Example #1
0
	public function testBasics()
	{
		$this->assertTrue(Acl::isAllowed('dvorak', 'dvorakAllowed'));
		$this->assertFalse(Acl::isAllowed('azerty', 'dvorakAllowed'));
		
		$this->assertFalse(Acl::isAllowed('dvorak', 'newlyGranted'));
		$dvorak = User::getUserByName('dvorak');
		$dvorak->grant('newlyGranted');
		$this->assertTrue(Acl::isAllowed('dvorak', 'newlyGranted'));
		
		$dvorak->revoke('dvorakAllowed');
		$this->assertFalse(Acl::isAllowed('dvorak', 'dvorakAllowed'));
		
		
		$user = new User('sdldlkd', '*****@*****.**');
		$user->password = '******';
		$user->passwordConfirmation = 'sdldlkd';
		$user->save();
		
		$this->assertFalse(Acl::isAllowed('sdldlkd', 'newlyGranted'));
		$user->grant('newlyGranted');
		$this->assertTrue(Acl::isAllowed('sdldlkd', 'newlyGranted'));
		$user->revoke('newlyGranted');
		$this->assertFalse(Acl::isAllowed('sdldlkd', 'newlyGranted'));
	}
	public function testUserDeletesProfile()
	{
		$user = User::getUserByName('qwerty');
		$user->delete();
		
		$this->assertNull(UserProfile::get('qwerty'));
	}
Example #3
0
	public function user()
	{
		if ($this->_user == null)
		{
			return User::getUserByName($this->username);
		}
		return $this->_user;
	}
	/**
	 * @post
	*/
	public function unlock($username, $from)
	{
		$user = User::getUserByName($username);
		$user->unlockForce();
		$user->save();
		
		$this->notice(t('Unlocked user'));
		$this->redirect($from);
	}
	public function testGroups()
	{
		$group = new UserGroup('SomeName');
		$group->save();
		$group->add('dvorak');
		
		$group = new UserGroup('AnotherName');
		$group->save();
		$group->add('dvorak');
	
		$user = User::getUserByName('dvorak');
		$this->assertNotNull($user);
		$groups = $user->groups();
		$this->assertEquals(2, count($groups));
		$this->assertEquals('AnotherName', $groups[0]->name);
		$this->assertEquals('SomeName', $groups[1]->name);
	}
	public function testCreate()
	{
		$comment = new MeCommentMockComment;
		$comment->mock = MeCommentMock::get('me-mock');
		$comment->title = 'Some Title';
		$comment->comment = 'Some Comment';
		$comment->author = User::getUserByName('some-user');
		$comment->spamStatus = PropertySpamStatus::OK;
		$comment->save();
		
		$this->assertEquals('me-mock', $comment->mockID);
		$this->assertEquals('me-mock', $comment->mock->ID);
		$rComment = MeCommentMockComment::get($comment->ID);
		$this->assertEquals('Some Title', $rComment->title);
		$this->assertEquals('Some Comment', $rComment->comment);
		$this->assertEquals('me-mock', $rComment->mockID);
		$this->assertEquals('me-mock', $rComment->mock->ID);
		$this->assertLessThan(1, abs($comment->timePosted - time()));
	}
Example #7
0
	public function testCreateWithUser()
	{
		$page = new Page;
		$page->language = 'en';
		$page->title = 'My First Blog Ever';
		$page->content = 'This is My First Blog Ever';
		$this->assertNull($page->author);
		$page->author = User::getUserByName('user');
		$this->assertNotNull($page->authorID);
		$this->assertEquals('user', $page->authorID);
		$page->save();
		$this->assertEquals(self::today(), $page->created);
		$this->assertNull($page->updated);
		
		$page = Page::get($page->ID, 'en');
		$this->assertEquals('user', $page->authorID);
		$this->assertNotNull($page->author);
		$this->assertEquals('user', $page->author->username);
		$this->assertEquals('My First Blog Ever', $page->title);
		$this->assertEquals('This is My First Blog Ever', $page->content);
		$this->assertEquals(self::today(), $page->created);
	}
Example #8
0
	public function activate($userID, $key)
	{
		$user = User::getUserByName($userID);
		if ($user && $user->isLocked())
		{
			if ($user->unlock($key))
			{
				$user->save();
				$this->notice(t('Your account is now activated, you can login'));
				$this->redirect('user/login');
			}
			else
			{
				$this->error(t('Invalid activation key'));
				$this->redirect('/');
			}
		}
		else
		{
			$this->error(t('Invalid username'));
			$this->redirect('/');
		}
	}
Example #9
0
	public function testResetPassword()
	{
		$user = new User('Nathan', '*****@*****.**');
		$user->password = '******';
		$user->passwordConfirmation = 'azerty';
		$user->save();
		
		$user = User::getUserByName('Nathan');
		$key = $user->resetPassword();
		$user->save();
		
		$password = $user->generateNewPassword('some-key');
		$this->assertNull($password);
		$this->assertTrue($user->checkPassword('azerty'));
		
		$password = $user->generateNewPassword($key);
		$this->assertNotNull($password);
		$user->save();
		$this->assertFalse($user->checkPassword('azerty'));
		$this->assertTrue($user->checkPassword($password));
	}
Example #10
0
 $password_2 = !empty($password_2) ? $password_2 : "";
 require_once PHP_BASE_DIR . "/securimage/securimage.php";
 $img = new Securimage();
 if ($img->check($captcha) == false) {
     $res['message'] = '验证码错误!';
     $res['action'] = 'reset';
 } else {
     $reset_pwd = $_SESSION['reset_pwd'];
     if ($reset_pwd['b_confirm'] == false) {
         $res['message'] = '您还未经过邮件验证,收取邮件或重发邮件!';
         $res['action'] = 'resend';
     } else {
         $db = new MySQL($log);
         if ($mysqli = $db->openDB()) {
             $user = new User($mysqli, $log);
             if ($user->getUserByName($username)) {
                 if ($user->id === $reset_pwd['id']) {
                     if ($password_1 == $password_2 && Validator::validatePassword($password_1)) {
                         $user->password = hash("sha256", $password_1);
                         if ($user->updateUser($user->id)) {
                             session_unset();
                             session_destroy();
                             $res['result'] = true;
                             $res['message'] = '密码已修改成功!';
                             $res['action'] = 'login';
                         } else {
                             $res['message'] = '密码修改失败!';
                             $res['action'] = 'reset';
                         }
                     } else {
                         $res['message'] = '密码格式错误!';
Example #11
0
<?php

require '../include/init.inc.php';
$user_name = $real_name = $mobile = $password = $email = $user_desc = $user_group = '';
extract($_POST, EXTR_IF_EXISTS);
if (Common::isPost()) {
    $exist = User::getUserByName($user_name);
    if ($exist) {
        OSAdmin::alert("error", ErrorMessage::NAME_CONFLICT);
    } else {
        if ($password == "" || $real_name == "" || $mobile == "" || $email == "" || $user_group <= 0) {
            OSAdmin::alert("error", ErrorMessage::NEED_PARAM);
        } else {
            $input_data = array('user_name' => $user_name, 'password' => md5($password), 'real_name' => $real_name, 'mobile' => $mobile, 'email' => $email, 'user_desc' => $user_desc, 'user_group' => $user_group);
            $user_id = User::addUser($input_data);
            if ($user_id) {
                $input_data['password'] = "";
                SysLog::addLog(UserSession::getUserName(), 'ADD', 'User', $user_id, json_encode($input_data));
                Common::exitWithSuccess('账号添加成功', 'complaint/user.php');
            } else {
                OSAdmin::alert("error");
            }
        }
    }
}
$group_options = UserGroup::getGroupForOptions();
unset($group_options[1]);
Template::assign("_POST", $_POST);
Template::assign('group_options', $group_options);
Template::display('complaint/user_add.tpl');
<?php

include '../config/config.php';
include '../libraries/Database.php';
include '../libraries/User.php';
session_start();
$db = new Database();
$us = new User();
if (isset($_POST['name']) && isset($_POST['password'])) {
    $login = $_POST['name'];
    $user = $db->select($us->getUserByName($login));
    if ($row = $user->fetch_assoc()) {
        $hash = $row['Password'];
        $isAdmin = $row['isAdmin'];
        if (password_verify($_POST['password'], $hash)) {
            //   _SESSION  variables!
            $_SESSION['id'] = $row['id'];
            $_SESSION['user'] = $row['Name'];
            $_SESSION['isAdmin'] = $isAdmin;
            header('Location: index.php');
        } else {
            $error = 'Login failed.';
        }
    } else {
        $error = 'Login failed.';
    }
}
?>

<!DOCTYPE html>
<html lang="en">
	public function renew($username, $resetKey)
	{
		$user = User::getUserByName($username);
		$password = $user->generateNewPassword($resetKey);
		if ($password)
		{
			$user->save();
			
			$site = CoOrg::config()->get('site/title');
			$mail = $this->mail();
			$mail->username = $user->username;
			$mail->newpassword = $password;
			$mail->loginURL = CoOrg::createFullURL(array('user/login'));
			$mail->site = $site;
			$mail->to($user->email)
			     ->subject(t('%site: Your new password', array('site' => $site)))
			     ->send('mails/passwordrenew');
			$this->notice('A mail has been sent to you, containing your new password');
			$this->redirect('/');
		}
		else
		{
			$this->error(t('Invalid key'));
			$this->redirect('/');
		}
	}
Example #14
0
<?php

require '../include/init.inc.php';
$user_name = $password = $remember = $verify_code = '';
extract($_POST, EXTR_IF_EXISTS);
if (Common::isPost()) {
    //	去掉验证码 if(strtolower($verify_code) != strtolower($_SESSION['osa_verify_code'])){
    if (0) {
        OSAdmin::alert("error", ErrorMessage::VERIFY_CODE_WRONG);
    } else {
        /*允许99帐号登录*/
        $user_info = false;
        if (Account99u::verifyUser($user_name, $password)) {
            $user_info = User::getUserByName($user_name);
        } else {
            $user_info = User::checkPassword($user_name, $password);
        }
        if ($user_info) {
            if ($user_info['status'] == 1) {
                User::loginDoSomething($user_info['user_id']);
                if ($remember) {
                    $encrypted = OSAEncrypt::encrypt($user_info['user_id']);
                    User::setCookieRemember(urlencode($encrypted), 30);
                }
                $ip = Common::getIp();
                SysLog::addLog($user_name, 'LOGIN', 'User', UserSession::getUserId(), json_encode(array("IP" => $ip)));
                Common::jumpUrl('panel/index.php');
            } else {
                OSAdmin::alert("error", ErrorMessage::BE_PAUSED);
            }
        } else {
Example #15
0
	public function testAddBlogComment()
	{
		$blog = Blog::getBlog('2010', '04', '10', 'xyzer', 'en');
		$comment = new BlogComment;
		$comment->title = 'RE: XYZ';
		$comment->author = User::getUserByName('nathan');
		$comment->comment = 'Some Comment';
		$comment->spamStatus = PropertySpamStatus::OK;
		$blog->comments[] = $comment;
		
		$blog = Blog::getBlog('2010', '04', '10', 'xyzer', 'en');
		$comments = $blog->comments;
		$this->assertEquals(2, count($comments));
		$this->assertEquals('My comment @ xyzer', $comments[0]->comment);
		$this->assertEquals('Re: XYZER', $comments[0]->title);
	}
	public function testUnlockUser()
	{
		$this->login('dvorak');
		
		$user = User::getUserByName('locked');
		$this->assertTrue($user->isLocked());
		
		$this->request('admin/user/unlock', array(
				'username' => 'locked',
				'from' => 'admin/edit/locked/admin$2fuser$2findex$2f7'
			));
		
		$this->assertRedirected('admin/edit/locked/admin$2fuser$2findex$2f7');
		$this->assertFlashNotice('Unlocked user');
		$user = User::getUserByName('locked');
		$this->assertFalse($user->isLocked());
	}
include 'includes/header.php';
$db = new Database();
$us = new User();
if (isset($_POST['submit'])) {
    //assign post variables
    $name = mysqli_real_escape_string($db->link, $_POST['name']);
    $password = mysqli_real_escape_string($db->link, $_POST['password']);
    $confirm = mysqli_real_escape_string($db->link, $_POST['confirmPassword']);
    $isadmin = mysqli_real_escape_string($db->link, $_POST['isAdmin']);
    // simple validation
    if ($name == '' || $password == '' || $confirm == '' || $isadmin == '') {
        // set error
        $error = 'Please fill out all required fields.';
    } else {
        // make sure name does not already exist
        $checkUsername = $db->select($us->getUserByName($name));
        if (mysqli_num_rows($checkUsername) > 0) {
            $error = 'User name already exists.';
        } else {
            // make sure passwords match
            if ($password != $confirm) {
                $error = 'Passwords must match!';
            } else {
                $hash = password_hash($password, PASSWORD_DEFAULT);
                $insert_row = $db->insert($us->setUser($name, $hash, $isadmin));
            }
        }
    }
}
?>
* des Passwortes.
*
* @author Christian Szech
* @version 1.0
*/
session_start();
require_once 'db_connect.php';
require_once 'user.php';
if (!isset($_POST["username"]) || empty($_POST["username"]) || empty($_POST["username"]) || !isset($_POST["password"])) {
    throw new Exception('Es wurden keine Angaben zum Nutzernamen oder Passwort gemacht.');
}
// Nutzername und Passwort auslesen
$username = $_POST["username"];
$password = $_POST["password"];
try {
    $user = User::getUserByName($username);
    if (!password_verify($password, $user->getPassword())) {
        echo 'Anmeldung fehlgeschlagen. Bitte geben Sie Ihr korrektes Passwort an.';
    }
    session_regenerate_id();
    $_SESSION['userid'] = $user->getId();
    var_dump($_SESSION['userid']);
    $_SESSION['username'] = $username;
    // einmalig die Anzahl an unbetrachteten Anfragen laden
    $dbc = new DBConnect();
    $_SESSION['unviewedCount'] = $dbc->loadViewedCount($user->getId());
    echo "Anmeldung erfolgreich.";
} catch (Exception $e) {
    echo "Anmeldung konnte nicht abgeschlossen werden. Bitte  versuchen Sie es später noch einmal";
    die;
}
	public function testRenewPasswordIncorrectKey()
	{
		$dvorak = User::getUserByName('dvorak');
		$key = $dvorak->resetPassword();
		$dvorak->save();
		
		$this->request('user/password/renew/dvorak/nokey');
		
		$this->assertFlashError('Invalid key');
		$this->assertRedirected('/');
	}