<?php session_start(); include "config.php"; include "private_functions.php"; include "functions.php"; if (isset($_SESSION['auth']) && $_SESSION['auth'] == 1) { header('Location: ' . $home . 'index.php'); } if (isset($_POST['username']) && isset($_POST['pw'])) { $pw = hash_pw($_POST['pw']); $dbh = db_connect($MY_HOST, $MY_DB_PORT, $MY_DB, $DB_USER, $DB_PW); $res = login($dbh, $_POST['username'], $pw); error_log("In Error Log -----> test login"); if ($res['status'] == 1) { session_login($res['userID']); header("Location: " . $home . "index.php"); } else { $err_msg = "Invalid login"; } } ?> <html> <head> <title>Login</title> <?php html_output_head(); ?> </head> <body> <div class="container">
<?php include_once 'model/session_manager.php'; include_once 'model/signup_logic.php'; $validFields = validFields(); function validFields() { global $username_err, $password_err; global $username, $password; $valid = true; if (!array_key_exists('username', $_POST) | $_POST['username'] === "") { $username_err = "*Please enter username"; $valid = false; } if (username_is_free($username)) { $username_err = $username_err . " *Username not in the system"; $valid = false; } if (!array_key_exists('password', $_POST) | $_POST['password'] === "") { $password_err = "*Please enter password"; $valid = false; } return $valid; } if ($validFields) { $login_success = session_login($username, $password); if (!$login_success) { $password_err = " *Incorrect password"; } }
$data['identity'] = $provider; if (isset($data['name'])) { $data['fullname'] = $data['name']; } $user = User::get_by_identity_openidConnectSub($provider, $data['sub']); if (!$user && $oidc->getPlainOpenid()) { // This may be the first time the user logs in after the migration from // OpenID 2.0 to OpenID Connect. $user = User::get_by_identity($oidc->getPlainOpenid()); if ($user) { $user->identity = null; // session_login will overwrite it } } if ($user) { session_login($user, $data); } else { // First time logging in, must claim an existing account or create a new one // TODO this duplicates code in revenireOpenid.php $user = isset($data['email']) ? User::get_by_email($data['email']) : null; $loginType = $user ? 0 : (isset($data['fullname']) ? 1 : (isset($data['nickname']) ? 2 : 3)); // Store the identity in a temporary file. Don't print it in the form, because then it can be faked on the next page. $randString = util_randomCapitalLetterString(20); FileCache::put($randString, $data); SmartyWrap::assign('page_title', 'Autentificare cu OpenID'); SmartyWrap::assign('suggestHiddenSearchForm', true); SmartyWrap::assign('data', $data); SmartyWrap::assign('randString', $randString); SmartyWrap::assign('loginType', $loginType); SmartyWrap::display('auth/chooseIdentity.ihtml'); }
} } } else { $openidNick = $loginType == 1 ? $data['fullname'] : ($loginType == 2 ? $data['nickname'] : $nick); $user = User::get_by_nick($openidNick); if ($user) { FlashMessage::add('Acest nume de utilizator este deja luat.'); } else { if (mb_strlen($openidNick) < 3 || mb_strlen($openidNick) > 20) { FlashMessage::add('Numele de utilizator trebuie să aibă între 3 și 20 de caractere.'); } else { if (!preg_match("/^([-a-z0-9_. ]|ă|â|î|ș|ț|Ă|Â|Î|Ș|Ț)+\$/i", $openidNick)) { FlashMessage::add('Numele de utilizator poate conține doar litere, cifre, spații și simbolurile . - _'); } else { if (!preg_match("/[a-z]|ă|â|î|ș|ț|Ă|Â|Î|Ș|Ț/i", $openidNick)) { FlashMessage::add('Numele de utilizator trebuie să conțină cel puțin o literă.'); } else { $data['nickname'] = $openidNick; session_login(null, $data); } } } } } } smarty_assign('page_title', 'Autentificare cu OpenID'); smarty_assign('suggestHiddenSearchForm', true); smarty_assign('data', $data); smarty_assign('randString', $randString); smarty_assign('loginType', $loginType); smarty_displayCommonPageWithSkin('auth/chooseIdentity.ihtml');
} if (!array_key_exists('phonenumber', $_POST) | $_POST['phonenumber'] === "") { $phonenumber_err = "*Mandatory field"; $valid = false; } if (!array_key_exists('date_of_birth', $_POST) | $_POST['date_of_birth'] === "") { $date_of_birth_err = "*Mandatory field"; $valid = false; } if (!array_key_exists('username', $_POST) | $_POST['username'] === "") { $username_err = "*Mandatory field"; $valid = false; } if (!username_is_free($username)) { $username_err = $username_err . " *Username is in use"; $valid = false; } if (!array_key_exists('password', $_POST) | $_POST['password'] === "") { $password_err = "*Mandatory field"; $valid = false; } if (!array_key_exists('gender', $_POST) | $_POST['gender'] === "") { $gender_err = "*Mandatory field"; $valid = false; } return $valid; } if ($validFields && !is_user_connected()) { signup_client($firstname, $lastname, $email, $phonenumber, $date_of_birth, $username, $password, $interests, $gender); session_login($username, $password); }
if (array_key_exists('search_bar_coupon_distance', $_GET)) { $search_bar_coupon_distance = $_GET["search_bar_coupon_distance"]; if ($search_bar_coupon_distance != "55") { $search_bar_coupon_distance_bool = true; } } if ($search_bar_coupon_distance_bool && array_key_exists('user_location_latitude', $_GET)) { $user_location_latitude = $_GET["user_location_latitude"]; $user_location_latitude_bool = true; } if ($search_bar_coupon_distance_bool && array_key_exists('user_location_longitude', $_GET)) { $user_location_longitude = $_GET["user_location_longitude"]; $user_location_longitude_bool = true; } if (array_key_exists('login_username', $_POST)) { session_login($_POST[login_username], $_POST[login_password]); } if (array_key_exists('user_location_longitude', $_POST)) { $user_location_longitude = $_POST["user_location_longitude"]; } if (array_key_exists('user_location_latitude', $_POST)) { $user_location_latitude = $_POST["user_location_latitude"]; } if (array_key_exists('section', $_GET)) { $section = $_GET["section"]; } if (array_key_exists('sub_section', $_GET)) { $sub_section = $_GET["sub_section"]; } if (array_key_exists('item', $_GET)) { $item = $_GET["item"];
$priv = util_getRequestParameter('priv'); $devel = Config::get('global.developmentMode'); if ($fakeUserNick) { if (!$devel) { FlashMessage::add('Conectarea cu utilizatori de test este permisă doar în development.'); util_redirect('login'); } $user = User::get_by_nick($fakeUserNick); if (!$user) { $user = Model::factory('User')->create(); $user->identity = 'http://fake.example.com'; $user->nick = $fakeUserNick; $user->name = $fakeUserNick; $user->moderator = array_sum($priv); $user->save(); session_login($user, array()); } } switch ($openid) { case 'google': $openid = "https://accounts.google.com/o/oauth2/auth"; break; case 'yahoo': $openid = "http://yahoo.com/"; break; } if ($openid) { // Add protocol if missing if (!StringUtil::startsWith($openid, 'http://') && !StringUtil::startsWith($openid, 'https://')) { $openid = "http://{$openid}"; }
die; } } else { $loginError = true; } } } if (isset($_POST[$btnResetPassword])) { // testando se as senhas digitadas são iguais if (strcasecmp($_POST[$inputSenha1], $_POST[$inputSenha2]) == 0) { // altera a senha no banco $hashedPassword = password_hash($_POST[$inputSenha1], PASSWORD_DEFAULT); $result = db_query("UPDATE " . $sqlTabUsuario . " SET senha =" . db_quote($hashedPassword) . ", resetarsenha=false WHERE login = "******"container-fluid"> <div class="row"> <div class="col-md-3 col-md-offset-4">