public function logoutAction()
{
$auth = new AuthenticationService();
if ($auth->hasIdentity()) {
$identity = $auth->getIdentity();
}
$auth->clearIdentity();
$sessionManager = new \Zend\Session\SessionManager();
$sessionManager->forgetMe();
return $this->redirect()->toRoute('application/default', array('controller' => 'index', 'action' => 'index'));
}
/**
* Adds a comment to the article with the given id
* @param $article_id the id of the article
* @param $text the text of the comment
* @return Comment the new comment
*/
public function add_comment_to_article($article_id, $text)
{
$username = AuthenticationService::get_current_username();
$date = time();
//get user id from alias
$query = "SELECT id FROM user WHERE alias = '{$username}'";
$result = $this->sql_con->query($query);
$row = mysqli_fetch_assoc($result);
$user_id = $row['id'];
$query = "INSERT INTO `webinfo`.`comment` (`user_id`, `text`, `creation_date`, `article`) ";
$query .= "VALUES ('{$user_id}', '{$text}', '{$date}', '{$article_id}')";
$result = $this->sql_con->query($query);
$id = mysqli_insert_id($this->sql_con);
$comment = new Comment($id, $username, $text, $date);
return $comment;
}
// Generate view data
$user = $comment->user;
$date = date("F d, Y", $comment->creation_date);
$text = $comment->text;
// Return comment to client
include '../../app/views/comments/show.php';
exit;
}
if ($method == 'DELETE') {
// Get form data
parse_str($_SERVER['QUERY_STRING'], $post_vars);
if (isset($post_vars['cid'])) {
$comment_id = $post_vars['cid'];
$comments = new CommentService();
$comment = $comments->get_comment($comment_id);
// Check existence
if (!isset($comment)) {
HttpService::return_not_found();
}
// Check permission
if (!AuthenticationService::can_delete_comment($comment)) {
HttpService::return_unauthorized();
}
// Delete article
$comments->delete_comment($comment_id);
HttpService::return_no_content();
}
HttpService::return_bad_request();
}
// Otherwise
HttpService::return_not_found();
OwmwN8kDSF2f80TBbgryT9HSKewC8Fqo9sxWIQZjxiHgRzBYghBMpNrZjYS4kvdkCBABCCq+0grmzJghx/8FZ3hLmYi0Q00R
Mna1gLtcAicLuAXPeGyRCEFk7cQZxLPHMLwrMniApiJiZPM8xMH8lkQW/9QIpgcBwK00MqAbmsUEwuAdIKYSl3+ilUhgKzf0
5pTVILURuZy+F2YdmS5BjIcyYh6GAzMGcS7qKO2krkKUQbJSmmbkE8H3SBUfg/1oLkF4QMQFkIVqIvQeETwIGs0ux02VEokR
blrV6Qfi0nD2jtwqt3hBm56WkV0kXNNDIWhCzmljqkSEhasU+LEQNyNAQpSDDQ5SAnATEIZCTgZgD4bqG3dS30nKbManaKbU
wVSl2bj9J1VocWD6eEkTOI/H+NZ6xc+X1Jp6wBU955Mf0WkQfzsT+0WVIiJRHeGzhncIaz16EGm1YiBQIBdpLB+IFDgig/N1
3fVYXdkr0MbTwBoZau5k5A3Dov7VFdsplLg/CrQT6sEZq9FB+Dh5ngInH064ptjT9Rg3MnQXiSxPfsRlE1Ag3E7xvW7s3HS/
nFsI+S0GgHZ6Vr10UlExY28eH1m+Xanf3qYWT5SBStyKFU9Z3M5C4m/u0G2e1XyYQXoyLj/u5q5166ypGGAi348/DOJ96ET1
hh+G5BMDwTSC8Rvxu7nnQDSsfVz21Vs0KwApH7LvikZh2a+ZBS6RigK9dY9ZMtLQvIGSW1xUTsfJmOJdmQzRAWFFfckTDKBz
9qq+STmtXB5C4fzAHIcP/DaB23tX7m0YoFtGKhczBH3qtbumBL/wHfzoMog+cQikAAAAASUVORK5CYII=">
</a>
<?php
}
?>
<?php
if (AuthenticationService::can_delete_article($art)) {
?>
<a href="javascript:deleteArticle('<?php
echo $art->get_id();
?>
')">
<img class="icon icon-trash" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADIAAAAyCAYAAAAeP4
ixAAABp0lEQVRoQ+2ZfVHEQAzFf6cAJOAAUAA4wAGDAnAAOAAHSAAFgALAATgABTCP2c6ETtv96sfNXfLX3TTd7EtedtNkxYbIak
Nw4EDWLZIekW2JyB5wARwMAP4A7oC3MZwyBbUE4hXYTdzg4RhgpgByDVwlgpDaI3Caod+pOgWQZ+AoWHsB9L8titqZ0TledyA3g
CLUFm38aUkgP7Weq3j/pCe6f0vmUsuBVESieXXUiGhReyopmasTtQNkto1cajmQTGp5RHIc1uctlST7ZiHlTyPNBan/78BXeKBab
Cf8/gRUfxXRd8wcsZdc+2i3x7Y9fWwVYC/PRanlQAKdPCIlJcpQIjq1nFrmfPfjt+OjyHPEc8RzZLig8xzxHPEc2ZIcyfnKjOku
+mEV21zOcwdS6i0NaTTfGFtuw6BI6/Y1wv/ZLKl+2xffPfBgOiO1oDQruTSLnAOyMSglQLSg7X7EbNQ8V4tIs5SolAJRD0tgbB8
raixT4Tv0lZNmjKVAmj2JAqJa6rwwFYuoKjo1jbzoe7VAogbmUnAgc3k61Y5HJNVTc+ltTER+Ae3S5DOrL0NoAAAAAElFTkSuQmCC">
</a>
<?php
}
echo "Welcome to P2P-WebAPI";
});
$app->get('/validateemail/:email', function ($email) {
$authService = new AuthenticationService();
echo json_encode($authService->validateEmail($email));
});
$app->post('/signin', function () {
$request = \Slim\Slim::getInstance()->request();
$user = json_decode($request->getBody());
$authService = new AuthenticationService();
echo json_encode($authService->signIn($user));
});
$app->post('/signup', function () {
$request = \Slim\Slim::getInstance()->request();
$user = json_decode($request->getBody());
$authService = new AuthenticationService();
echo json_encode($authService->signUp($user));
});
$app->get('/avatar', function () {
if (accessIsOK()) {
$request = \Slim\Slim::getInstance()->request();
$userAuth = json_decode($request->headers->get('Authorization'));
$avatarService = new AvatarService();
echo json_encode($avatarService->recover($userAuth->id));
}
});
$app->post('/avatar', function () {
if (accessIsOK()) {
$request = \Slim\Slim::getInstance()->request();
$userAuth = json_decode($request->headers->get('Authorization'));
$avatar = json_decode($request->getBody());
public function testLogout()
{
$this->auth->expects($this->once())->method('clearIdentity');
$this->authenticator->logout();
}
/**
* Get token expiration date
*
* @return string
*/
private function getTokenExpirationDate()
{
// Send a request to the Affilinet Logon Service to get the token expiration date
return $this->service->GetIdentifierExpiration($this->token);
}
/**
* Authentica usuario contra la base de datos (especificada en el objeto $authService) (BCrypt)
* @param type $user
* @param type $pass
* @param AuthenticationService $authService
* @return type bool
*/
public static function authenticateUser($user, $pass, AuthenticationService $authService)
{
$authService->getAdapter()->setIdentity($user)->setCredential($pass);
$result = $authService->authenticate();
return $result;
}
/**
* Logout action
* @param $request
*/
public function execute($request)
{
$authService = new AuthenticationService();
$authService->clearCredentials();
$this->redirect('auth/login');
}
/**
* {@inheritDoc}
*/
public function getIdentity()
{
return $this->authenticationService->getIdentity();
}
private function save(HTTPRequestCustom $request)
{
$has_error = false;
$user_id = $this->user->get_id();
if ($this->form->get_value('delete_account')) {
UserService::delete_by_id($user_id);
} else {
$approbation = $this->internal_auth_infos['approved'];
if (AppContext::get_current_user()->is_admin()) {
$old_approbation = $approbation;
$approbation = $this->form->get_value('approbation');
$groups = array();
foreach ($this->form->get_value('groups') as $field => $option) {
$groups[] = $option->get_raw_value();
}
GroupsService::edit_member($user_id, $groups);
$this->user->set_groups($groups);
$this->user->set_level($this->form->get_value('rank')->get_raw_value());
}
if ($this->form->has_field('theme')) {
$this->user->set_theme($this->form->get_value('theme')->get_raw_value());
}
$this->user->set_locale($this->form->get_value('lang')->get_raw_value());
$this->user->set_display_name($this->form->get_value('display_name'));
$this->user->set_email($this->form->get_value('email'));
$this->user->set_locale($this->form->get_value('lang')->get_raw_value());
$this->user->set_editor($this->form->get_value('text-editor')->get_raw_value());
$this->user->set_show_email(!$this->form->get_value('user_hide_mail'));
$this->user->set_timezone($this->form->get_value('timezone')->get_raw_value());
try {
UserService::update($this->user, $this->member_extended_fields_service);
} catch (MemberExtendedFieldErrorsMessageException $e) {
$has_error = true;
$this->tpl->put('MSG', MessageHelper::display($e->getMessage(), MessageHelper::NOTICE));
}
$login = $this->form->get_value('email');
if ($this->form->get_value('custom_login', false)) {
$login = $this->form->get_value('login');
}
$password = $this->form->get_value('password');
if ($this->internal_auth_infos === null && !empty($password)) {
$authentication_method = new PHPBoostAuthenticationMethod($login, $password);
AuthenticationService::associate($authentication_method, $user_id);
} elseif (!empty($password)) {
$old_password = $this->form->get_value('old_password');
if (!empty($old_password)) {
$old_password_hashed = KeyGenerator::string_hash($old_password);
if ($old_password_hashed == $this->internal_auth_infos['password']) {
PHPBoostAuthenticationMethod::update_auth_infos($user_id, $login, $approbation, KeyGenerator::string_hash($password));
$has_error = false;
} else {
$has_error = true;
$this->tpl->put('MSG', MessageHelper::display($this->lang['profile.edit.password.error'], MessageHelper::NOTICE));
}
}
} else {
PHPBoostAuthenticationMethod::update_auth_infos($user_id, $login, $approbation);
}
if (AppContext::get_current_user()->is_admin()) {
if ($old_approbation != $approbation && $old_approbation == 0) {
//Recherche de l'alerte correspondante
$matching_alerts = AdministratorAlertService::find_by_criteria($user_id, 'member_account_to_approbate');
//L'alerte a été trouvée
if (count($matching_alerts) == 1) {
$alert = $matching_alerts[0];
$alert->set_status(AdministratorAlert::ADMIN_ALERT_STATUS_PROCESSED);
AdministratorAlertService::save_alert($alert);
$site_name = GeneralConfig::load()->get_site_name();
$subject = StringVars::replace_vars($this->user_lang['registration.subject-mail'], array('site_name' => $site_name));
$content = StringVars::replace_vars($this->user_lang['registration.email.mail-administrator-validation'], array('pseudo' => $this->user->get_display_name(), 'site_name' => $site_name, 'signature' => MailServiceConfig::load()->get_mail_signature()));
AppContext::get_mail_service()->send_from_properties($this->user->get_email(), $subject, $content);
}
}
$user_warning = $this->form->get_value('user_warning')->get_raw_value();
if (!empty($user_warning) && $user_warning != $this->user->get_warning_percentage()) {
MemberSanctionManager::caution($user_id, $user_warning, MemberSanctionManager::SEND_MP, str_replace('%level%', $user_warning, LangLoader::get_message('user_warning_level_changed', 'main')));
} elseif (empty($user_warning)) {
MemberSanctionManager::cancel_caution($user_id);
}
$user_readonly = $this->form->get_value('user_readonly')->get_raw_value();
if (!empty($user_readonly) && $user_readonly != $this->user->get_delay_readonly()) {
MemberSanctionManager::remove_write_permissions($user_id, time() + $user_readonly, MemberSanctionManager::SEND_MP, str_replace('%date%', $this->form->get_value('user_readonly')->get_label(), LangLoader::get_message('user_readonly_changed', 'main')));
} elseif (empty($user_readonly)) {
MemberSanctionManager::restore_write_permissions($user_id);
}
$user_ban = $this->form->get_value('user_ban')->get_raw_value();
if (!empty($user_ban) && $user_ban != $this->user->get_delay_banned()) {
MemberSanctionManager::banish($user_id, time() + $user_ban, MemberSanctionManager::SEND_MAIL);
} elseif ($user_ban != $this->user->get_delay_banned()) {
MemberSanctionManager::cancel_banishment($user_id);
}
}
SessionData::recheck_cached_data_from_user_id($user_id);
}
if (!$has_error) {
AppContext::get_response()->redirect($request->get_url_referrer() ? $request->get_url_referrer() : UserUrlBuilder::edit_profile($user_id), $this->lang['user.message.success.edit']);
}
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
if ($this->isTimedOut()) {
$authService = new AuthenticationService();
$authService->clearCredentials();
$_SESSION = array();
}
}
/**
* Adds an article to the blog
*
* @param $user string
* the name of the user
* @param $title string
* the title of the article
* @param $keyword_string string
* a string containing the keywords separated with space
* @param $content string
* the content of the article in block code
*/
public function add_article($user, $title, $keyword_string, $content)
{
$time = time();
$user_id = AuthenticationService::get_current_user_id();
$query = "INSERT INTO `webinfo`.`article` (`id`, `title`, `author`, `creation_date`, `change_date`, `text`) ";
$query .= "VALUES (NULL, '{$title}', '{$user_id}', '{$time}', '{$time}', '{$content}')";
//insert article
$this->sql_con->query($query);
//get created id
$id = mysqli_insert_id($this->sql_con);
$this->updateKeywords($id, $keyword_string);
}
public function testGetLoggedInUserReturnsNullIfNoUserLoggedIn()
{
$this->auth->expects($this->once())->method('hasIdentity')->will($this->returnValue(false));
$user = $this->service->getLoggedInUser();
$this->assertNull($user);
}
<?php
include_once 'classDef.php';
include_once 'AuthenticationService.php';
$user = new authenticationType();
$user->username = '******';
$user->password = '******';
$user->client = 'tarifkalkulator';
$user->sessionId = session_id();
//$login = new AuthenticationService("./soap/wsdl/AuthenticationService.wsdl" , $options);
$login = new AuthenticationService("https://ecws.e-control.at/tkws/services/AuthenticationService?wsdl", $options);
//$login = new AuthenticationService();
$token = $login->login($user);
// echo "TOKEN: " . $token->authenticationToken . "<br/>\n";
// echo "-------------------------------<br/>\n";
private function authenticate(AuthenticationMethod $authentication, $autoconnect)
{
$user_id = AuthenticationService::authenticate($authentication, $autoconnect);
$current_user = CurrentUser::from_session();
if ($user_id && $this->maintain_config->is_under_maintenance() && !$current_user->check_auth($this->maintain_config->get_auth(), MaintenanceConfig::ACCESS_WHEN_MAINTAIN_ENABLED_AUTHORIZATIONS)) {
$session = AppContext::get_session();
Session::delete($session);
$this->view->put('ERROR_MESSAGE', MessageHelper::display(LangLoader::get_message('user.not_authorized_during_maintain', 'status-messages-common'), MessageHelper::NOTICE));
$this->has_error = true;
} else {
if ($user_id) {
AppContext::get_response()->redirect($this->get_redirect_url());
}
if ($authentication->has_error()) {
$this->view->put('ERROR_MESSAGE', MessageHelper::display($authentication->get_error_msg(), MessageHelper::NOTICE));
$this->has_error = true;
}
}
}
<?php
include_once '../app/services/AuthenticationService.php';
include_once '../app/services/HttpService.php';
#Start session
session_start();
// Check if post or get
$method = $_SERVER['REQUEST_METHOD'];
// POST - Save article
if ($method == "POST") {
$user = isset($_POST['username']) ? $_POST['username'] : null;
$password = isset($_POST['password']) ? $_POST['password'] : null;
AuthenticationService::login($user, $password);
// Redirect to articles
HttpService::redirect_to('/articles/');
}
// GET - Show form
if ($method == "GET") {
$show_error = false;
if (isset($_GET) && isset($_GET['login'])) {
$show_error = true;
}
$page_title = "Login";
$page_content = '../app/views/login.php';
include_once '../app/views/_layout.php';
}
<?php
include_once '../app/services/session.php';
include_once '../app/services/HttpService.php';
include_once '../app/services/AuthenticationService.php';
AuthenticationService::logout();
HttpService::redirect_to('/');
<?php
// Check if post or get
$method = $_SERVER['REQUEST_METHOD'];
include_once '../../app/services/session.php';
include_once '../../app/services/AuthenticationService.php';
include_once '../../app/services/HttpService.php';
if (!AuthenticationService::can_write_article()) {
HttpService::return_unauthorized();
}
// POST - Save article
if ($method == "POST") {
include_once '../../app/models/article.php';
include_once '../../app/services/ArticleService.php';
include_once '../../app/services/SanitationService.php';
include_once '../../app/services/HttpService.php';
// Parse parameters from request
$title = isset($_POST['title']) ? $_POST['title'] : null;
$keywords = isset($_POST['keywords']) ? $_POST['keywords'] : null;
$content = isset($_POST['content']) ? $_POST['content'] : null;
$user = $_SESSION['username'];
// Validate required parameters
if (!isset($title, $content, $user)) {
HttpService::return_bad_request();
}
// Sanitize user input
$title = SanitationService::convertHtml($title);
$keywords = SanitationService::convertHtml($keywords);
$content = SanitationService::convertHtml($content);
// Save article
$articles = ArticleService::get_instance();
/**
* test bad role
* @expectedException Amfphp_Core_Exception
*/
public function testBadRole()
{
$this->serviceObj->login('user', 'userPassword');
$this->object->filterServiceObject($this->serviceObj, 'AnyService', 'adminMethod');
}
</div>
</header>
<div class="content">
<?php
echo $content;
?>
</div>
</article>
<section class="article-details">
<header>Comments:</header>
<?php
if (AuthenticationService::can_write_comment()) {
?>
<div id="comment-add">
<a id="btn-form-show" class="btn" href="javascript:showForm()">Leave a comment</a>
<form id="form-comment" class="hidden">
<div class="form-group">
<input type="hidden" name="article-id" id="article-id" value="<?php
echo $article_id;
?>
">
</div>
<div class="form-group">
<label for="comment">Your comment:</label>
