function login_authenticate($db, $username, $password)
{
if ($row = login_check_credential($db, $username, $password)) {
fAuthorization::setUserToken(array('id' => $row['id'], 'name' => $username, 'email' => $row['email'], 'display_name' => $row['display_name']));
return true;
}
return false;
}
<?php
include './resources/init.php';
if (isset($_POST['type'])) {
if ($_POST['type'] == "logout") {
fAuthorization::destroyUserInfo();
} else {
if ($_POST['type'] == "login") {
try {
$user = new User($_POST['username']);
} catch (fException $e) {
fURL::redirect(URL_ROOT . "authentication.php");
}
if (sha1($_POST['password']) == $user->getPassword()) {
fAuthorization::setUserAuthLevel($user->getLevel());
fAuthorization::setUserToken($_POST['username']);
fURL::redirect(fAuthorization::getRequestedUrl(true, URL_ROOT . "inventory.php"));
} else {
fURL::redirect(URL_ROOT . "authentication.php");
}
}
}
} else {
if (isset($_GET['type']) == "logout") {
fAuthorization::destroyUserInfo();
}
}
$tmpl->place('header');
$tmpl->place('menu');
?>
<div class="span-24 last">
public function testUserToken()
{
$this->assertEquals(NULL, fAuthorization::getUserToken());
fAuthorization::setUserToken('*****@*****.**');
$this->assertEquals('*****@*****.**', fAuthorization::getUserToken());
}
public function login()
{
$username = trim(fRequest::get('username', 'string'));
$password = fRequest::get('password', 'string');
$password_hash = static::hashPassword($password);
try {
if (fRequest::get('action') == '登录') {
$user = new User($username);
if ($user->getPassword() == $password_hash) {
fAuthorization::setUserToken($user->getUsername());
fMessaging::create('success', 'Logged in successfully.');
fURL::redirect(fAuthorization::getRequestedURL(TRUE, Util::getReferer()));
} else {
throw new fValidationException('Password mismatch.');
}
} else {
if (fRequest::get('action') == '注册') {
if (strlen($username) < 4) {
throw new fValidationException('Username is too short.');
}
if (strlen($username) > 20) {
throw new fValidationException('Username is too long.');
}
if (strlen($password) < 6) {
throw new fValidationException('Password is too short.');
}
if (Util::contains('`~!@#$%^&*()-+=[]\\;\',/{}|:"<>?', $username) or preg_match('/\\s/', $username)) {
throw new fValidationException('Username is illegal.');
}
$realname = trim(fRequest::get('realname', 'string'));
$gender = trim(fRequest::get('gender', 'string'));
$school = trim(fRequest::get('school', 'string'));
$major = trim(fRequest::get('major', 'string'));
$grade = trim(fRequest::get('grade', 'integer', NULL));
$phone = trim(fRequest::get('phone', 'string'));
$qq = trim(fRequest::get('qq', 'string'));
if (strlen($realname) < 1) {
throw new fValidationException('请填写真实姓名');
}
if (strlen($gender) < 1) {
throw new fValidationException('请选择性别');
}
if (strlen($phone) < 1) {
throw new fValidationException('请填写手机号码');
}
try {
$user = new User($username);
throw new fValidationException('User already exists.');
} catch (fNotFoundException $e) {
$user = new User();
$user->setUsername($username);
$user->setPassword($password_hash);
$user->store();
try {
$profile = new Profile($username);
} catch (fNotFoundException $e) {
$profile = new Profile();
$profile->setUsername($username);
}
$profile->setRealname($realname);
$profile->setGender($gender);
$profile->setSchool($school);
$profile->setMajor($major);
$profile->setGrade($grade);
$profile->setPhoneNumber($phone);
$profile->setQq($qq);
$profile->store();
fAuthorization::setUserToken($user->getUsername());
fMessaging::create('success', 'Registered successfully.');
Util::redirect('/email/verify');
}
}
}
} catch (fException $e) {
fMessaging::create('error', $e->getMessage());
fURL::redirect(fAuthorization::getRequestedURL(TRUE, Util::getReferer()));
}
}
$action = fRequest::get('action');
// --------------------------------- //
if ('log_out' == $action) {
fAuthorization::destroyUserInfo();
fSession::destroy();
fMessaging::create('success', User::makeUrl('login'), 'You were successfully logged out');
fURL::redirect(User::makeUrl('login'));
// --------------------------------- //
} else {
if (!fAuthorization::checkLoggedIn()) {
if (fRequest::isPost()) {
try {
$user = new User(array('username' => fRequest::get('username')));
$valid_pass = fCryptography::checkPasswordHash(fRequest::get('password'), $user->getPassword());
if (!$valid_pass) {
throw new fValidationException('The login or password entered is invalid');
}
fAuthorization::setUserToken($user->getEmail());
fAuthorization::setUserAuthLevel($user->getRole());
fSession::set('user_id', $user->getUserId());
fSession::set('user_name', $user->getUsername());
fURL::redirect(fAuthorization::getRequestedURL(TRUE, 'index.php'));
} catch (fExpectedException $e) {
fMessaging::create('error', fURL::get(), $e->getMessage());
}
}
include VIEW_PATH . '/log_in.php';
} else {
fURL::redirect('index.php');
}
}
/**
* Attempt to login, and register through fAuthorization when successful.
*
* @throws sfNotFoundException When no user by provided username exists
* @throws sfBadPasswordException When the given password fails to match
*
* @param string $username Username for attempted login
* @param string $password Provided password to match
* @return boolean True when successful
*/
public static function login($username, $password)
{
$login_attempt = sfCore::make('sfUser');
// will throw sfNotFoundException if not available
$login_attempt->loadByUsername($username);
if (!$login_attempt->matchPassword($password)) {
throw new sfBadPasswordException();
return;
}
fAuthorization::setUserAuthLevel($login_attempt->getLevel());
fAuthorization::setUserToken($username);
static::evaluateSession();
return true;
}
