Ejemplo n.º 1
0
 function test_password()
 {
     $user = new User();
     $rand = md5(rand());
     $user->username = '******' . $rand;
     $user->fullname = 'This is the name';
     $user->email = "{$rand}@email.com";
     $user->save();
     $user->set_password('abc.com');
     $this->assertTrue($user->check_password('abc.com'));
     $this->assertFalse($user->check_password('abc.codffdm'));
     //to check with the DB
     $user_g = User::by_email($user->email);
     $this->assertTrue($user_g->check_password('abc.com'));
     $this->assertFalse($user_g->check_password('abc.codffdm'));
 }
Ejemplo n.º 2
0
 function page_user($path)
 {
     if (count($path) > 0) {
         switch ($path[0]) {
             case 'login':
                 if (isset($_POST['login']) && isset($_POST['password'])) {
                     $user = new User($_POST['login']);
                     if ($user->check_password($_POST['password'])) {
                         $_SESSION['User'] = $user;
                         $this->flash_success("Login successful");
                         $this->go_back();
                     } else {
                         $this->flash_error("Invalid credentials");
                         $this->smarty->assign('login', $_POST['login']);
                     }
                 }
                 $this->content = './tpl/user/login.tpl';
                 break;
             case 'logout':
                 session_destroy();
                 session_start();
                 $this->flash_success("Logout successful");
                 $this->go_to('/');
                 break;
             case 'settings':
                 break;
             default:
                 $this->page_404($path);
         }
     } else {
         $this->page_404($path);
     }
 }
Ejemplo n.º 3
0
 function verify_password()
 {
     if ($this->method === 'post') {
         $u = new User();
         $u->get_by_id($this->auth_user_id);
         if ($u->exists()) {
             if ($u->check_password($_POST['password'])) {
                 exit;
             } else {
                 $this->error('403', 'Password does not match');
                 return;
             }
         } else {
             $this->error('404', 'User not found.');
             return;
         }
     } else {
         $this->error('400', 'Bad request');
         return;
     }
 }
Ejemplo n.º 4
0
 /**
  * @see AuthInterface::login()
  * @param string $username
  * @param string $password
  * @return bool
  */
 public function login($username, $password)
 {
     if ($username and $password) {
         $system_log = new SystemLog(null);
         if (User::exist_username($username)) {
             $user_id = User::get_user_id_by_username($username);
             $user = new User($user_id);
             if ($user->check_password($password)) {
                 if ($user->get_boolean_user_entry("user_inactive") == false) {
                     $session = new Session(null);
                     $session_id = $session->create($user_id);
                     $this->session_id = $session_id;
                     if ($user->get_boolean_user_entry("must_change_password") == true) {
                         $session->write_value("must_change_password", true, true);
                     }
                     if ($user->get_boolean_user_entry("user_locked") == true) {
                         $session->write_value("user_locked", true, false);
                     }
                     // Login Successful
                     $system_log->create($user_id, 1, 1, "Login Successful", "Login", "auth.php", null, null);
                     return true;
                 } else {
                     // Inactive Login
                     $system_log->create($user_id, 1, 1, "Inactive User", "Login", "auth.php", null, null);
                     return false;
                 }
             } else {
                 // Wring Password
                 $system_log->create($user_id, 1, 0, "Wrong Password", "Login", "auth.php", null, null);
                 return false;
             }
         } else {
             // User Not Found
             $system_log->create(null, 1, 0, "User \"" . $username . "\" Not Found", "Login", "auth.php", null, null);
             return false;
         }
     } else {
         return false;
     }
 }
Ejemplo n.º 5
0
<?php

include 'db/db.php';
$password = $_REQUEST['pass'];
session_start();
include 'classes/User.php';
$us = new User();
$check = $us->check_password($password);
if ($check == 0) {
    echo '<span style="color:red;">Incorrect Current Password.</span>';
} else {
    echo '';
}
Ejemplo n.º 6
0
-->
<?php 
//include
include '../../controllers/account/User.php';
// Class User
$Pseudo_login = NULL;
/**< Username  */
$Password_login = NULL;
/**< Password of username (tempo.) */
$acces_granted = NULL;
/**< Acces granted or denied */
$User = new User();
/**< The User object */
if (verifyUsernameLogin() && verifyPasswordLogin()) {
    $User->set_email_or_pseudo($_POST['Pseudo_login']);
    if ($User->check_password($_POST['Password'])) {
        //return to index.php
        session_unset();
        $_SESSION = array();
        /**< PHP session  */
        $_SESSION['username'] = $User->get_username();
        $_SESSION['access'] = true;
        echo '<script>window.location = "../stations/show_measure.php";</script>';
    } else {
        $acces_granted = "Informations are not valids";
    }
}
/**  
 * @see verifyUsernameLogin() User field can't be empty
 * @return boolean FALSE == empty, TRUE == Filled
 */
Ejemplo n.º 7
0
 function index()
 {
     // GC old sessions
     if ($this->method !== 'delete') {
         $gc = new Application();
         $gc->where('role', 'god')->where('created_on <', strtotime('-14 days'))->get();
         $gc->delete_all();
     }
     if ($this->method == 'get') {
         $auth = $this->authenticate();
         if ($auth) {
             $user_id = $auth[0];
             $u = new User();
             $u->get_by_id($user_id);
             if ($u->exists()) {
                 $this->set_response_data(array('token' => $auth[1], 'user' => $u->to_array()));
             } else {
                 $this->error('404', 'User not found.');
                 return;
             }
         } else {
             $this->error('404', 'Session not found.');
             return;
         }
     } else {
         switch ($this->method) {
             case 'post':
                 $u = new User();
                 if ($this->input->post('email') && $this->input->post('password')) {
                     $u->where('email', $this->input->post('email'))->limit(1)->get();
                     if ($u->exists() && $u->check_password($this->input->post('password'))) {
                         $u->create_session($this->session, $this->input->post('remember') === 'on');
                     } else {
                         $this->error('404', 'User not found.');
                         return;
                     }
                 } else {
                     $this->error('403', 'Required parameters "email" and/or "password" are not present.');
                     return;
                 }
                 $this->redirect("/sessions");
                 break;
             case 'delete':
                 $auth = $this->authenticate();
                 if (!$auth) {
                     $this->error('401', 'Not authorized to perform this action.');
                     return;
                 }
                 $a = new Application();
                 $a->where('token', $auth[1])->get();
                 $a->delete();
                 $user_id = $auth[0];
                 $u = new User();
                 $u->get_by_id($user_id);
                 $u->remember_me = null;
                 $u->save();
                 $this->load->helper('cookie');
                 delete_cookie('remember_me');
                 $this->session->sess_destroy();
                 exit;
                 break;
         }
     }
 }
Ejemplo n.º 8
0
    unset($update_login);
    if ($success === false) {
        $_SESSION['success'] = "Ошибка при обновлении";
        return false;
    } else {
        $_SESSION['success'] = "Логин успешно обновлен";
        header("Location: /reg/user/" . $_SESSION['user']['login']);
        exit;
    }
} elseif (isset($_POST['sub']) && $_POST['captcha'] !== $_SESSION['captcha']) {
    $_SESSION['user_error_captcha'] = "Не верный код капчи";
}
//смена пароля
if (isset($_POST['sub_pass']) && $_POST['captcha_pass'] == $_SESSION['captcha']) {
    $update_pass = new User();
    $passwords = $update_pass->check_password($_POST['password_old']);
    $passwords_new = $update_pass->check_password($_POST['new_pass']);
    if ($passwords_new === false) {
        $_SESSION['user_error_new_pass'] = "******";
        return false;
    }
    if ($_POST['password_old'] !== $_POST['password1_old']) {
        $_SESSION['user_error_old_pass'] = "******";
        return false;
    }
    $row = array();
    $row['pass'] = $passwords_new;
    $row['login'] = $_SESSION['user']['login'];
    $success = $update_pass->update_pass($row);
    unset($update_pass);
    if ($success === false) {