Beispiel #1
0
 }
 if ($fullname) {
     $form_values["fullname"] = $fullname['value'];
 }
 if ($email) {
     $form_values["email"] = $email['value'];
 }
 if ($password) {
     $form_values["password"] = $password['value'];
 }
 if (!$captcha->is_valid) {
     $flash = array('type' => 'error', 'msg' => sprintf(T_("The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA said: %s)"), $captcha->error));
 } else {
     $ip = getIP();
     if ($user_id['success'] && $fullname['success'] && $email['success']) {
         $token = generateUserToken($fullname, $email, $password);
         $validation_url = BP_PLANET_URL . "/user/api/index.php?ajax=account&action=validate&user="******"Signup of user %s,"), $user_id['value']);
         $bmsg = T_("User id :") . " " . $user_id['value'];
         $bmsg .= "\n" . T_("Fullname :") . " " . $fullname['value'];
         $bmsg .= "\n" . T_("Email :") . " " . $email['value'];
         $bmsg .= "\nIP : {$ip}";
         $msg .= $bmsg;
         $msg .= "\n\n" . T_("Please validate your account by going on the following link :");
         $msg .= "\n " . $validation_url;
         $msg .= "\n\n" . T_("NOTE: the link will expire in 3 days.");
         $msg .= "\n\n" . T_("Thank you");
         $msg .= "\n" . $blog_settings->get('author');
         # TODO : the mail should contain a special token to signup
         # Send email to new user to confirm email
     }
     if ($rs1->f('user_email') == $user_email['value']) {
         $error[] = sprintf(T_('The email address %s is already in use'), $user_email['value']);
     }
 }
 $rs2 = $core->con->select("SELECT " . $core->prefix . "user.user_id FROM " . $core->prefix . "user, " . $core->prefix . "site\n\t\t\t\tWHERE " . $core->prefix . "site.user_id = " . $core->prefix . "user.user_id AND site_url = '" . $site['value'] . "'");
 if ($rs2->count() > 0) {
     $error[] = sprintf(T_('The website %s is already assigned to the user %s'), $user_site['value'], $user_id['value']);
 }
 if (empty($error)) {
     $cur = $core->con->openCursor($core->prefix . 'user');
     $cur->user_id = $user_id['value'];
     $cur->user_fullname = $user_fullname['value'];
     $cur->user_email = $user_email['value'];
     $cur->user_pwd = crypt::hmac('BP_MASTER_KEY', $user_password['value']);
     $cur->user_token = generateUserToken($user_fullname['value'], $user_email['value'], $password['value']);
     $cur->user_status = 1;
     $cur->user_lang = 'en';
     $cur->created = array(' NOW() ');
     $cur->modified = array(' NOW() ');
     $cur->insert();
     if (!empty($user_site['value'])) {
         # Get next ID
         $rs3 = $core->con->select('SELECT MAX(site_id) ' . 'FROM ' . $core->prefix . 'site ');
         $next_site_id = (int) $rs3->f(0) + 1;
         $cur = $core->con->openCursor($core->prefix . 'site');
         $cur->site_id = $next_site_id;
         $cur->user_id = $user_id['value'];
         $cur->site_name = '';
         $cur->site_url = $user_site['value'];
         $cur->site_status = 1;
Beispiel #3
0
         }
         unset($_tz);
     }
 }
 # Create schema
 $_s = new dbStruct($core->con, $core->prefix);
 require dirname(__FILE__) . '/../../inc/dbschema/db-schema.php';
 $si = new dbStruct($core->con, $core->prefix);
 $changes = $si->synchronize($_s);
 # Create user
 $cur = $core->con->openCursor($core->prefix . 'user');
 $cur->user_id = (string) $u_login;
 $cur->user_fullname = (string) $u_fullname;
 $cur->user_email = (string) $u_email;
 $cur->user_pwd = crypt::hmac('BP_MASTER_KEY', $u_pwd);
 $cur->user_token = generateUserToken($u_fullname, $u_email, $u_pwd);
 $cur->user_lang = $p_lang;
 $cur->created = array('NOW()');
 $cur->modified = array('NOW()');
 $cur->insert();
 if (!empty($u_site)) {
     # Get next ID
     $rs3 = $core->con->select('SELECT MAX(site_id) ' . 'FROM ' . $core->prefix . 'site ');
     $next_site_id = (int) $rs3->f(0) + 1;
     $cur = $core->con->openCursor($core->prefix . 'site');
     $cur->site_id = $next_site_id;
     $cur->user_id = $u_login;
     $cur->site_name = 'Author site';
     $cur->site_url = $u_site;
     $cur->site_status = 1;
     $cur->created = array(' NOW() ');
Beispiel #4
0
 /**
  * 获取用户凭证(包括获取超级用户的用户凭证)
  * 超级用户ID:-1(程序内部推送消息需要用到)
  * @param $userId 用户ID   -1:获取超级用户的用户凭证
  * @param $expire 期限(秒) -1:没有生存期限,一直保存在Redis中
  * @return false:生成失败   其它值:$userToken 用户凭证
  */
 protected function getUserToken($userId, $expire = 3600)
 {
     $maxNums = 7;
     // 最多循环生成次数
     $userToken = false;
     $isSuccess = false;
     // 记录是否生成userToken成功
     for ($i = 0; $i < $maxNums; $i++) {
         $userToken = generateUserToken($userId);
         $saveUserId = p\MyRedis::get("token.to.userid:{$userToken}");
         if ($saveUserId) {
             // 用户凭证已经存在
             $isSuccess = false;
             continue;
         } else {
             $isSuccess = true;
             if ($expire == -1) {
                 // 没有生存期限,一直保存在Redis中
                 p\MyRedis::set("token.to.userid:{$userToken}", $userId);
             } else {
                 p\MyRedis::set("token.to.userid:{$userToken}", $userId, $expire);
             }
             break;
         }
     }
     if (!$isSuccess) {
         $userToken = false;
     }
     // 生成失败
     return $userToken;
 }
Beispiel #5
0
    # We check the user
    $check_user = $core->auth->checkUser($user_id, $user_pwd, $user_key) === true;
    $cookie_admin = http::browserUID('BP_MASTER_KEY' . $user_id . crypt::hmac('BP_MASTER_KEY', $user_pwd)) . bin2hex(pack('a32', $user_id));
    if ($check_user) {
        $core->session->start();
        $_SESSION['sess_user_id'] = $user_id;
        $_SESSION['sess_browser_uid'] = http::browserUID('BP_MASTER_KEY');
        if (!empty($_POST['user_remember'])) {
            setcookie('bp_admin', $cookie_admin, strtotime('+30 days'), '', '');
        }
        $rs = $core->con->select('SELECT user_token, user_email, user_id, user_fullname, user_pwd
			FROM ' . $core->prefix . 'user WHERE user_id=\'' . $user_id . '\'');
        # if no token exists, create one
        $rs->extend('rsExtUser');
        if ($rs->user_token == '') {
            $token = generateUserToken($rs->user_fullname, $rs->user_email, $rs->user_pwd);
            $curt = $core->con->openCursor($core->prefix . 'user');
            $curt->user_token = $token;
            $curt->modified = array(' NOW() ');
            $curt->update("WHERE user_id='" . $rs->user_id . "'");
        }
        http::redirect($came_from);
    } else {
        if (isset($_COOKIE['bp_admin'])) {
            unset($_COOKIE['bp_admin']);
            setcookie('bp_admin', false, -600, '', '');
        }
        $err = T_('Wrong username or password');
    }
}
if (isset($_GET['user'])) {