/** * @covers User::checkCredentials */ public function testCheckCredentialsInvalid() { $login = '******'; $password = '******'; $this->assertFalse($this->object->checkCredentials($login, $password), 'Credentials should not be ok'); $password = null; $this->assertFalse($this->object->checkCredentials($login, $password), 'Credentials should not be ok, password should not be null'); $password = '******'; $this->assertFalse($this->object->checkCredentials($login, $password), 'Credentials should not be ok, password should be case sensitive'); }
<?php require_once "../lib/includes/session.php"; require_once "../lib/includes/sanitize-all.php"; if (!empty($_POST["email"]) && !empty($_POST["password"]) && !empty($_POST["javascript"])) { // Auto load the class when it is beeing created spl_autoload_register(function ($class) { require_once "../lib/classes/" . $class . ".class.php"; }); require_once "../lib/classes/Inspekt.php"; if (!Inspekt::isEmail($_POST["email"])) { die("Please write a correct Email address"); } $user = new User(); $login = $user->checkCredentials($_POST["email"], $_POST["password"], $_POST["javascript"], $_SERVER['HTTP_USER_AGENT'], $_SERVER['REMOTE_ADDR'], session_id()); if ($login && isset($_SESSION['employee'])) { header("Location: dashboard.php"); } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <!-- <link rel="shortcut icon" href="../../assets/ico/favicon.ico"> -->
<?php require_once "../includes/session.php"; require_once "../includes/sanitize-all.php"; // Auto load the class when it is beeing created spl_autoload_register(function ($class) { require_once "../classes/" . $class . ".class.php"; }); if (!empty($_POST["email"]) && !empty($_POST["password"]) && !empty($_POST["javascript"])) { require_once "../classes/Inspekt.php"; $email = $_POST["email"]; $password = $_POST["password"]; $javascript = $_POST["javascript"]; $browser = $_SERVER['HTTP_USER_AGENT']; $session_id = session_id(); $ip_address = $_SERVER['REMOTE_ADDR']; if (!Inspekt::isEmail($email)) { die(Translate::string("login_alert.incorrect_email")); } $user = new User(); $login = $user->checkCredentials($email, $password, $javascript, $browser, $ip_address, $session_id); if ($login) { echo "success"; } // if ajax return is success javascript will redirect } else { echo Translate::string("login_alert.insert_username_and_password"); }
<?php /** * Authenticate user and create a token. * * Provides a token required for others API call * * @version 1.0.0 * * @api */ require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/Api.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/server/lib/User.php'; $api = new Api('json', ['POST']); switch ($api->method) { case 'POST': if (!$api->checkParameterExists('login', $login) || !$api->checkParameterExists('password', $password)) { $api->output(400, 'Both login and password must be provided'); //login or password was not provided return; } $user = new User(); if (!$user->checkCredentials($login, $password)) { $api->output(401, 'Invalid credentials'); header('WWW-Authenticate: Bearer realm="WMP"'); //invalid credentials return; } $api->output(201, $api->generateToken($user->getProfile())); break; }
$uzivatel->setPasswordMenoPriezviskoEmail($passwd, $meno, $priezvisko, $email); //udaje o organizacii $nazov = test_input($_REQUEST["nazov_organizacie"]); $ulica = test_input($_REQUEST["ulica_organizacie"]); $psc = test_input($_REQUEST["psc_organizacie"]); $mesto = test_input($_REQUEST["mesto_organizacie"]); $stat = test_input($_REQUEST["stat_organizacie"]); $ico = test_input($_REQUEST["ico_organizacie"]); $dic = test_input($_REQUEST["dic_organizacie"]); $icdph = test_input($_REQUEST["ic_dph_organizacie"]); $telefon = test_input($_REQUEST["telefon_organizacie"]); if ($passwd != $passwd_znovu) { //kontrola ci su hesla rovnake $message->add("Heslá musia byť totožné"); } else { if ($uzivatel->checkCredentials() === true) { //zadane udaje zodpovedaju poziadavkam $organizacia->setVsetkyUdaje($nazov, $ulica, $psc, $mesto, $stat, $ico, $dic, $icdph, $telefon); $organizacia->setAktualnyRokDokumentov(); $organizacia->setCislovaniePrijemky("PRJ"); //defaultne nastavenie cislovania dokumentov $organizacia->setCislovanieVydajky("VYD"); //defaultne nastavenie cislovania dokumentov $organizacia->setCislovanieVyrobky("VYR"); //defaultne nastavenie cislovania dokumentov $id_organizacie = $organizacia->storeTodatabase(); $uzivatel->setOrganizacia($id_organizacie); $uzivatel->storeToDatabase(); //vlozenie uzivatela do databazy $message->add("Uzivatel bol vytvoreny"); $_SESSION["user"] = $uzivatel->getId();