/** * create new company & user as creator & admin */ public function register() { $transaction = Yii::app()->db->beginTransaction(); try { //create company first $company = new Company(); $company->name = $this->name; $company->country = $this->country; $company->phone = $this->phone; if (!$company->save()) { $transaction->rollback(); return false; } //create user $user = new User(); $user->username = $this->username; $user->password = $user->encrypt($this->password); $user->password_repeat = $this->password_repeat; $user->email = $this->email; $user->company_id = $company->id; $user->create_time_utc = $user->update_time_utc = time(); if (!$user->save(false)) { $transaction->rollback(); return false; } $company->owner_id = $company->create_user_id = $company->update_user_id = $user->id; if (!$company->update()) { $transaction->rollback(); return false; } $user->create_user_id = $user->update_user_id = $user->id; if (!$user->update()) { $transaction->rollback(); return false; } //create default product folder $defaultProductFolder = new ProductFolder(); $defaultProductFolder->name = 'Main Folder'; $defaultProductFolder->parent_id = 0; $defaultProductFolder->company_id = $company->id; if (!$defaultProductFolder->save()) { $transaction->rollback(); return false; } $transaction->commit(); return true; } catch (Exception $ex) { $transaction->rollback(); return false; } }
public function authenticate() { $loginType = Yii::app()->controller->module->loginType; if ($loginType == 0) { $user = User::model()->findByAttributes(array('username' => $this->username)); } else { if ($loginType == 1) { $user = User::model()->findByAttributes(array('email' => $this->username)); } else { if ($loginType == 2) { $user = User::model()->findByAttributes(array('username' => $this->username)); if (!is_object($user)) { $user = User::model()->findByAttributes(array('email' => $this->username)); } } } } if ($user === null) { if ($logintype == 1) { $this->errorCode = self::ERROR_EMAIL_INVALID; } else { $this->errorCode = self::ERROR_USERNAME_INVALID; } } else { if (User::encrypt($this->password) !== $user->password) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { if ($user->status == 0 && Yii::app()->user->loginNotActive == false) { $this->errorCode = self::ERROR_STATUS_NOTACTIVE; } else { if ($user->status == -1) { $this->errorCode = self::ERROR_STATUS_BANNED; } else { $this->id = $user->id; $this->setState('id', $user->id); $this->username = $user->username; $this->errorCode = self::ERROR_NONE; } } } } return !$this->errorCode; }
public function login($user, $pass) { $user = filter_var($user, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); //returns false if no such user $salt = User::getUserByUserName($user); if ($salt['success'] == false) { return $salt; } $pass = User::encrypt($pass, $salt['salt']); $query = "SELECT id\n\t\t\t\t\t FROM users \n\t\t\t\t\t WHERE username = :username\n\t\t\t\t\t AND password = :pass"; try { $DBH = Utility::connectToDB(); if ($DBH == \NULL) { return array('success' => false, 'error' => 'Error connecting to database'); } $STH = $DBH->prepare($query); $STH->bindParam('username', $user); $STH->bindParam('pass', $pass); $sqlError = $STH->execute(); $result = User::checkExecute($STH, $DBH, $sqlError); if ($result['success'] == false) { return $result; } $rowCount = $STH->rowCount(); if ($rowCount == 1) { $results = $STH->fetch(PDO::FETCH_ASSOC); $DBH = \NULL; return array('success' => true, 'id' => $results['id']); } else { $DBH = \NULL; return array('success' => false, 'error' => 'login failure'); } } catch (PDOException $e) { if (Debug::DEBUG) { echo 'Error: ' . $e->getMessage(); } $DBH = \NULL; return array('success' => false, 'error' => 'unknown error'); } return array('success' => false, 'error' => 'unknown error'); }
// An authentication attempt. include_once $GLOBALS['pie']['library_path'] . '/class/user.php'; include_once $GLOBALS['pie']['library_path'] . '/share/log.php'; $user = new User(); if (!$user->isValidName($_REQUEST['username'])) { pieLog('error'); include $GLOBALS['pie']['custom_path'] . '/frame/private_login.php'; exit; } if (!$user->exists($_REQUEST['username'])) { pieLog('error'); include $GLOBALS['pie']['custom_path'] . '/frame/private_login.php'; exit; } $pw = $user->read($_REQUEST['username']); if ($pw != $user->encrypt($_REQUEST['password'])) { // The entered password differs from the registered password. // Try the crypt() command to handle old style passwords. $salt = substr($pw, 0, 2); if ($pw != crypt($_REQUEST['password'], $salt)) { // The entered password is just wrong. pieLog('error'); include $GLOBALS['pie']['custom_path'] . '/frame/private_login.php'; exit; } } // Login successful. Spaw standard login action. include $GLOBALS['pie']['library_path'] . '/action/login.php'; } else { include $GLOBALS['pie']['custom_path'] . '/frame/private_login.php'; exit;
/** * Login * * @param string $login Username or email * @param string $password Plain password * @param int $expiration Expiration in Seconds * * @return bool */ public static function login($login, $password, $expiration = 7200) { $db = Registry::getDb(); $rows = $db->query("SELECT * FROM `users` WHERE (`username` = :username OR `email` = :email) AND `statusId` = 1 AND `password` = :password", array(":email" => $login, ":username" => $login, ":password" => User::encrypt($password))); if ($rows) { $user = new User($rows[0]); //Set Cookie $user->auth(60 * 60 * 24 * $expiration); //Update lastVisitDate $user->lastvisitDate = date("Y-m-d H:i:s"); $user->update(); //Log Log::add(LOG_LOGIN); return $user; } }
include_once "{$lib}/share/stdio.php"; include_once "{$lib}/share/string.php"; include_once "{$lib}/share/log.php"; pieRequireSuperuser(); pieHead("edit"); if (@$_REQUEST['username'] && @$_REQUEST['password']) { // A user has been specified. $user = new User(); if (!$user->isValidName($_REQUEST['username'])) { pieError("InvalidUsername"); } if ($user->exists($_REQUEST['username'])) { pieError("UserExists"); } if ($_REQUEST['password'] != $_REQUEST['retype']) { pieError("PasswordMismatch"); } // Userdata acceptable. Create new user. if (!$user->write($_REQUEST['username'], $user->encrypt($_REQUEST['password']))) { pieError("FailureForm"); } $pref = new UserPref(); $pref->write($_REQUEST['username'], "registered", time()); $GLOBALS['pie']['user'] = $_REQUEST['username']; pieLog("user"); pieNotice("SuccessForm"); } else { // Print the form. pieNotice('RegisterForm'); } pieTail();
* Le nouveau mot de passe sera celui fourni à la connexion. */ @unlink(RESET_PASSWORD_FILE); if (file_exists(RESET_PASSWORD_FILE)) { $message = 'Unable to remove "' . RESET_PASSWORD_FILE . '"!'; /* Pas supprimable ==> on ne remet pas à zéro */ } else { $resetPassword = $_['password']; assert('!empty($resetPassword)'); $tmpUser = User::get($_['login']); if (false === $tmpUser) { $message = "Unknown user '{$_['login']}'! No password reset."; } else { $id = $tmpUser->getId(); $salt = $configurationManager->get('cryptographicSalt'); $userManager->change(array('password' => User::encrypt($resetPassword, $salt)), array('id' => $id)); $message = "User '{$_['login']}' (id={$id}) Password reset to '{$resetPassword}'."; } } error_log($message); } if (isset($_['usr'])) { $user = User::existAuthToken($_['usr']); if ($user == false) { exit("error"); //@TODO: traduire } else { $_SESSION['currentUser'] = serialize($user); header('location: ./action.php?action=addFeed&newUrl=' . $_['newUrl']); exit; }
function setPassword($password, $salt = '') { $this->password = User::encrypt($password, $salt); }
<?php /* * Create superuser account for user "admin", password "secret". */ $GLOBALS['pie']['log'] = 'Superuser Account'; if (!file_exists("{$lib}/class/user.php")) { bye("The user class library could not be found."); } include_once "{$lib}/class/user.php"; $user = new User(); if (!$user->exists("admin")) { if (!$user->write('admin', $user->encrypt('secret'))) { bye("The superuser account could not be created."); } }
/* * Change the password of a user. */ include_once "{$lib}/class/user.php"; include_once "{$lib}/share/auth.php"; include_once "{$lib}/share/log.php"; include_once "{$lib}/share/stdio.php"; pieRequireUser(); pieHead("edit"); if (@$_REQUEST['old'] && @$_REQUEST['new'] && @$_REQUEST['retype']) { if ($_REQUEST['new'] != $_REQUEST['retype']) { pieError("PasswordMismatch"); } $user = new User(); $pw = $user->read($GLOBALS['pie']['user']); if ($pw != $user->encrypt($_REQUEST['old'])) { // The entered password differs from the registered password. // Try the crypt() command to handle old style passwords. $salt = substr($pw, 0, 2); if ($pw != crypt($_REQUEST['old'], $salt)) { // The entered password is just wrong. pieLog("failure"); pieError("PasswordFailure"); } } // The input is acceptable. Change the password. if (!$user->write($GLOBALS['pie']['user'], $user->encrypt($_REQUEST['new']))) { pieError("PasswordFailure"); } pieLog("user"); pieNotice("PasswordSuccess");
} if (empty($_POST["confirmPassword"])) { $_SESSION["erreur"][$errorCodeEmpty] = "Vous n'avez pas spécifié la confirmation du mot de passe"; } if (empty($_POST["birth"])) { $_SESSION["erreur"][$errorCodeEmpty] = "Vous n'avez pas spécifié de date d'anniversaire"; } if (isset($_POST["sexe"])) { if ($_POST["sexe"] == 'H' || $_POST["sexe"] == 'F') { $sexe = $_POST["sexe"]; } else { $_SESSION["erreur"][] = "Veuillez renseigner votre sexe."; } } else { $_SESSION["erreur"][] = "Veuillez renseigner votre sexe."; } if (isset($_SESSION["erreur"])) { header("Location: /Erreur"); } $user = new User($_POST["pseudo"], $_POST["birth"], $sexe, $_POST["mail"], $_POST["password"]); $user->encrypt(); $req = $bdd->prepare("SELECT * FROM user WHERE UCASE(pseudo)=UCASE(:pseudo) OR UCASE(mail)=UCASE(:mail)"); $req->execute(array(":pseudo" => $_POST["pseudo"], ":mail" => $_POST["mail"])); if ($req->rowCount() >= 1) { $_SESSION["erreur"][] = "Le pseudo ou le mail renseigner existe déjà."; header("Location: /Erreur"); } else { $user->save(); header("Location: /Portail/Connexion"); } }