function registra_usuario($username, $password, $email) { global $db; if (user_exists($username)) { $mensaje_de_error = "El usuario " . $username . " ya existe"; } else { if (check_email($email) == 0) { $mensaje_de_error = "El mail no es válido"; } else { if (email_exists($email)) { $mensaje_de_error = "El mail " . $email . " ya existe"; } else { $SELECT = "INSERT INTO usuarios ( usuario_login, usuario_password, usuario_email, usuario_nombre )"; $SELECT .= " VALUES ( '" . $username . "', '" . md5($password) . "', '" . $email . "', '" . $username . "' )"; $result = $db->get_results($SELECT); logea("registro " . $username, "", $_SESSION["usuario"]); //Creamos el ranking con un día atrás para que no obtenga beneficios de 60000 al actualizar el ranking hoy $SELECT = "INSERT INTO ranking ( ranking_usuario, ranking_saldo, ranking_invertido, ranking_total, ranking_beneficio_hoy, ranking_fecha ) "; $SELECT .= " VALUES ( '" . $username . "', '60000', '0', '60000', '0', CURDATE()-INTERVAL 1 DAY )"; $result = $db->get_results($SELECT); } } } return $mensaje_de_error; }
/** * Get username, realname and email from for a given user id * @param integer $p_user_id A valid user identifier. * @return array */ function mci_account_get_array_by_id($p_user_id) { $t_result = array(); $t_result['id'] = $p_user_id; if (user_exists($p_user_id)) { $t_current_user_id = auth_get_current_user_id(); $t_access_level = user_get_field($t_current_user_id, 'access_level'); $t_can_manage = access_has_global_level(config_get('manage_user_threshold')) && access_has_global_level($t_access_level); # this deviates from the behaviour of view_user_page.php, but it is more intuitive $t_is_same_user = $t_current_user_id === $p_user_id; $t_can_see_realname = access_has_project_level(config_get('show_user_realname_threshold')); $t_can_see_email = access_has_project_level(config_get('show_user_email_threshold')); $t_result['name'] = user_get_field($p_user_id, 'username'); if ($t_is_same_user || $t_can_manage || $t_can_see_realname) { $t_realname = user_get_realname($p_user_id); if (!empty($t_realname)) { $t_result['real_name'] = $t_realname; } } if ($t_is_same_user || $t_can_manage || $t_can_see_email) { $t_email = user_get_email($p_user_id); if (!empty($t_email)) { $t_result['email'] = $t_email; } } } return $t_result; }
function checkLogin($u, $p) { global $seed; // global because $seed is declared in the header.php file if (!valid_username($u) || !valid_password($p) || !user_exists($u)) { return false; // the name was not valid, or the password, or the username did not exist } //Now let us look for the user in the database. $query = sprintf("\n\t\tSELECT loginid \n\t\tFROM login \n\t\tWHERE \n\t\tusername = '******' AND password = '******' \n\t\tAND disabled = 0 AND activated = 1 \n\t\tLIMIT 1;", mysql_real_escape_string($u), mysql_real_escape_string(sha1($p . $seed))); $result = mysql_query($query); // If the database returns a 0 as result we know the login information is incorrect. // If the database returns a 1 as result we know the login was correct and we proceed. // If the database returns a result > 1 there are multple users // with the same username and password, so the login will fail. if (mysql_num_rows($result) != 1) { return false; } else { // Login was successfull $row = mysql_fetch_array($result); // Save the user ID for use later $_SESSION['loginid'] = $row['loginid']; // Save the username for use later $_SESSION['username'] = $u; // Now we show the userbox return true; } return false; }
/** * prepares the name of the user given the id. also makes it an email link. * @param int $p_user_id * @return string */ function prepare_user_name($p_user_id) { # Catch a user_id of NO_USER (like when a handler hasn't been assigned) if (NO_USER == $p_user_id) { return ''; } $t_username = user_get_name($p_user_id); if (user_exists($p_user_id) && user_get_field($p_user_id, 'enabled')) { $t_username = string_display_line($t_username); // WK/BFE: Original-Zeile auskommentiert: , LB/BFE 2015 // return '<a href="' . string_sanitize_url( 'view_user_page.php?id=' . $p_user_id, true ) . '">' . $t_username . '</a>'; // ersetzt durch: (Link auf view_user_page nur wenn globale Rolle mindestens $g_manage_user_threshold if (user_is_administrator(auth_get_current_user_id())) { return '<a href="' . string_sanitize_url('view_user_page.php?id=' . $p_user_id, true) . '">' . $t_username . '</a>'; } else { return $t_username; } // WK/BFE: Ende der Modifikation } else { $t_result = '<font STYLE="text-decoration: line-through">'; $t_result .= string_display_line($t_username); $t_result .= '</font>'; return $t_result; } }
/** * @param $in * @return array * * @code * $ php index.php "route=user.Controller.register&username=abc&password=1234&email=abc@def.com" * @endcode * */ public function register($in) { if (!isset($in['username'])) { sys()->log("Username is empty."); return ERROR(-111, "Username is empty."); } if (!isset($in['password'])) { return ERROR(-1121, "Password is empty."); } if (!isset($in['email'])) { return ERROR(-113, "Email is empty."); } if (user_exists($in['username'])) { return ERROR(-121, "User: {$in['username']} exists."); } if (user_email_exists($in['email'])) { return ERROR(-121, "User email: {$in['email']} exists."); } $sets = array(); $sets['username'] = $in['username']; $sets['password'] = password_encrypt($in['password']); $sets['email'] = $in['email']; $sets['first_name'] = hi('first_name', ''); $sets['middle_name'] = hi('middle_name', ''); $sets['last_name'] = hi('last_name'); $sets['mobile'] = hi('mobile', ''); $sets['landline'] = hi('landline', ''); $sets['address'] = hi('address'); $re = user()->create()->sets($sets)->save(); if ($re) { return SUCCESS(); } else { return ERROR(-4, 'Failed on saving user information.'); } }
function getData() { parent::getData(); $this->wop = value_from_POST_GET(FMWK_PARAM_OP, 'sign'); if (empty($this->asked_app)) { $this->asked_app = value_from_POST('asked_app', Null); } $op = $this->wop; $siteuser = $this->site->username(); $this->user_signed = isset($siteuser); if ($this->user_signed) { $this->wusername = $siteuser; } else { $this->wusername = value_from_POST('username', Null); $this->wpassword = value_from_POST('password', Null); } switch ($op) { case 'logout': $auth = $this->site->auth; $auth->logoutUser($this->wusername); $this->site->redirectToApp($this->asked_app); exit; break; case 'login': if ($this->user_signed) { $this->message .= "Already authentificated in"; $this->wop = 'info'; } else { $is_ok = FALSE; if (!empty($this->wusername)) { $auth = $this->site->auth; if (isset($auth)) { $is_ok = $auth->loginUser($this->wusername, $this->wpassword); } } if ($is_ok) { require_once INC_DIR . "users.inc"; if (user_exists($auth->signed_username)) { $this->message .= "Welcome"; $this->wop = 'login'; $this->site->redirectToApp($this->asked_app); } else { $this->message .= "Sorry your account is not configured yet.<br/>"; $auth->logoutUser(); $this->wop = 'sign'; } } else { $this->message .= "Invalid login or password"; $this->wop = 'sign'; } } break; default: $this->wop = 'info'; break; } }
function adduser($username, $password, $level, $email = "", $realname = "", $can_modify_passwd = '1', $description = "") { if (!user_exists($username)) { $encrypted = crypt($password, '$1$' . generateSalt(8) . '$'); return dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname, 'can_modify_passwd' => $can_modify_passwd, 'descr' => $description), 'users'); } else { return FALSE; } }
function __construct($Username, $key) { if (!user_exists($Username)) { return false; } $this->username = $Username; $this->rehash(); $_SESSION['user'] =& $this; $this->decryptionKey = $key; }
function adduser($username, $password, $level, $email = '', $realname = '', $can_modify_passwd = '1') { if (!user_exists($username)) { $hasher = new PasswordHash(8, false); $encrypted = $hasher->HashPassword($password); return dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname), 'users'); } else { return false; } }
function adduser($username, $password, $level, $email = "", $realname = "", $can_modify_passwd = 1, $description = "", $twofactor = 0) { if (!user_exists($username)) { $hasher = new PasswordHash(8, FALSE); $encrypted = $hasher->HashPassword($password); return dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname, 'can_modify_passwd' => $can_modify_passwd, 'descr' => $description, 'twofactor' => $twofactor), 'users'); } else { return FALSE; } }
function pass_check($user, $pass) { if (user_exists($user)) { $hpass = sha1(sha1($pass)); $q = "SELECT COUNT(*) FROM users WHERE user='******' AND pass='******'"; $res = db_fetch_array(db_query($q), SQLITE_NUM); return $res['0']['0']; } else { return FALSE; } }
private function update_user() { $fb_response = $this->facebook->api('/me'); $this->display_name = $fb_response['name']; global $db; if (user_exists($this)) { $this->updated = time(); $db->query('UPDATE users SET display_name = "' . $this->display_name . '", updated = ' . $this->updated . ' WHERE uid = ' . $this->uid); } else { create_user($this); } }
function authenticate($username, $password) { global $config; if (isset($_SERVER['REMOTE_USER'])) { $_SESSION['username'] = mres($_SERVER['REMOTE_USER']); if (user_exists($_SESSION['username'])) { return 1; } $_SESSION['username'] = $config['http_auth_guest']; return 1; } return 0; }
function verify_password($pseudo, $password) { $error = false; //Pseudo pas existant if (!user_exists(array('pseudo' => $pseudo, 'password' => sha1(md5($password))))) { $_SESSION['connexion_error'][] = 'Le mot de passe entré n\'est pas le bon.'; $error = true; } if (!$error) { return true; } return false; }
function generate_request($email, &$db) { //echo "generate request function called. <br><br>"; $user_confirmed = user_exists($email, $db); if ($user_confirmed[0]) { $requestkey = mt_rand(10000000, mt_getrandmax()); $time = time(); //echo "user confirmed to exist; request key generated: $requestkey <br><br>"; try { $sql = 'INSERT INTO password_reset_requests (email, requestkey, time) VALUES (:email, :requestkey, :time)'; $stmt = $db->prepare($sql); $stmt->bindValue(':email', $email); $stmt->bindValue(':requestkey', $requestkey); $stmt->bindValue(':time', $time); $stmt->execute(); $errorInfo = $stmt->errorInfo(); if (isset($errorInfo[2])) { $error = $errorInfo[2]; } } catch (Exception $e) { $error = $e->getMessage(); } if (isset($error)) { //echo "database error in request insertion: $error <br><br>"; return [false, $error]; } $requestid = $db->lastInsertId(); if (!isset($requestid)) { //echo "error: no request id returned by db. <br><br>"; return [false, 'Error: Could not add request to database.']; } else { //echo "made it! have a request id: $requestid <br><br>"; $key = $requestid . '-' . $requestkey; //echo "about to generate an email with address $email and key $key <br><br>"; if (generate_email($email, $key)) { //echo "email sent. <br><br>"; return [true]; } else { //echo "email not sent. <br><br>"; return [false, "Error: email could not be sent."]; } } } else { //echo "user does not exist. <br><br>"; return $user_confirmed; // already in the form [false, error] } }
/** * prepares the name of the user given the id. also makes it an email link. * @param int $p_user_id * @return string */ function prepare_user_name( $p_user_id ) { # Catch a user_id of NO_USER (like when a handler hasn't been assigned) if( NO_USER == $p_user_id ) { return ''; } $t_username = user_get_name( $p_user_id ); $t_username = string_display_line( $t_username ); if( user_exists( $p_user_id ) && user_get_field( $p_user_id, 'enabled' ) ) { return '<a class="user" href="' . string_sanitize_url( 'view_user_page.php?id=' . $p_user_id, true ) . '">' . $t_username . '</a>'; } else { return '<del class="user">' . $t_username . '</del>'; } }
function create_user($dbc, $username, $password, $password2, $firstname, $lastname) { if ($password != $password2) { return false; } if (user_exists($dbc, $username)) { return false; } $create_user = "******"; $stmt = mysqli_prepare($dbc, $create_user); $password_hash = password_hash($password, PASSWORD_DEFAULT); mysqli_stmt_bind_param($stmt, "ssss", $username, $password_hash, $firstname, $lastname); mysqli_stmt_execute($stmt); $affected_rows = mysqli_stmt_affected_rows($stmt); return $affected_rows == 1; }
/** * Gets the avatar information for the user. The avatars are provided by * plugins that can integrate with a variety of services like gravatar.com, * LDAP, Social Identities, etc. * * If logged in user doesn't have access to view avatars or not avatar is found, * then a default avatar will be used. * * Note that the provided user id may no longer has a corresponding user in the * system, if the user was deleted. * * @param integer $p_user_id The user id. * @param integer $p_size The desired width/height of the avatar. * * @return array The array with avatar information. */ public static function get($p_user_id, $p_size = 80) { $t_enabled = config_get('show_avatar') !== OFF; $t_avatar = null; if ($t_enabled) { $t_user_exists = user_exists($p_user_id); if ($t_user_exists && access_has_project_level(config_get('show_avatar_threshold'), null, $p_user_id)) { $t_avatar = event_signal('EVENT_USER_AVATAR', array($p_user_id, $p_size)); } if ($t_avatar === null) { $t_avatar = new Avatar(); } $t_avatar->normalize($p_user_id, $t_user_exists); } return $t_avatar; }
/** * Get username, realname and email from for a given user id * @param integer $p_user_id A valid user identifier. * @return array */ function mci_account_get_array_by_id($p_user_id) { $t_result = array(); $t_result['id'] = $p_user_id; if (user_exists($p_user_id)) { $t_result['name'] = user_get_field($p_user_id, 'username'); $t_dummy = user_get_field($p_user_id, 'realname'); if (!empty($t_dummy)) { $t_result['real_name'] = $t_dummy; } $t_dummy = user_get_field($p_user_id, 'email'); if (!empty($t_dummy)) { $t_result['email'] = $t_dummy; } } return $t_result; }
/** * prepares the name of the user given the id. also makes it an email link. * @param int $p_user_id * @return string */ function prepare_user_name($p_user_id) { # Catch a user_id of NO_USER (like when a handler hasn't been assigned) if (NO_USER == $p_user_id) { return ''; } $t_username = user_get_name($p_user_id); if (user_exists($p_user_id) && user_get_field($p_user_id, 'enabled')) { $t_username = string_display_line($t_username); return '<a href="' . string_sanitize_url('view_user_page.php?id=' . $p_user_id, true) . '">' . $t_username . '</a>'; } else { $t_result = '<font STYLE="text-decoration: line-through">'; $t_result .= string_display_line($t_username); $t_result .= '</font>'; return $t_result; } }
function adduser($username, $password, $level, $email = '', $realname = '', $can_modify_passwd = 1, $description = '', $twofactor = 0) { if (!user_exists($username)) { $hasher = new PasswordHash(8, false); $encrypted = $hasher->HashPassword($password); $userid = dbInsert(array('username' => $username, 'password' => $encrypted, 'level' => $level, 'email' => $email, 'realname' => $realname, 'can_modify_passwd' => $can_modify_passwd, 'descr' => $description, 'twofactor' => $twofactor), 'users'); if ($userid == false) { return false; } else { foreach (dbFetchRows('select notifications.* from notifications where not exists( select 1 from notifications_attribs where notifications.notifications_id = notifications_attribs.notifications_id and notifications_attribs.user_id = ?) order by notifications.notifications_id desc', array($userid)) as $notif) { dbInsert(array('notifications_id' => $notif['notifications_id'], 'user_id' => $userid, 'key' => 'read', 'value' => 1), 'notifications_attribs'); } } return $userid; } else { return false; } }
function new_user() { $exists = true; $user = ""; // inialize vars while ($exists) { $num = rand(2, 3); //Why between 2 and 3? $bytes = openssl_random_pseudo_bytes($num); $user = bin2hex($bytes); $exists = user_exists($user); } // FOR WELLESLELY STUDENTS ONLY //$user = "******" + $user; echo "user created was:"; echo user; return $user; }
function store_user() { global $db, $globals; // syslog(LOG_INFO, "store_user: "******" COOKIE: ".$_COOKIE['return']); $user = $this->user; if (!$this->secret) { $this->secret = $this->service . "-" . $globals['now']; } if (user_exists($this->username)) { $i = 1; while (user_exists($this->username . "_{$i}")) { $i++; } $user->username = $this->username . "_{$i}"; } else { $user->username = $this->username; } if (!$user->pass || preg_match('/$\\$/', $user->pass)) { $user->pass = "******"; } if (!$user->names && $this->names) { $user->names = $this->names; } if (!$user->url && $this->url) { $user->url = $this->url; } if ($user->id == 0) { $user->date = $globals['now']; $user->ip = $globals['user_ip']; $user->email = $this->username . '@' . $this->service; $user->email_register = $this->username . '@' . $this->service; $user->username_register = $user->username; } syslog(LOG_NOTICE, "Meneame new user from {$this->service}: {$user->username}, {$user->names}"); $user->store(); Log::insert('user_new', $user->id, $user->id); $db->query("update users set user_validated_date = now() where user_id = {$user->id} and user_validated_date is null"); if ($this->avatar) { require_once mnminclude . 'avatars.php'; avatars_get_from_url($user->id, $this->avatar); } }
function verify_receiver($receiver) { global $PSEUDO_MIN_LENGTH, $PSEUDO_MAX_LENGTH; $error = false; include_once 'model/user/user_exists.php'; //Receveur = soi-même if ($receiver == $_SESSION['pseudo']) { $_SESSION['sending_errors'][] = 'Vous ne pouvez pas envoyer de message à vous-même.'; $error = true; } else { //Pseudo innexistant if (!user_exists(array('pseudo' => $receiver))) { $_SESSION['sending_errors'][] = 'Le pseudo entré n\'existe pas.'; $error = true; } } if (!$error) { return true; } return false; }
function prepare_user_name($p_user_id) { # Catch a user_id of NO_USER (like when a handler hasn't been assigned) if (NO_USER == $p_user_id) { return ''; } $t_username = user_get_name($p_user_id); if (user_exists($p_user_id) && user_get_field($p_user_id, 'enabled')) { $t_email = user_get_email($p_user_id); if (!is_blank($t_email)) { return prepare_email_link($t_email, $t_username); } else { return string_display($t_username); } } else { $t_result = '<font STYLE="text-decoration: line-through">'; $t_result .= string_display($t_username); $t_result .= '</font>'; return $t_result; } }
function lostPassword($username, $email) { global $seed; if (!valid_username($username) || !user_exists($username) || !valid_email($email)) { return false; } $query = sprintf("select loginid from login where username = '******' and email = '%s' limit 1", $username, $email); $result = mysql_query($query); if (mysql_num_rows($result) != 1) { return false; } $newpass = generate_code(8); $query = sprintf("update login set password = '******' where username = '******'", mysql_real_escape_string(sha1($newpass . $seed)), mysql_real_escape_string($username)); if (mysql_query($query)) { if (sendLostPasswordEmail($username, $email, $newpass)) { return true; } else { return false; } } else { return false; } return false; }
<?php include 'core/init.php'; $error = null; // Ako e pristapeno so post metod, proverka na greski za username i password if (!empty($_POST)) { $username = $_POST['user']; $password = $_POST['pass']; if (empty($username) || empty($password)) { $error = 'Потребно е да внесите корисничко име и лозинка'; } else { if (!user_exists($username)) { $error = 'Корисничкото име што го внесивте не постои'; } else { if (!user_active($username)) { $error = 'Потрено е да ја активирате вашата корисничка сметка'; } else { $login = login($username, $password); if (!$login) { $error = 'Корисничкото име или лозинката се погрешни'; } } } } } // Ako error e null togas znaci deka ili korisnikot ne pristapil so post metod i ke bidi vraten na prethodnata strana, // ili deka korisnikot se logiral uspesno i ke bidi startuvana sesija if (!is_null($error)) { $_SESSION['error'] = $error; $_SESSION['user_value'] = $username; // Ako ima greska da se zapamti to so go zapisal userot za da ne go pisi pak
</div> <div class="col-md-3"> </div> </div> <?php } elseif ($stage == "4") { $proceed = 1; ?> <div class="row"> <div class="col-md-3"> </div> <div class="col-md-6"> <?php require 'includes/authenticate.inc.php'; if (auth_usermanagement()) { if (!user_exists($add_user)) { if (adduser($add_user, $add_pass, '10', $add_email)) { echo "<div class='alert alert-success'>User has been added successfully</div>"; $proceed = 0; } else { echo "<div class='alert alert-danger'>User hasn't been added, please try again</div>"; } } else { echo "<div class='alert alert-danger'>User {$add_user} already exists!</div>"; } } else { echo "<div class='alert alert-danger'>Auth module isn't loaded</div>"; } ?> <form class="form-horizontal" role="form" method="post"> <input type="hidden" name="stage" value="5">
function print_user_with_subject($p_user_id, $p_bug_id) { $c_user_id = db_prepare_int($p_user_id); if (NO_USER == $p_user_id) { return; } $t_username = user_get_name($p_user_id); if (user_exists($p_user_id) && user_get_field($p_user_id, 'enabled')) { $t_email = user_get_email($p_user_id); print_email_link_with_subject($t_email, $t_username, $p_bug_id); } else { echo '<span style="text-decoration: line-through">'; echo $t_username; echo '</span>'; } }
function do_register2() { global $db, $current_user, $globals; if ( !ts_is_human()) { register_error(_('El código de seguridad no es correcto.')); return; } $username=preg_replace('/ /', '_', trim($_POST['username'])); // sanity check $password=md5(trim($_POST['password'])); $email=preg_replace('/ /', '_', trim($_POST['email'])); // sanity check $user_ip = $globals['user_ip']; if (!user_exists($username)) { if ($db->query("INSERT INTO users (user_login, user_email, user_pass, user_date, user_ip) VALUES ('$username', '$email', '$password', now(), '$user_ip')")) { //register_error(_("Usuario creado").'.<a href="login.php">'._(Login).'</a>'); /*** if($current_user->Authenticate($username, $password, false) == false) { register_error(_("Error insertando usuario en la base de datos")); } else { ****/ echo '<fieldset>'."\n"; echo '<legend><span class="sign">'._("registro de usuario").'</span></legend>'."\n"; require_once(mnminclude.'user.php'); $user=new User(); $user->username=$username; if(!$user->read()) { register_error(_('Error insertando usuario en la base de datos')); } else { require_once(mnminclude.'mail.php'); $sent = send_recover_mail($user); } //header('Location: ./user.php?login='******'</fieldset>'."\n"; } else { register_error(_("Error insertando usuario en la base de datos")); } } else { register_error(_("El usuario ya existe")); } }