Source of file ProtectedMiniSite.php
Size: 6,936 Bytes - Last Modified: 2021-12-24T05:19:21+00:00
/var/www/docs.ssmods.com/process/src/code/ProtectedMiniSite.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213 | <?php class ProtectedMiniSiteUser extends DataObject { private static $db = array( 'Username' => 'Varchar(255)', 'Password' => 'Varchar(255)', 'UniqueHash' => 'Varchar(32)', 'AccessPageIDs' => 'Text' ); private static $has_one = array( 'ProtectedMiniSite' => 'ProtectedMiniSite' ); private static $summary_fields = array( 'Username' => 'Username' ); public function getCMSFields() { $fields = parent::getCMSFields(); $fields->removeByName('UniqueHash'); // create a list of all child pages if ($this->ProtectedMiniSiteID) { $pagesArray = array(); $this->getPagesArray($this->ProtectedMiniSiteID, $pagesArray, 0); $fields->addFieldToTab('Root.Main', $pagesField = new CheckboxSetField('AccessPageIDs', 'Allowed Pages', $pagesArray)); $pagesField->addExtraClass('vertical'); } else { $fields->removeByName('AccessPageIDs'); $fields->addFieldToTab('Root.Main', new LiteralField('note', '<div class="field"><label class="left">Access Pages</label><div class="middleColumn">You must save once before you can select allowed pages</div></div>')); } return $fields; } public function getPagesArray($ParentID, &$pagesArray, $level) { if ($pages = DataObject::get('SiteTree', "ParentID = ".$ParentID)) { foreach ($pages as $page) { $pagesArray[$page->ID] = str_repeat("~ ", $level).$page->Title; $this->getPagesArray($page->ID, $pagesArray, $level+1); } } } public function onBeforeWrite() { parent::onBeforeWrite(); if (!$this->UniqueHash) { $this->UniqueHash = md5(strtotime('now').'|'.rand()); } } public function canCreate($member = null) { return true; } public function canDelete($member = null) { return true; } public function canEdit($member = null) { return true; } public function canView($member = null) { return true; } public function Login() { Cookie::set('_pmspu', $this->UniqueHash, 0); } public function Logout() { Cookie::set('_pmspu', false); Cookie::force_expiry('_pmspu'); } public function CanAccessPage($PageID) { $accessArray = explode(',', $this->AccessPageIDs); return in_array($PageID, $accessArray); } protected static $currentUser; public static function CurrentSecureUser() { if ((!self::$currentUser) && ($UniqueHash = Cookie::get('_pmspu'))) { self::$currentUser = DataObject::get_one('ProtectedMiniSiteUser', "UniqueHash = '".$UniqueHash."'"); } return self::$currentUser; } } class ProtectedMiniSite extends Page { private static $allowed_children = array( 'ProtectedMiniSiteChildPage' ); private static $has_many = array( 'ProtectedMiniSiteUsers' => 'ProtectedMiniSiteUser' ); public function getCMSFields() { $fields = parent::getCMSFields(); $fields->addFieldToTab('Root.Content.Users', new GridField( 'ProtectedMiniSiteUsers', 'Secure Users', $this->ProtectedMiniSiteUsers(), GridFieldConfig_RecordEditor::create()->addComponent( 'GridFieldButtonRow' ) )); return $fields; } public function FindTopParent() { return $this; } } class ProtectedMiniSite_Controller extends Page_Controller { public static $allowed_actions = array( 'login', 'SecureLoginForm', 'logout' ); public function init() { parent::init(); } public function PageCSS() { return array_merge( parent::PageCSS(), array( ViewableData::themeDir().'/css/form.css', 'iq-protectedminisite/css/pages/ProtectedMiniSite.css' ) ); } public function index() { // check if the user has access to this page if (!$user = ProtectedMiniSiteUser::CurrentSecureUser()) { return $this->redirect($this->Link('login')); } return $this; } public function SecureLoginForm() { if ($message = Session::get('FormError')) { Session::set('FormError', false); } $form = new Form( $this, 'SecureLoginForm', new FieldList( new LiteralField('message', ($message) ? '<p class="form-error">'.$message.'</p>' : null), new TextField('Username', 'Username'), new PasswordField('Password', 'Password') ), new FieldList( new FormAction('doProtectedPagesLogin', 'Login') ), new RequiredFields( array('Username', 'Password') ) ); $this->extend('updateSecureLoginForm', $form); return $form; } public function doProtectedPagesLogin($data, $form) { if (empty($data['Username']) || empty($data['Password'])) { return $this->redirect($this->Link('login')); } if ($user = DataObject::get_one('ProtectedMiniSiteUser', "ProtectedMiniSiteID = ".$this->ID." AND Username = '".Convert::raw2sql($data['Username'])."' AND Password = '".Convert::raw2sql($data['Password'])."'")) { $user->login(); return $this->redirect($this->Link()); } Session::set('FormError', 'Invalid Username/Password'); return $this->redirect($this->Link('login')); } public function logout() { if ($user = ProtectedMiniSiteUser::CurrentSecureUser()) { $user->Logout(); } return $this->redirect($this->Link()); } } |