obtenerUsuarioxId($_SESSION['usersession']['iduser']);
$datos_session_validados = $session->validarSession($_SESSION['usersession']['iduser']);
$datos_usuario = $datos_validados->fetch();
$datos_session = $datos_session_validados->fetch();
if(is_array($datos_usuario) && is_array($datos_session) && ($datos_usuario['usertype'] == 2) ){
//$resultado_log = $items->registrarLogIngreso($datos_usuario["id_usu"]); ///???
require 'components'.DS.'com_messages'.DS.'models'.DS.'MailBoxesModel.php';
//creamos una clase del tipo Datetime para registrar la hora de ingreso.
$date_last_activity = new DateTime(date("Y-m-d H:i:s"));
$mailbox = new MailBoxesModel();
$rs_boxes = $mailbox->getMailBoxesSystem($datos_usuario['iduser']);
$idtypemb = 1;
$rsMailBox = $mailbox->getMailBoxType($datos_usuario['iduser'], $idtypemb);
$datosMailBox = $rsMailBox->fetch();
$lista_mensajes = $mailbox->getMessagesNoRead($datosMailBox['idmailbox']);
$idmailbox = $datosMailBox['idmailbox'];
$_SESSION['usersession']['attempt'] = 0;
$_SESSION['usersession']['iduser'] = $datos_usuario['iduser'];
$_SESSION['usersession']['date_last_activity'] = $date_last_activity->format("Y-m-d H:i:s") ;
$_SESSION['usersession']['idsession'] = $datos_session['idsession'];
$datos['idsession'] = $datos_session['idsession'];
$datos['date_last_activity'] = $date_last_activity->format("Y-m-d H:i:s") ;
if($datos_usuario['state'] == 1){
$data['datos_usuario'] = $datos_usuario;
$data['inicio'] = 0;
$data['rs_boxes'] = $rs_boxes;
$data['lista_mensajes'] = $lista_mensajes;
$data['idmailbox'] = $idmailbox;
$data['title'] = "Welcome";
$data['content'] = "components".DS."com_users".DS."views".DS."home.php";
$this->view->show("template.php", $data);
}else{
$data = array();
$data['xin'] = '';
$data['forget'] = 'no';
$data['force'] = 'yes';
$this->view->show("usersNewPasswordForm.php", $data);
}
}else{
$data = array();
$data['title'] = "Welcome";
//$this->view->show("login.php", $data);
$this->view->show("template.php", $data);
}
}else{
$data = array();
$data['title'] = "Welcome";
$data['content'] = "components".DS."com_users".DS."views".DS."home.php";
//$this->view->show("login.php", $data);
$this->view->show("template.php", $data);
}
}
public function validarUsuario(){
//obtener el tiempo de bloqueo del navegador :: intervalo de bloqueo
$valor_intervalo = 1;
$intervalo = 'PT'.$valor_intervalo.'M';
$tiempo_bloqueo = new DateInterval($intervalo); //minutos
if(isset($_SESSION['usersession']['timebadlogin'])){
$valor_timebadlogin = $_SESSION['usersession']['timebadlogin'];
$timebadlogin = new DateTime($valor_timebadlogin);
date_add($timebadlogin, $tiempo_bloqueo);
$timeactual = new DateTime(date("Y-m-d H:i:s"));
if($timeactual > $timebadlogin){
$_SESSION['usersession']['disabled'] = false;
$_SESSION['usersession']['attempt'] = 0;
unset($_SESSION['usersession']['timebadlogin']);
}
}
require 'models/UsersModel.php';
$user = new UsersModel();
$session = new SessionsModel();
$username = $_REQUEST["usuario"];
$password = $_REQUEST["passwd"];
if( (@$_SESSION['usersession']['attempt'] < 3) && ( @!$_SESSION['usersession']['disabled'] ) ){
//echo "no estamos bloqueados";
//Evaluamos el estado del usuario (ACTIVO , BLOQUEADO, ELIMINADO)
$estado_usuario = $user->obtenerEstadoUsuario($username);
$datos_usuario = "";
if(($estado_usuario == "ACTIVE") || ($estado_usuario == "FLOGIN") || ($estado_usuario == "RESET") ){
$flag_activo = true;
$rs_usuario = $user->validarAdministrador($username,$password);
$datos_usuario = $rs_usuario->fetch();
}else{
$flag_activo = false;
}
if(@is_array($datos_usuario)){
$_SESSION["usersession"]["firstname"] = $datos_usuario['firstname'];
$_SESSION["usersession"]["lastname"] = $datos_usuario['lastname'];
$_SESSION["usersession"]["photo"] = $datos_usuario['photo'];
require 'components'.DS.'com_messages'.DS.'models'.DS.'MailBoxesModel.php';
$date_session = new DateTime(date('Y-m-d H:i:s'));
$date_last_activity = new DateTime(date("Y-m-d H:i:s"));
//$resultado_log = $items->registrarLogIngreso($datos_usuario["id_usu"]);
$mailbox = new MailBoxesModel();
$rs_boxes = $mailbox->getMailBoxesSystem($datos_usuario['iduser']);
//Coloca los idmailbox dentro de variables de session
$rs_mnuboxes = $mailbox->getIDMailBoxesSystem($datos_usuario['iduser']);
$mnuBoxes = $rs_mnuboxes->fetchAll();
$idtypemb = 1;
$rsMailBox = $mailbox->getMailBoxType($datos_usuario['iduser'], $idtypemb);
$datosMailBox = $rsMailBox->fetch();
$lista_mensajes = $mailbox->getMessagesNoRead($datosMailBox['idmailbox']);
$idmailbox = $datosMailBox['idmailbox'];
$_SESSION['usersession']['attempt'] = 0;
$_SESSION['usersession']['iduser'] = $datos_usuario['iduser'];
$_SESSION['usersession']['client_ip'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['usersession']['date_session'] = $date_session->format('Y-m-d H:i:s');
$_SESSION['usersession']['date_last_activity'] = $date_last_activity->format("Y-m-d H:i:s");
$_SESSION['usersession']['state'] = 1;
//coloca los idmailbox dentro de la variable de session
$_SESSION['usersession']['inbox'] = $mnuBoxes[0]['idmailbox'];//Inbox
$_SESSION['usersession']['sent'] = $mnuBoxes[1]['idmailbox'];//Sent
$_SESSION['usersession']['trash'] = $mnuBoxes[2]['idmailbox'];//Trash
//Se guarda la informacion en la BD
$datos['idsession'] = "";
$datos['iduser'] = $datos_usuario['iduser'];
$datos['client_ip'] = $_SERVER['REMOTE_ADDR'];
$datos['date_session'] = $date_session->format('Y-m-d H:i:s');
$datos["date_last_activity"] = $date_last_activity->format("Y-m-d H:i:s") ;
$datos['state'] = 1;
//insertamos la sesion
$rs_session = $session->setUserSession($datos);
//tomando id session
$rs_session = $session->validarSession($datos_usuario['iduser']);
$datos_session = $rs_session->fetch();
$_SESSION['usersession']['idsession'] = $datos_session['idsession'];
//Se evalua el estado del usuario. segun este se determina si necesita actualizar password ::05MAY2010::20100505
if($datos_usuario['state'] == 1){
$data['datos_usuario'] = $datos_usuario;
$data['inicio'] = 0;
$data['rs_boxes'] = $rs_boxes; //NOE MEDINA ARCE 11MAY2010
$data['lista_mensajes'] = $lista_mensajes; //NOE MEDINA ARCE 11MAY2010
$data['idmailbox'] = $idmailbox; //NOE MEDINA ARCE 11MAY2010
$data['content'] = "components".DS."com_users".DS."views".DS."home.php";
$this->view->show("template.php", $data);
}else{
$data = array();
$data['xin'] = '';
$data['forget'] = 'no';
$data['force'] = 'yes';
$this->view->show("usersNewPasswordForm.php", $data);
}
}else{
if($flag_activo){
if (!isset($_SESSION['usersession'])) {
$_SESSION['usersession'] = array();
$_SESSION['usersession']['attempt'] = 1;
}else{
if (!isset($_SESSION['usersession']['attempt'])) {
$_SESSION['usersession']['attempt'] = 1;
}else{
$_SESSION['usersession']['attempt']++;
}
}
//Pasamos a la vista toda la informacion que se desea representar
$data['titulo'] = "Error user login / password";
$data['mensaje'] = "Error user login / password";
}else{
if($estado_usuario == "BLOQUEADO"){
$data['titulo'] = "Error:: User ".strtolower($estado_usuario);
$data['mensaje'] = "Login is disabled by excesses of failed attempts. Contact your 'System Administrator' to solve the problem";
}else{
if (!isset($_SESSION['usersession'])) {
$_SESSION['usersession'] = array();
$_SESSION['usersession']['attempt'] = 1;
}else{
if (!isset($_SESSION['usersession']['attempt'])) {
$_SESSION['usersession']['attempt'] = 1;
}else{
$_SESSION['usersession']['attempt']++;
}
}
$data['titulo'] = "Error user login / password";
$data['mensaje'] = "Error user login / password";
}
}
//Finalmente presentamos nuestra plantilla
$this->view->show("login.php", $data);
}
}else{
//EXCESO DE INTENTOS
$timebadlogin = new DateTime(date('Y-m-d H:i:s'));
$rs_usuario = $user->obtenerUsuarioxUsername($username);
$datos_usuario = $rs_usuario->fetch();
if(is_array($datos_usuario) && @!$_SESSION['usersession']['disabled']){
$rs_bloqueo = $user->bloquearUsuario($datos_usuario['iduser']);
$data['titulo'] = "Failed attempts excess";
$data['mensaje'] = "You have exceeded the number of attempts.
User blocked";
$_SESSION['usersession']['attempt'] = 0;
}else{
//deshabilitar logueo por determinado tiempo
$data['titulo'] = "Failed attempts excess";
$data['mensaje'] = "You have exceeded the number of attempts.
Try again in".$valor_intervalo." minutes";
//establecemos la variable que maneje el tiempo de espera
$_SESSION['usersession']['disabled'] = true;
if(!isset($_SESSION['usersession']['timebadlogin'])){
$_SESSION['usersession']['timebadlogin'] = $timebadlogin->format('Y-m-d H:i:s');
}
}
$this->view->show("errorLogin.php", $data);
}
}
public function logout(){
//@print_r($_SESSION['usersession']);
$session = new SessionsModel();
$rs_datos_session = $session->validarSession(@$_SESSION['usersession']['iduser']);
//print_r($rs_datos_session);
$datos_session = $rs_datos_session->fetch();
$date_last_activity = new DateTime(date("Y-m-d H:i:s"));
//establecemos el arreglo datos.
$datos['date_last_activity'] = $date_last_activity->format('Y-m-d H:i:s');
$datos['idsession'] = $datos_session['idsession'];
$rs = $session->setInactive($datos);
unset($_SESSION['usersession']);
session_destroy();
$data = array();
$this->view->show("logout.php", $data);
}
public function getRememberPasswordForm(){
$data = array();
$this->view->show("password.php", $data);
}
public function sendPasswordLink(){
require 'models/UsersModel.php';
$user = new UsersModel();
$username = $_REQUEST["usuario"];
$rs_usuario = $user->obtenerUsuarioxUsername($username);
$datos_usuario = $rs_usuario->fetch();
if(is_array($datos_usuario)){
$servername = $_SERVER['SERVER_NAME'];
$usernamemd5 = md5($datos_usuario['username']);
$link = 'http://'.$servername.'/?controller=Users&action=getNewPasswordForm&xin='.$usernamemd5.'&forget=yes';
$contenido = '';
$destinatario = "nmedina79@gmail.com";
$asunto = "Este mensaje es de prueba";
$cuerpo = '
Bienvenidos a mi correo electronico de prueba. Estoy encantado de tener tantos lectores. Este cuerpo del mensaje es del articulo de envio de mails por PHP. Habria que cambiarlo para poner tu propio cuerpo. Por cierto, cambia tambien las cabeceras del mensaje.
enlace : '.$link.'
";
echo "Mailer Error: " . $mail->ErrorInfo;
exit;
}
echo "Message has been sent";
*/
}else{
$mensaje = " User doesn't exist.";
}
$data = array();
$data['mensaje'] = $mensaje;
$data['link'] = $link;
$this->view->show("password.php", $data);
}
public function getNewPasswordForm(){
(!empty($_REQUEST['forget']))?$forget = $_REQUEST['forget']:$forget='no';
(!empty($_REQUEST['xin']))?$xin = $_REQUEST['xin']:$xin='';
(!empty($_REQUEST['force']))?$force = $_REQUEST['force']:$force='yes';
//@$forget = $_REQUEST['forget'];
//@$xin = $_REQUEST['xin'];
$data = array();
$data['forget'] = $forget;
$data['force'] = $force;
$data['xin'] = $xin;
//echo $data['force'];
$this->view->show("usersNewPasswordForm.php", $data);
}
public function passwordUpdate(){
$datos = $_REQUEST['datos'];
(!empty($_REQUEST['forget']))?$forget = $_REQUEST['forget']:$forget='no';
(!empty($_REQUEST['usernamemd5']))?$usernamemd5 = $_REQUEST['xin']:$usernamemd5='';
(!empty($_REQUEST['force']))?$force = $_REQUEST['force']:$force='';
//@$forget = $_REQUEST['forget'];
//@$usernamemd5 = $_REQUEST['xin'];
//@$force = $_REQUEST['force'];
//print_r($datos);
require 'models/UsersModel.php';
$user = new UsersModel();
if( $datos['new_password'] == $datos['new_password_again']){
if($forget == 'yes'){
//echo $usernamemd5;
$rs_usuario = $user->obtenerUsuarioxUsernameMD5($usernamemd5);
//print_r($rs_usuario);
$datos_usuario = $rs_usuario->fetch();
$iduser = $datos_usuario['iduser'];
$password = $datos['new_password'];
$rs_updatePassword = $user->setNewPassword($iduser,$password);
//print_r($rs_updatePassword);
$data['xin'] = $usernamemd5;
$data['forget'] = $forget;
$data['force'] = $force;
$data['mensaje'] = ' your password has been updated
next';
unset($_SESSION['sessionuser']);
$this->view->show("usersNewPasswordForm.php", $data);
}else{
if(!empty($datos['current_password'])){
//validarAdministrador($username,$password)
if(!empty($_SESSION['usersession']['iduser'])){
$iduser = $_SESSION['usersession']['iduser'];
$password = $datos['new_password'];
$rs_usuario = $user->obtenerUsuarioxId($iduser);
$datos_usuario = $rs_usuario->fetch();
//validamos la existencia del usuario
$username = $datos_usuario['username'];
$current_password = $datos['current_password'];//
$rs_validado = $user->validarAdministrador($username,$current_password);
$datos_validado = $rs_validado->fetch();
if(is_array($datos_validado)){
//actualizamos el nuevo password
$rs_updatePassword = $user->setNewPassword($iduser,$password);
//cambiar el estado del usuario
$rs_updatePassword = $user->setActive($iduser);
unset($_SESSION['usersession']);
$data = array();
$data['forget'] = $forget;
$data['mensaje'] = ' your password has been updated
continuar';
$this->view->show("usersNewPasswordForm.php", $data);
}else{
$data['mensaje'] = ' your current password is invalid ';
$this->view->show("usersNewPasswordForm.php", $data);
}
}else{
$data['mensaje'] = ' you have not started your user session.
';
$this->view->show("login.php", $data);
}
}else{
//$data['xin'] = $usernamemd5;
//$data['forget'] = $forget;
$data['mensaje'] = ' did not enter the current password ';
$this->view->show("usersNewPasswordForm.php", $data);
}
}
}else{
$data['xin'] = $usernamemd5;
$data['forget'] = $forget;
$data['mensaje'] = 'the new password entered does not match';
$this->view->show("usersNewPasswordForm.php", $data);
}
}
//JASYRC 06MAY2010
public function getUsers(){
require 'models/UsersModel.php';
$users = new UsersModel();
if(!empty($_REQUEST['inicio'])){
$inicio = $_REQUEST['inicio'];
}else{
$inicio = 0;
}
$tamanio = 15;
$parametros = array("inicio" => $inicio, "tamanio" => $tamanio);
list($list_users, $paginas, $navegador) = $users->getUsers($parametros);
$data['listUsers'] = $list_users;
$data['paginas'] = $paginas;
$data['navegador'] = $navegador;
$data['inicio'] = $inicio;
$data['content'] = "components".DS."com_users".DS."views".DS."listUsers.php";
$this->view->show("template.php", $data);
}
//JASYRC 06MAY2010
public function newUser(){
if(!empty($_REQUEST['message'])){
$message = $_REQUEST['message'];
}else{
$message = "";
}
$data['message'] = $message;
$data['content'] = "components".DS."com_users".DS."views".DS."newUser.php";
$this->view->show("template.php", $data);
}
//JASYRC 07MAY2010 - FECHA DE DESARROLLO
//JASYRC 11MAY2010 - FECHA DE ACTUALIZACION
public function addUser(){
require 'models/UsersModel.php';
//Creamos una instancia de nuestro "modelo"
$user = new UsersModel();
//tomamos las variables usuario y password
$data_user = $_REQUEST["data_user"];
$data_user['username'] = $_REQUEST["newusername"];
$data_user['password'] = md5($_REQUEST["newpasswd"]);
$data_user['email'] = $_REQUEST["txt_email"];
$data_user['usertype'] = 1;
$data_user['state'] = 4;
$urlphoto = "avatar.jpg";
$url = explode(DS, trim(dirname(__DIR__)));
array_pop($url);
array_pop($url);
array_pop($url);
array_pop($url);
$path = implode(DS, $url);
$flag = FALSE;
$result = $user->getAllUsers();
$data_list = $result->fetchAll();
foreach($data_list as $userdata){
if(strtolower($data_user['username']) == strtolower($userdata['username'])){$flag = TRUE; break;}
}
if($flag === FALSE){
if($_FILES['fphoto']['tmp_name'] != ""){
if (is_uploaded_file($_FILES['fphoto']['tmp_name'])){
$psize = $_FILES ['fphoto']['size'];
$pname = $_FILES ['fphoto']['name'];
$type = substr( $pname, strlen($pname)-4);
if($type==".jpg" || $type==".gif" || $type==".png" || $type==".JPG" || $type==".GIF" || $type==".PNG"){
copy($_FILES['fphoto']['tmp_name'], $path.DS."files".DS."photos".DS.$username.$type);
$urlphoto = "photos".DS.$username.$type;
}else{
$mensaje_upload = ". Uploaded failed: No image file.";// error por tipo
}
}else{
$mensaje_upload = ". Uploaded failed.";// error por tamanio
}
}else{
$mensaje_upload = "Error: Uploaded failed.";
}
$data_user['photo'] = $urlphoto;
list($result, $id, $message) = $user->addItem($data_user);
$url = 'index.php?option=com_users&controller=Users&action=getUsers';
}else{
$message = "Error::: Username unavailable.";
$url = 'index.php?option=com_users&controller=Users&action=newUser&message='.$message;
}
header("location: ".$url);
exit();
}
//JASYRC 06MAY2010
public function editUser(){
require 'models/UsersModel.php';
$user = new UsersModel();
$iduser = $_REQUEST['user'];
$newuser = $user->editUser($iduser);
$method = "edit";
$data['usuario'] = $newuser->fetch();
$data['edit'] = true;
$data['method'] = $method;
$data['iduser'] = $iduser;
$data['content'] = "components".DS."com_users".DS."views".DS."editUser.php";
$this->view->show("template.php", $data);
}
//JASYRC 10NOV2010
public function view(){
require 'models/UsersModel.php';
$user = new UsersModel();
$iduser = $_REQUEST['user'];
$newuser = $user->editUser($iduser);
$method = "view";
$data['usuario'] = $newuser->fetch();
$data['edit'] = false;
$data['method'] = $method;
$data['iduser'] = $iduser;
$data['content'] = "components".DS."com_users".DS."views".DS."editUser.php";
$this->view->show("template.php", $data);
}
//JASYRC 07MAY2010
public function updateUser(){
require 'models/UsersModel.php';
$user = new UsersModel();
$iduser = $_REQUEST['iduser'];
$firstname = $_REQUEST['firstname'];
$lastname = $_REQUEST['lastname'];
$state = $_REQUEST['state'];
$edituser = $user->updateUser($iduser, $firstname, $lastname, $state);
$data['url'] = '?controller=Users&action=getUsers';
$this->view->show("actualizar.php", $data);
}
//JASYRC 07MAY2010
public function remove(){
require 'models/UsersModel.php';
$user = new UsersModel();
$iduser = $_REQUEST['user'];
$data_user['state'] = 3;
$user->setIdValue($iduser);
//list($result, $message) = $user->DeleteItem();
list($result, $message) = $user->UpdateItem($data_user);
$url = 'index.php?option=com_users&controller=Users&action=getUsers';
header("location: ".$url);
exit();
}
//JASYRC 07MAY2010 - FECHA DE DESARROLLO
//JASYRC 10MAY2010 - FECHA DE ACTUALIZACION
public function searchUser(){
require 'models/UsersModel.php';
//Creamos una instancia de nuestro "modelo"
$user = new UsersModel();
$username = $_REQUEST['value'];
$newuser = $user->searchUserbyUName($username);
$usuario = $newuser->fetch();
if(!is_array($usuario)){
$generatePassword = substr(md5($username.time('YmdHis')),0,5);
}
$data['username'] = $username;
$data['usuario'] = $usuario;
@$data['key'] = $generatePassword;
$this->view->show("searchUser.php", $data);
}
public function changePasswd(){
require 'models/UsersModel.php';
$iduser = $_REQUEST['iduser'];
$datos['oldpasswd'] = $_REQUEST['oldpasswd'];
$datos['newpasswd'] = $_REQUEST['newpasswd'];
$datos['check_password'] = $_REQUEST['retypepasswd'];
$user = new UsersModel();
$result = $user->getPasswd($iduser);
$data_model = $result->fetch();
$db_old_passwd = $data_model[0];
if($db_old_passwd == md5($datos['oldpasswd'])){
$rsUpdPasswd = $user->setNewPassword($iduser, $datos['newpasswd']);
if($rsUpdPasswd) $message = "Password updated...";
else $message = "Error updating password...";
}
$url = 'index.php?controller=Users&action=editUser&user='.$iduser.'&message='.$message;
header("location: ".$url);
exit();
}
}
?>