public function createAction()
{
$responseData = array();
if (!$this->request->isPost()) {
$this->setBadRequestStatus();
} else {
$this->setOkStatus();
if (User::exist($this->request->getPost('email'))) {
$responseData = array('result' => ResponseMessage::USER_EXIST);
} else {
try {
$user = new User();
$user->setEmail($this->request->getPost('email'));
$user->setPassword($this->request->getPost('password'), true);
if ($firstName = $this->request->getPost('firstname')) {
$user->setFirstname($firstName);
}
if ($lastName = $this->request->getPost('lastname')) {
$user->setLastname($lastName);
}
if ($fb_id = $this->request->getPost('facebook_id')) {
$user->setFacebookId($fb_id);
}
$user->save();
$responseData = array('result' => ResponseMessage::OK, 'user_id' => $user->getUserId());
} catch (Exception $e) {
$this->handleError($e->getMessage());
return;
}
}
}
$this->sendResponse($responseData);
}
unlink(dirname(__FILE__) . '/.tool.php');
}
break;
}
}
$myUser = false;
$conf = new Configuration();
$conf->getAll();
//Inclusion des plugins
Plugin::includeAll($conf->get("DEFAULT_THEME"));
$userManager = new User();
if (isset($_SESSION['currentUser'])) {
$myUser = unserialize($_SESSION['currentUser']);
} else {
if (AUTO_LOGIN != '') {
$myUser = $userManager->exist(AUTO_LOGIN, '', true);
$_SESSION['currentUser'] = serialize($myUser);
}
}
if (!$myUser && isset($_COOKIE[$conf->get('COOKIE_NAME')])) {
$users = User::getAllUsers();
foreach ($users as $user) {
if ($user->getCookie() == $_COOKIE[$conf->get('COOKIE_NAME')]) {
$myUser = $user;
$myUser->loadRight();
}
}
}
//Instanciation du template
$tpl = new RainTPL();
//Definition des dossiers de template
function __autoload($name)
{
require "../class/" . $name . ".class.php";
}
if (isset($_REQUEST['oauth_token'])) {
$request_token = Token::findByToken($_REQUEST['oauth_token']);
if (is_object($request_token) && $request_token->isRequest()) {
if (!isset($_POST['login'])) {
?>
<form method=post>
<label>Login : </label><input type="text" name="login" /><br />
<input type="submit" value="Authenticate to this website" />
</form>
<?php
} else {
$user = User::exist($_POST['login']);
if (is_object($user)) {
$request_token->setVerifier(Provider::generateVerifier());
$request_token->setUser($user);
header("location: " . $request_token->getCallback() . "?&oauth_token=" . $_REQUEST['oauth_token'] . "&oauth_verifier=" . $request_token->getVerifier());
} else {
echo "User not found !";
}
}
} else {
echo "The specified token does not exist";
}
} else {
echo "Please specify a oauth_token";
}
<?php
include path . 'assets/php/nav.php';
?>
<div class="container">
<?php
if (Session::exists('complete')) {
echo '<div class="alert alert-success">';
echo Session::flash('complete');
echo '</div>';
}
if (Session::exists('error')) {
echo '<div class="alert alert-danger">';
echo Session::flash('error');
echo '</div>';
}
if (!$user->exist()) {
echo '<div class="alert alert-dismissible alert-info" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button><strong>This site uses cookies!</strong><br>These cookies will enhance your experience on this site.</div>';
echo '<div class="alert alert-dismissible alert-info" role="alert"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button><strong>Welcome</strong> Guest! Please <a href="pages/login/index.php" class="alert-link">sign in</a> or <a class="alert-link" href="pages/register/index.php">register</a> to use full functions of this site!</div>';
}
?>
<div class="jumbotron">
<h1>Hello!</h1>
<?php
if (!$user->isLoggedIn()) {
echo '<h3>Please come and stay for an while</h3>';
} else {
echo 'Welcome back ' . $user->data()->name;
}
?>
</div>
<div class="col-md-9">
header('Content-Type: application/json');
$user = new User();
$item = new Item();
$ui = new UserItem();
$max_participations = 1;
switch (@$_POST['method']) {
case 'save_user':
$name = $_POST['nombre'];
$lastname = $_POST['apellido'];
$mail = $_POST['mail'];
$phone = $_POST['telefono'];
evaluate($name, 'nombre');
evaluate($lastname, 'apellido');
evaluate($mail, 'correo', 'isEmail');
evaluate($phone, 'teléfono', 'isPhone');
$id = $user->exist($mail);
if (!$id) {
$id = $user->create($name, $lastname, $mail, $phone);
}
if ($ui->num_of_participations($id) >= $max_participations) {
fail("Has llegado al límite de participaciones por usuario, gracias por tu interés");
}
$_SESSION['id'] = base64_encode($id);
response($id);
break;
case 'play':
$id = base64_decode($_SESSION['id']);
if ($ui->num_of_participations($id) >= $max_participations) {
fail("Has llegado al límite de participaciones por usuario, gracias por tu interés");
}
$mochilas = 0;
}
$response = array();
Plugin::callHook("action_pre_case", array(&$_, $myUser));
if (!$myUser && isset($_['token'])) {
$userManager = new User();
$myUser = $userManager->load(array('token' => $_['token']));
if (isset($myUser) && $myUser != false) {
$myUser->loadRight();
}
}
$myUser = !$myUser ? new User() : $myUser;
//Execution du code en fonction de l'action
switch ($_['action']) {
case 'login':
global $conf;
$user = $userManager->exist($_['login'], $_['password']);
$error = '?init=1';
if ($user == false) {
$error .= '&error=' . urlencode('le compte spécifié est inexistant');
} else {
$_SESSION['currentUser'] = serialize($user);
if (isset($_['rememberMe'])) {
$expire_time = time() + $conf->get('COOKIE_LIFETIME') * 86400;
//Jour en secondes
//On crée un cookie dans la bd uniquement si aucun autre cookie n'existe sinon
//On rend inutilisable le cookie utilisé par un autre navigateur
//On ne veut que cela soit le cas uniquement si on clique sur déconnexion (et que l'on a demandé Se souvenir de moi)
$actual_cookie = $user->getCookie();
if ($actual_cookie == "") {
$cookie_token = sha1(time() . rand(0, 1000));
$user->setCookie($cookie_token);
public static function validation($new_POST)
{
$message = array('username' => '', 'email' => '', 'error' => 0);
$user = new User();
if ($user->exist($new_POST['username'], $new_POST['email'])) {
$message['username'] = '******';
$message['email'] = 'User already exist!';
$message['error'] = 1;
}
return $message;
}
function register($template)
{
$dbuser = new User();
if (isREQUEST("logout")) {
$dbuser->logout();
}
if (isREQUEST("user") && isREQUEST("password")) {
$usr = $dbuser->logout()->login(REQUEST("user"), REQUEST("password"));
if (!$usr) {
$template->add("error", "Login fehlgeschlagen");
}
}
if ($usr = $dbuser->logedin()) {
$template->redirect(".");
return;
}
// Alle Angaben korrekt?
if (!isREQUEST("email") || !preg_match("/[a-z0-9-]*@[a-z0-9-]*\\.[a-z]*/i", REQUEST("email"))) {
$template->add("regerror", "EMail nicht angegeben oder falsch");
$template->view("login");
return;
}
if (!isREQUEST("nick")) {
$template->add("regerror", "Nick nicht angegeben");
$template->view("login");
return;
}
if (!isREQUEST("password1") || !isREQUEST("password2") || REQUEST("password1") != REQUEST("password2")) {
$template->add("regerror", "Passswort nicht angegeben oder ungleich");
$template->view("login");
return;
}
// Existiert der Benuter schon?
if ($dbuser->exist(REQUEST("nick"), REQUEST("email"))) {
$template->add("regerror", "Nick oder Mail existieren schon");
$template->view("login");
return;
}
// Benutzer anlegen
$activationpass = str_shuffle(md5(rand()));
$dbuser->create(REQUEST("nick"), REQUEST("email"), REQUEST("password1"), $activationpass);
$mail = new Mail();
global $CONFIG;
$mail->userActivation(REQUEST("nick"), REQUEST("email"), $CONFIG["ServerDir"] . "?activate=" . $activationpass);
$template->add("regsuccess", "Mail wurde versandt");
$template->view("login");
}
<?php
define('path', '../../../');
$page = "Edit User";
include path . 'inc/init.php';
$user = new User();
if (!Input::get('get') || Input::get('uid') == null) {
session::flash('error', 'The user does not exsit!');
}
if (Input::get('get') || Input::get('uid') != null) {
$user2 = new User(Input::get('uid'));
if (!$user2->exist()) {
session::flash('error', 'The user does not exist!');
Redirect::to(path . 'index.php');
}
}
if (Input::exists()) {
if (Token::check(Input::get('token'))) {
$validate = new Validation();
$validate->check($_POST, array('id' => array('required' => true), 'name' => array('required' => true), 'username' => array('required' => true, 'min' => 2, 'max' => 15), 'group' => array('required' => true)));
if ($validate->passed()) {
try {
$user2->update(Input::get('name'), Input::get('group'), Input::get('username'), Input::get('id'));
session::flash('complete', 'You updated ' . Input::get('name') . ' details!');
Redirect::to(path . 'index.php');
} catch (Exception $e) {
session::flash('error', 'There was an error updating the user ' . Input::get('name') . ' with the message of ' . $e->getMessage() . '(' . $e->getCode() . ')');
}
}
}
}
//check is data send by $_POST method, page not called directly by http://domai.com/register_process.php
if (!isset($_POST['registerBtn'])) {
$_SESSION['error'] = 'Please login or register';
header('location: index.php');
} else {
//check if all fields are set
if (isset($_POST["loginName"]) && isset($_POST["eMail"]) && isset($_POST["password"]) && isset($_POST["rePassword"])) {
$loginName = $_POST["loginName"];
$eMail = $_POST["eMail"];
$password = $_POST["password"];
$rePassword = $_POST["rePassword"];
//sanitize fields
if (($loginName = Validate::sanitize($loginName, "string")) && ($eMail = Validate::sanitize($eMail, "email")) && ($password = Validate::sanitize($password, "string")) && ($rePassword = Validate::sanitize($rePassword, "string")) && strlen($loginName) > 2) {
$user = new User();
//check if user name exist in database
if (!$user->exist($loginName)) {
if ($password === $rePassword) {
if (strlen($password) > 5) {
//add user to database
$user->addUser($loginName, $eMail, $password);
$_SESSION['error'] = 'Registration successfully completed. Please login';
unset($user);
header("location: index.php");
} else {
$_SESSION['error'] = 'Password minimum 6 characters';
header("location: register.php");
}
} else {
$_SESSION['error'] = 'Passwords not match';
header("location: register.php");
}
