forward('default', 'module'); } private function getUserField($fieldName, $value) { $c = new Criteria(); $c->add($fieldName, $value); return TbluserPeer::doSelectOne($c); } private function validateData($name, $email, $phone, &$error) { return ($name != null && !myUtility::validate('sfFilterValidator', $name, $error)) || ($name != null && !myUtility::validate('sfFullnameValidator', $name, $error)) || ($email != null && !myUtility::validate('sfEmailValidator', $email, $error)) || ($phone != null && !myUtility::validate('sfPhoneValidator', $phone, $error)); } private function getUserInfo($tbluser) { $result = 'us_id='.$tbluser->getUsId(); $result .= '&username='.$tbluser->getUsUsername(); $result .= '&fullname='.$tbluser->getUsFullname(); $result .= '&gender='.($tbluser->getUsSex()==1? 'male': 'female'); $result .= '&email='.$tbluser->getUsEmail(); $result .= '&phone='.$tbluser->getUSPhone(); $result .= '&school='.$tbluser->getUsSchool(); $result .= '&province='.$tbluser->getUsProvince(); return $result; } private function getLicenseLevel($tbluser) { $productId = $this->getRequestParameter('product'); $version = $this->getRequestParameter('version'); if ($productId == null) return 0; $c = new Criteria(); $c->add(TblprolicensePeer::LI_TYPE, 1); $c->add(TblprolicensePeer::LI_CUSTOMER, $tbluser->getUsId()); $c->add(TblprolicensePeer::LI_PRODUCT, $productId); $c->add(TblprolicensePeer::LI_VERSION, $version, Criteria::GREATER_EQUAL); $c->add(TblprolicensePeer::LI_EXPIREDATE, date('Y-m-d H:i:s'), Criteria::GREATER_EQUAL); $license = TblprolicensePeer::doSelectOne($c); $userdetail = TblblogcheckinfoPeer::retrieveByPk($tbluser->getUsId()); if ($license == null && $userdetail != null) { $c = new Criteria(); $c->add(TblprolicensePeer::LI_TYPE, 2); $c->add(TblprolicensePeer::LI_CUSTOMER, $userdetail->getCiSchool()); $c->add(TblprolicensePeer::LI_PRODUCT, $productId); $c->add(TblprolicensePeer::LI_VERSION, $version, Criteria::GREATER_EQUAL); $c->add(TblprolicensePeer::LI_EXPIREDATE, date('Y-m-d H:i:s'), Criteria::GREATER_EQUAL); $license = TblprolicensePeer::doSelectOne($c); } if ($license == null) return 0; return $license->getLiLevel(); } public function executeLogin() { $src = $this->getRequestParameter('src'); $token = $this->getRequestParameter('token'); $account = $this->getRequestParameter('username'); $password = $this->getRequestParameter('password'); if ($account == null || $password == null) return $this->renderText('status=1&errMsg=Not enough data'); if ($src == null || $token != md5($account.self::TOKENPW)) return $this->renderText('status=10'); $tbluser = $this->getUserField(TbluserPeer::US_USERNAME, $account); if (!$tbluser) $tbluser = $this->getUserField(TbluserPeer::US_EMAIL, $account); if (!$tbluser) $tbluser = $this->getUserField(TbluserPeer::US_PHONE, $account); if (!$tbluser) return $this->renderText('status=2&errMsg=User not found'); if ($tbluser->getUsPassword() != md5($password)) return $this->renderText('status=3&errMsg=Incorrect password'); $loginResult = $this->getUserInfo($tbluser); if ($tbluser->getUsStatus() == 0) return $this->renderText($loginResult.'&status=4&errMsg=Account is not activated'); $loginResult .= '&level='.$this->getLicenseLevel($tbluser); $loginResult .= '&status=0'; try { $this->getUser()->signIn($tbluser); } catch (Exception $e) { return $this->renderText('&status=5&errMsg='.$e->getMessage()); } $ip = myUtility::getRealIpAddr(); myUtility::log("$ip login from $src, account: $account", 'apiuser.log'); return $this->renderText($loginResult); } public function executeLogout() { $this->getUser()->signOut(); return sfView::NONE; } public function executeGetinfo() { $src = $this->getRequestParameter('src'); $us_id = $this->getRequestParameter('us_id'); $uname = $this->getRequestParameter('username'); $email = $this->getRequestParameter('email'); $phone = $this->getRequestParameter('phone'); $token = $this->getRequestParameter('token'); if ($src == null) return sfView::NONE; if ($us_id && $token==md5($us_id.self::TOKENPW)) $tbluser = $this->getUserField(TbluserPeer::US_ID, $us_id); if ($uname && $token==md5($uname.self::TOKENPW)) $tbluser = $this->getUserField(TbluserPeer::US_USERNAME, $uname); if ($email && $token==md5($email.self::TOKENPW)) $tbluser = $this->getUserField(TbluserPeer::US_EMAIL, $email); if ($phone && $token==md5($phone.self::TOKENPW)) $tbluser = $this->getUserField(TbluserPeer::US_PHONE, $phone); if ($tbluser) $result = $this->getUserInfo($tbluser); else return sfView::NONE; $ip = myUtility::getRealIpAddr(); myUtility::log("$ip get from $src".($tbluser? '': ' failed'), 'apiuser.log'); return $this->renderText($result); } public function executeUpdate() { $src = $this->getRequestParameter('src'); $us_id = $this->getRequestParameter('us_id'); $username = $this->getRequestParameter('username'); $password = $this->getRequestParameter('password'); $fullname = $this->getRequestParameter('fullname'); $gender = $this->getRequestParameter('gender'); $email = $this->getRequestParameter('email'); $phone = $this->getRequestParameter('phone'); $school = $this->getRequestParameter('school'); $province = $this->getRequestParameter('province'); $token = $this->getRequestParameter('token'); $sendmail = $this->getRequestParameter('sendmail'); $oldpass = $this->getRequestParameter('oldpass'); if ($src == null) return $this->renderText('status=10'); if ($this->validateData($fullname, $email, $phone, $error)) return $this->renderText('status=7&errMsg='.$error); if ($us_id == null) { if ($token != md5($username.self::TOKENPW)) return $this->renderText('status=10'); if (!$username || !$password || !$fullname) return $this->renderText('status=1&errMsg=Not enough data'); if ($this->getUserField(TbluserPeer::US_USERNAME, $username)) return $this->renderText('status=2&errMsg=Username has existed'); if ($this->getUserField(TbluserPeer::US_EMAIL, $email)) return $this->renderText('status=3&errMsg=Email has existed'); if ($this->getUserField(TbluserPeer::US_PHONE, $phone)) return $this->renderText('status=4&errMsg=Phone number has existed'); $tbluser = new Tbluser(); } else { if ($token != md5($us_id.self::TOKENPW)) return $this->renderText('status=10'); $tbluser = TbluserPeer::retrieveByPK($us_id); if ($tbluser == null) return $this->renderText('status=5&errMsg=User not found'); if (($username != null || $password != null) && md5($oldpass) != $tbluser->getUsPassword()) return $this->renderText('status=6&errMsg=Incorrect old password'); if ($email != null && $email != $tbluser->getUsEmail()) $tbluser->setEmailConfirm(0); if ($phone != null && $phone != $tbluser->getUsPhone()) $tbluser->setMobileConfirm(0); } if ($username != null) $tbluser->setUsUsername($username); if ($password != null) $tbluser->setUsPassword(md5($password)); if ($fullname != null) $tbluser->setUsFullname($fullname); if ($gender != null) $tbluser->setUsSex($gender=='male'? 1: 2); if ($email != null) $tbluser->setUsEmail($email); if ($phone != null) $tbluser->setUsPhone($phone); if ($school != null) $tbluser->setUsSchool($school); if ($province != null) $tbluser->setUsProvince($province); $tbluser->save(); if ($sendmail == 'true') userMessage::sendConfirmEmail($this->tbluser, $password); $ip = myUtility::getRealIpAddr(); $act = ($us_id == null? 'create': 'update'); myUtility::log("$ip $act from $src".($tbluser? '': ' failed'), 'apiuser.log'); return $this->renderText('status=0&id='.$tbluser->getUsId()); } public function executeForgotpassword() { $src = $this->getRequestParameter('src'); $email = $this->getRequestParameter('email'); $token = $this->getRequestParameter('token'); if ($src != null && $email != null && $token == md5($email.self::TOKENPW)) { $c = new Criteria(); $c->add(TbluserPeer::US_EMAIL, trim($email)); $tbluser = TbluserPeer::doSelectOne($c); if ($tbluser != null) { $res = userMessage::sendForgotPassEmail($tbluser); $ip = myUtility::getRealIpAddr(); $acc = $tbluser->getUsUsername(); myUtility::log("$ip from $src get password for $acc".($res?'':' failed'), 'apiuser.log'); return $this->renderText('status=0'); } return $this->renderText('status=1&errMsg=Email not found'); } return $this->renderText('status=10'); } public function executeGetonlineuser() { return sfView::NONE; } public function executeActivate() { $arParams['access_key'] = $this->getRequestParameter('access_key', 'no_access_key'); $arParams['command'] = $this->getRequestParameter('command', 'no_command'); $arParams['mo_message'] = $this->getRequestParameter('mo_message', 'no_mo_message'); $arParams['msisdn'] = $this->getRequestParameter('msisdn', 'no_msisdn'); $arParams['request_id'] = $this->getRequestParameter('request_id', 'no_request_id'); $arParams['request_time'] = $this->getRequestParameter('request_time', 'no_request_time'); $arParams['short_code'] = $this->getRequestParameter('short_code', 'no_short_code'); $arParams['signature'] = $this->getRequestParameter('signature', 'no_signature'); $data = "access_key=" . $arParams['access_key'] . "&command=" . $arParams['command'] . "&mo_message=" . $arParams['mo_message'] . "&msisdn=" . $arParams['msisdn']; $data .= "&request_id=" . $arParams['request_id'] . "&request_time=" . $arParams['request_time'] . "&short_code=" . $arParams['short_code']; $secret = 'evvx931itxysfnp9m94rf2vxd101zegr'; $signature = hash_hmac("sha256", $data, $secret); if ($arParams['signature'] == $signature) { $phone = preg_replace('/^84/', '0', $arParams['msisdn']); $tbluser = $tbluser = $this->getUserField(TbluserPeer::US_PHONE, $phone); if ($tbluser != null) { if ($tbluser->getMobileConfirm() == 0) { $tbluser->setMobileConfirm(1); $tbluser->save(); $arResponse['sms'] = 'Kich hoat thanh cong tai khoan '.$tbluser->getUsUsername(); } else { $arResponse['sms'] = 'Tai khoan '.$tbluser->getUsUsername().' da duoc kich hoat'; } } else { $arResponse['sms'] = 'Khong tim thay so dien thoai tren Violet.vn'; } } else { $arResponse['sms'] = 'Sai chu ky'; } $arResponse['status'] = 1; $arResponse['type'] = 'text'; myUtility::log($arParams['msisdn'].': '.$arParams['mo_message'].' -> '.$arParams['short_code'].' | '.$arResponse['sms'], 'sms.log'); return $this->renderText(json_encode($arResponse)); } }