123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331 |
- <?php
- // rename file to: `config.php`
- // @used by User class to login
- // - [ ] use to fetch user groups for acl
- /**
- * User object:
- * - ID // ADM_ID
- * - ADM_ACCOUNT // AUTHORIZE_USER, ADM_ACCOUNT
- * - ADM_NAME // ADM_NAME
- * - ADM_TECH_WORKER // ADM_TECH_WORKER
- * - ADM_COMPANY // ADM_COMPANY
- * - ADM_ADMIN_LEVEL // ADM_ADMIN_LEVEL
- * - ADM_PHONE // ADM_PHONE
- * - ADM_ADMIN_EXPIRE // ADM_ADMIN_EXPIRE
- * - ADM_ADMIN_DESC // ADM_ADMIN_DESC
- * - EMPLOYEE_TYPE // EMPLOYEE_TYPE
- * - EMAIL_IMAP_IMPORT_HOST // EMAIL_IMAP_IMPORT_HOST
- * - EMAIL_IMAP_IMPORT_USERNAME // EMAIL_IMAP_IMPORT_USERNAME
- */
- class Theme_Auth_panel_biall_net { // TODO: implements AuthBaseInterface {
- static function login($login, $pass) { // @return User object or null
- if (empty($login) || empty($pass)) throw new Exception("Proszę podać login i hasło!");
- // $item = self::fetchUser($login);
- // if (empty($item['PASSWD']) || 32 != strlen($item['PASSWD'])) {
- // throw new Exception("Proszę użyć funkcji przypomnienia hasła");
- // }
- // if (md5($pass) !== $item['PASSWD']) {
- // throw new Exception("Proszę podać poprawny login i hasło!");
- // }
- $userInfo = null;
- $activeUsers = self::makeActiveUsers($login);
- foreach ($activeUsers as $item) {
- if (empty($item['PASSWD']) || 32 != strlen($item['PASSWD'])) {
- continue; // throw new Exception("Proszę użyć funkcji przypomnienia hasła");
- }
- if (md5($pass) === $item['PASSWD']) {
- $userInfo = $item;
- break;
- }
- }
- if (!$userInfo) throw new Exception("Proszę podać poprawny login i hasło!");
- return (object)[
- 'ID' => $userInfo['ID'],
- 'ADM_ACCOUNT' => $userInfo['LOGIN'], // AUTHORIZE_USER, ADM_ACCOUNT
- 'ADM_NAME' => implode(" ", [ $userInfo['P_NAME'], $userInfo['P_NAME_SECOND'] ]), // ADM_NAME
- 'ADM_TECH_WORKER' => "", // ADM_TECH_WORKER
- 'ADM_COMPANY' => $userInfo['BILLING_OWNER'], // ADM_COMPANY
- 'ADM_ADMIN_LEVEL' => 5, // ADM_ADMIN_LEVEL // > 5 will show msg for Kandydat
- 'ADM_PHONE' => "", // ADM_PHONE
- 'ADM_ADMIN_EXPIRE' => "", // ADM_ADMIN_EXPIRE
- 'ADM_ADMIN_DESC' => "", // ADM_ADMIN_DESC
- 'EMPLOYEE_TYPE' => "Klient", // EMPLOYEE_TYPE // [ 'Pracownik','Kandydat','Partner','Anonymous','Kontakt','Skrypt' ]
- ];
- }
- static function testAuth($login, $pass) {
- $userInfo = null;
- $activeUsers = self::makeActiveUsers($login);
- foreach ($activeUsers as $item) {
- if (empty($item['PASSWD']) || 32 != strlen($item['PASSWD'])) {
- continue; // throw new Exception("Proszę użyć funkcji przypomnienia hasła");
- }
- if (md5($pass) === $item['PASSWD']) {
- $userInfo = $item;
- break;
- }
- }
- if (!$userInfo) throw new Exception("Proszę podać poprawny login i hasło!");
- return $userInfo;
- }
- // after auth set additional session variables
- static function authorizedTrigger($login, $pass = '') {
- $fetchAllUsers = self::fetchActiveUsers($login);
- $_SESSION['PANEL_BN_USERS'] = (count($fetchAllUsers) > 1) ? array_map(function ($item) {
- return [
- 'ID' => $item['ID'],
- 'LOGIN' => $item['LOGIN'],
- 'P_NAME' => $item['P_NAME'],
- 'P_NAME_SECOND' => $item['P_NAME_SECOND'],
- 'BILLING_OWNER' => $item['BILLING_OWNER'],
- ];
- }, $fetchAllUsers) : [];
- }
- static function test_fetchAllUsers($login) {
- $sqlTest = "
- select c.ID
- , c.user_mail_contact
- , c.P_NAME, c.P_NAME_SECOND
- , c.P_PESEL, c.P_NIP
- , c.A_STATUS, c.STATUS
- , c.A_CLASSIFIED, c.A_ADM_COMPANY
- , c.BILLING_OWNER -- 1 BN, 3 NETDAY
- from COMPANIES c
- where c.user_mail_contact = :email
- ";
- return DB::getPDO()->tryHandleException([ __CLASS__, 'preparePanelBNAuthTables' ], 'fetchAll', [
- $sqlTest, [ ':email' => $login ]
- ]);
- }
- static function makeActiveUsers($login) {
- $activeUsers = self::fetchActiveUsers($login);
- foreach ($activeUsers as $idx => $item) {
- if (!$item['ID_AUTH']) {
- $activeUsers[$idx]['P_PESEL'] = trim(str_replace(' ', '', $item['P_PESEL']));
- $activeUsers[$idx]['P_NIP'] = trim(str_replace([' ', '-'], '', $item['P_NIP']));
- $passwd = (!empty($activeUsers[$idx]['P_PESEL'])) ? $activeUsers[$idx]['P_PESEL'] : $activeUsers[$idx]['P_NIP'];
- $hashPass = ($passwd) ? md5($passwd) : null;
- DB::getPDO()->insert('PANEL_KLIENTA_BN_AUTH', [
- 'ID_BILLING_USERS' => $activeUsers[$idx]['ID'],
- 'LOGIN' => $activeUsers[$idx]['user_mail_contact'],
- 'PASSWD' => $hashPass,
- 'A_RECORD_CREATE_DATE' => "NOW()",
- ]);
- $activeUsers[$idx]['ID_BILLING_USERS'] = $activeUsers[$idx]['ID'];
- $activeUsers[$idx]['LOGIN'] = $activeUsers[$idx]['user_mail_contact'];
- $activeUsers[$idx]['PASSWD'] = $hashPass;
- }
- }
- return $activeUsers;
- }
- static function fetchActiveUsers($login) {
- // TODO: filtr BN / NETDAY ?
- // TODO: filtr ZGODA_NA mail/fv ?
- $sql = "
- select c.ID
- , c.user_mail_contact
- , c.P_NAME, c.P_NAME_SECOND
- , c.P_PESEL, c.P_NIP
- , c.A_STATUS, c.STATUS
- , c.A_CLASSIFIED, c.A_ADM_COMPANY
- , c.BILLING_OWNER -- 1 BN, 3 NETDAY
- , p.ID as ID_AUTH
- , p.LOGIN
- , p.PASSWD
- , p.REMIND_PASS_KEY
- , p.REMIND_PASS_VALID_TILL
- from COMPANIES c
- left join PANEL_KLIENTA_BN_AUTH p on ( p.ID_BILLING_USERS = c.ID and p.LOGIN = c.user_mail_contact )
- where c.user_mail_contact = :email
- and c.A_CLASSIFIED = :acl
- and c.A_ADM_COMPANY = :acl
- ";
- return DB::getPDO()->tryHandleException([ __CLASS__, 'preparePanelBNAuthTables' ], 'fetchAll', [
- $sql, [ ':email' => $login, ':acl' => '27_BIALL-NET' ]
- ]);
- }
- static function fetchUser($login) {
- $item = DB::getPDO()->tryHandleException([ __CLASS__, 'preparePanelBNAuthTables' ], 'fetchFirst', [
- "
- select c.ID, c.user_mail_contact, c.P_PESEL
- -- , c.PASSWD
- , c.P_NAME, c.P_NAME_SECOND
- , c.BILLING_OWNER -- 1 BN, 3 NETDAY
- , c.is_firma
- , c.P_NIP
- , p.ID as ID_AUTH
- , p.LOGIN
- , p.PASSWD
- , p.REMIND_PASS_KEY
- , p.REMIND_PASS_VALID_TILL
- from COMPANIES c
- left join PANEL_KLIENTA_BN_AUTH p on ( p.ID_BILLING_USERS = c.ID and p.LOGIN = c.user_mail_contact )
- where c.user_mail_contact like :email
- ",
- [
- ':email' => $login,
- ]
- ]);
- if (!$item) throw new Exception("BŁĄD: Brak zarejestrowanego użytkownika o wprowadzonym adresie email.");
- if (!$item['ID_AUTH']) {
- $item['P_PESEL'] = trim(str_replace(' ', '', $item['P_PESEL']));
- $item['P_NIP'] = trim(str_replace([' ', '-'], '', $item['P_NIP']));
- $passwd = (!empty($item['P_PESEL'])) ? $item['P_PESEL'] : $item['P_NIP'];
- $hashPass = ($passwd) ? md5($passwd) : null;
- DB::getPDO()->insert('PANEL_KLIENTA_BN_AUTH', [
- 'ID_BILLING_USERS' => $item['ID'],
- 'LOGIN' => $item['user_mail_contact'],
- 'PASSWD' => $hashPass,
- 'A_RECORD_CREATE_DATE' => "NOW()",
- ]);
- $item['ID_BILLING_USERS'] = $item['ID'];
- $item['LOGIN'] = $item['user_mail_contact'];
- $item['PASSWD'] = $hashPass;
- }
- return $item;
- }
- static function sendRemindPasswd($email, $resetLink, $recipient) {
- $recipient = "piotrl86+bn-test-remind@gmail.com"; // TODO: ($recipient) ? $recipient : $email
- $headers = "MIME-Version: 1.0\n";
- $headers .= "Content-Type: text/plain; charset=\"utf-8\"\n";
- $headers .= 'From: Panel klienta BIALL-NET <noreply@biall-net.pl>' . "\r\n";
- // $headers .= 'Bcc: piotrl86@gmail.com' . "\r\n";
- $subject = "Panel BIALL-NET: Ustawianie nowego hasła";
- $body = implode("\r\n\r\n", [
- "Ktoś poprosił o wygenerowanie nowego hasła dla następującego konta:",
- "Nazwa witryny: Panel klienta BIALL-NET",
- "Nazwa użytkownika: {$email}",
- "Jeśli to pomyłka po prostu zignoruj tego maila i nic się nie stanie.",
- "Aby zresetować hasło, przejdź tutaj:",
- "{$resetLink}",
- ]);
- mail($recipient, $subject, $body, $headers);
- }
- static function generateRemindKey($email) {
- $remindKey = substr(md5($email . "" . date("Y-m-d H:i:s")), 0, 16);
- $remindTill = date("Y-m-d", mktime(0,0,0, date("m"), date("d") + 2, date("Y")));
- // $userInfo = self::fetchUser($email);
- self::makeActiveUsers($email); // creates PANEL_KLIENTA_BN_AUTH if missing
- DB::getPDO()->execSql("
- update PANEL_KLIENTA_BN_AUTH
- set REMIND_PASS_KEY = :remind_key
- , REMIND_PASS_VALID_TILL = :remind_till
- , A_RECORD_UPDATE_DATE = NOW()
- where LOGIN = :login
- -- and ID_BILLING_USERS = :id_user
- ", [
- // ':id_user' => $userInfo['ID'],
- // ':login' => $userInfo['LOGIN'],
- ':login' => $email,
- ':remind_key' => $remindKey,
- ':remind_till' => $remindTill,
- ]);
- return $remindKey;
- }
- static function setPasswd($email, $newPasswd, $remindKey) {
- if (empty($email)) throw new Exception("Missing login!");
- if (empty($newPasswd)) throw new Exception("Missing password!");
- if (empty($remindKey)) throw new Exception("Missing remindKey!");
- // TODO: validate password!
- if (strlen($newPasswd) < 8) throw new Exception("Hasło musi się składać z co najmniej 8 znaków");
- $userInfo = self::fetchUser($email);
- // DBG::nicePrint([
- // 'c1' => empty($userInfo['REMIND_PASS_KEY']),
- // 'c2' => $userInfo['REMIND_PASS_KEY'] !== $remindKey,
- // 'c2.L' => $userInfo['REMIND_PASS_KEY'],
- // 'c2.R' => $remindKey,
- // 'c3' => date("Y-m-d") > $userInfo['REMIND_PASS_VALID_TILL'],
- // 'c3.L' => date("Y-m-d"),
- // 'c3.R' => $userInfo['REMIND_PASS_VALID_TILL'],
- // 'user' => $userInfo,
- // ], 'DBG');
- if (empty($userInfo['REMIND_PASS_KEY'])
- || $userInfo['REMIND_PASS_KEY'] !== $remindKey
- || date("Y-m-d") > $userInfo['REMIND_PASS_VALID_TILL']
- ) throw new Exception("Odnośnik do resetowania hasła wydaje się być niesprawny. Proszę użyć funkcji przypomnienia hasła.");
- DB::getPDO()->execSql("
- update PANEL_KLIENTA_BN_AUTH
- set REMIND_PASS_KEY = ''
- , REMIND_PASS_VALID_TILL = '0000-00-00'
- , PASSWD = :hash_passwd
- , A_RECORD_UPDATE_DATE = NOW()
- where LOGIN = :login
- -- and ID_BILLING_USERS = :id_user
- ", [
- // ':id_user' => $userInfo['ID'],
- // ':login' => $userInfo['LOGIN'],
- ':login' => $email,
- ':hash_passwd' => md5($newPasswd),
- ]);
- }
- static function preparePanelBNAuthTables() {
- DB::getPDO()->execSql("
- CREATE TABLE IF NOT EXISTS `PANEL_KLIENTA_BN_AUTH` (
- `ID` int(11) NOT NULL AUTO_INCREMENT,
- `ID_BILLING_USERS` int(11) NOT NULL,
- `LOGIN` varchar(255) NOT NULL DEFAULT '',
- `PASSWD` varchar(32) NOT NULL DEFAULT '',
- `REMIND_PASS_KEY` varchar(16) NOT NULL DEFAULT '',
- `REMIND_PASS_VALID_TILL` date NOT NULL DEFAULT '0000-00-00',
- `A_ADM_COMPANY` varchar(64) NOT NULL DEFAULT '',
- `A_CLASSIFIED` varchar(64) NOT NULL DEFAULT '',
- `A_RECORD_CREATE_DATE` datetime NOT NULL,
- `A_RECORD_CREATE_AUTHOR` varchar(20) NOT NULL DEFAULT '',
- `A_RECORD_UPDATE_DATE` datetime NOT NULL,
- `A_RECORD_UPDATE_AUTHOR` varchar(20) NOT NULL DEFAULT '',
- PRIMARY KEY (`ID`),
- UNIQUE KEY `COMPANY_LOGIN` (`LOGIN`, `ID_BILLING_USERS`)
- ) ENGINE=MyISAM DEFAULT CHARSET=latin2 ;
- ");
- DB::getPDO()->execSql("
- CREATE TABLE IF NOT EXISTS `PANEL_KLIENTA_BN_AUTH_HIST` (
- `ID` int(11) NOT NULL AUTO_INCREMENT,
- `ID_USERS2` int(11) NOT NULL,
- `ID_BILLING_USERS` varchar(11) NOT NULL DEFAULT 'N/S;',
- `LOGIN` varchar(255) NOT NULL DEFAULT 'N/S;',
- `PASSWD` varchar(32) NOT NULL DEFAULT 'N/S;',
- `REMIND_PASS_KEY` varchar(16) NOT NULL DEFAULT 'N/S;',
- `REMIND_PASS_VALID_TILL` varchar(10) NOT NULL DEFAULT 'N/S;',
- `A_ADM_COMPANY` varchar(64) NOT NULL DEFAULT 'N/S;',
- `A_CLASSIFIED` varchar(64) NOT NULL DEFAULT 'N/S;',
- `A_RECORD_CREATE_DATE` varchar(10) NOT NULL DEFAULT 'N/S;',
- `A_RECORD_CREATE_AUTHOR` varchar(20) NOT NULL DEFAULT 'N/S;',
- `A_RECORD_UPDATE_DATE` varchar(10) NOT NULL DEFAULT 'N/S;',
- `A_RECORD_UPDATE_AUTHOR` varchar(20) NOT NULL DEFAULT 'N/S;',
- PRIMARY KEY (`ID`),
- KEY `ID_USERS2` (`ID_USERS2`)
- ) ENGINE=MyISAM DEFAULT CHARSET=latin2 ;
- ");
- }
- }
|