public function step1()
 {
     $iAffId = (int) (new Cookie())->get(AffiliateCore::COOKIE_NAME);
     $sRef = $this->session->exists('joinRef') ? $this->session->get('joinRef') : t('No reference');
     // Statistics
     $this->session->remove('joinRef');
     $aData = ['email' => $this->httpRequest->post('mail'), 'username' => $this->httpRequest->post('username'), 'first_name' => $this->httpRequest->post('first_name'), 'reference' => $sRef, 'ip' => Ip::get(), 'hash_validation' => Various::genRnd(), 'current_date' => (new CDateTime())->get()->dateTime('Y-m-d H:i:s'), 'is_active' => $this->iActiveType, 'group_id' => (int) DbConfig::getSetting('defaultMembershipGroupId'), 'affiliated_id' => $iAffId];
     $aData += ['password' => Security::hashPwd($this->httpRequest->post('password'))];
     $iTimeDelay = (int) DbConfig::getSetting('timeDelayUserRegistration');
     if (!$this->oUserModel->checkWaitJoin($aData['ip'], $iTimeDelay, $aData['current_date'])) {
         \PFBC\Form::setError('form_join_user', Form::waitRegistrationMsg($iTimeDelay));
     } elseif (!$this->oUserModel->join($aData)) {
         \PFBC\Form::setError('form_join_user', t('An error occurred during registration!<br />
         Please try again with other information in the form fields or come back later.'));
     } else {
         // Successful registration in the database for step 1!
         /** Update the Affiliate Commission **/
         if ($this->iActiveType == 0) {
             // Only if the user's account is already activated.
             AffiliateCore::updateJoinCom($iAffId, $this->config, $this->registry);
         }
         // Send email
         $this->oRegistration->sendMail($aData);
         $this->session->set('mail_step1', $this->httpRequest->post('mail'));
         HeaderUrl::redirect(Uri::get('user', 'signup', 'step2'));
     }
 }
 public function __construct()
 {
     parent::__construct();
     $oUserModel = new UserCoreModel();
     $oSecurityModel = new SecurityModel();
     $sEmail = $this->httpRequest->post('mail');
     $sPassword = $this->httpRequest->post('password');
     /** Check if the connection is not locked **/
     $bIsLoginAttempt = (bool) DbConfig::getSetting('isUserLoginAttempt');
     $iMaxAttempts = (int) DbConfig::getSetting('maxUserLoginAttempts');
     $iTimeDelay = (int) DbConfig::getSetting('loginUserAttemptTime');
     if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view)) {
         \PFBC\Form::setError('form_login_user', Form::loginAttemptsExceededMsg($iTimeDelay));
         return;
         // Stop execution of the method.
     }
     // Check Login
     $sLogin = $oUserModel->login($sEmail, $sPassword);
     if ($sLogin === 'email_does_not_exist' || $sLogin === 'password_does_not_exist') {
         sleep(1);
         // Security against brute-force attack to avoid drowning the server and the database
         if ($sLogin === 'email_does_not_exist') {
             $this->session->set('captcha_enabled', 1);
             // Enable Captcha
             \PFBC\Form::setError('form_login_user', t('Oops! "%0%" is not associated with any %site_name% account.', escape(substr($sEmail, 0, PH7_MAX_EMAIL_LENGTH))));
             $oSecurityModel->addLoginLog($sEmail, 'Guest', 'No Password', 'Failed! Incorrect Username');
         } elseif ($sLogin === 'password_does_not_exist') {
             $oSecurityModel->addLoginLog($sEmail, 'Guest', $sPassword, 'Failed! Incorrect Password');
             if ($bIsLoginAttempt) {
                 $oSecurityModel->addLoginAttempt();
             }
             $this->session->set('captcha_enabled', 1);
             // Enable Captcha
             $sWrongPwdTxt = t('Oops! This password you entered is incorrect.') . '<br />';
             $sWrongPwdTxt .= t('Please try again (make sure your caps lock is off).') . '<br />';
             $sWrongPwdTxt .= t('Forgot your password? <a href="%0%">Request a new one</a>.', Uri::get('lost-password', 'main', 'forgot', 'user'));
             \PFBC\Form::setError('form_login_user', $sWrongPwdTxt);
         }
     } else {
         $oSecurityModel->clearLoginAttempts();
         $this->session->remove('captcha_enabled');
         $iId = $oUserModel->getId($sEmail);
         $oUserData = $oUserModel->readProfile($iId);
         if ($this->httpRequest->postExists('remember')) {
             // We hash again the password
             (new Framework\Cookie\Cookie())->set(array('member_remember' => Security::hashCookie($oUserData->password), 'member_id' => $oUserData->profileId));
         }
         $oUser = new UserCore();
         if (true !== ($mStatus = $oUser->checkAccountStatus($oUserData))) {
             \PFBC\Form::setError('form_login_user', $mStatus);
         } else {
             $oUser->setAuth($oUserData, $oUserModel, $this->session);
             Header::redirect(Uri::get('user', 'account', 'index'), t('You are successfully logged!'));
         }
     }
 }
 /**
  * Adding an Admin.
  *
  * @param array $aData
  * @return integer The ID of the Admin.
  */
 public function add(array $aData)
 {
     $sCurrentDate = (new Framework\Date\CDateTime())->get()->dateTime('Y-m-d H:i:s');
     $rStmt = Db::getInstance()->prepare('INSERT INTO' . Db::prefix('Admins') . '(email, username, password, firstName, lastName, sex, timeZone, ip, joinDate, lastActivity)
     VALUES (:email, :username, :password, :firstName, :lastName, :sex, :timeZone, :ip, :joinDate, :lastActivity)');
     $rStmt->bindValue(':email', $aData['email'], \PDO::PARAM_STR);
     $rStmt->bindValue(':username', $aData['username'], \PDO::PARAM_STR);
     $rStmt->bindValue(':password', Security::hashPwd($aData['password']), \PDO::PARAM_STR);
     $rStmt->bindValue(':firstName', $aData['first_name'], \PDO::PARAM_STR);
     $rStmt->bindValue(':lastName', $aData['last_name'], \PDO::PARAM_STR);
     $rStmt->bindValue(':sex', $aData['sex'], \PDO::PARAM_STR);
     $rStmt->bindValue(':timeZone', $aData['time_zone'], \PDO::PARAM_STR);
     $rStmt->bindValue(':ip', $aData['ip'], \PDO::PARAM_STR);
     $rStmt->bindValue(':joinDate', $sCurrentDate, \PDO::PARAM_STR);
     $rStmt->bindValue(':lastActivity', $sCurrentDate, \PDO::PARAM_STR);
     $rStmt->execute();
     Db::free($rStmt);
     return Db::getInstance()->lastInsertId();
 }
Beispiel #4
0
 /**
  * Adding a User.
  *
  * @param array $aData
  * @return integer The ID of the User.
  */
 public function add(array $aData)
 {
     $rStmt = Db::getInstance()->prepare('INSERT INTO' . Db::prefix('Members') . '(email, username, password, firstName, lastName, sex, matchSex, birthDate, active, ip, hashValidation, joinDate, lastActivity, groupId)
         VALUES (:email, :username, :password, :firstName, :lastName, :sex, :matchSex, :birthDate, :active, :ip, :hashValidation, :joinDate, :lastActivity, :groupId)');
     $rStmt->bindValue(':email', trim($aData['email']), \PDO::PARAM_STR);
     $rStmt->bindValue(':username', trim($aData['username']), \PDO::PARAM_STR);
     $rStmt->bindValue(':password', Security::hashPwd($aData['password']), \PDO::PARAM_STR);
     $rStmt->bindValue(':firstName', $aData['first_name'], \PDO::PARAM_STR);
     $rStmt->bindValue(':lastName', $aData['last_name'], \PDO::PARAM_STR);
     $rStmt->bindValue(':sex', $aData['sex'], \PDO::PARAM_STR);
     $rStmt->bindValue(':matchSex', Form::setVal($aData['match_sex']), \PDO::PARAM_STR);
     $rStmt->bindValue(':birthDate', $aData['birth_date'], \PDO::PARAM_STR);
     $rStmt->bindValue(':active', !empty($aData['is_active']) ? $aData['is_active'] : 1, \PDO::PARAM_INT);
     $rStmt->bindValue(':ip', $aData['ip'], \PDO::PARAM_STR);
     $rStmt->bindParam(':hashValidation', !empty($aData['hash_validation']) ? $aData['hash_validation'] : null, \PDO::PARAM_STR, 40);
     $rStmt->bindValue(':joinDate', $this->sCurrentDate, \PDO::PARAM_STR);
     $rStmt->bindValue(':lastActivity', $this->sCurrentDate, \PDO::PARAM_STR);
     $rStmt->bindValue(':groupId', (int) DbConfig::getSetting('defaultMembershipGroupId'), \PDO::PARAM_INT);
     $rStmt->execute();
     $this->setKeyId(Db::getInstance()->lastInsertId());
     // Set the user's ID
     Db::free($rStmt);
     $this->setInfoFields($aData);
     $this->setDefaultPrivacySetting();
     $this->setDefaultNotification();
     return $this->getKeyId();
 }
 /**
  * Adding an Affiliate.
  *
  * @param array $aData
  * @return integer The ID of the Affiliate.
  */
 public function add(array $aData)
 {
     $sCurrentDate = (new Framework\Date\CDateTime())->get()->dateTime('Y-m-d H:i:s');
     $rStmt = Db::getInstance()->prepare('INSERT INTO' . Db::prefix('Affiliates') . '(email, username, password, firstName, lastName, sex, birthDate, bankAccount, ip, joinDate, lastActivity)
     VALUES (:email, :username, :password, :firstName, :lastName, :sex, :birthDate, :bankAccount, :ip, :joinDate, :lastActivity)');
     $rStmt->bindValue(':email', trim($aData['email']), \PDO::PARAM_STR);
     $rStmt->bindValue(':username', trim($aData['username']), \PDO::PARAM_STR);
     $rStmt->bindValue(':password', Security::hashPwd($aData['password']), \PDO::PARAM_STR);
     $rStmt->bindValue(':firstName', $aData['first_name'], \PDO::PARAM_STR);
     $rStmt->bindValue(':lastName', $aData['last_name'], \PDO::PARAM_STR);
     $rStmt->bindValue(':sex', $aData['sex'], \PDO::PARAM_STR);
     $rStmt->bindValue(':birthDate', $aData['birth_date'], \PDO::PARAM_STR);
     $rStmt->bindValue(':bankAccount', $aData['bank_account'], \PDO::PARAM_STR);
     $rStmt->bindValue(':ip', $aData['ip'], \PDO::PARAM_STR);
     $rStmt->bindValue(':joinDate', $sCurrentDate, \PDO::PARAM_STR);
     $rStmt->bindValue(':lastActivity', $sCurrentDate, \PDO::PARAM_STR);
     $rStmt->execute();
     $this->setKeyId(Db::getInstance()->lastInsertId());
     // Set the affiliate's ID
     Db::free($rStmt);
     $this->setInfoFields($aData);
     return $this->getKeyId();
 }
Beispiel #6
0
 /**
  * Get the status copyright, no copyright (true) = No trace of our society (the manufacturer, vendor), link, text, banner, etc.
  *
  * @access private
  * @return boolean
  */
 private function _copyright()
 {
     return Security::hash($this->_sLicCopyright, 80) === 'cb1380e2e43751907b15039298d7473a26c55ec05d814d08d9505b05a50aeade35fb4f5bb0553b1c';
 }