() {
|
|
|
|
+ DB::getPDO()->execSql("
|
|
|
|
+ CREATE TABLE IF NOT EXISTS `PANEL_KLIENTA_BN_AUTH` (
|
|
|
|
+ `ID` int(11) NOT NULL AUTO_INCREMENT,
|
|
|
|
+ `ID_BILLING_USERS` int(11) NOT NULL,
|
|
|
|
+ `LOGIN` varchar(255) NOT NULL DEFAULT '',
|
|
|
|
+ `PASSWD` varchar(32) NOT NULL DEFAULT '',
|
|
|
|
+ `REMIND_PASS_KEY` varchar(16) NOT NULL DEFAULT '',
|
|
|
|
+ `REMIND_PASS_VALID_TILL` date NOT NULL DEFAULT '0000-00-00',
|
|
|
|
+ `A_ADM_COMPANY` varchar(64) NOT NULL DEFAULT '',
|
|
|
|
+ `A_CLASSIFIED` varchar(64) NOT NULL DEFAULT '',
|
|
|
|
+ `A_RECORD_CREATE_DATE` datetime NOT NULL,
|
|
|
|
+ `A_RECORD_CREATE_AUTHOR` varchar(20) NOT NULL DEFAULT '',
|
|
|
|
+ `A_RECORD_UPDATE_DATE` datetime NOT NULL,
|
|
|
|
+ `A_RECORD_UPDATE_AUTHOR` varchar(20) NOT NULL DEFAULT '',
|
|
|
|
+ PRIMARY KEY (`ID`),
|
|
|
|
+ UNIQUE KEY `COMPANY_LOGIN` (`LOGIN`, `ID_BILLING_USERS`)
|
|
|
|
+ ) ENGINE=MyISAM DEFAULT CHARSET=latin2 ;
|
|
|
|
+ ");
|
|
|
|
+ DB::getPDO()->execSql("
|
|
|
|
+ CREATE TABLE IF NOT EXISTS `PANEL_KLIENTA_BN_AUTH_HIST` (
|
|
|
|
+ `ID` int(11) NOT NULL AUTO_INCREMENT,
|
|
|
|
+ `ID_USERS2` int(11) NOT NULL,
|
|
|
|
+ `ID_BILLING_USERS` varchar(11) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ `LOGIN` varchar(255) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ `PASSWD` varchar(32) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ `REMIND_PASS_KEY` varchar(16) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ `REMIND_PASS_VALID_TILL` varchar(10) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ `A_ADM_COMPANY` varchar(64) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ `A_CLASSIFIED` varchar(64) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ `A_RECORD_CREATE_DATE` varchar(10) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ `A_RECORD_CREATE_AUTHOR` varchar(20) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ `A_RECORD_UPDATE_DATE` varchar(10) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ `A_RECORD_UPDATE_AUTHOR` varchar(20) NOT NULL DEFAULT 'N/S;',
|
|
|
|
+ PRIMARY KEY (`ID`),
|
|
|
|
+ KEY `ID_USERS2` (`ID_USERS2`)
|
|
|
|
+ ) ENGINE=MyISAM DEFAULT CHARSET=latin2 ;
|
|
|
|
+ ");
|
|
|
|
+ }
|
|
|
|
+
|
|
}
|
|
}
|