PHP gpsession::CheckPassword Beispiele

Programmiersprache: PHP

Klasse / Typ: gpsession

Methode / Funktion: CheckPassword

Beispiele auf hotexamples.com: 1

PHP gpsession::CheckPassword - 1 Beispiele gefunden. Dies sind die am besten bewerteten PHP Beispiele für die gpsession::CheckPassword, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Häufig verwendete Methoden

Anzeigen Verbergen

cookie(5)

create(5)

PassAlgo(4)

start(3)

GPUIVars(2)

SetSessionFileName(2)

SetGPUI(2)

SessionData(1)

init(1)

gpui_defaults(1)

clientIP(1)

checksum(1)

auth_browseruid(1)

UpdateFileName(1)

UpdateAttempts(1)

StripPost(1)

CheckPassword(1)

SessionCookie(1)

CheckPosts(1)

SaveSetting(1)

SaveSessionIds(1)

SaveGPUI(1)

LogOut(1)

Init(1)

IncorrectLogin(1)

GetSessionIds(1)

GetLoginUser(1)

Cron(1)

CleanTemp(1)

CleanSession(1)

ServerName(1)

Beispiel #1

Datei anzeigen

Datei: sessions.php Projekt: rizub4u/gpEasy-CMS

 function LogIn()
 {
     global $dataDir, $langmessage, $gp_internal_redir, $config;
     // check nonce
     // expire the nonce after 10 minutes
     if (!common::verify_nonce('login_nonce', $_POST['login_nonce'], true, 300)) {
         message($langmessage['OOPS'] . ' (Expired Nonce)');
         return;
     }
     if (!isset($_COOKIE['g']) && !isset($_COOKIE[gp_session_cookie])) {
         message($langmessage['COOKIES_REQUIRED']);
         $gp_internal_redir = 'Admin_Main';
         return false;
     }
     //delete the entry in $sessions if we're going to create another one with login
     if (isset($_COOKIE[gp_session_cookie])) {
         gpsession::CleanSession($_COOKIE[gp_session_cookie]);
     }
     include $dataDir . '/data/_site/users.php';
     $username = gpsession::GetLoginUser($users);
     if ($username === false) {
         gpsession::IncorrectLogin('1');
         return false;
     }
     $users[$username] += array('attempts' => 0, 'granted' => '', 'editing' => '');
     $userinfo = $users[$username];
     //Check Attempts
     if ($userinfo['attempts'] >= 5) {
         $timeDiff = (time() - $userinfo['lastattempt']) / 60;
         //minutes
         if ($timeDiff < 10) {
             message($langmessage['LOGIN_BLOCK'], ceil(10 - $timeDiff));
             $gp_internal_redir = 'Admin_Main';
             return false;
         }
     }
     //check against password sent to a user's email address from the forgot_password form
     $passed = false;
     if (!empty($userinfo['newpass']) && gpsession::CheckPassword($userinfo['newpass'])) {
         $userinfo['password'] = $userinfo['newpass'];
         $passed = true;
         //check password
     } elseif (gpsession::CheckPassword($userinfo['password'])) {
         $passed = true;
     }
     //if passwords don't match
     if ($passed !== true) {
         gpsession::IncorrectLogin('2');
         gpsession::UpdateAttempts($users, $username);
         return false;
     }
     //will be saved in UpdateAttempts
     if (isset($userinfo['newpass'])) {
         unset($userinfo['newpass']);
     }
     $session_id = gpsession::create($userinfo, $username);
     if (!$session_id) {
         message($langmessage['OOPS'] . ' (Data Not Saved)');
         gpsession::UpdateAttempts($users, $username, true);
         return false;
     }
     $logged_in = gpsession::start($session_id);
     if ($logged_in === true) {
         message($langmessage['logged_in']);
     } elseif ($logged_in === 'locked') {
         $logged_in = false;
     }
     //need to save the user info regardless of success or not
     //also saves file_name in users.php
     $users[$username] = $userinfo;
     gpsession::UpdateAttempts($users, $username, true);
     return $logged_in;
 }