/** * (non-PHPdoc) * @see IActionController::executeAction() */ public function executeAction($parameters) { $loginMethodClass = $this->_websoccer->getConfig("login_method"); if (!class_exists($loginMethodClass)) { throw new Exception("Login method class does not exist: " . $loginMethodClass); } $loginMethod = new $loginMethodClass($this->_websoccer, $this->_db); // sign in with e-mail if ($this->_websoccer->getConfig("login_type") == "email") { $userId = $loginMethod->authenticateWithEmail($parameters["loginstr"], $parameters["loginpassword"]); // sign in with user name } else { $userId = $loginMethod->authenticateWithUsername($parameters["loginstr"], $parameters["loginpassword"]); } // sign in failed if (!$userId) { sleep(SLEEP_SECONDS_ON_FAILURE); throw new Exception($this->_i18n->getMessage("formlogin_invalid_data")); } SecurityUtil::loginFrontUserUsingApplicationSession($this->_websoccer, $userId); // "remember me" if (isset($parameters["rememberme"]) && $parameters["rememberme"] == 1) { $fromTable = $this->_websoccer->getConfig("db_prefix") . "_user"; $whereCondition = "id = %d"; $parameter = $userId; // get password salt $result = $this->_db->querySelect("passwort_salt", $fromTable, $whereCondition, $parameter); $saltinfo = $result->fetch_array(); $result->free(); $salt = $saltinfo["passwort_salt"]; if (!strlen($salt)) { $salt = SecurityUtil::generatePasswordSalt(); } $sessionToken = SecurityUtil::generateSessionToken($userId, $salt); $columns = array("tokenid" => $sessionToken, "passwort_salt" => $salt); $this->_db->queryUpdate($columns, $fromTable, $whereCondition, $parameter); CookieHelper::createCookie("user", $sessionToken, REMEMBERME_COOKIE_LIFETIME_DAYS); } return strlen($this->_websoccer->getUser()->username) ? "office" : "enter-username"; }
$Mail->Body = "This is the HTML message body <b>in bold!</b>"; echo ($Mail->send()) ? "Success" : "Failed: ".$Mail->ErrorInfo; */ } /* Administrator ------------------------------*/ if (true && class_exists("Administrator")) { Administrator::$UsernameSessionField = "admin_username"; Administrator::$PasswordSessionField = "admin_password"; if (!isset($_SESSION[Administrator::$UsernameSessionField])) { $_SESSION[Administrator::$UsernameSessionField] = CookieHelper::Get(Administrator::$UsernameSessionField); $_SESSION[Administrator::$PasswordSessionField] = CookieHelper::Get(Administrator::$PasswordSessionField); } if (isset($_SESSION[Administrator::$UsernameSessionField])) { CookieHelper::Set(Administrator::$UsernameSessionField, $_SESSION[Administrator::$UsernameSessionField]); CookieHelper::Set(Administrator::$PasswordSessionField, $_SESSION[Administrator::$PasswordSessionField]); $Administrator = Administrator::GetSingle(array("username", "=", $_SESSION[Administrator::$UsernameSessionField])); if (substr($Administrator->Data["last_active"], 1) > time() - Administrator::$InactiveTime) { $Administrator->Login(); } else { $Administrator->Logout(); } } if (!isset($Administrator) || !$Administrator->LoggedIn()) { $Administrator = new Administrator(); } } else { if (true) { // Change to false to disable user loggin die("Administrator class required"); }
/** * @see IUserAuthentication::logoutUser() */ public function logoutUser(User $currentUser) { if ($currentUser->getRole() == ROLE_USER) { $currentUser->id = null; $currentUser->username = null; $currentUser->email = null; $_SESSION = array(); session_destroy(); CookieHelper::destroyCookie('user'); } }
// connect to db if ($success) { $row = UserHelper::getUserRow($db, $_POST["email"], md5($_POST["password"])); if ($row === false) { $success = false; $message = "<span class=\"feedbackNegative\">Invalid login details</span>"; } else { // restart the session, so there can never be an overlap on one machine. // all operations are checked atomically session_unset(); session_destroy(); session_start(); // $sessionid = session_id(); SessionHelper::setSession($row); CookieHelper::setLoginUser($_POST["email"]); CookieHelper::setLoginPass(md5($_POST["password"])); } } // if ($success) { // they logged in using the form, send redirect headers // echo "SUCCESS " . print_r($_POST); exit; if ($from) { header("Location: " . $from); } else { if (SessionHelper::isAdmin()) { header("Location: report_time.php"); } else { header("Location: ."); } }
<?php session_start(); require_once "classes/sessionhelper.class.php"; require_once "classes/cookiehelper.class.php"; CookieHelper::clearLogin(); if (SessionHelper::isLoggedIn()) { session_unset(); session_destroy(); session_start(); } header("Location: login.php");
<?php /* Page setup ------------------------------*/ $PHPZevelop->OverrideObjectData("CFG", array("PageTitle" => "Sign out")); $Administrator->Logout(); CookieHelper::Remove(Administrator::$UsernameSessionField); CookieHelper::Remove(Administrator::$PasswordSessionField); header("Location: " . $PHPZevelop->CFG->SiteDirLocal); die;