1
|
|
|
<?php |
2
|
|
|
namespace Redaxscript\Controller; |
3
|
|
|
|
4
|
|
|
use Redaxscript\Auth; |
5
|
|
|
use Redaxscript\Filter; |
6
|
|
|
use Redaxscript\Model; |
7
|
|
|
use Redaxscript\Validator; |
8
|
|
|
|
9
|
|
|
/** |
10
|
|
|
* children class to process the login request |
11
|
|
|
* |
12
|
|
|
* @since 3.0.0 |
13
|
|
|
* |
14
|
|
|
* @package Redaxscript |
15
|
|
|
* @category Controller |
16
|
|
|
* @author Henry Ruhs |
17
|
|
|
* @author Balázs Szilágyi |
18
|
|
|
*/ |
19
|
|
|
|
20
|
|
|
class Login extends ControllerAbstract |
21
|
|
|
{ |
22
|
|
|
/** |
23
|
|
|
* process the class |
24
|
|
|
* |
25
|
|
|
* @since 3.0.0 |
26
|
|
|
* |
27
|
|
|
* @return string |
28
|
|
|
*/ |
29
|
|
|
|
30
|
7 |
|
public function process() : string |
31
|
|
|
{ |
32
|
7 |
|
$postArray = $this->_normalizePost($this->_sanitizePost()); |
33
|
7 |
|
$validateArray = $this->_validatePost($postArray); |
|
|
|
|
34
|
7 |
|
$user = $this->_getUser($postArray); |
|
|
|
|
35
|
|
|
|
36
|
|
|
/* validate post */ |
37
|
|
|
|
38
|
7 |
|
if ($validateArray) |
|
|
|
|
39
|
|
|
{ |
40
|
4 |
|
return $this->_error( |
41
|
|
|
[ |
42
|
4 |
|
'route' => 'login', |
43
|
4 |
|
'message' => $validateArray |
44
|
|
|
]); |
45
|
|
|
} |
46
|
|
|
|
47
|
|
|
/* handle login */ |
48
|
|
|
|
49
|
3 |
|
if ($this->_login($user->id)) |
50
|
|
|
{ |
51
|
2 |
|
return $this->_success( |
52
|
|
|
[ |
53
|
2 |
|
'route' => 'admin', |
54
|
2 |
|
'timeout' => 0, |
55
|
2 |
|
'message' => $this->_language->get('logged_in'), |
56
|
2 |
|
'title' => $this->_language->get('welcome') |
57
|
|
|
]); |
58
|
|
|
} |
59
|
|
|
|
60
|
|
|
/* handle error */ |
61
|
|
|
|
62
|
1 |
|
return $this->_error( |
63
|
|
|
[ |
64
|
1 |
|
'route' => 'login' |
65
|
|
|
]); |
66
|
|
|
} |
67
|
|
|
|
68
|
|
|
/** |
69
|
|
|
* sanitize the post |
70
|
|
|
* |
71
|
|
|
* @since 4.0.0 |
72
|
|
|
* |
73
|
|
|
* @return array |
74
|
|
|
*/ |
75
|
|
|
|
76
|
7 |
|
protected function _sanitizePost() : array |
77
|
|
|
{ |
78
|
7 |
|
$numberFilter = new Filter\Number(); |
79
|
7 |
|
$specialFilter = new Filter\Special(); |
80
|
7 |
|
$emailFilter = new Filter\Email(); |
81
|
7 |
|
$emailValidator = new Validator\Email(); |
82
|
7 |
|
$loginValidator = new Validator\Login(); |
83
|
|
|
|
84
|
|
|
/* sanitize post */ |
85
|
|
|
|
86
|
|
|
return |
87
|
|
|
[ |
88
|
7 |
|
'email' => $emailValidator->validate($this->_request->getPost('user')) ? $emailFilter->sanitize($this->_request->getPost('user')) : null, |
|
|
|
|
89
|
7 |
|
'user' => $loginValidator->validate($this->_request->getPost('user')) ? $specialFilter->sanitize($this->_request->getPost('user')) : null, |
|
|
|
|
90
|
7 |
|
'password' => $specialFilter->sanitize($this->_request->getPost('password')), |
|
|
|
|
91
|
7 |
|
'task' => $numberFilter->sanitize($this->_request->getPost('task')), |
|
|
|
|
92
|
7 |
|
'solution' => $this->_request->getPost('solution') |
93
|
|
|
]; |
94
|
|
|
} |
95
|
|
|
|
96
|
|
|
/** |
97
|
|
|
* validate the post |
98
|
|
|
* |
99
|
|
|
* @since 3.0.0 |
100
|
|
|
* |
101
|
|
|
* @param array $postArray array of the post |
102
|
|
|
* |
103
|
|
|
* @return array |
104
|
|
|
*/ |
105
|
|
|
|
106
|
7 |
|
protected function _validatePost(array $postArray = []) : array |
107
|
|
|
{ |
108
|
7 |
|
$passwordValidator = new Validator\Password(); |
109
|
7 |
|
$captchaValidator = new Validator\Captcha(); |
110
|
7 |
|
$settingModel = new Model\Setting(); |
111
|
7 |
|
$user = $this->_getUser($postArray); |
112
|
7 |
|
$validateArray = []; |
113
|
|
|
|
114
|
|
|
/* validate post */ |
115
|
|
|
|
116
|
7 |
|
if (!$postArray['user'] && !$postArray['email']) |
117
|
|
|
{ |
118
|
1 |
|
$validateArray[] = $this->_language->get('user_empty'); |
119
|
|
|
} |
120
|
6 |
|
else if (!$user->id) |
121
|
|
|
{ |
122
|
2 |
|
$validateArray[] = $this->_language->get('user_incorrect'); |
123
|
|
|
} |
124
|
7 |
|
if (!$postArray['password']) |
125
|
|
|
{ |
126
|
1 |
|
$validateArray[] = $this->_language->get('password_empty'); |
127
|
|
|
} |
128
|
6 |
|
else if ($user->password && !$passwordValidator->validate($postArray['password'], $user->password)) |
129
|
|
|
{ |
130
|
1 |
|
$validateArray[] = $this->_language->get('password_incorrect'); |
131
|
|
|
} |
132
|
7 |
|
if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution'])) |
133
|
|
|
{ |
134
|
1 |
|
$validateArray[] = $this->_language->get('captcha_incorrect'); |
135
|
|
|
} |
136
|
7 |
|
return $validateArray; |
137
|
|
|
} |
138
|
|
|
|
139
|
|
|
/** |
140
|
|
|
* get the user |
141
|
|
|
* |
142
|
|
|
* @since 4.0.0 |
143
|
|
|
* |
144
|
|
|
* @param array $postArray array of the post |
145
|
|
|
* |
146
|
|
|
* @return object|null |
147
|
|
|
*/ |
148
|
|
|
|
149
|
7 |
|
protected function _getUser(array $postArray = []) : ?object |
150
|
|
|
{ |
151
|
7 |
|
$userModel = new Model\User(); |
152
|
7 |
|
return $userModel->getByUserOrEmail($postArray['user'], $postArray['email']); |
153
|
|
|
} |
154
|
|
|
|
155
|
|
|
/** |
156
|
|
|
* login the user |
157
|
|
|
* |
158
|
|
|
* @since 3.0.0 |
159
|
|
|
* |
160
|
|
|
* @param int $userId identifier of the user |
161
|
|
|
* |
162
|
|
|
* @return int |
163
|
|
|
*/ |
164
|
|
|
|
165
|
2 |
|
protected function _login(int $userId = null) : int |
166
|
|
|
{ |
167
|
2 |
|
$auth = new Auth($this->_request); |
168
|
2 |
|
return $auth->login($userId); |
169
|
|
|
} |
170
|
|
|
} |
171
|
|
|
|
If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check:
If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.