<?php
namespace xenMade\ACPE\XF\Admin\Controller;
class Login extends XFCP_Login
{
public function actionForm()
{
if(\XF::options()->acpe_Firewall['firewall'])
{
$userIp = \XF::app()->request()->getIp();
if(!$userIp)
{
return $this->error(\XF::phrase('acpe_ip_not_allowed'));
}
$loginAllowed = false;
//Check IP Range
$acpIpInRange = new \xenMade\ACPE\Util\IPRange();
$allowdIps = preg_split('#\s+|,|;|(\r\n|\n|\r)#s', \XF::options()->acpe_Firewall['allowed_ip_address'], -1, PREG_SPLIT_NO_EMPTY);
$alertMails = preg_split('#\s+|,|;|(\r\n|\n|\r)#s', \XF::options()->acpe_Firewall['login_alert_emails'], -1, PREG_SPLIT_NO_EMPTY);
if($allowdIps && is_array($allowdIps))
{
foreach($allowdIps as $allowdIp)
{
$loginAllowed = $acpIpInRange->checkIfIpInRange($userIp, $allowdIp, \xenMade\ACPE\Util\Firewall::getIpType($userIp));
if($loginAllowed)
break;
}
if(!$loginAllowed)
{
if(\XF::options()->acpe_Firewall['ip_not_allowed'])
{
\xenMade\ACPE\Util\Firewall::logLogins(0,'', 'ip_not_allowed', 'acp', $userIp);
\xenMade\ACPE\Util\Firewall::sendLoginAlertMail([], $userIp, 'ip_not_allowed', $alertMails);
}
return $this->error(\XF::phrase('acpe_ip_not_allowed'));
}
}
}
return parent::actionForm();
}
public function actionLogin()
{
$sendMail = false;
$login = false;
$input = $this->filter([
'login' => 'str',
'password' => 'str'
]);
$alertMails = preg_split('#\s+|,|;|(\r\n|\n|\r)#s', \XF::options()->acpe_Firewall['login_alert_emails'], -1, PREG_SPLIT_NO_EMPTY);
if($alertMails && is_array($alertMails))
{
$sendMail = true;
}
$userIp = \XF::app()->request()->getIp();
$user = \XF::app()->em()->findOne('XF:User', ['username' => $input['login']]);
// Log User not Exists
if(!$user)
{
\xenMade\ACPE\Util\Firewall::logLogins($user['user_id'],$input['login'], 'user_not_exists', 'acp', $userIp);
if($sendMail && !$user['user_id'] && \XF::options()->acpe_Firewall['user_not_found'])
{
\xenMade\ACPE\Util\Firewall::sendLoginAlertMail($input, $userIp, 'user_not_found', $alertMails);
}
}
// Log password failed
if($user)
{
if(!$user->authenticate($input['password']))
{
\xenMade\ACPE\Util\Firewall::logLogins($user['user_id'], $input['login'], 'password_incorrect', 'acp', $userIp);
}
else
{
$login = true;
}
}
if($sendMail && $user && $login)
{
// Alert User is Not Admin
if(!$user['is_admin'] && \XF::options()->acpe_Firewall['user_not_admin'])
{
\xenMade\ACPE\Util\Firewall::logLogins($user['user_id'],$input['login'], 'no_admin', 'acp', $userIp);
\xenMade\ACPE\Util\Firewall::sendLoginAlertMail($input, $userIp, 'user_not_admin', $alertMails);
}
// Log the Login
if($user['user_id'] && $user['is_admin'])
{
$input['hash'] = \xenMade\ACPE\Util\Firewall::logLogins($user['user_id'],$input['login'], 'success', 'acp', $userIp);
}
// Alert user Loged in
if($user['user_id'] && $user['is_admin'] && \XF::options()->acpe_Firewall['login_success'])
{
\xenMade\ACPE\Util\Firewall::sendLoginAlertMail($input, $userIp, 'user_login_success', $alertMails);
}
}
return parent::actionLogin();
}
}
if (false)
{
class XFCP_Login extends \XF\Admin\Controller\Login {}
}