public static function attempt($username, $password)
{
self::setStatic($username);
if ($username == self::$username && password_verify($password, self::$password)) {
$_SESSION['LOGGED_IN_USER'] = $username;
$user = User::findUser($username);
$_SESSION['USER_ID'] = $user->id;
return true;
} else {
var_dump('false attempt');
return false;
}
}
function searchUser()
{
$results = array();
$results['user'] = User::findUser($_POST["usr_email"], $_POST["usr_pwd"]);
$row = $results['user'];
if ($row) {
if (isset($row->cDate) && $row->cDate != '') {
$_SESSION['name'] = $row->fname;
$_SESSION['id'] = $row->id;
echo $row->role;
} else {
echo "2";
}
} else {
echo "1";
}
}
/**
* @throws UserSignupException if the user could not be signed up, with a reason
* @throws UserAlreadyExistsException if the user already exists in the database
* @return the created {@link User}
*/
static function trySignup(\Db\Connection $db, $email, $password)
{
if ($email === null) {
throw new UserAuthenticationException("Email required for password signup.");
}
if (!is_valid_email($email)) {
throw new UserAuthenticationException("That is not a valid email.");
}
// does a user already exist with this email?
$q = $db->prepare("SELECT * FROM users WHERE email=? LIMIT 1");
$q->execute(array($email));
if ($q->fetch()) {
throw new UserAlreadyExistsException("That email is already in use.");
}
// create a new user
$q = $db->prepare("INSERT INTO users SET email=?");
$q->execute(array($email));
$user_id = $db->lastInsertId();
// create a new password
$q = $db->prepare("INSERT INTO user_passwords SET user_id=?, password_hash=?");
$q->execute(array($user_id, UserPassword::hash($password)));
return User::findUser($db, $user_id);
}
public function authenticate()
{
$username = strtolower($this->username);
//$user=User::model()->find('LOWER(username)=?',array($username));
$user = User::findUser($username);
//print_r(crypt($this->password,$user->password));
//print_r(crypt($this->password,$user['password']));
//print_r($user['password']);
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($user['password'] !== crypt($this->password, $user['password'])) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $user['id'];
$this->username = $username;
//$f=$user;
//unset($f['mailHash'],$f['password']);
//$this->setState('userData', $f);
$this->errorCode = self::ERROR_NONE;
}
}
return $this->errorCode == self::ERROR_NONE;
}
if ($user->admin != 2) {
die;
}
//Get all the users from the DB
$list = $temp->getUsers($dbh, "first_name", "DESC");
//If the user has posted to the page, they want to make a change
if ($_POST) {
//Set some error flags for printing messages in html
$sent = false;
$twitchErr = false;
$summonerErr = false;
$passwordErr = false;
//If the id is set, they selected a user, if they didn't select a user we can't make any changes
if (isset($_POST['id'])) {
//Grab that user from the database
$guy = $temp->findUser($dbh, $_POST['id']);
//If they set the email field, change his email
if (isset($_POST['email'])) {
if (!empty($_POST['email'])) {
$guy->email = $_POST['email'];
}
}
//If they set the first name field, change his first name
if (isset($_POST['first_name'])) {
if (!empty($_POST['first_name'])) {
$guy->first_name = $_POST['first_name'];
}
}
//If they set the bio field, change his bio
if (isset($_POST['bio'])) {
if (!empty($_POST['bio'])) {
/**
* Login as the given user_id.
*/
static function forceLogin(\Db\Connection $db, $user_id)
{
User::$instance = User::findUser($db, $user_id);
}
// Y88888P `Y88P' Y888P Y888888P VP V8P
if (isset($_POST['login'])) {
require_once MODEL_USER;
session_start();
try {
// Sanitize
$username = trim(filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING));
if (!$username) {
throw new Exception('Invalid Username');
}
$password = trim(filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING));
if (!$password) {
throw new Exception('Invalid Password');
}
// Search for user in DB and return either 'false' or 'User object'
$user = User::findUser($username);
// If the function returned an object ( meaning a user was found )
if (is_object($user)) {
if (password_verify($password, $user->passwordHash)) {
// For ADMIN
if ($user->username === "admin") {
$_SESSION['adminLoggedIn'] = true;
// For any other user
} else {
// Password was verified. The session will set 'IsLoggedIn' to true
$_SESSION['IsLoggedIn'] = true;
}
// Session variables to use in web views
$_SESSION['user'] = $user;
} else {
// Password Invalid
/**
* @throws UserSignupException if the user could not be signed up, with a reason
* @throws UserAlreadyExistsException if the identity or email already exists in the database
* @return the created {@link User}
*/
static function trySignup(\Db\Connection $db, $email, $openid, $redirect)
{
if (!$redirect) {
throw new \InvalidArgumentException("No redirect provided.");
}
if ($email || \Openclerk\Config::get('users_require_email', false)) {
if (!is_valid_email($email)) {
throw new UserSignupException("That is not a valid email.");
}
// does a user already exist with this email?
$q = $db->prepare("SELECT * FROM users WHERE email=? LIMIT 1");
$q->execute(array($email));
if ($q->fetch()) {
throw new UserAlreadyExistsException("That email is already in use.");
}
}
$light = self::validateOpenID($openid, $redirect);
// search for existing identities
$q = $db->prepare("SELECT * FROM user_openid_identities WHERE identity=? LIMIT 1");
$q->execute(array($light->identity));
if ($identity = $q->fetch()) {
throw new UserAlreadyExistsException("An account for the OpenID identity '" . $light->identity . "' already exists.");
}
// otherwise create a new account
// create a new user
$q = $db->prepare("INSERT INTO users SET email=?");
$q->execute(array($email));
$user_id = $db->lastInsertId();
// create a new identity
$q = $db->prepare("INSERT INTO user_openid_identities SET user_id=?, identity=?");
$q->execute(array($user_id, $light->identity));
return User::findUser($db, $user_id);
}
<ul class="list-group" id="rank-faculty-student-list">
<li class="list-group-item">Emile Eric</li>
<li class="list-group-item">Tamara Naumovic</li>
<li class="list-group-item">Mila Marjanovic</li>
<li class="list-group-item">Ana Licina</li>
</ul>
</div>
<!-- kraj donje strane modala-->
<?php
if (isset($_POST['add_task'])) {
include "task.class.php";
include "user.class.php";
$task = new Task();
$user = new User();
$task->create($_POST, $user->findUser($_SESSION['id']));
echo $task->writeToDb();
}
?>
</div>
</div>
</div>
</div>
<!-- kraj modala-->
<!-- pocetak desne strane-->
<div class="col-md-1" style="padding-top:2%;"></div>
<div class="col-md-1" style="padding-top:2%;"></div>
<!-- kraj desne strane-->
//If the comment box isn't empty and they submitted let them make a comment
if (isset($_POST['newPost']) && !empty($_POST['newPost'])) {
$newComment = new comments();
$newComment->userid = $user->id;
$newComment->postid = $_GET['id'];
$newComment->date = date("m-d-Y h:i A");
$newComment->post = $_POST['newPost'];
$newComment->saveComment($dbh);
$sent = true;
} else {
$error = true;
}
}
$body = $page->post;
$guy = new User();
$officer = $guy->findUser($dbh, $page->userid);
$postTitle = $page->title;
$postDescription = substr($page->post, 0, 90) . "...";
$postLink = "http://45.55.62.156/post?id=" . $page->id;
$postImg = $page->img;
$comment = new comments();
$comments = $comment->getPostComments($dbh, $page->id);
$officer = $guy->findUser($dbh, $page->userid);
/*****************************
Need to cache the images for improved performance, can't completely
rely on Riot's server for everything
*****************************/
//The path needed for the champion's image (locally)
$path = "img/icons/" . $officer->champion . ".png";
//The path needed for the free week champion's image (remotely)
$url = "http://ddragon.leagueoflegends.com/cdn/5.14.1/img/champion/" . $officer->champion . ".png";
<select name="job_type" class="form-control" id="job-type">
<option>Volunteering</option>
<option>Practice</option>
<option>Workshop</option>
<option>Learning</option>
<option>Physical work</option>
</select>
<br>
<label for="peer-type">Location near by</label>
<select name="location" class="form-control" id="peer-type">
<?php
include "connection.php";
if (isset($_POST["add_task"])) {
include "user.class.php";
$user = new User();
$u = $user->findUser($_SESSION['id']);
include "connection.php";
$query5 = "INSERT INTO tasks (description, category, location, parc_number, org_name, reward, exps, expc, expo, partc_id, job_type) VALUES ('" . $mysqli->real_escape_string($_POST['description']) . "', '" . $mysqli->real_escape_string($_POST['category']) . "', '" . $mysqli->real_escape_string($_POST['location']) . "', '" . $_POST['parc_number'] . "', '" . $mysqli->real_escape_string($u) . "', '" . $mysqli->real_escape_string($_POST['reward']) . "', '" . $_POST['exps'] . "', '" . $_POST['expc'] . "', '" . $_POST['expo'] . "', '" . $_SESSION['id'] . "', '" . $mysqli->real_escape_string($_POST['job_type']) . "')";
if ($mysqli->query($query5)) {
echo "Success";
} else {
echo "<p>There was an error. Please try again later.</p>" . $mysqli->error;
}
}
$query1 = "SELECT * FROM buildings ";
if (!($q1 = $mysqli->query($query1))) {
echo "<p>There was an error. Please try again later</p>";
exit;
}
if ($q1->num_rows == 0) {
echo "There are no locations in the datebase";
public function checkOldPassword($form)
{
$values = $form->getValues();
$id = Zend_Auth::getInstance()->getIdentity()->id;
$old_password = md5($values['old_password']);
$translate = new Zend_View_Helper_Translate();
$user = new User();
$user_row = $user->findUser($old_password, $id);
if ($user_row) {
return true;
} else {
throw new Logic_User_Exception($translate->translate("Old password is incorrect, please try again."));
}
}
