public static function attempt($username, $password)
{
$logger = new Logger();
$loggingUser = new User(NULL, $username);
$verifyUser = $loggingUser->getUserByUsername($username);
var_dump($verifyUser);
if ($username == $verifyUser->attributes['username'] && password_verify($password, $verifyUser->attributes['password'])) {
$_SESSION['logged_in_user'] = $username;
$_SESSION['user_id'] = $verifyUser->attributes['id'];
$logger->info("User {$username} logged in.");
return true;
} else {
$logger->error("User {$username} failed to log in!");
return false;
}
}
protected function authenticate($username, $password, $remember_me = false)
{
$db = DB::getInstance();
$username = $db->db_escape_string($username);
$password = $db->db_escape_string($password);
$user = User::getUserByUsername($username);
if (!is_null($user) && $user->authenticate($password)) {
$context = Context::getInstance();
$context->session->regenerate();
$context->session->userID = (int) $user->id;
$context->user = $user;
if ($remember_me) {
UserToken::setCookieToken($user, Utils::genRandom(10));
}
return true;
}
return false;
}
/**
* Get user's profile
* @param $username
* @return mixed
*/
public function getProfile($username)
{
$userModel = new User();
$user = $userModel->getUserByUsername($username);
// Check if the user exists
if (is_null($user)) {
return App::abort(404);
}
return View::make('site/user/profile', compact('user'));
}
if ($_GET['op'] == 'login') {
if (!checkRecaptchar(RECAPTCHAR_SECRET, $_POST['g-recaptcha-response'])) {
$error = 'reCAPTCHA Invalido';
} else {
if (User::login($_POST['user'], $_POST['pass'])) {
header('location: login.php');
} else {
$error = 'Usuario o clave Inválida';
}
}
} else {
if ($_GET['op'] == 'forgot') {
if (!checkRecaptchar(RECAPTCHAR_SECRET, $_POST['g-recaptcha-response'])) {
$error = 'reCAPTCHA Inválido';
} else {
$userForgot = User::getUserByUsername($_POST['user']);
if (!$userForgot) {
$userForgot = User::getUserByMail(strtolower($_POST['user']));
}
if ($userForgot) {
$newPassword = User::generateRandomPassword(8);
if (User::updateUser($userForgot->id, $userForgot->rol, $userForgot->mail, $newPassword)) {
$msj = 'Se le envió un correo electrónico con su nueva clave.';
email($userForgot->mail, 'Nueva Clave', 'Sr(a). ' . $userForgot->name . ',<br /><br />Su nueva clave de ingreso al sistema es: <b>' . $newPassword . '</b>');
} else {
$error = 'Ocurrió un error interno, intente más tarde.';
}
} else {
$error = 'Usuario o E-Mail no está registrado';
}
}
static function addUser($us)
{
global $db;
if (is_array($us)) {
$t = new CUser();
$t->user = $us['user'];
$t->mail = $us['mail'];
$t->pass = $us['pass'];
$t->name = $us['name'];
$t->rol = $us['rol'];
$us = $t;
}
if ($us instanceof CUser) {
if (User::getUserByUsername($us->user)) {
return E_USER_EXIST;
}
if (User::getUserByMail(strtolower($us->mail))) {
return E_MAIL_EXIST;
}
if ($db->qs("INSERT INTO user (user,pass,mail,name,rol) VALUES ('%s','%s','%s','%s','%d')", array(strtolower(secInjection($us->user)), md5($us->pass . strtolower($us->user) . User::$keySecurity), strtolower(secInjection($us->mail)), secInjection($us->name), intval($us->rol)))) {
return OK;
} else {
return E_SQL_ERROR;
}
}
return E_FORMAT_INVALID;
}
function validateUniqueUser($value, $field, $idval = -1)
{
global $VALIDATE_TEXT;
$VALIDATE_TEXT = "";
// do the provider check
$checkItem = new User();
switch ($field) {
case "username":
$checkItem->getUserByUsername($value);
break;
case "email":
$checkItem->getUserByEmail($value);
break;
default:
echo "Invalid field type ({$field}) for validateUniqueUser";
return false;
}
if ($checkItem->pk == 0 || $checkItem->pk == $idval) {
// no item by this field or current item is using it which is ok
$VALIDATE_TEXT = "";
return true;
}
$VALIDATE_TEXT = "Item is not unique, enter another";
return false;
}
</select>
</td>
</tr>
<tr>
<td colspan="2"><button id="create" name="create" class="btn btn-primary" type="button" onclick="createUser()">Create</button></td>
</tr>
</table>
</form>
<div id="error" class="alert alert-danger" role="alert" style="display: none">
</div>
<?php
} else {
if ($do == 'create') {
extract($_POST);
if (User::getUserByUsername($login)) {
echo 'Username already in use.';
} else {
if (User::getUserByEmail($email)) {
echo 'Email address already in use.';
} else {
$password = User::createPassword();
User::create($login, $email, $division, $clearance, $name, $rank, $password);
$to = $email;
$subject = 'IRIN - New Account';
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1" . "\r\n";
$headers .= "From: IRIN <*****@*****.**>" . "\r\n";
$message = 'A new account has been created with your email address.<br /><br /><b>Login ID:</b> ' . $login . '<br /><b>New Password:</b> ' . $password . '<br /><b>Name:</b> ' . $name;
//mail($to, $subject, $message, $headers);
$mail->setFrom('*****@*****.**', 'IRIN');
/**
* Get edit user's profile
* @param $username
* @return mixed
*/
public function getEdit($username)
{
$userModel = new User();
$user = $userModel->getUserByUsername($username);
$countries = Country::lists('country', 'id');
$cities = City::where('country_id', Country::DEFAULT_COUNTRY)->lists('city', 'id');
// Check if the user exists
if (is_null($user)) {
return App::abort(404);
}
$images = Picture::getByRefId($user->id, 'user');
return View::make('site/user/edit', compact('user', 'countries', 'cities'))->nest('imageForm', 'site.partials.image.create', ['refId' => $user->id, 'type' => 'user', 'images' => $images]);
}
//合法性判断
//验证码合法性判断
if (empty($captcha)) {
my_redirect('privilege.php?act=login', '验证码不能为空!', '正在为您重新跳转到页面登陆');
}
//数据合法性判断
if (empty($username) || empty($username)) {
//跳转
my_redirect('privilege.php?act=login', '用户名或密码不能为空!', '正在为您重新跳转到登陆页面');
}
//合理性判断
if (!Captcha::checkCaptcha($captcha)) {
my_redirect('privilege.php?act=login', '验证码错误!', '正在为您重新跳转到登陆页面');
}
$user = new User();
if ($users = $user->getUserByUsername($username)) {
//用户名存在
if (md5('yimai' . $password) === $users['u_password']) {
//密码正确
//将用户信息写入session
@session_start();
$_SESSION['user_id'] = $users['id'];
if (!isset($_SESSION['uri'])) {
my_redirect('index.php?act=view&id=2', '登陆成功!', '正在为您重新跳转到首页!', 1000);
} else {
my_redirect("{$_SESSION['uri']}", '登陆成功!', '正在为您重新跳转到易买网!', 1000);
}
} else {
//密码错误
my_redirect('privilege.php?act=login', '密码错误!', '正在为您重新跳转到登陆页面!');
}
<?php
require_once 'lib/path.php';
//$_SESSION['lastactive'] = $_GET['time'];
if (!isset($_SESSION['user'])) {
if (!isset($_COOKIE['user'])) {
//setcookie('page', $_GET['page'], time() + 60*30);
echo 'false';
} else {
$_SESSION['user'] = User::getUserByUsername($_COOKIE['user']);
echo 'true';
}
} else {
echo 'true';
}
