Ejemplo n.º 1
0
 public function testUserDoesntExists()
 {
     // If we get no data about the user, assume it doesn't exist
     $username = '******';
     $this->db->expects($this->once())->method('get')->with($username)->willReturn(null);
     $this->assertFalse(UserExists($this->db, $username));
 }
Ejemplo n.º 2
0
function ChangePassword($db, $username, $password)
{
    if (strlen($password) < 6) {
        throw new \Exception("Password Less then 6 char");
    }
    if (UserExists($db, $username)) {
        $db->update($username, md5($password));
    }
}
Ejemplo n.º 3
0
/**
 * Change user password
 * @param $db
 * @param $username
 * @param $password
 * @return bool
 */
function ChangePassword($db, $username, $password)
{
    // Validate password length
    if (!validatePasswordLength($password)) {
        return false;
    }
    // Check if the user exists first
    $user = UserExists($db, $username);
    if ($user) {
        $db->update($username, $password);
    }
}
Ejemplo n.º 4
0
 // Let's search if the user has already been created
 // We stablish what attributes are going to be retrieved from each entry
 $search_limit = array("uid");
 // The filter string to search through LDAP
 $search_string = "(uid=" . $uid . ")";
 // The attribute the array of entries is going to be sorted by
 $sort_string = 'uid';
 // Searching ...
 $search_entries = AssistedLDAPSearch($ldapc, $ldap_base, $search_string, $search_limit, $sort_string);
 // How much did we get?
 $result_count = $search_entries['count'];
 // If we get one result, then the user was created
 // probably the user made multiple new user petitions, created the
 // user and then forgot and clicked the confirmation email again
 if ($result_count == 1) {
     UserExists();
     // If we get more than one result, then uid is repeated on the
     // database, which is fatal
 } elseif ($result_count > 1) {
     MultipleResults();
     // If there's no results, we are ready to go!
 } elseif ($result_count == 0) {
     // Let's find out what was the last uidNumber created
     // We stablish what attributes are going to be retrieved from each entry
     $search_limit = array("uidNumber");
     // The filter string to search through LDAP
     $search_string = "(uid=maxUID)";
     // The attribute the array of entries is going to be sorted by
     $sort_string = 'uidNumber';
     // Searching ...
     $search_entries = AssistedLDAPSearch($ldapc, $ldap_base, $search_string, $search_limit, $sort_string);
Ejemplo n.º 5
0
 private function EditUserStep1()
 {
     // Show the form to edit a news
     $userId = (int) $_GET['userId'];
     $arrData = array();
     $arrPerms = array();
     if (UserExists($userId)) {
         $this->_GetUserData($userId, $arrData);
         $this->_GetPermissionData($userId, $arrPerms);
         // Does this user have permission to edit this user?
         if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->GetVendorId() && $arrData['uservendorid'] != $GLOBALS['ISC_CLASS_ADMIN_AUTH']->GetVendorId()) {
             FlashMessage(GetLang('Unauthorized'), MSG_ERROR, 'index.php?ToDo=viewUsers');
         }
         $GLOBALS['Username'] = isc_html_escape($arrData['username']);
         $GLOBALS['UserEmail'] = isc_html_escape($arrData['useremail']);
         $GLOBALS['UserFirstName'] = isc_html_escape($arrData['userfirstname']);
         $GLOBALS['UserLastName'] = isc_html_escape($arrData['userlastname']);
         $GLOBALS['XMLPath'] = sprintf("%s/xml.php", $GLOBALS['ShopPath']);
         $GLOBALS['XMLToken'] = isc_html_escape($arrData['usertoken']);
         if (!gzte11(ISC_HUGEPRINT)) {
             $GLOBALS['HideVendorOptions'] = 'display: none';
         } else {
             if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->GetVendorId()) {
                 $vendorDetails = $GLOBALS['ISC_CLASS_ADMIN_AUTH']->GetVendor();
                 $GLOBALS['HideVendorSelect'] = 'display: none';
                 $GLOBALS['Vendor'] = $vendorDetails['vendorname'];
                 $GLOBALS['HideAdminoptions'] = 'display: none';
             } else {
                 $GLOBALS['VendorList'] = $this->GetVendorList($arrData['uservendorid']);
                 $GLOBALS['HideVendorLabel'] = 'display: none';
             }
         }
         if ($arrData['userapi'] == "1") {
             $GLOBALS['IsXMLAPI'] = 'checked="checked"';
         }
         if ($arrData['userstatus'] == 0) {
             $GLOBALS['Active0'] = 'selected="selected"';
         } else {
             $GLOBALS['Active1'] = 'selected="selected"';
         }
         // Setup the permission check boxes
         foreach ($arrPerms as $k => $v) {
             $GLOBALS["Selected_" . $v] = "selected='selected'";
         }
         if ($arrData['userrole'] && $arrData['userrole'] != 'custom') {
             $GLOBALS['HidePermissionSelects'] = 'display: none';
         }
         // If the user is the super admin we need to disable some fields
         if ($userId == 1 || $arrData['username'] == "admin") {
             $GLOBALS['DisableUser'] = "******";
             $GLOBALS['DisableStatus'] = "DISABLED";
             $GLOBALS['DisableUserType'] = "DISABLED";
             $GLOBALS['DisablePermissions'] = "DISABLED";
             $GLOBALS['HideVendorOptions'] = 'display: none';
         }
         $GLOBALS['UserRoleOptions'] = $this->GetUserRoleOptions($arrData['userrole'], $arrData['uservendorid']);
         $GLOBALS['UserId'] = (int) $userId;
         $GLOBALS['FormAction'] = "editUser2";
         $GLOBALS['Title'] = GetLang('EditUser1');
         $GLOBALS['PassReq'] = "&nbsp;&nbsp;";
         /* Added below condition for applying store credit permission - vikas */
         $loggeduser = $GLOBALS['ISC_CLASS_ADMIN_AUTH']->GetUser();
         if ((int) $arrData['userstorecreditperm'] == 0) {
             $GLOBALS['StoreCreditActive0'] = 'selected="selected"';
         } else {
             $GLOBALS['StoreCreditActive1'] = 'selected="selected"';
         }
         if ($userId == 1 || $loggeduser['pk_userid'] != 1) {
             $GLOBALS['StoreCreditDisable'] = " disabled=\"\" ";
         }
         $GLOBALS['StoreCreditPermission'] = $GLOBALS['ISC_CLASS_TEMPLATE']->GetSnippet("StoreCreditPerm");
         $GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("user.form");
         $GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate();
     } else {
         // The news post doesn't exist
         if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Users)) {
             $this->ManageUsers(GetLang('UserDoesntExist'), MSG_ERROR);
         } else {
             $GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
         }
     }
 }
Ejemplo n.º 6
0
 $nu_email = PrepDBData(trim($_POST['nu_email']));
 $nu_desc = PrepDBData(trim($_POST['nu_desc']));
 $nu_faction = intval($_POST['nu_faction']);
 if (empty($nu_handle)) {
     print '<div style="color: #CC0000;">You must specify a handle name</div>';
     $nu_err = true;
 }
 if (empty($nu_email)) {
     print '<div style="color: #CC0000;">You must specify an e-mail address</div>';
     $nu_err = true;
 }
 if (empty($_POST['nu_antispam_q']) || empty($_POST['nu_antispam_a']) || empty($GLOBALS['anti-spam-questions-sha1'][$_POST['nu_antispam_q']]) || $GLOBALS['anti-spam-questions-sha1'][$_POST['nu_antispam_q']] !== $_POST['nu_antispam_a']) {
     print '<div style="color: #CC0000;">Your anti-spam answer was wrong.</div>';
     $nu_err = true;
 }
 if (UserExists($chatpath, $nu_handle) != 0) {
     print '<div style="color: #CC0000;">A user already exists with the chosen handle</div>';
     $nu_err = true;
 }
 if (!$nu_err) {
     $query = sprintf("INSERT INTO uo_chat_regapps SET chat='%s', username='******', email='%s', description='%s', faction=%d, rtime=%d, appstat=%d", $chatpath, $nu_handle, $nu_email, $nu_desc, $nu_faction, time(), 0);
     count_mysql_query($query, $handler);
     $emails = array();
     $query = "SELECT DISTINCT email\r\n\t\t\t\t\tFROM uo_chat_database\r\n\t\t\t\t\tWHERE chat='" . $chatpath . "'\r\n\t\t\t\t\tAND email IS NOT NULL AND email != ''\r\n\t\t\t\t\tAND (flags LIKE BINARY '%m%' OR flags LIKE BINARY '%A%' OR flags LIKE BINARY '%X%' OR flags LIKE BINARY '%Z%')\r\n\t\t\t\t\t";
     $rez = count_mysql_query($query, $handler);
     while ($row = mysql_fetch_assoc($rez)) {
         $row['email'] = mb_strtolower($row['email']);
         if (preg_match('/^[-@.+_\\pL\\pN\\pM]+$/u', $row['email'])) {
             $emails[] = $row['email'];
         }
     }
Ejemplo n.º 7
0
        $user_login = userExists($condition);
        $_SESSION['message']['user_login'] = "******";
        $_SESSION['db_session_id'] = $user_login['id'];
        //lastVisit($user_login['id']);
        echo "success";
    }
}
/*fb login*/
if (isset($_POST['action']) && $_POST['action'] == "fblogin") {
    $data = json_decode($_POST['response'], true);
    print_r($data);
    $location = $pieces = explode(",", $data['location']['name']);
    $login_type = "facebook";
    $profile_pic = "http://graph.facebook.com/" . $data['id'] . "/picture?type=large";
    $condition = " email = '" . $data['email'] . "' ";
    $checkUserExists = UserExists($condition);
    if ($checkUserExists['count'] == 0) {
        $fb_login = "******" . mysql_real_escape_string(strip_tags(trim($login_type))) . "',profile_image_url='" . trim($profile_pic) . "' ,";
        $fb_login .= "social_id='" . mysql_real_escape_string(strip_tags(trim($data['id']))) . "' ,username='******'first_name']))) . "' ,";
        $fb_login .= "fname='" . mysql_real_escape_string(strip_tags(trim($data['first_name']))) . "',lname='" . mysql_real_escape_string(strip_tags(trim($data['last_name']))) . "' ,";
        $fb_login .= "email='" . mysql_real_escape_string(strip_tags(trim($data['email']))) . "' ,birth_date='" . mysql_real_escape_string(strip_tags(trim($data['birthday']))) . "',";
        $fb_login .= "gender='" . mysql_real_escape_string(strip_tags(trim($data['gender']))) . "' ,city='" . mysql_real_escape_string(strip_tags(trim($location[0]))) . "',";
        echo $fb_login .= "last_login=now() ";
        die;
        $mysql = mysql_query($fb_login) or die(mysql_error());
        if ($mysql) {
            $id = mysql_insert_id();
            $_SESSION['message']['user_login'] = "******";
            $_SESSION['LoginUserId'] = $id;
            echo "success";
        } else {
Ejemplo n.º 8
0
<?php

include 'models/expire.php';
include 'models/users.php';
include 'models/database.php';
include 'models/datetime.php';
if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['e-mail'])) {
    $username = $_POST['username'];
    $password = $_POST['password'];
    $email = $_POST['e-mail'];
    $now = datetime();
    $exists = UserExists($username);
    if (!$exists) {
        $userid = CreateUser($username, $password, $email, $now);
        setcookie('username', $username, $expire);
        setcookie('userid', $userid, $expire);
        header('Location: index.php');
    } else {
        header('Location: register.php?exists=true');
    }
} else {
    header('Location: register.php?missing=true');
}
Ejemplo n.º 9
0
<?php

if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    require "analyze.php";
    $results = array();
    //check if user id is valid
    $userid = $_GET['user'];
    $exists = UserExists($userid);
    if ($exists == "no user") {
        //if the user id is invalid return a message
        header('Content-Type: application/json; charset=utf-8');
        echo json_encode("Invalid user ID");
    } else {
        Analyze($userid, $results);
        header('Content-Type: application/json; charset=utf-8');
        echo json_encode($results, true);
    }
}
function UserExists($userid)
{
    //connect to the database
    $con = mysqli_connect("eu-cdbr-azure-west-a.cloudapp.net", "b8592f1b44ff9a", "fecb2128", "TeamProject");
    $query = "SELECT ID FROM UserP WHERE ID=" . $userid;
    $result = mysqli_query($con, $query);
    if (mysqli_num_rows($result) > 0) {
        $result = "exists";
    } else {
        $result = "no user";
    }
    mysqli_close($con);
    return $result;
Ejemplo n.º 10
0
function IsUser($Name)
{
    return UserExists($Name);
}
Ejemplo n.º 11
0
} else {
    if (isset($_GET["no"]) && $_GET["no"] == "2") {
        //this is the function to load the data from the database and show it to the Front end.
        LoadData($_GET["email"], $_GET["id"]);
    } else {
        if (isset($_GET["no"]) && $_GET["no"] == "3") {
            //for saving/updating the interests thing.
            SaveUpdateInterests($_GET["id"], $_GET["email"], $_GET["i1"], $_GET["i2"], $_GET["i3"], $_GET["i4"], $_GET["i5"], $_GET["i6"], $_GET["i7"]);
        } else {
            if (isset($_GET["no"]) && $_GET["no"] == "4") {
                //for getting all the users from the database
                GetAllUsers($_GET["email"]);
            } else {
                if (isset($_GET["no"]) && $_GET["no"] == "5") {
                    //for getting all the users from the database
                    UserExists($_GET["email"], $_GET["id"]);
                } else {
                    if (isset($_GET["no"]) && $_GET["no"] == "6") {
                        //for getting all the users from the database
                        SetCookieID($_GET["email"]);
                    } else {
                        if (isset($_GET["no"]) && $_GET["no"] == "7") {
                            //for getting all the users from the database
                            GetSearchList($_GET["searchKey"]);
                        } else {
                            if (isset($_GET["no"]) && $_GET["no"] == "8") {
                                //for getting all the users from the database
                                GetSearchByExpertise($_GET["i1"], $_GET["i2"], $_GET["i5"], $_GET["i6"], $_GET["i7"]);
                            } else {
                                if (isset($_GET["no"]) && $_GET["no"] == "9") {
                                    SendConnectionRequestToAdmin($_GET["requestFrom"], $_GET["requestForEmail"], $_GET["requestForId"], $_GET["requestText"]);
Ejemplo n.º 12
0
	private function EditUserStep1()
	{
		// Show the form to edit a news
		$userId = (int)$_GET['userId'];
		$arrData = array();

		if(UserExists($userId)) {
			$this->_GetUserData($userId, $arrData);
			$arrPerms = $this->_GetPermissionData($userId);

			// Does this user have permission to edit this user?
			if($GLOBALS['ISC_CLASS_ADMIN_AUTH']->GetVendorId() && $arrData['uservendorid'] != $GLOBALS['ISC_CLASS_ADMIN_AUTH']->GetVendorId()) {
				FlashMessage(GetLang('Unauthorized'), MSG_ERROR, 'index.php?ToDo=viewUsers');
			}

			$GLOBALS['Username'] = isc_html_escape($arrData['username']);
			$GLOBALS['UserEmail'] = isc_html_escape($arrData['useremail']);
			$GLOBALS['UserFirstName'] = isc_html_escape($arrData['userfirstname']);
			$GLOBALS['UserLastName'] = isc_html_escape($arrData['userlastname']);

			$GLOBALS['XMLPath'] = sprintf("%s/xml.php", $GLOBALS['ShopPath']);
			$GLOBALS['XMLToken'] = isc_html_escape($arrData['usertoken']);

			if(!gzte11(ISC_HUGEPRINT)) {
				$GLOBALS['HideVendorOptions'] = 'display: none';
			}
			else {
				if($GLOBALS['ISC_CLASS_ADMIN_AUTH']->GetVendorId()) {
					$vendorDetails = $GLOBALS['ISC_CLASS_ADMIN_AUTH']->GetVendor();
					$GLOBALS['HideVendorSelect'] = 'display: none';
					$GLOBALS['Vendor'] = $vendorDetails['vendorname'];
					$GLOBALS['HideAdminoptions'] = 'display: none';
				}
				else {
					$GLOBALS['VendorList'] = $this->GetVendorList($arrData['uservendorid']);
					$GLOBALS['HideVendorLabel'] = 'display: none';
				}
			}

			if($arrData['userapi'] == "1") {
				$GLOBALS['IsXMLAPI'] = 'checked="checked"';
			}

			if($arrData['userstatus'] == 0) {
				$GLOBALS['Active0'] = 'selected="selected"';
			} else {
				$GLOBALS['Active1'] = 'selected="selected"';
			}

			if($arrData['userrole'] && $arrData['userrole'] != 'custom') {
				$GLOBALS['HidePermissionSelects'] = 'display: none';
			}

			// If the user is the super admin we need to disable some fields
			if($userId == 1 || $arrData['username'] == "admin") {
				$GLOBALS['DisableUser'] = "******";
				$GLOBALS['DisableStatus'] = "DISABLED";
				$GLOBALS['DisableUserType'] = "DISABLED";
				$GLOBALS['DisablePermissions'] = "DISABLED";
				$GLOBALS['HideVendorOptions'] = 'display: none';
			}

			$GLOBALS['PermissionSelects'] = $this->GeneratePermissionRows($arrData, $arrPerms);
			$GLOBALS['UserRoleOptions'] = $this->GetUserRoleOptions($arrData['userrole'], $arrData['uservendorid']);

			$GLOBALS['UserId'] = (int) $userId;
			$GLOBALS['FormAction'] = "editUser2";
			$GLOBALS['Title'] = GetLang('EditUser1');
			$GLOBALS['PassReq'] = "&nbsp;&nbsp;";

			$this->template->assign('FlashMessages', GetFlashMessageBoxes());
			$this->template->assign('PCIPasswordMinLen', GetConfig('PCIPasswordMinLen'));
			$this->template->display('user.form.tpl');
		}
		else {
			// The news post doesn't exist
			if($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Users)) {
				$this->ManageUsers(GetLang('UserDoesntExist'), MSG_ERROR);
			} else {
				$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
			}
		}
	}