Example #1
0
function createAccount($userInfo)
{
    //echo('creating...');
    if (!isset($userInfo['email'])) {
        $resp = array("status" => "fail", "reason" => "please send the email to create account");
        return $resp;
    }
    if (!isset($userInfo['passwd'])) {
        $resp = array("status" => "fail", "reason" => "please send password to create account");
        return $resp;
    }
    $userInfo['userId'] = generateRandomString();
    $unencrypted = $userInfo['passwd'];
    $userInfo['passwd'] = md5($userInfo['passwd']);
    $email = $userInfo['email'];
    $exists = dbMassData("SELECT * FROM users WHERE email = '{$email}'");
    if ($exists != NULL) {
        $account = loginUser($email, $unencrypted);
        return $account;
    }
    $passwd = $userInfo['passwd'];
    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
    dbQuery("INSERT INTO users (email, passwd, ip) VALUES('{$email}', '{$passwd}', '{$ip}')");
    //$resp = array("status"=>"success", "reason"=>"account created");
    //return $resp;
    $account = loginUser($email, $unencrypted);
    return $account;
}
function startCall()
{
    global $current_user, $adb, $log;
    require_once 'include/utils/utils.php';
    require_once 'modules/PBXManager/utils/AsteriskClass.php';
    require_once 'modules/PBXManager/AsteriskUtils.php';
    $id = $current_user->id;
    $number = $_REQUEST['number'];
    $record = $_REQUEST['recordid'];
    $result = $adb->query("select * from vtiger_asteriskextensions where userid=" . $current_user->id);
    $extension = $adb->query_result($result, 0, "asterisk_extension");
    $data = getAsteriskInfo($adb);
    $server = $data['server'];
    $port = $data['port'];
    $username = $data['username'];
    $password = $data['password'];
    $version = $data['version'];
    $errno = $errstr = NULL;
    $sock = fsockopen($server, $port, $errno, $errstr, 1);
    stream_set_blocking($sock, false);
    if ($sock === false) {
        echo "Socket cannot be created due to error: {$errno}:  {$errstr}\n";
        $log->debug("Socket cannot be created due to error:   {$errno}:  {$errstr}\n");
        exit(0);
    }
    $asterisk = new Asterisk($sock, $server, $port);
    loginUser($username, $password, $asterisk);
    $asterisk->transfer($extension, $number);
    //adds to pbx manager
    addToCallHistory($extension, $extension, $number, "outgoing", $adb);
    // add to the records activity history
    addOutgoingcallHistory($current_user, $extension, $record, $adb);
}
Example #3
0
function registerUser()
{
    if (isset($_POST['FullName']) && isset($_POST['InputPasswordSignup']) && isset($_POST['InputEmailSignup'])) {
        /**
         * @var \WegeTech\LottoYard\Service $lottoService
         */
        global $lottoService;
        $user = new User();
        $name = explode(' ', $_POST['FullName']);
        $user->FirstName = htmlspecialchars($name[0]);
        $user->LastName = htmlspecialchars($name[1]);
        $user->Email = $_POST['InputEmailSignup'];
        $user->IP = $_SERVER['REMOTE_ADDR'];
        $response = $lottoService->signUpUser($user);
        if ($response->success) {
            $userResponse = wp_create_user($_POST['InputEmailSignup'], $_POST['InputPasswordSignup'], $_POST['InputEmailSignup']);
            if (is_wp_error($userResponse)) {
                wp_send_json(array('message' => $userResponse->get_error_message()));
            }
            add_user_meta($userResponse, 'lottoPass', $response->data->Password, true);
            loginUser($_POST['InputEmailSignup'], $_POST['InputPasswordSignup']);
            wp_send_json(array('data' => $response->data));
        } else {
            wp_send_json(array('message' => $response->message));
        }
    }
}
Example #4
0
function createUser($email, $hash, $First_name, $Last_name, $Address)
{
    $mysqli = new mysqli($GLOBALS["servername"], $GLOBALS["server_username"], $GLOBALS["server_password"], $GLOBALS["database"]);
    $stmt = $mysqli->prepare("INSERT INTO user_sample (email, password,first_name,last_name,address) VALUES (?,?,?,?,?)");
    $stmt->bind_param("sssss", $email, $hash, $First_name, $Last_name, $Address);
    $stmt->error;
    if ($stmt->execute()) {
        loginUser($email, $hash);
    } else {
        $stmt->error;
    }
    $stmt->close();
}
Example #5
0
function commandRouter($action)
{
    switch ($action) {
        case 'login':
            loginUser();
            break;
        case 'createUser':
            createUser();
            break;
        case 'getUser':
            getUser();
            break;
        case 'deleteUser':
            deleteUser();
            break;
        case 'updateUser':
            updateUser();
            break;
        case 'addTab':
            addTab();
            break;
        case 'delTab':
            delTab();
            break;
        case 'editTab':
            editTab();
            break;
        case 'getTabs':
            getTabs();
            break;
        case 'addNote':
            addNote();
            break;
        case 'delNote':
            delNote();
            break;
        case 'editNote':
            editNote();
            break;
        case 'getNotes':
            getNotes();
            break;
        default:
            break;
    }
}
Example #6
0
function commandRouter($action)
{
    switch ($action) {
        case 'login':
            loginUser();
            break;
        case 'createUser':
            createUser();
            break;
        case 'getUser':
            getUser();
            break;
        case 'deleteUser':
            deleteUser();
            break;
        case 'updateUser':
            updateUser();
            break;
        case 'addInv':
            addToInv();
            break;
        case 'subInv':
            subFromInv();
            break;
        case 'getInv':
            getInventory();
            break;
        case 'getDecks':
            getDecks();
            break;
        case 'createDeck':
            createDeck();
            break;
        case 'updateDeck':
            updateDeck();
            break;
        case 'deleteDeck':
            deleteDeck();
            break;
        default:
            break;
    }
}
Example #7
0
function createAccount($userInfo)
{
    //echo('creating...');
    if (!isset($userInfo['email'])) {
        $resp = array("status" => "fail", "reason" => "please send the email to create account");
        return $resp;
    }
    if (!isset($userInfo['passwd'])) {
        $resp = array("status" => "fail", "reason" => "please send password to create account");
        return $resp;
    }
    $userInfo['userId'] = generateRandomString();
    $unencrypted = $userInfo['passwd'];
    $userInfo['passwd'] = md5($userInfo['passwd']);
    $email = $userInfo['email'];
    $exists = dbMassData("SELECT * FROM settings WHERE email = '{$email}'");
    if ($exists != NULL) {
        $account = loginUser($email, $unencrypted);
        return $account;
    }
    rollAdd('settings', $userInfo, FALSE, FALSE, FALSE, FALSE, TRUE);
    $resp = array("status" => "success", "reason" => "account created");
    return $resp;
}
     $sContents = str_replace("#soundsUrl#", $sSoundsUrl, $sContents);
     $sContents = str_replace("#smilesetsUrl#", $sSmilesetsUrl, $sContents);
     $sContents = str_replace("#filesUrl#", $sFilesUrl, $sContents);
     $sContents = str_replace("#useServer#", useServer() ? TRUE_VAL : FALSE_VAL, $sContents);
     $sContents = str_replace("#serverUrl#", getRMSUrl($sServerApp), $sContents);
     break;
     /**
      * IM ACTIONS.
      * Authorize sender for IM dialog.
      */
 /**
  * IM ACTIONS.
  * Authorize sender for IM dialog.
  */
 case 'senderAuthorize':
     if (loginUser($sSndId, $sSndPassword) == TRUE_VAL) {
         $sContents = parseXml($aXmlTemplates['result'], "", SUCCESS_VAL);
         //--- return sender's information ---//
         $aUser = getUserInfo($sSndId);
         $aUser['sex'] = $aUser['sex'] == 'female' ? "F" : "M";
         $sContents .= parseXml($aXmlTemplates['user'], $sSndId, $aUser['nick'], $aUser['sex'], $aUser['age'], $aUser['desc'], $aUser['photo'], $aUser['profile'], USER_STATUS_ONLINE);
     } else {
         $sContents = parseXml($aXmlTemplates['result'], "msgUserAuthenticationFailure", FAILED_VAL);
     }
     break;
     /**
      * Authorize recipient for IM dialog.
      */
 /**
  * Authorize recipient for IM dialog.
  */
Example #9
0
<?php

if (isset($_POST['submitLogIN'])) {
    $found = loginUser($_POST['username'], $_POST['password']);
    if ($found) {
        ?>
<script>var b = true;</script><?php 
        //echo 'Καλώς Ήρθατε '.$_POST['username'];
        //header('Location: index.php');
    } else {
        //echo '<h1>Λάθος Username ή Password</h1>';
        //echo "<button onclick=\"window.location='index.php?p=login'\">Προσπαθήστε ξανά</button>";
        ?>
<script>var a = true;</script><?php 
    }
} else {
    if (isset($_POST['logOut'])) {
        ?>
<script>var msg = "Goodbye ";</script><?php 
        //echo 'Goodbye '.$_SESSION['username'];
        logoutUser();
        header('Location: index.php');
    } else {
        if (isset($_POST['logoutMy'])) {
            session_start();
            unset($_SESSION['userID']);
            unset($_SESSION['userType']);
            ?>
<script>var msg = "Goodbye ";</script><?php 
            //echo 'Goodbye '.$_SESSION['username'];
            unset($_SESSION['username']);
Example #10
0
         $email_error = "See väli on kohustuslik";
     } else {
         // puhastame muutuja võimalikest üleliigsetest sümbolitest
         $email = cleanInput($_POST["email"]);
     }
     if (empty($_POST["password"])) {
         $password_error = "See väli on kohustuslik";
     } else {
         $password = cleanInput($_POST["password"]);
     }
     // Kui oleme siia jõudnud, võime kasutaja sisse logida
     if ($password_error == "" && $email_error == "") {
         echo "Võib sisse logida! Kasutajanimi on " . $email . " ja parool on " . $password;
         $password_hash = hash("sha512", $password);
         //functions failist käivitan funktsiooni
         loginUser($email, $password_hash);
     }
 }
 // login if end
 // *********************
 // ** LOO KASUTAJA *****
 // *********************
 if (isset($_POST["create"])) {
     if (empty($_POST["create_email"])) {
         $create_email_error = "See väli on kohustuslik";
     } else {
         $create_email = cleanInput($_POST["create_email"]);
     }
     if (empty($_POST["create_password"])) {
         $create_password_error = "See väli on kohustuslik";
     } else {
Example #11
0
     } else {
         // puhastame muutuja voimalikest uleliigsetest sumbolitest
         $email = cleanInput($_POST["email"]);
     }
     if (empty($_POST["password"])) {
         $password_error = "See vali on kohustuslik";
     } else {
         $password = cleanInput($_POST["password"]);
     }
     // Kui oleme siia joudnud, voime kasutaja sisse logida
     if ($password_error == "" && $email_error == "") {
         echo "Võib sisse logida! Kasutajanimi on " . $email . " ja parool on " . $password;
         $password_hash = hash("sha512", $password);
         echo $password_hash;
         // functions php failis käivitan funktsiooni
         $login_response = loginUser($email, $password_hash);
         if (isset($login_response->success)) {
             $_SESSION["id_from_db"] = $login_response->success->user->id;
             $_SESSION["user_email"] = $login_response->success->user->email;
             header("Location: data.php");
             exit;
         }
     }
 }
 // *********************
 // ** LOO KASUTAJA *****
 // *********************
 if (isset($_POST["create"])) {
     echo "vajutas create nuppu!";
     if (empty($_POST["create_email"])) {
         $create_email_error = "See vali on kohustuslik";
Example #12
0
     getResult("REPLACE `" . MODULE_DB_PREFIX . "CurrentUsers` SET `ID`='" . $sId . "', `Nick`='" . $sNick . "', `Sex`='" . $sSex . "', `Age`='" . $sAge . "', `Desc`='" . $sDesc . "', `Photo`='" . $sPhoto . "', `Profile`='" . $sProfileUrl . "', `Start`='" . $iCurrentTime . "', `When`='" . $iCurrentTime . "', `Status`='" . USER_STATUS_NEW . "'");
     getResult("DELETE FROM `" . MODULE_DB_PREFIX . "RoomsUsers` WHERE `User`='" . $sId . "'");
     $sContents = parseXml($aXmlTemplates['result'], "", SUCCESS_VAL);
     $sContents .= parseXml(array(2 => '<user photo="#1#" profile="#2#" />'), $sPhoto, $sProfileUrl);
     break;
     /**
      * Authorize user.
      */
 /**
  * Authorize user.
  */
 case 'userAuthorize':
     if (loginAdmin($sId, $sPassword) == TRUE_VAL) {
         $aUserInfo = getUserInfo($sId, true);
         $aUser = array('id' => $aUserInfo['id'], 'nick' => $aUserInfo['nick'], 'sex' => $aUserInfo['sex'], 'age' => $aUserInfo['age'], 'desc' => $aUserInfo['desc'], 'photo' => $aUserInfo['photo'], 'profile' => $aUserInfo['profile'], 'type' => CHAT_TYPE_ADMIN);
     } elseif (loginUser($sId, $sPassword) == TRUE_VAL && ($bBanned = doBan("check", $sId)) != TRUE) {
         $aUser = getUserInfo($sId);
         $aUser['id'] = $sId;
         $aUser['sex'] = $aUser['sex'] == 'female' ? "F" : "M";
         $aUser['type'] = isUserAdmin($sId) ? CHAT_TYPE_ADMIN : CHAT_TYPE_FULL;
     } else {
         $sContents = parseXml($aXmlTemplates['result'], $bBanned ? "msgBanned" : "msgUserAuthenticationFailure", FAILED_VAL);
         break;
     }
     $aUser = initUser($aUser);
     $sContents = parseXml($aXmlTemplates['result'], "", SUCCESS_VAL);
     $sContents .= parseXml($aXmlTemplates['user'], $aUser['id'], USER_STATUS_NEW, $aUser['nick'], $aUser['sex'], $aUser['age'], $aUser['desc'], $aUser['photo'], $aUser['profile'], $aUser['type'], USER_STATUS_ONLINE);
     break;
 case 'banUser':
     $sBanned = isset($_REQUEST["banned"]) ? process_db_input($_REQUEST['banned']) : FALSE_VAL;
     $sUserId = getValue("SELECT `ID` FROM `" . MODULE_DB_PREFIX . "Profiles` WHERE `ID` = '" . $sId . "' LIMIT 1");
<?php

include_once __DIR__ . "/" . "../config.php";
include_once __DIR__ . "/" . "../model/user.php";
if (!isset($_POST["email"]) || !isset($_POST["password"])) {
    echo "fill all the fields";
} else {
    $resp = loginUser($_POST["email"], $_POST["password"]);
    if ($resp["response"]) {
        echo "Minchia " . $resp["userLogged"]->getName() . " ma sei togo!";
        //salva sessione userLogged
        session_start();
        $_SESSION['userLogged'] = $resp["userLogged"];
        //redirect admin page
        header("location: ../admin/manage_posts.php");
    } else {
        echo "bad username or password";
    }
}
/* LOGIN FUNCTION */
function loginUser($email, $password)
{
    /*
    	1. check if email or password are empty
    	2. query to database
    	3. if login credential are correct => return new User
    	4. else => return false
    */
    global $pdo;
    $userLogged = null;
    $stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email');
 /**
  * set user's uploaded file time
  */
 case 'updateFileTime':
     getResult("UPDATE `" . MODULE_DB_PREFIX . "Files` SET `Time`='" . $sTime . "' WHERE `ID`='" . $sFile . "'");
     $sContents = parseXml($aXmlTemplates['result'], TRUE_VAL);
     break;
     /**
      * Delete files from playlist
      */
 /**
  * Delete files from playlist
  */
 case 'deleteFromPlayList':
     $sContents = parseXml($aXmlTemplates['result'], "msgErrorDelete", FAILED_VAL);
     if (!loginUser($sId, $sPassword)) {
         break;
     }
     $aFiles = empty($sFile) ? array() : explode(",", $sFile);
     $sIn = count($aFiles > 0) ? " IN('" . implode("','", $aFiles) . "')" : " IN('0')";
     $sQuery = "SELECT `ID` FROM `" . MODULE_DB_PREFIX . "Files` WHERE `Owner`='" . $sId . "' AND `ID`" . $sIn;
     $sQuery1 = "DELETE FROM `" . MODULE_DB_PREFIX . "PlayLists` WHERE `Owner`='" . $sId . "' AND `FileId`" . $sIn;
     $res = getResult($sQuery);
     getResult($sQuery1);
     $bResult = true;
     for ($i = 0; $i < mysql_num_rows($res); $i++) {
         $aFile = mysql_fetch_assoc($res);
         $bResult = deleteFile($aFile["ID"]);
     }
     if ($bResult) {
         $sContents = parseXml($aXmlTemplates['result'], "", SUCCESS_VAL);
Example #15
0
     $sContents = str_replace("#desktopUrl#", $sModulesUrl . $sModule . "/", $sContents);
     break;
 case 'userAuthorize':
     $sResult = loginUser($sId, $sPassword);
     $sContents = parseXml($aXmlTemplates['result'], $sResult == TRUE_VAL ? TRUE_VAL : "msgUserAuthenticationFailure");
     if ($sResult == TRUE_VAL) {
         $sContents .= parseXml($aXmlTemplates['status'], getUserStatus($sId));
         $sContents .= getAvailableStatuses();
         saveUsers(array('online' => array(), 'offline' => array()));
     }
     break;
 case 'login':
     $sContents = parseXml($aXmlTemplates['result'], "msgUserAuthenticationFailure", FAILED_VAL);
     $sId = getIdByNick($sNick);
     $sPassword = encryptPassword($sId, $sPassword);
     if (loginUser($sNick, $sPassword, true) == TRUE_VAL) {
         $aUserInfo = getUserInfo($sId);
         login($sId, $sPassword);
         $sContents = parseXml($aXmlTemplates['result'], $sId, SUCCESS_VAL, $sPassword);
     }
     break;
 case 'logout':
     logout($sId);
     $sContents = parseXml($aXmlTemplates['result'], "", SUCCESS_VAL);
     break;
 case "getUsers":
     $bInit = true;
 case "updateUsers":
     if (!isset($bInit)) {
         $bInit = false;
     }
Example #16
0
 /**
  * Sets default language.
  */
 case 'setLanguage':
     setCurrentFile($sModule, $sLanguage, "langs");
     break;
     /**
      * Authorize user.
      */
 /**
  * Authorize user.
  */
 case 'userAuthorize':
     $sUser = isset($_REQUEST['user']) ? process_db_input($_REQUEST['user']) : "";
     $sOwner = empty($sId) ? $sUser : getValue("SELECT `Owner` FROM `" . MODULE_DB_PREFIX . "Files` WHERE `ID`='" . $sId . "'");
     if ($sOwner == $sUser && loginUser($sUser, $sPassword) == TRUE_VAL) {
         $sContents = parseXml($aXmlTemplates['result'], TRUE_VAL);
     } else {
         $sContents = parseXml($aXmlTemplates['result'], "msgAuthorizingUserError");
     }
     break;
     /**
      * Get config
      */
 /**
  * Get config
  */
 case 'config':
     $sFileName = $sModulesPath . $sModule . "/xml/config.xml";
     $rHandle = fopen($sFileName, "rt");
     $sContents = fread($rHandle, filesize($sFileName));
<?php

include './FunctionPHP/function.php';
$err_connexion = false;
if (isset($_REQUEST['connexion'])) {
    if ($_REQUEST['pseudoConnexion'] == "" || $_REQUEST['passwordConnexion'] == "") {
        $err_connexion = true;
    } else {
        $err_connexion = false;
        $pseudo = $_REQUEST['pseudoConnexion'];
        $password = $_REQUEST['passwordConnexion'];
        loginUser($pseudo, $password);
    }
}
?>

<form action="" method="post">
    <fieldset>
        <legend>
            <h1>Connexion</h1>
        </legend>
        <input type="text" name="pseudoConnexion" placeholder="Pseudo" />
        <input type="password" name="passwordConnexion" placeholder="Mot de passe" />
        
        <?php 
if ($err_connexion == TRUE) {
    echo '<p class="erreur_form"> Il y a un champ vide!</p>';
}
?>
        
        <input type="submit" name="connexion" value=" Connexion " class="myButton">
<?php

/**
 * User authentication is done here.
 * This is a super-simple auth method
 * that tries to be secure enough.
 */
// if the user is NOT logged in already
if (!validateUser()) {
    // attempted login
    if (isset($_POST['proxy-login'])) {
        loginUser();
    }
    // no attempted login = show login page
    die(file_get_contents('login/login.html'));
}
/**
 * validate user cookie with database.
 * note that base64 is an extra-step
 * when storing the cookie on the user client
 * and not an attempt to encrypt passwords.
 *
 * @return bool
 */
function validateUser()
{
    // compare saved cookie with the actual credentials from the db.
    if (getUser()['email'] && base64_decode(getUser(true)[1]) === getUser()['pass']) {
        return true;
    }
    return false;
Example #19
0
	<?php 
$username = $_POST["username"];
$password = $_POST["password"];
function loginUser($username, $password, $db)
{
    // SQL-Query
    $db->query("SELECT * FROM users\n\t\t\t\tWHERE username = :username\n\t\t\t\tAND password = :password");
    // Prepared Statements
    $db->bind(":username", $username);
    $db->bind(":password", $password);
    $db->execute();
    return $db->result();
}
// User in Session-Variable speichern
$_SESSION["user"] = loginUser($username, $password, $db);
?>

	<p><strong>Erfolgreich eingeloggt!</strong></p>

	<h3>Kurs-Anmeldung für <?php 
echo $username;
?>
</h3>
	<p>Hallo, <strong><?php 
echo $username;
?>
</strong>! Bitte wähle einen Kurs aus, für den du dich einschreiben möchtest.</p>

	<form method="post" action="course.php">
		<div class="row">
Example #20
0
<?php

require_once 'model.php';
if (isset($_REQUEST['action'])) {
    $req = $_REQUEST;
    //sanitize;
    $action = $req['action'];
    switch ($action) {
        case 'login':
            loginUser($req['email'], $req['pass']);
            break;
        case 'signup':
            signupUser($req['email'], $req['pass'], $req['name'], $req['screenName']);
            break;
        default:
            redirectTo('../index.php');
    }
} else {
    redirectTo('../index.php');
}
Example #21
0
 // sisse logimine
 if (isset($_POST["login"])) {
     if (empty($_POST["username"])) {
         $username_error = "See väli on kohustuslik";
     } else {
         $username = cleanInput($_POST["username"]);
     }
     if (empty($_POST["password"])) {
         $password_error = "See väli on kohustuslik";
     } else {
         $password = cleanInput($_POST["password"]);
     }
     if ($password_error == "" && $username_error == "") {
         echo "Vale kasutajanimi või parool! Proovi uuesti!";
         $hash = hash("sha512", $password);
         loginUser($username, $hash);
     }
 }
 // kasutaja loomine
 if (isset($_POST["create"])) {
     if (empty($_POST["create_username"])) {
         $create_username_error = "See väli on kohustuslik";
     } else {
         $create_username = cleanInput($_POST["create_username"]);
     }
     if (empty($_POST["create_firstname"])) {
         $create_firstname_error = "See väli on kohustuslik";
     } else {
         $create_firstname = cleanInput($_POST["create_firstname"]);
     }
     if (empty($_POST["create_lastname"])) {
Example #22
0
 /**
  * upgrade330
  * 
  * Upgrade database to version 3.3.
  * 
  * @return boolean
  */
 function upgrade330()
 {
     $errorMessage = sprintf(T_('Could not upgrade database to version %s.'), '3.3');
     // new phpass password style
     $pw_fixed = false;
     $sql = "SHOW COLUMNS FROM `fcms_users`";
     $rows = $this->fcmsDatabase->getRows($sql);
     if ($rows === false) {
         $this->fcmsError->setMessage($errorMessage);
         return false;
     }
     foreach ($rows as $r) {
         if ($r['Field'] == 'phpass') {
             $pw_fixed = true;
         }
     }
     if (!$pw_fixed) {
         $sql = "ALTER TABLE `fcms_users`\n                    ADD COLUMN `phpass` VARCHAR(255) NULL AFTER `password`";
         if (!$this->fcmsDatabase->alter($sql)) {
             $this->fcmsError->setMessage($errorMessage);
             return false;
         }
     }
     // new login token
     $token_fixed = false;
     $sql = "SHOW COLUMNS FROM `fcms_users`";
     $rows = $this->fcmsDatabase->getRows($sql);
     if ($rows === false) {
         $this->fcmsError->setMessage($errorMessage);
         return false;
     }
     foreach ($rows as $r) {
         if ($r['Field'] == 'token') {
             $token_fixed = true;
         }
     }
     if (!$token_fixed) {
         $sql = "ALTER TABLE `fcms_users`\n                    ADD COLUMN `token` VARCHAR(255) NULL AFTER `phpass`";
         if (!$this->fcmsDatabase->alter($sql)) {
             $this->fcmsError->setMessage($errorMessage);
             return false;
         }
     }
     // We need to upgrade the user's old pw to new pw
     if (isset($_SESSION['login_pw'])) {
         $hasher = new PasswordHash(8, FALSE);
         $hashedPassword = $hasher->HashPassword($_SESSION['login_pw']);
         $sql = "UPDATE `fcms_users`\n                    SET `password` = '0',\n                        `phpass` = ?\n                    WHERE `id` = ?";
         $params = array($hashedPassword, (int) $_SESSION['login_id']);
         if (!$this->fcmsDatabase->update($sql, $params)) {
             $this->fcmsError->setMessage(T_('Your password could not be upgraded using enhanced security.'));
             return false;
         }
         // We need to login the user again using the new security features
         if (!loginUser((int) $_SESSION['login_id'], 0)) {
             $this->fcmsError->setMessage(T_('You could not be logged in using enhanced security.'));
             return false;
         }
         // Now, lets delete the old style login info
         if (isset($_SESSION['login_id'])) {
             unset($_SESSION['login_id']);
         }
         if (isset($_SESSION['login_uname'])) {
             unset($_SESSION['login_uname']);
         }
         if (isset($_SESSION['login_pw'])) {
             unset($_SESSION['login_pw']);
         }
         if (isset($_COOKIE['fcms_login_id'])) {
             setcookie('fcms_login_id', '', time() - 3600, '/');
         }
         if (isset($_COOKIE['fcms_login_uname'])) {
             setcookie('fcms_login_uname', '', time() - 3600, '/');
         }
         if (isset($_COOKIE['fcms_login_pw'])) {
             setcookie('fcms_login_pw', '', time() - 3600, '/');
         }
     }
     return true;
 }
     $iMaxFileSize = min(ini_get('upload_max_filesize') + 0, ini_get('post_max_size') + 0);
     $sContents = str_replace("#fileMaxSize#", $iMaxFileSize, $sContents);
     $sContents = str_replace("#soundsUrl#", $sSoundsUrl, $sContents);
     $sContents = str_replace("#smilesetsUrl#", $sSmilesetsUrl, $sContents);
     $sContents = str_replace("#filesUrl#", $sFilesUrl, $sContents);
     $sContents = str_replace("#useServer#", useServer() ? TRUE_VAL : FALSE_VAL, $sContents);
     $sContents = str_replace("#serverUrl#", getRMSUrl($sServerApp), $sContents);
     break;
     /**
      * Authorize user.
      */
 /**
  * Authorize user.
  */
 case 'userAuthorize':
     if (loginUser($sId, $sPassword) == TRUE_VAL) {
         $sResult = getValue("SELECT `ID` FROM `" . MODULE_DB_PREFIX . "Profiles` WHERE `ID`='" . $sId . "'");
         if (empty($sResult)) {
             getResult("INSERT INTO `" . MODULE_DB_PREFIX . "Profiles` SET `ID`='" . $sId . "', `Smileset`='" . $sDefSmileset . "'");
         }
         $iCurrentTime = time();
         $aUser = getUserInfo($sId);
         $aUser['sex'] = $aUser['sex'] == 'female' ? "F" : "M";
         getResult("REPLACE `" . MODULE_DB_PREFIX . "CurrentUsers` SET `ID`='" . $sId . "', `Nick`='" . $aUser['nick'] . "', `Sex`='" . $aUser['sex'] . "', `Age`='" . $aUser['age'] . "', `Desc`='" . addslashes($aUser['desc']) . "', `Photo`='" . $aUser['photo'] . "', `Profile`='" . $aUser['profile'] . "', `Start`='" . $iCurrentTime . "', `When`='" . $iCurrentTime . "', `Status`='" . USER_STATUS_NEW . "'");
         getResult("DELETE FROM `" . MODULE_DB_PREFIX . "RoomsUsers` WHERE `User`='" . $sId . "'");
         $rFiles = getResult("SELECT `ID` FROM `" . MODULE_DB_PREFIX . "Messages` WHERE `Recipient`='" . sId . "' AND `Type`='file'");
         while ($aFile = mysql_fetch_assoc($rFiles)) {
             removeFile($aFile['ID']);
         }
         $sContents = parseXml($aXmlTemplates['result'], TRUE_VAL);
         $sContents .= parseXml($aXmlTemplates['user'], $sId, USER_STATUS_NEW, $aUser['nick'], $aUser['sex'], $aUser['age'], $aUser['desc'], $aUser['photo'], $aUser['profile'], CHAT_TYPE_FULL, USER_STATUS_ONLINE);
Example #24
0
            document.getElementById(\'extra_data_text\').style.display="none";
        }
    }
});

//Load user calendar
function load_calendar(user_id, month, year) {
 	var url = "' . api_get_path(WEB_AJAX_PATH) . 'agenda.ajax.php?a=get_user_agenda&user_id=" +user_id + "&month="+month+"&year="+year;
	$("#dialog").load(url);
}
</script>';
$this_section = SECTION_PLATFORM_ADMIN;
if ($action == 'login_as') {
    $check = Security::check_token('get');
    if (isset($_GET['user_id']) && $check) {
        $result = loginUser($_GET['user_id']);
        if ($result == false) {
            api_not_allowed(true);
        }
    }
    Security::clear_token();
}
api_protect_admin_script(true);
/**
 * Prepares the shared SQL query for the user table.
 * See get_user_data() and get_number_of_users().
 *
 * @param boolean $is_count Whether to count, or get data
 * @return string SQL query
 */
function prepare_user_sql_query($is_count)
Example #25
0
<?php

// include essential files
require_once 'utils/common.php';
$error = '0';
if (isset($_POST['submitBtn'])) {
    // Get user input.
    $username = isset($_POST['username']) ? $_POST['username'] : '';
    $password = isset($_POST['password']) ? $_POST['password'] : '';
    // Try to log the user in.
    $error = loginUser($username, $password);
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">
<html oncontextmenu="return false">
	<head>
	   <title>Portal</title>
	   <link href="resources/css/login.css" rel="stylesheet" type="text/css" />
	   <style>
	   background: #E9ECEF;
	   </style>	
	</head>
<center>
	<body id="main">
	<h1>Login Portaal</h1>
	<?php 
if ($error != '') {
    ?>
		  <form action="login.php" autocomplete="off" method="post" name="loginform">
			<table width="100%" allign="center">
Example #26
0
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
*/
// $Id: index.php,v 1.7 2006/01/29 08:59:18 atrommer Exp $
$bGoodUser = true;
if ($_POST['isPostback']) {
    $bGoodUser = loginUser($_POST['tbUsername'], $_POST['tbPass']);
}
if (isset($_SESSION['USERNAME'])) {
    redirect("mySchedule.php");
}
doHeader("Please Login", null, "self.focus(); document.frmLogin.tbUsername.focus();");
?>

<?php 
if (!$bGoodUser) {
    print "<span class=errorMsg>Login Failed!  Please try again!</span>";
}
?>
<form action="<?php 
print $_SERVER['PHP_SELF'];
?>
Example #27
0
    //vajutas login nuppu
    if (isset($_POST["login"])) {
        if (empty($_POST["email"])) {
            $email_error = "VEATEADE: Email on kohustuslik!";
        } else {
            $email = test_input($_POST["email"]);
        }
        if (empty($_POST["password"])) {
            $password_error = "VEATEADE: Parool on kohustuslik!";
        } else {
            //kui oleme siia jõudnud siis parool ei ole tühi
            $password = test_input($_POST["password"]);
        }
        if ($email_error == "" && $password_error == "") {
            $hash = hash("sha512", $password);
            loginUser($email, $hash);
        }
    }
}
function test_input($data)
{
    // võtab ära tühikud, enterid, tabid
    $data = trim($data);
    // tagurpidi kaldkriipsud
    $data = stripslashes($data);
    // teeb htmli tekstiks
    $data = htmlspecialchars($data);
    return $data;
}
$page_title = "Login leht";
$page_file_name = "login.php";
Example #28
0
<?php

ini_set("memory_limit", "3000000000000000M");
require_once 'config.php';
require_once 'common.php';
require_once 'functions.php';
dashboardInit();
$arrData = array();
// login user if required
$arr = loginUser($_POST);
$arr = logoutUser($_POST, $arr);
$regType = $_GET[regr] == "minireg" ? "minireg" : "smoke";
$tableQuery = $_GET[regr] == "minireg" ? "miniregResults" : "regressionResults";
if (isset($_POST['Save'])) {
    foreach ($_POST as $name => $val) {
        if ($val == "Save") {
            continue;
        }
        ereg("([a-z]+)-([0-9]+)", $name, $regs);
        $type = $regs[1];
        $build = $regs[2];
        if ($type == "comment") {
            updateRapRegComment($build, $val, $tableQuery);
        } elseif ($type == "bug") {
            updateBugs2($build, $val, $tableQuery);
        } elseif ($type == "analysis") {
            updateAnalysisStatus2($build, $val, $tableQuery);
        } elseif ($type == "runstatus") {
            updateRunStatus($build, $val, $tableQuery);
        }
    }
Example #29
0
 function loginUserSession($username, $password, $user_type)
 {
     return loginUser($username, $password, $user_type);
 }
Example #30
0
<?php

if (isset($_POST["name"]) and isset($_POST["pw"])) {
    loginUser($_POST["user"], $_POST["pw"]);
}
addNav(L("word.login"), "login");