Ejemplo n.º 1
0
function main()
{
    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        print_r($_POST);
        echo "<br />";
        // Required Fields in the POST data //
        if (!isset($_POST['_type'])) {
            return;
        }
        if (!isset($_POST['_subtype'])) {
            return;
        }
        if (!isset($_POST['_name'])) {
            return;
        }
        if (!isset($_POST['_mail'])) {
            return;
        }
        if (!isset($_POST['_password'])) {
            return;
        }
        if (!isset($_POST['_publish'])) {
            return;
        }
        // Node Type //
        $type = sanitize_NodeType($_POST['_type']);
        if (empty($type)) {
            return;
        }
        $subtype = sanitize_NodeType($_POST['_subtype']);
        // Name/Title //
        $name = $_POST['_name'];
        // TODO: Sanitize
        // Slug //
        if (empty($_POST['_slug'])) {
            $slug = $_POST['_name'];
        } else {
            $slug = $_POST['_slug'];
        }
        $slug = sanitize_Slug($slug);
        if (empty($slug)) {
            return;
        }
        // TODO: Confirm slug is legal
        // Body //
        $body = $_POST['_body'];
        // TODO: Sanitize
        // Do we publish? //
        $publish = mb_strtolower($_POST['_publish']) == "true";
        // Email //
        $mail = sanitize_Email($_POST['_mail']);
        if (empty($mail)) {
            return;
        }
        // Password //
        $password = $_POST['_password'];
        if (empty($password)) {
            return;
        }
        $id = node_Add($type, $subtype, $slug, $name, $body, 0, 2, $publish);
        user_Add($id, $mail, $password);
        echo "Added " . $id . ".<br />";
        echo "<br />";
    }
}
Ejemplo n.º 2
0
     $password = trim($_POST['p']);
 } else {
     json_EmitError();
     // Emit a regular error, since we haven't attempted a login yet //
 }
 // If already logged in, dispose of the active session.
 if ($response['id'] !== 0) {
     user_Start();
     user_DoLogout();
     // Destroy Session
     $response['id'] = 0;
 }
 // Check the APCU cache if access attempts for this IP address is > 5, deny access.
 // On failure, increase the access attempt (APCU). Timeout in 5 minutes. Log attempt.
 // Sanitize the data
 $mail = sanitize_Email($login);
 if (!$mail) {
     $login = sanitize_Slug($login);
     if (!$login) {
         my_LoginError();
     }
 }
 $hash = null;
 /*
 	// Debug //
 	if ( $mail )
 		$response['mail'] = $mail;
 	else
 		$response['login'] = $login;
 	$response['pw'] = $password;
 */
Ejemplo n.º 3
0
function main()
{
    $out = "";
    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $out .= print_r($_POST, true);
        $out .= "<br />";
        // Required Fields in the POST data //
        if (!isset($_POST['login'])) {
            return;
        }
        if (!isset($_POST['password'])) {
            return;
        }
        //if ( !isset($_POST['hashword']) ) return;
        // Password //
        $password = $_POST['password'];
        if (empty($password)) {
            return;
        }
        $login = $_POST['login'];
        // Can Login 3 ways:
        // - User Name (slug)
        // - Email
        // - User ID
        $mail = sanitize_Email($login);
        $id = sanitize_Id($login);
        $slug = sanitize_Slug($login);
        $hash = "";
        if (!empty($mail)) {
            $out .= "By Mail<br />";
            $data = user_GetIdAndHashByMail($mail);
            $id = $data['id'];
            $hash = $data['hash'];
        } else {
            if (!empty($id)) {
                $out .= "By User ID<br />";
                $hash = user_GetHashById($id);
            } else {
                if (!empty($slug)) {
                    $out .= "By Slug<br />";
                    $id = node_GetNodeIdByParentIdAndSlug(CMW_NODE_USER, $slug);
                    if ($id > 0) {
                        $hash = user_GetHashById($id);
                    }
                } else {
                    $out .= "Bad Login Method<br />";
                }
            }
        }
        $success = user_VerifyPassword($password, $hash);
        $out .= "Verify: " . ($success ? "Success!" : "failed") . "<br />";
        if ($success) {
            user_StartSession(true);
            user_SetLoginToken();
            user_SetID($id);
            user_EndSession();
        }
        $out .= "<br />";
    }
    return $out;
}