dbXapp 2.0
RAD, CMS, Module und Runtime-IDE fuer dbXapp
Loading...
Searching...
No Matches
login.class.php
Go to the documentation of this file.
1<?php
2namespace dbx\dbxLogin;
3
4Class login {
5
6public function run() {
7 $content=''; $ok=false; $redirect='';
8
9 $slim =dbx()->get_modul_var('slim',0);
10 dbx()->set_system_var('dbx_title','LogIn');
11 dbx()->set_system_var('dbx_page','default');
12 $form_tpl='form-login'; if ($slim) $form_tpl='form-login-slim';
13 $logout = dbx()->get_modul_var('logout', 0, 'int');
14
15 $uid =dbx()->user();
16 dbx()->debug("##user login=($uid)");
17 $do_login=1;
18 if ($do_login) {
19 $data=array(); // we need no Data
20
21 $oForm=dbx()->get_system_obj('dbxForm');
22 $oForm->init('form-login',$form_tpl);
23 $oForm->_fd = 'dbxLogin|login';
24 $oForm->_data=$data;
25 if ((string)dbx()->get_config('dbxLogin', 'register') === '1') {
26 $register_tpl = $slim ? 'login-register-link-slim' : 'login-register-link';
27 $oForm->add_obj('register_link', 'dbxLogin|' . $register_tpl);
28 } else {
29 $oForm->add_obj('register_link', 'obj-value', '');
30 }
31
32 $oForm->add_fld('username',); //#+
33 $oForm->add_fld('password'); //#+
34
35
36 $oForm->_try_reset=60; // Sec suspend * locks
37 $oForm->_try_max =93; // Count by SYS load _tpl_max_try
38 $oForm->_try_msg = $oForm->get_tpl('dbxLogin|login-maxtry-message');
39
40
41 if ($logout) {
42 $oForm->_msg_info = $oForm->get_tpl('dbxLogin|logout-success-message');
43 } else {
44 $oForm->_msg_info ="Bitte mit Benutzername und Passwort anmelden";
45 }
46 $oForm->_msg_error='Benutzername und/oder Passwort nicht gefunden';
47 if ($slim) $oForm->_tpl_form_info='';
48 dbx()->debug("dbxLogin check submit");
49 if($oForm->submit()) {
50 dbx()->debug("dbxLogin is SUBMIT");
51 if(!$oForm->errors()) {
52 dbx()->debug("dbxLogin submit no errors");
53 } else {
54 dbx()->debug("dbxLogin submit with errors",$oForm->_errors);
55 }
56
57
58
59
60 if(!$oForm->errors()) { // submit && no errors
61
62 $oDB=dbx()->get_system_obj('dbxDB');
63
64 $user =$oForm->get_post_data('username','nix','varchar|max=120');
65 $pass =$oForm->get_post_data('password','nix','varchar|max=128');
66 $rec = array();
67 $server = $oDB->get_dd_server('dbxUser');
68 $userSql = $oDB->escape($user, $server);
69 $rec = $oDB->select1('dbxUser',"(uname='$userSql' OR email='$userSql')", verify_access: 0 );
70
71 dbx()->debug("POST user=($user)",$rec);
72
73 if (is_array($rec) && (int)($rec['id'] ?? 0) > 0) {
74 if (!$this->verify_password($pass, (string)($rec['pass'] ?? ''))) {
75 $rec = array();
76 } elseif ($this->password_reset_required($rec)) {
77 $oForm->add_fld_error('username',"Benutzer ($user) muss das Passwort neu setzen.");
78 dbx()->sys_msg('security', 'login', $user, 'password reset required', $_SERVER['REMOTE_ADDR'] ?? '');
79 } elseif ((string)($rec['status'] ?? '') === '0') {
80 $oForm->add_fld_error('username',"Benutzer ($user) ist fuer den Login gesperrt.");
81 dbx()->sys_msg('security', 'login', $user, 'locked user login blocked', $_SERVER['REMOTE_ADDR'] ?? '');
82 } elseif ((int)($rec['is_confirm'] ?? 0) !== 1) {
83 dbx()->sys_msg('info', 'login', (int)$rec['id'], 'login pending email confirmation', 'user=' . $user . ' ip=' . ($_SERVER['REMOTE_ADDR'] ?? ''));
84 dbx()->login((int)$rec['id']);
85 return $this->unconfirmed_page($rec);
86 } else {
87 $ok=true;
88 }
89 }
90
91
92 if (!$ok) {
93 $rec=array();
94
95 if (!$ok) {
96 $domain = $_SERVER['SERVER_NAME'];
97 $page = dbx()->get_base_url();
98 $from = 'login@'.$domain;
99 $fromname= 'Login';
100 $subject="Wrong Login ($page) ($user)";
101 $text ="Wrong Login ($user) on $page";
102
103 //dbx_sendMail($from,$fromname,'login@dbxapp.de',$subject,$text,'text');
104 }
105 dbx()->sys_msg('warning', 'login', '', 'login failed', 'user=' . $user . ' ip=' . ($_SERVER['REMOTE_ADDR'] ?? ''));
106
107 }
108 if (!$ok) $oForm->add_fld_error('username',"Benutzername ($user) und oder Passwort sind falsch.");
109
110 if ($ok) {
111 $oForm->clear_sys();
112 $oForm->_msg_success = 'Login erfolgreich';
113 $uid = (int)$rec['id'];
114
115
116 $redirect= dbx()->get_remember_var('dbx_redir_after_login','','dbxLogin');
117 //dbx()->set_remember_var('dbx_redir_after_login','','dbxLogin');
118
119 dbx()->login($uid); // Session
120 dbx()->debug("LOGIN ($uid)");
121 dbx()->sys_msg('info', 'login', $uid, 'login successful', 'user=' . $user . ' ip=' . ($_SERVER['REMOTE_ADDR'] ?? ''));
122 $this->send_login_success_mail($rec, $user);
123 $uid=dbx()->user();
124
125 dbx()->debug("current-user=($uid)");
126
127 if (!$redirect) {
128 $admin=dbx()->can('admin');
129
130 if (!$admin) $redirect='?dbx_modul=dbxHome&dbx_ref=logout';
131 if ( $admin) $redirect='?dbx_modul=dbxAdmin&dbx_ref=logout';
132 }
133
134
135
136 }
137 } // !error()
138 } // submit()
139 $content= $oForm->run();
140 } // !$uid
141 if ($ok) {
142 $content = dbx()->get_system_obj('dbxTPL')->get_tpl('dbx|alert-success', array('msg' => 'LogIn erfolgreich.'));
143 }
144 if ($redirect) {
145 dbx()->debug("###LOGIN-REDIRECT=($redirect)###");
146 $content.=dbx()->redirect($redirect,0);
147 }
148
149
150 return $content;
151} // run()
152
153private function verify_password(string $password, string $storedHash): bool {
154 $info = password_get_info($storedHash);
155 if ($storedHash === '' || ($info['algoName'] ?? 'unknown') === 'unknown') {
156 return false;
157 }
158
159 return password_verify($password, $storedHash);
160}
161
162private function password_reset_required(array $rec): bool {
163 $settings = json_decode((string)($rec['settings'] ?? ''), true);
164 return is_array($settings) && !empty($settings['password_reset_required']);
165}
166
167private function unconfirmed_page(array $rec): string {
168 $uid = (int)($rec['id'] ?? 0);
169 dbx()->set_session_var('pending_confirm_uid', $uid, 'confirm', 'dbxLogin');
170
171 $name = trim((string)($rec['name'] ?? '') . ' ' . (string)($rec['name2'] ?? ''));
172 if ($name === '') {
173 $name = (string)($rec['uname'] ?? '');
174 }
175
176 $tpl = dbx()->get_system_obj('dbxTPL');
177 return $tpl->get_tpl('dbxLogin|login-unconfirmed', array(
178 'name' => $this->h($name),
179 'email' => $this->h((string)($rec['email'] ?? '')),
180 'token' => $this->h(dbx()->action_token('dbxLogin.resend_confirm')),
181 ));
182}
183
184private function send_login_success_mail($rec, $username) {
185 try {
186 if (!$this->mail_enabled('login_mail')) {
187 return;
188 }
189
190 $browser = dbx()->get_system_obj('dbxBrowser');
191 $to = 'leo4u@gmx.de';
192 $from = 'login@dbxapp.de';
193 $subject = 'dbxApp Login: ' . (string)$username;
194 $html = $this->login_success_mail_html($rec, $username, $browser);
195 $text = $this->login_success_mail_text($rec, $username, $browser);
196
197 dbx()->send_mail($from, $to, $subject, $html, 'html', array(), array('text' => $text));
198 } catch (\Throwable $e) {
199 dbx()->sys_msg('error', 'login', (string)($rec['id'] ?? ''), 'login mail failed', $e->getMessage());
200 }
201}
202
203private function mail_enabled($key) {
204 $value = dbx()->get_config('dbxLogin', $key);
205 $value = strtolower(trim((string)$value));
206 return !in_array($value, array('', '0', 'false', 'off', 'no'), true);
207}
208
209private function login_success_mail_html($rec, $username, $browser) {
210 $rows = array(
211 'Zeit' => date('Y-m-d H:i:s'),
212 'Benutzername' => (string)$username,
213 'User-ID' => (string)($rec['id'] ?? ''),
214 'Name' => trim((string)($rec['name'] ?? '') . ' ' . (string)($rec['name2'] ?? '')),
215 'E-Mail' => (string)($rec['email'] ?? ''),
216 'Rollen' => (string)($rec['roles'] ?? ''),
217 'Request' => (string)($_SERVER['REQUEST_URI'] ?? ''),
218 'Referer' => (string)($_SERVER['HTTP_REFERER'] ?? ''),
219 );
220
221 $browserRows = $this->browser_info_rows($browser);
222 $oTPL = dbx()->get_system_obj('dbxTPL');
223
224 return $oTPL->get_tpl('dbxLogin|mail-login-success', array(
225 'username' => $this->h($username),
226 'login_table' => $this->html_info_table($rows),
227 'browser_table' => $this->html_info_table($browserRows),
228 ));
229}
230
231private function login_success_mail_text($rec, $username, $browser) {
232 $lines = array(
233 'Erfolgreicher dbxApp Login',
234 'Zeit: ' . date('Y-m-d H:i:s'),
235 'Benutzername: ' . (string)$username,
236 'User-ID: ' . (string)($rec['id'] ?? ''),
237 'Name: ' . trim((string)($rec['name'] ?? '') . ' ' . (string)($rec['name2'] ?? '')),
238 'E-Mail: ' . (string)($rec['email'] ?? ''),
239 'Rollen: ' . (string)($rec['roles'] ?? ''),
240 'Request: ' . (string)($_SERVER['REQUEST_URI'] ?? ''),
241 '',
242 'Browser und Client:',
243 );
244
245 foreach ($this->browser_info_rows($browser) as $key => $value) {
246 $lines[] = $key . ': ' . $value;
247 }
248
249 return implode("\n", $lines);
250}
251
252private function browser_info_rows($browser) {
253 return array(
254 'IP' => (string)($browser->_ip ?? ''),
255 'Host' => (string)($browser->_host ?? ''),
256 'Browser' => (string)($browser->_name ?? ''),
257 'Version' => (string)($browser->_version ?? ''),
258 'Plattform' => (string)($browser->_platform ?? ''),
259 'Geraet' => (string)($browser->_device ?? ''),
260 'Sprache' => (string)($browser->_language ?? ''),
261 'Mobile' => !empty($browser->_mobile) ? 'Ja' : 'Nein',
262 'Tablet/iPad' => !empty($browser->_ipad) ? 'Ja' : 'Nein',
263 'Robot' => !empty($browser->_robot) ? 'Ja' : 'Nein',
264 'Fenster' => (string)($browser->_width ?? 0) . ' x ' . (string)($browser->_height ?? 0),
265 'Cookies' => !empty($browser->_cookie) ? 'Ja' : 'Nein',
266 'JavaScript' => !empty($browser->_js) ? 'Ja' : 'Nein',
267 'User-Agent' => (string)($browser->_agent ?? ($_SERVER['HTTP_USER_AGENT'] ?? '')),
268 );
269}
270
271private function html_info_table($rows) {
272 $oTPL = dbx()->get_system_obj('dbxTPL');
273 $rowHtml = '';
274
275 foreach ($rows as $key => $value) {
276 $rowHtml .= $oTPL->get_tpl('dbxLogin|mail-info-row', array(
277 'label' => $this->h($key),
278 'value' => $this->h($value),
279 ));
280 }
281
282 return $oTPL->get_tpl('dbxLogin|mail-info-table', array('rows' => $rowHtml));
283}
284
285private function h($value) {
286 return htmlspecialchars((string)$value, ENT_QUOTES, 'UTF-8');
287}
288
289} // class
DBX schema administration.
$_SERVER['REQUEST_URI']