Ejemplo n.º 1
0
 /**
  * (non-PHPdoc)
  * @see IActionController::executeAction()
  */
 public function executeAction($parameters)
 {
     $loginMethodClass = $this->_websoccer->getConfig("login_method");
     if (!class_exists($loginMethodClass)) {
         throw new Exception("Login method class does not exist: " . $loginMethodClass);
     }
     $loginMethod = new $loginMethodClass($this->_websoccer, $this->_db);
     // sign in with e-mail
     if ($this->_websoccer->getConfig("login_type") == "email") {
         $userId = $loginMethod->authenticateWithEmail($parameters["loginstr"], $parameters["loginpassword"]);
         // sign in with user name
     } else {
         $userId = $loginMethod->authenticateWithUsername($parameters["loginstr"], $parameters["loginpassword"]);
     }
     // sign in failed
     if (!$userId) {
         sleep(SLEEP_SECONDS_ON_FAILURE);
         throw new Exception($this->_i18n->getMessage("formlogin_invalid_data"));
     }
     SecurityUtil::loginFrontUserUsingApplicationSession($this->_websoccer, $userId);
     // "remember me"
     if (isset($parameters["rememberme"]) && $parameters["rememberme"] == 1) {
         $fromTable = $this->_websoccer->getConfig("db_prefix") . "_user";
         $whereCondition = "id = %d";
         $parameter = $userId;
         // get password salt
         $result = $this->_db->querySelect("passwort_salt", $fromTable, $whereCondition, $parameter);
         $saltinfo = $result->fetch_array();
         $result->free();
         $salt = $saltinfo["passwort_salt"];
         if (!strlen($salt)) {
             $salt = SecurityUtil::generatePasswordSalt();
         }
         $sessionToken = SecurityUtil::generateSessionToken($userId, $salt);
         $columns = array("tokenid" => $sessionToken, "passwort_salt" => $salt);
         $this->_db->queryUpdate($columns, $fromTable, $whereCondition, $parameter);
         CookieHelper::createCookie("user", $sessionToken, REMEMBERME_COOKIE_LIFETIME_DAYS);
     }
     return strlen($this->_websoccer->getUser()->username) ? "office" : "enter-username";
 }
Ejemplo n.º 2
0
    	$Mail->Body 		= "This is the HTML message body <b>in bold!</b>";
    	echo ($Mail->send()) ? "Success" : "Failed: ".$Mail->ErrorInfo;
    */
}
/* Administrator
	------------------------------*/
if (true && class_exists("Administrator")) {
    Administrator::$UsernameSessionField = "admin_username";
    Administrator::$PasswordSessionField = "admin_password";
    if (!isset($_SESSION[Administrator::$UsernameSessionField])) {
        $_SESSION[Administrator::$UsernameSessionField] = CookieHelper::Get(Administrator::$UsernameSessionField);
        $_SESSION[Administrator::$PasswordSessionField] = CookieHelper::Get(Administrator::$PasswordSessionField);
    }
    if (isset($_SESSION[Administrator::$UsernameSessionField])) {
        CookieHelper::Set(Administrator::$UsernameSessionField, $_SESSION[Administrator::$UsernameSessionField]);
        CookieHelper::Set(Administrator::$PasswordSessionField, $_SESSION[Administrator::$PasswordSessionField]);
        $Administrator = Administrator::GetSingle(array("username", "=", $_SESSION[Administrator::$UsernameSessionField]));
        if (substr($Administrator->Data["last_active"], 1) > time() - Administrator::$InactiveTime) {
            $Administrator->Login();
        } else {
            $Administrator->Logout();
        }
    }
    if (!isset($Administrator) || !$Administrator->LoggedIn()) {
        $Administrator = new Administrator();
    }
} else {
    if (true) {
        // Change to false to disable user loggin
        die("Administrator class required");
    }
Ejemplo n.º 3
0
 /**
  * @see IUserAuthentication::logoutUser()
  */
 public function logoutUser(User $currentUser)
 {
     if ($currentUser->getRole() == ROLE_USER) {
         $currentUser->id = null;
         $currentUser->username = null;
         $currentUser->email = null;
         $_SESSION = array();
         session_destroy();
         CookieHelper::destroyCookie('user');
     }
 }
Ejemplo n.º 4
0
 // connect to db
 if ($success) {
     $row = UserHelper::getUserRow($db, $_POST["email"], md5($_POST["password"]));
     if ($row === false) {
         $success = false;
         $message = "<span class=\"feedbackNegative\">Invalid login details</span>";
     } else {
         // restart the session, so there can never be an overlap on one machine.
         // all operations are checked atomically
         session_unset();
         session_destroy();
         session_start();
         //			$sessionid = session_id();
         SessionHelper::setSession($row);
         CookieHelper::setLoginUser($_POST["email"]);
         CookieHelper::setLoginPass(md5($_POST["password"]));
     }
 }
 //
 if ($success) {
     // they logged in using the form, send redirect headers
     //		echo "SUCCESS " . print_r($_POST); exit;
     if ($from) {
         header("Location: " . $from);
     } else {
         if (SessionHelper::isAdmin()) {
             header("Location: report_time.php");
         } else {
             header("Location: .");
         }
     }
Ejemplo n.º 5
0
<?php

session_start();
require_once "classes/sessionhelper.class.php";
require_once "classes/cookiehelper.class.php";
CookieHelper::clearLogin();
if (SessionHelper::isLoggedIn()) {
    session_unset();
    session_destroy();
    session_start();
}
header("Location: login.php");
Ejemplo n.º 6
0
<?php

/* Page setup
	------------------------------*/
$PHPZevelop->OverrideObjectData("CFG", array("PageTitle" => "Sign out"));
$Administrator->Logout();
CookieHelper::Remove(Administrator::$UsernameSessionField);
CookieHelper::Remove(Administrator::$PasswordSessionField);
header("Location: " . $PHPZevelop->CFG->SiteDirLocal);
die;