obtenerUsuarioxId($_SESSION['usersession']['iduser']); $datos_session_validados = $session->validarSession($_SESSION['usersession']['iduser']); $datos_usuario = $datos_validados->fetch(); $datos_session = $datos_session_validados->fetch(); if(is_array($datos_usuario) && is_array($datos_session) && ($datos_usuario['usertype'] == 2) ){ //$resultado_log = $items->registrarLogIngreso($datos_usuario["id_usu"]); ///??? //require 'components'.DS.'com_messages'.DS.'models'.DS.'MailBoxesModel.php'; $date_last_activity = new DateTime(date("Y-m-d H:i:s")); //$mailbox = new MailBoxesModel(); //$rs_boxes = $mailbox->getMailBoxesSystem($datos_usuario['iduser']); //$idtypemb = 1; //$rsMailBox = $mailbox->getMailBoxType($datos_usuario['iduser'], $idtypemb); //$datosMailBox = $rsMailBox->fetch(); //$lista_mensajes = $mailbox->getMessagesNoRead($datosMailBox['idmailbox']); //$idmailbox = $datosMailBox['idmailbox']; $_SESSION['usersession']['attempt'] = 0; $_SESSION['usersession']['iduser'] = $datos_usuario['iduser']; $_SESSION['usersession']['date_last_activity'] = $date_last_activity->format("Y-m-d H:i:s") ; $_SESSION['usersession']['idsession'] = $datos_session['idsession']; $datos['idsession'] = $datos_session['idsession']; $datos['date_last_activity'] = $date_last_activity->format("Y-m-d H:i:s") ; if($datos_usuario['state'] == 1){ $data['datos_usuario'] = $datos_usuario; $data['inicio'] = 0; //$data['rs_boxes'] = $rs_boxes; //$data['lista_mensajes'] = $lista_mensajes; //$data['idmailbox'] = $idmailbox; $data['content'] = "components".DS."com_users".DS."views".DS."home.php"; $data['title'] = "WELCOME:::::::::::::"; $this->view->show("template.php", $data); }else{ $data = array(); $data['xin'] = ''; $data['forget'] = 'no'; $data['force'] = 'yes'; $this->view->show("usersNewPasswordForm.php", $data); } }else{ $data = array(); $this->view->show("login.php", $data); } }else{ $data = array(); $this->view->show("login.php", $data); } } public function validarUsuario(){ $valor_intervalo = 30; $intervalo = 'PT'.$valor_intervalo.'M'; $tiempo_bloqueo = new DateInterval($intervalo); //minutos if(isset($_SESSION['usersession']['timebadlogin'])){ $valor_timebadlogin = $_SESSION['usersession']['timebadlogin']; $timebadlogin = new DateTime($valor_timebadlogin); date_add($timebadlogin, $tiempo_bloqueo); $timeactual = new DateTime(date("Y-m-d H:i:s")); if($timeactual > $timebadlogin){ $_SESSION['usersession']['disabled'] = false; $_SESSION['usersession']['attempt'] = 0; unset($_SESSION['usersession']['timebadlogin']); } } require 'components'.DS.'com_users'.DS.'models'.DS.'UsersModel.php'; $user = new UsersModel(); $session = new SessionsModel(); $username = $_REQUEST["username"]; $password = $_REQUEST["passwd"]; if( (@$_SESSION['usersession']['attempt'] < 3) && ( @!$_SESSION['usersession']['disabled'] ) ){ $datos_usuario = ""; $rs_usuario = $user->validateUsers($username,$password); $datos_usuario = $rs_usuario->fetch(); if(@is_array($datos_usuario)){ $_SESSION["usersession"]["iduser"] = $datos_usuario['iduser']; $_SESSION["usersession"]["username"] = $datos_usuario['username']; $_SESSION["usersession"]["firstname"] = $datos_usuario['firstname']; $_SESSION["usersession"]["lastname"] = $datos_usuario['lastname']; $_SESSION["usersession"]["photo"] = $datos_usuario['photo']; $_SESSION["usersession"]["type"] = $datos_usuario['usertype']; $date_session = new DateTime(date('Y-m-d H:i:s')); $date_last_activity = new DateTime(date("Y-m-d H:i:s")); $datos['idsession'] = ""; $datos['iduser'] = $datos_usuario['iduser']; $datos['client_ip'] = $_SERVER['REMOTE_ADDR']; $datos['date_session'] = $date_session->format('Y-m-d H:i:s'); $datos['date_last_activity'] = $date_last_activity->format("Y-m-d H:i:s") ; $datos['state'] = 1; list($rs_session, $idsession, $message) = $session->addItem($datos); $_SESSION['usersession']['idsession'] = $idsession; $_SESSION['usersession']['attempt'] = 0; $_SESSION['usersession']['client_ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['usersession']['date_session'] = $date_session->format('Y-m-d H:i:s'); $_SESSION['usersession']['date_last_activity'] = $date_last_activity->format("Y-m-d H:i:s"); $_SESSION['usersession']['state'] = 1; //coloca los idmailbox dentro de la variable de session //$_SESSION['usersession']['inbox'] = $mnuBoxes[0]['idmailbox'];//Inbox $_SESSION['usersession']['inbox'] = 1;//Inbox //$_SESSION['usersession']['sent'] = $mnuBoxes[1]['idmailbox'];//Sent $_SESSION['usersession']['sent'] = 2;//Sent //$_SESSION['usersession']['trash'] = $mnuBoxes[2]['idmailbox'];//Trash $_SESSION['usersession']['trash'] = 3;//Trash if(($datos_usuario['state'] == 4) || ($datos_usuario['state'] == 5)){ $url = "index.php?option=com_users&controller=Users&action=getNewPasswordForm"; header("location: ".$url); exit(0); } if($datos_usuario['state'] == 2){ $data['titulo'] = "Error:: User Locked"; $data['mensaje'] = "Login is disabled by excesses of failed attempts. Contact your 'System Administrator' to solve the problem"; $this->view->show("errorLogin.php", $data); exit(0); } $flag_activo = true; //require 'components'.DS.'com_messages'.DS.'models'.DS.'MailBoxesModel.php'; //$resultado_log = $items->registrarLogIngreso($datos_usuario["id_usu"]); /* $mailbox = new MailBoxesModel(); $rs_boxes = $mailbox->getMailBoxesSystem($datos_usuario['iduser']); //Coloca los idmailbox dentro de variables de session $rs_mnuboxes = $mailbox->getIDMailBoxesSystem($datos_usuario['iduser']); $mnuBoxes = $rs_mnuboxes->fetchAll(); $idtypemb = 1; $rsMailBox = $mailbox->getMailBoxType($datos_usuario['iduser'], $idtypemb); $datosMailBox = $rsMailBox->fetch(); $lista_mensajes = $mailbox->getMessagesNoRead($datosMailBox['idmailbox']); $idmailbox = $datosMailBox['idmailbox']; */ $data['datos_usuario'] = $datos_usuario; $data['inicio'] = 0; //$data['rs_boxes'] = $rs_boxes; //$data['lista_mensajes'] = $lista_mensajes; //$data['idmailbox'] = $idmailbox; $data['content'] = "components".DS."com_users".DS."views".DS."home.php"; $data['title'] = "WELCOME:::::::::::"; $this->view->show("template.php", $data); }else{ $result = $user->obtenerUsuarioxUsername($username); $data_user = $result->fetch(); if(is_array($data_user)){ if (!isset($_SESSION['usersession'])) { $_SESSION['usersession'] = array(); $_SESSION['usersession']['attempt'] = 1; }else{ if (!isset($_SESSION['usersession']['attempt'])) { $_SESSION['usersession']['attempt'] = 1; }else{ $_SESSION['usersession']['attempt']++; } } if ($_SESSION['usersession']['attempt'] == 3){ $datos['state'] = 2; $user->setIdValue($data_user['iduser']); list($result, $message) = $user->UpdateItem($datos); $data['titulo'] = "Failed attempts excess"; $data['mensaje'] = "You have exceeded the number of attempts.
User blocked"; $this->view->show("errorLogin.php", $data); exit(0); } }else{ if (!isset($_SESSION['usersession'])) { $_SESSION['usersession'] = array(); $_SESSION['usersession']['attempt'] = 1; }else{ if (!isset($_SESSION['usersession']['attempt'])) { $_SESSION['usersession']['attempt'] = 1; }else{ $_SESSION['usersession']['attempt']++; } } $data['titulo'] = "Error user login / password"; $data['mensaje'] = "Error user login / password"; //Finalmente presentamos nuestra plantilla $this->view->show("errorLogin.php", $data); exit(0); } } }else{ //EXCESO DE INTENTOS $timebadlogin = new DateTime(date('Y-m-d H:i:s')); //deshabilitar logueo por determinado tiempo $data['titulo'] = "Failed attempts excess"; $data['mensaje'] = "You have exceeded the number of attempts.
Try again in".$valor_intervalo." minutes"; //establecemos la variable que maneje el tiempo de espera $_SESSION['usersession']['disabled'] = true; if(!isset($_SESSION['usersession']['timebadlogin'])){ $_SESSION['usersession']['timebadlogin'] = $timebadlogin->format('Y-m-d H:i:s'); } $this->view->show("errorLogin.php", $data); } } public function logout(){ //@print_r($_SESSION['usersession']); $session = new SessionsModel(); $rs_datos_session = $session->validarSession(@$_SESSION['usersession']['iduser']); //print_r($rs_datos_session); $datos_session = $rs_datos_session->fetch(); $date_last_activity = new DateTime(date("Y-m-d H:i:s")); //establecemos el arreglo datos. $datos['date_last_activity'] = $date_last_activity->format('Y-m-d H:i:s'); $datos['idsession'] = $datos_session['idsession']; $rs = $session->setInactive($datos); unset($_SESSION['usersession']); session_destroy(); $data = array(); $this->view->show("logout.php", $data); } public function getRememberPasswordForm(){ $data = array(); $this->view->show("password.php", $data); } public function sendPasswordLink(){ require 'models/UsersModel.php'; $user = new UsersModel(); $username = $_REQUEST["usuario"]; $rs_usuario = $user->obtenerUsuarioxUsername($username); $datos_usuario = $rs_usuario->fetch(); if(is_array($datos_usuario)){ $servername = $_SERVER['SERVER_NAME']; $usernamemd5 = md5($datos_usuario['username']); $link = 'http://'.$servername.'/?controller=Users&action=getNewPasswordForm&xin='.$usernamemd5.'&forget=yes'; $contenido = ''; $destinatario = "nmedina79@gmail.com"; $asunto = "Este mensaje es de prueba"; $cuerpo = ' Prueba de correo

Hola amigos!

Bienvenidos a mi correo electronico de prueba. Estoy encantado de tener tantos lectores. Este cuerpo del mensaje es del articulo de envio de mails por PHP. Habria que cambiarlo para poner tu propio cuerpo. Por cierto, cambia tambien las cabeceras del mensaje.
enlace : '.$link.'

'; //para el envio en formato HTML $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/html; charset=iso-8859-1\r\n"; //direccion del remitente $headers .= "From: Administrador \r\n"; //direccion de respuesta, si queremos que sea distinta que la del remitente $headers .= "Reply-To: deployment@epimed.com\r\n"; //ruta del mensaje desde origen a destino $headers .= "Return-path: nmedina79@gmail.com\r\n"; //direcciones que recibion copia $headers .= "Cc: deployment@epimed.com\r\n"; //direcciones que recibiron copia oculta $headers .= "Bcc: jsalyrosas@poweruptechs.com,hleon@poweruptechs.com\r\n"; if(mail($destinatario,$asunto,$cuerpo,$headers)){ $mensaje = 'An email with a link to update has been sent to your email.'; }else{ $mensaje = 'Failed to send link. Try again in a few minutes or contact your system administrator'; } try{ mail($destinatario,$asunto,$cuerpo,$headers); }catch (Exception $e){ echo 'Caught exception: ', $e->getMessage(), "\n"; } /* require("class.phpmailer.php"); $mail = new PHPMailer(); $mail->IsSMTP(); // set mailer to use SMTP $mail->Host = "smtp.innovaciencia.com;smtp.innovaciencia.com"; // specify main and backup server $mail->SMTPAuth = true; // turn on SMTP authentication $mail->Username = "jsalyrosas"; // SMTP username $mail->Password = "j05e4nt0n10"; // SMTP password $mail->From = "Admin@epimed.com"; $mail->FromName = "Admin"; $mail->AddAddress("nmedina79@gmail.com", "Josh Adams"); $mail->AddAddress("nmedina79@gmail.com"); // name is optional $mail->AddReplyTo("nmedina79@hotmail.com", "Information"); $mail->WordWrap = 50; // set word wrap to 50 characters //$mail->AddAttachment("/var/tmp/file.tar.gz"); // add attachments //$mail->AddAttachment("/tmp/image.jpg", "new.jpg"); // optional name $mail->IsHTML(true); // set email format to HTML $mail->Subject = "Here is the subject"; //$mail->Body = "This is the HTML message body in bold!".$cuerpo; $mail->Body = $cuerpo; $mail->AltBody = "This is the body in plain text for non-HTML mail clients"; if(!$mail->Send()){ echo "Message could not be sent.

"; echo "Mailer Error: " . $mail->ErrorInfo; exit; } echo "Message has been sent"; */ }else{ $mensaje = " User doesn't exist."; } $data = array(); $data['mensaje'] = $mensaje; $data['link'] = $link; $this->view->show("password.php", $data); } public function getNewPasswordForm(){ (!empty($_REQUEST['forget']))?$forget = $_REQUEST['forget']:$forget='no'; (!empty($_REQUEST['xin']))?$xin = $_REQUEST['xin']:$xin=''; (!empty($_REQUEST['force']))?$force = $_REQUEST['force']:$force='yes'; //@$forget = $_REQUEST['forget']; //@$xin = $_REQUEST['xin']; $data = array(); $data['forget'] = $forget; $data['force'] = $force; $data['xin'] = $xin; $this->view->show("change_passwd.php", $data); } public function passwordUpdate(){ $datos = $_REQUEST['datos']; (!empty($_REQUEST['forget']))?$forget = $_REQUEST['forget']:$forget='no'; (!empty($_REQUEST['usernamemd5']))?$usernamemd5 = $_REQUEST['xin']:$usernamemd5=''; (!empty($_REQUEST['force']))?$force = $_REQUEST['force']:$force=''; //@$forget = $_REQUEST['forget']; //@$usernamemd5 = $_REQUEST['xin']; //@$force = $_REQUEST['force']; //print_r($datos); require 'models/UsersModel.php'; $user = new UsersModel(); if( $datos['new_password'] == $datos['new_password_again']){ if($forget == 'yes'){ //echo $usernamemd5; $rs_usuario = $user->obtenerUsuarioxUsernameMD5($usernamemd5); //print_r($rs_usuario); $datos_usuario = $rs_usuario->fetch(); $iduser = $datos_usuario['iduser']; $password = $datos['new_password']; $rs_updatePassword = $user->setNewPassword($iduser,$password); //print_r($rs_updatePassword); $data['xin'] = $usernamemd5; $data['forget'] = $forget; $data['force'] = $force; $data['mensaje'] = ' your password has been updated
next'; unset($_SESSION['sessionuser']); $this->view->show("usersNewPasswordForm.php", $data); }else{ if(!empty($datos['current_password'])){ //validarAdministrador($username,$password) if(!empty($_SESSION['usersession']['iduser'])){ $iduser = $_SESSION['usersession']['iduser']; $password = $datos['new_password']; $rs_usuario = $user->obtenerUsuarioxId($iduser); $datos_usuario = $rs_usuario->fetch(); //validamos la existencia del usuario $username = $datos_usuario['username']; $current_password = $datos['current_password'];// $rs_validado = $user->validarAdministrador($username,$current_password); $datos_validado = $rs_validado->fetch(); if(is_array($datos_validado)){ //actualizamos el nuevo password $rs_updatePassword = $user->setNewPassword($iduser,$password); //cambiar el estado del usuario $rs_updatePassword = $user->setActive($iduser); unset($_SESSION['usersession']); $data = array(); $data['forget'] = $forget; $data['mensaje'] = ' your password has been updated
continuar'; $this->view->show("usersNewPasswordForm.php", $data); }else{ $data['mensaje'] = ' your current password is invalid '; $this->view->show("usersNewPasswordForm.php", $data); } }else{ $data['mensaje'] = ' you have not started your user session.
'; $this->view->show("login.php", $data); } }else{ //$data['xin'] = $usernamemd5; //$data['forget'] = $forget; $data['mensaje'] = ' did not enter the current password '; $this->view->show("usersNewPasswordForm.php", $data); } } }else{ $data['xin'] = $usernamemd5; $data['forget'] = $forget; $data['mensaje'] = 'the new password entered does not match'; $this->view->show("usersNewPasswordForm.php", $data); } } public function dolist(){ require 'components'.DS.'com_users'.DS.'models'.DS.'UsersModel.php'; $users = new UsersModel(); if(!empty($_REQUEST['inicio'])){ $inicio = $_REQUEST['inicio']; }else{ $inicio = 0; } $tamanio = 15; $parametros = array("inicio" => $inicio, "tamanio" => $tamanio); list($list_users, $paginas, $navegador) = $users->dolist($parametros); $data['listUsers'] = $list_users; $data['paginas'] = $paginas; $data['navegador'] = $navegador; $data['inicio'] = $inicio; $data['content'] = "components".DS."com_users".DS."views".DS."dolist.php"; $data['title'] = "USUARIOS::::::::::::"; $this->view->show("template.php", $data); } public function newUser(){ if(!empty($_REQUEST['message'])){ $message = $_REQUEST['message']; }else{ $message = ""; } $data['message'] = $message; $data['content'] = "components".DS."com_users".DS."views".DS."newUser.php"; $data['title'] = "NEW USER:::::"; $this->view->show("template.php", $data); } public function addUser(){ require 'components'.DS.'com_users'.DS.'models'.DS.'UsersModel.php'; $user = new UsersModel(); $data_user = $_REQUEST["data_user"]; $data_user['username'] = $_REQUEST["newusername"]; $data_user['password'] = md5($_REQUEST["newpasswd"]); $data_user['email'] = $_REQUEST["txt_email"]; $data_user['usertype'] = 1; $data_user['state'] = 4; $urlphoto = "avatar.jpg"; $url = explode(DS, trim(dirname(__DIR__))); array_pop($url); array_pop($url); array_pop($url); array_pop($url); $path = implode(DS, $url); $flag = FALSE; $result = $user->getAllUsers(); $data_list = $result->fetchAll(); foreach($data_list as $userdata){ if(strtolower($data_user['username']) == strtolower($userdata['username'])){$flag = TRUE; break;} } if($flag === FALSE){ if($_FILES['fphoto']['tmp_name'] != ""){ if (is_uploaded_file($_FILES['fphoto']['tmp_name'])){ $psize = $_FILES ['fphoto']['size']; $pname = $_FILES ['fphoto']['name']; $type = substr( $pname, strlen($pname)-4); if($type==".jpg" || $type==".gif" || $type==".png" || $type==".JPG" || $type==".GIF" || $type==".PNG"){ copy($_FILES['fphoto']['tmp_name'], $path.DS."files".DS."photos".DS.$username.$type); $urlphoto = "photos".DS.$username.$type; }else{ $mensaje_upload = ". Uploaded failed: No image file.";// error por tipo } }else{ $mensaje_upload = ". Uploaded failed.";// error por tamanio } }else{ $mensaje_upload = "Error: Uploaded failed."; } $data_user['photo'] = $urlphoto; list($result, $id, $message) = $user->addItem($data_user); $url = 'index.php?option=com_users&controller=Users&action=dolist'; }else{ $message = "Error::: Username unavailable."; $url = 'index.php?option=com_users&controller=Users&action=newUser&message='.$message; } header("location: ".$url); exit(); } public function editUser(){ require 'components'.DS.'com_users'.DS.'models'.DS.'UsersModel.php'; $user = new UsersModel(); $iduser = $_REQUEST['user']; $newuser = $user->editUser($iduser); $method = "edit"; $data['usuario'] = $newuser->fetch(); $data['edit'] = true; $data['method'] = $method; $data['iduser'] = $iduser; $data['content'] = "components".DS."com_users".DS."views".DS."editUser.php"; $data['title'] = "EDIT USER::::::::::::::::"; $this->view->show("template.php", $data); } public function view(){ require 'models/UsersModel.php'; $user = new UsersModel(); $iduser = $_REQUEST['user']; $newuser = $user->editUser($iduser); $method = "view"; $data['usuario'] = $newuser->fetch(); $data['edit'] = false; $data['method'] = $method; $data['iduser'] = $iduser; $data['content'] = "components".DS."com_users".DS."views".DS."editUser.php"; $this->view->show("template.php", $data); } public function updateUser(){ require 'components'.DS.'com_users'.DS.'models'.DS.'UsersModel.php'; $user = new UsersModel(); $iduser = $_POST['iduser']; $datos['firstname'] = $_POST['firstname']; $datos['lastname'] = $_POST['lastname']; $datos['state'] = $_POST['state']; $user->setIdValue($iduser); list($result, $message) = $user->UpdateItem($datos); $url = 'index.php?option=com_users&controller=Users&action=dolist'; header("location: ".$url); exit(); } public function remove(){ require 'models/UsersModel.php'; $user = new UsersModel(); $iduser = $_REQUEST['user']; $data_user['state'] = 3; $user->setIdValue($iduser); //list($result, $message) = $user->DeleteItem(); list($result, $message) = $user->UpdateItem($data_user); $url = 'index.php?option=com_users&controller=Users&action=getUsers'; header("location: ".$url); exit(); } public function searchUser(){ require 'models/UsersModel.php'; $user = new UsersModel(); $username = $_REQUEST['value']; $newuser = $user->searchUserbyUName($username); $usuario = $newuser->fetch(); if(!is_array($usuario)){ $generatePassword = substr(md5($username.time('YmdHis')),0,5); } $data['username'] = $username; $data['usuario'] = $usuario; @$data['key'] = $generatePassword; $this->view->show("searchUser.php", $data); } public function changePasswd(){ require 'components'.DS.'com_users'.DS.'models'.DS.'UsersModel.php'; $iduser = $_POST['iduser']; try{ if(isset ($_POST['chgPasswd'])){ $type_login = $_POST['chgPasswd']; $user = new UsersModel(); if($type_login == 4){ $datos['password'] = md5($_POST['passwd']); $datos['state'] = 1; $user->setIdValue($iduser); list($result, $message) = $user->UpdateItem($datos); $url = 'index.php?option=com_users&controller=Users&action=home'; header("location: ".$url); exit(); }else{ $oldpasswd = $_POST['oldpasswd']; $datos['password'] = $_POST['newpasswd']; $check_password = $_POST['retypepasswd']; $result = $user->getPasswd($iduser); $data_model = $result->fetch(); $db_old_passwd = $data_model[0]; if($db_old_passwd == md5($oldpasswd)){ $user->setIdValue($iduser); $datos['password'] = md5($datos['password']); list($result, $message) = $user->UpdateItem($datos); } $url = 'index.php?controller=Users&action=editUser&user='.$iduser; header("location: ".$url); exit(); } } } catch (Exception $e){ var_dump($e->getMessage()); } } public function home(){ $data['content'] = "components".DS."com_users".DS."views".DS."home.php"; $data['title'] = "WELCOME:::::::::::"; $this->view->show("template.php", $data); } } ?>