Beispiel #1
0
 /**
  * Generate, store, and return a new e-mail confirmation code.
  * A hash (unsalted since it's used as a key) is stored.
  * @param User $user
  * @param string $expiration
  * @return string
  */
 public static function getConfirmationToken($user, &$expiration)
 {
     global $wgConfirmAccountRejectAge;
     $expires = time() + $wgConfirmAccountRejectAge;
     $expiration = wfTimestamp(TS_MW, $expires);
     $token = $user->generateToken($user->getName() . $user->getEmail() . $expires);
     return $token;
 }
Beispiel #2
0
 public static function routes()
 {
     static::loadModules();
     foreach (static::$modulesObjects as $object) {
         $object->routes();
     }
     //Load login routes.. login, logoff, etc..
     Router::register("GET", "manager/api/config/", function () {
         header("Content-Type: text/javascript; charset=utf-8");
         if (Request::isLocal()) {
             if (@DB::query("select id from " . J_TP . "manager_users LIMIT 1;")->success === false) {
                 DB::query("CREATE TABLE `" . J_TP . "manager_users` (\n\t\t\t\t\t\t\t\t`id` int(11) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\t\t`name` varchar(255) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`email` varchar(255) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`typeID` int(11) unsigned NULL,\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t`username` varchar(255) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`password` varchar(40) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`active` int(11) DEFAULT NULL,\n\t\t\t\t\t\t\t\tPRIMARY KEY (`id`)\n\t\t\t\t\t\t\t) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;");
                 $user = ORM::make("manager_users");
                 $user->name = "Joy Interactive";
                 $user->email = "*****@*****.**";
                 $user->username = "******";
                 $user->password = "******";
                 $user->typeID = 1;
                 $user->active = 1;
                 $user->save();
             }
             if (@DB::query("select id from " . J_TP . "manager_tokens LIMIT 1;")->success === false) {
                 DB::query("CREATE TABLE `" . J_TP . "manager_tokens` (\n\t\t\t\t\t\t\t\t`id` int(40) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\t\t`userID` int(11) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`typeID` int(11) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`token` varchar(100) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`expirationDate` datetime DEFAULT NULL,\n\t\t\t\t\t\t\t\tPRIMARY KEY (`id`)\n\t\t\t\t\t\t\t) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;");
             }
         }
         $config = array();
         $config["api_url"] = URL::to("api/");
         return "window.config = " . json_encode($config);
     });
     Router::register("GET", "manager/api/structure/", function () {
         return Response::json(Structure::modules());
     });
     Router::register("POST", "manager/api/token/", function () {
         return User::generateToken();
     });
     Router::register("POST", "manager/api/token/renew/", function () {
         return User::renewToken();
     });
     Router::register("GET", "manager/api/logout/", function () {
         return User::logout();
     });
     Router::register("GET", "manager/api/customJS/", function () {
         $path = J_MANAGERPATH . "custom.js";
         if (file_exists($path)) {
             return File::get($path);
         }
     });
 }
Beispiel #3
0
 /**
  * Register new user
  * @param User $user
  * @param Profile $profile
  * @return bool
  */
 protected function _register($user, $profile)
 {
     // set up user and profile
     $roleId = Role::USER;
     $status = User::STATUS_ACTIVE;
     if (Config::get("auth.emailActivation")) {
         $status = User::STATUS_INACTIVE;
         $user->generateToken();
     }
     $user->setDefaults($roleId, $status)->save();
     $profile->setUser($user->id)->save();
     // generate activation key and send email
     if (Config::get("auth.emailActivation")) {
         // send email
         $data["user"] = $user;
         $count = Mail::send(Config::get("auth.emailViewPath") . ".activate", $data, function ($message) use($user, $profile) {
             $message->to($user->email, $user->username)->subject("Activate your new account");
         });
     } else {
         Auth::login($user);
     }
 }
Beispiel #4
0
         if (empty($_REQUEST['accept_empty_email'])) {
             $import_user[$username]['is_rejected'] = true;
             $import_user[$username]['reject_reason'] .= "<p class=error>" . _('Sorry, the user must have a email address.') . "</p>\n";
             null;
         } else {
             $username_str = $db->escapeString($username);
             $db->execSqlUniqueRes("SELECT username FROM users WHERE username='******'", $user_info_username, false);
             if ($user_info_username != null) {
                 $import_user[$username]['is_rejected'] = true;
                 $import_user[$username]['reject_reason'] .= "<p class=error>" . _('Sorry, a user account already exists with the username: '******'import_confirm']) && $_REQUEST['import_confirm'] == 'true' && $import_user[$username]['is_rejected'] == false) {
         $status = ACCOUNT_STATUS_ALLOWED;
         $token = User::generateToken();
         $password_hash = $db->escapeString($user['passwd_hash']);
         $username = $db->escapeString($username);
         $email = $db->escapeString($user['email']);
         $sql = "INSERT INTO users (user_id, username,email,pass,account_status,validation_token,reg_date) VALUES ('" . get_guid() . "','{$username}','{$email}','{$password_hash}','{$status}','{$token}',CURRENT_TIMESTAMP)";
         $update_successful = $db->execSqlUpdate($sql);
         if ($update_successful) {
             //send_validation_email($email);
             $showform = false;
         } else {
             $import_user[$username]['is_rejected'] = true;
             $import_user[$username]['reject_reason'] .= "<p class=error>" . _('SQL error on: ') . "{$sql}</p>\n";
         }
     }
 }
 $html .= "<h2>" . _('Report') . "</h2>\n";
Beispiel #5
0
 /**
  * Randomly generate a new createaccount token and attach it to the current session
  */
 public static function setCreateaccountToken()
 {
     global $wgRequest;
     $wgRequest->setSessionData('wsCreateaccountToken', User::generateToken());
 }
Beispiel #6
0
/**
 * Makes a new login token for the given user and sets cookie.
 *
 * @param User $user The user to make the token for
 */
function makeNewToken($user)
{
    $expiry = time() + LOGIN_EXPIRY_TIME;
    $token = $user->generateToken($expiry);
    setcookie('medicutor_token', $token, $expiry);
}
Beispiel #7
0
 /** Create a new User in the database
  * @param $id The id to be given to the new user
  * @return the newly created User object, or null if there was an error
  */
 static function createUser($id, $username, Network $account_origin, $email, $password)
 {
     $db = AbstractDb::getObject();
     $object = null;
     $id_str = $db->escapeString($id);
     $username_str = $db->escapeString($username);
     $account_origin_str = $db->escapeString($account_origin->getId());
     $email_str = $db->escapeString($email);
     $password_hash = $db->escapeString(User::passwordHash($password));
     $status = ACCOUNT_STATUS_VALIDATION;
     $token = User::generateToken();
     $db->execSqlUpdate("INSERT INTO users (user_id,username, account_origin,email,pass,account_status,validation_token,reg_date) VALUES ('{$id_str}','{$username_str}','{$account_origin_str}','{$email_str}','{$password_hash}','{$status}','{$token}',CURRENT_TIMESTAMP)");
     $object = self::getObject($id);
     return $object;
 }
Beispiel #8
0
 $user = new User($userinfo['ID']);
 // Generate path for recovery URL
 $webroot_path = rtrim(ltrim((string) sConfig()->getVar("CONFIG/DIRECTORIES/WEBROOT"), '/'), '/');
 if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) {
     $absoluteprefix = 'https://';
 } else {
     $absoluteprefix = 'http://';
 }
 $absoluteprefix .= $_SERVER['SERVER_NAME'];
 $docpath = (string) sConfig()->getVar('CONFIG/DIRECTORIES/LOGINURL');
 if ($docpath == "") {
     $docpath = (string) sConfig()->getVar('CONFIG/DIRECTORIES/DOCPATH');
 }
 // Generate a token for this user
 $expireTS = time() + 60 * 60 * 24;
 $token = $user->generateToken($expireTS);
 if ($newUser) {
     $passwordResetUrl = $absoluteprefix . $docpath . '?action=passwordreset&newuser=1&token=' . urlencode($token);
 } else {
     $passwordResetUrl = $absoluteprefix . $docpath . '?action=passwordreset&token=' . urlencode($token);
 }
 $mail = new PHPMailer();
 $mail->Encoding = '8bit';
 $mail->CharSet = 'utf-8';
 $mail->From = '*****@*****.**';
 $mail->FromName = 'yeager CMS';
 $mail->Subject = $itext['TXT_PASSWORD_RECOVERY'];
 $mail->Body = $itext['TXT_PASSWORD_RECOVERY_EMAIL'] . "\n\n" . $passwordResetUrl;
 $mail->AddAddress($userinfo['LOGIN']);
 $smtpServer = (string) sConfig()->getVar('CONFIG/MAILINGS/SMTP');
 if ($smtpServer) {
Beispiel #9
0
 public static function setSessionKey(User $user)
 {
     global $wgRequest;
     if ($user->isAllowed('review')) {
         $key = $wgRequest->getSessionData('wsFlaggedRevsKey');
         if ($key === null) {
             // should catch login
             $key = User::generateToken($user->getId());
             // Temporary secret key attached to this session
             $wgRequest->setSessionData('wsFlaggedRevsKey', $key);
         }
     }
     return true;
 }