<?php
session_start();
include "config.php";
include "private_functions.php";
include "functions.php";
if (isset($_SESSION['auth']) && $_SESSION['auth'] == 1) {
header('Location: ' . $home . 'index.php');
}
if (isset($_POST['username']) && isset($_POST['pw'])) {
$pw = hash_pw($_POST['pw']);
$dbh = db_connect($MY_HOST, $MY_DB_PORT, $MY_DB, $DB_USER, $DB_PW);
$res = login($dbh, $_POST['username'], $pw);
error_log("In Error Log -----> test login");
if ($res['status'] == 1) {
session_login($res['userID']);
header("Location: " . $home . "index.php");
} else {
$err_msg = "Invalid login";
}
}
?>
<html>
<head>
<title>Login</title>
<?php
html_output_head();
?>
</head>
<body>
<div class="container">
<?php
include_once 'model/session_manager.php';
include_once 'model/signup_logic.php';
$validFields = validFields();
function validFields()
{
global $username_err, $password_err;
global $username, $password;
$valid = true;
if (!array_key_exists('username', $_POST) | $_POST['username'] === "") {
$username_err = "*Please enter username";
$valid = false;
}
if (username_is_free($username)) {
$username_err = $username_err . " *Username not in the system";
$valid = false;
}
if (!array_key_exists('password', $_POST) | $_POST['password'] === "") {
$password_err = "*Please enter password";
$valid = false;
}
return $valid;
}
if ($validFields) {
$login_success = session_login($username, $password);
if (!$login_success) {
$password_err = " *Incorrect password";
}
}
$data['identity'] = $provider;
if (isset($data['name'])) {
$data['fullname'] = $data['name'];
}
$user = User::get_by_identity_openidConnectSub($provider, $data['sub']);
if (!$user && $oidc->getPlainOpenid()) {
// This may be the first time the user logs in after the migration from
// OpenID 2.0 to OpenID Connect.
$user = User::get_by_identity($oidc->getPlainOpenid());
if ($user) {
$user->identity = null;
// session_login will overwrite it
}
}
if ($user) {
session_login($user, $data);
} else {
// First time logging in, must claim an existing account or create a new one
// TODO this duplicates code in revenireOpenid.php
$user = isset($data['email']) ? User::get_by_email($data['email']) : null;
$loginType = $user ? 0 : (isset($data['fullname']) ? 1 : (isset($data['nickname']) ? 2 : 3));
// Store the identity in a temporary file. Don't print it in the form, because then it can be faked on the next page.
$randString = util_randomCapitalLetterString(20);
FileCache::put($randString, $data);
SmartyWrap::assign('page_title', 'Autentificare cu OpenID');
SmartyWrap::assign('suggestHiddenSearchForm', true);
SmartyWrap::assign('data', $data);
SmartyWrap::assign('randString', $randString);
SmartyWrap::assign('loginType', $loginType);
SmartyWrap::display('auth/chooseIdentity.ihtml');
}
}
}
} else {
$openidNick = $loginType == 1 ? $data['fullname'] : ($loginType == 2 ? $data['nickname'] : $nick);
$user = User::get_by_nick($openidNick);
if ($user) {
FlashMessage::add('Acest nume de utilizator este deja luat.');
} else {
if (mb_strlen($openidNick) < 3 || mb_strlen($openidNick) > 20) {
FlashMessage::add('Numele de utilizator trebuie să aibă între 3 și 20 de caractere.');
} else {
if (!preg_match("/^([-a-z0-9_. ]|ă|â|î|ș|ț|Ă|Â|Î|Ș|Ț)+\$/i", $openidNick)) {
FlashMessage::add('Numele de utilizator poate conține doar litere, cifre, spații și simbolurile . - _');
} else {
if (!preg_match("/[a-z]|ă|â|î|ș|ț|Ă|Â|Î|Ș|Ț/i", $openidNick)) {
FlashMessage::add('Numele de utilizator trebuie să conțină cel puțin o literă.');
} else {
$data['nickname'] = $openidNick;
session_login(null, $data);
}
}
}
}
}
}
smarty_assign('page_title', 'Autentificare cu OpenID');
smarty_assign('suggestHiddenSearchForm', true);
smarty_assign('data', $data);
smarty_assign('randString', $randString);
smarty_assign('loginType', $loginType);
smarty_displayCommonPageWithSkin('auth/chooseIdentity.ihtml');
}
if (!array_key_exists('phonenumber', $_POST) | $_POST['phonenumber'] === "") {
$phonenumber_err = "*Mandatory field";
$valid = false;
}
if (!array_key_exists('date_of_birth', $_POST) | $_POST['date_of_birth'] === "") {
$date_of_birth_err = "*Mandatory field";
$valid = false;
}
if (!array_key_exists('username', $_POST) | $_POST['username'] === "") {
$username_err = "*Mandatory field";
$valid = false;
}
if (!username_is_free($username)) {
$username_err = $username_err . " *Username is in use";
$valid = false;
}
if (!array_key_exists('password', $_POST) | $_POST['password'] === "") {
$password_err = "*Mandatory field";
$valid = false;
}
if (!array_key_exists('gender', $_POST) | $_POST['gender'] === "") {
$gender_err = "*Mandatory field";
$valid = false;
}
return $valid;
}
if ($validFields && !is_user_connected()) {
signup_client($firstname, $lastname, $email, $phonenumber, $date_of_birth, $username, $password, $interests, $gender);
session_login($username, $password);
}
if (array_key_exists('search_bar_coupon_distance', $_GET)) {
$search_bar_coupon_distance = $_GET["search_bar_coupon_distance"];
if ($search_bar_coupon_distance != "55") {
$search_bar_coupon_distance_bool = true;
}
}
if ($search_bar_coupon_distance_bool && array_key_exists('user_location_latitude', $_GET)) {
$user_location_latitude = $_GET["user_location_latitude"];
$user_location_latitude_bool = true;
}
if ($search_bar_coupon_distance_bool && array_key_exists('user_location_longitude', $_GET)) {
$user_location_longitude = $_GET["user_location_longitude"];
$user_location_longitude_bool = true;
}
if (array_key_exists('login_username', $_POST)) {
session_login($_POST[login_username], $_POST[login_password]);
}
if (array_key_exists('user_location_longitude', $_POST)) {
$user_location_longitude = $_POST["user_location_longitude"];
}
if (array_key_exists('user_location_latitude', $_POST)) {
$user_location_latitude = $_POST["user_location_latitude"];
}
if (array_key_exists('section', $_GET)) {
$section = $_GET["section"];
}
if (array_key_exists('sub_section', $_GET)) {
$sub_section = $_GET["sub_section"];
}
if (array_key_exists('item', $_GET)) {
$item = $_GET["item"];
$priv = util_getRequestParameter('priv');
$devel = Config::get('global.developmentMode');
if ($fakeUserNick) {
if (!$devel) {
FlashMessage::add('Conectarea cu utilizatori de test este permisă doar în development.');
util_redirect('login');
}
$user = User::get_by_nick($fakeUserNick);
if (!$user) {
$user = Model::factory('User')->create();
$user->identity = 'http://fake.example.com';
$user->nick = $fakeUserNick;
$user->name = $fakeUserNick;
$user->moderator = array_sum($priv);
$user->save();
session_login($user, array());
}
}
switch ($openid) {
case 'google':
$openid = "https://accounts.google.com/o/oauth2/auth";
break;
case 'yahoo':
$openid = "http://yahoo.com/";
break;
}
if ($openid) {
// Add protocol if missing
if (!StringUtil::startsWith($openid, 'http://') && !StringUtil::startsWith($openid, 'https://')) {
$openid = "http://{$openid}";
}
die;
}
} else {
$loginError = true;
}
}
}
if (isset($_POST[$btnResetPassword])) {
// testando se as senhas digitadas são iguais
if (strcasecmp($_POST[$inputSenha1], $_POST[$inputSenha2]) == 0) {
// altera a senha no banco
$hashedPassword = password_hash($_POST[$inputSenha1], PASSWORD_DEFAULT);
$result = db_query("UPDATE " . $sqlTabUsuario . " SET senha =" . db_quote($hashedPassword) . ", resetarsenha=false WHERE login = "******"container-fluid">
<div class="row">
<div class="col-md-3 col-md-offset-4">
