Example #1
0
    session_destroy();
    $app->redirect('login');
});
$app->post('/login', function () use($app) {
    //block ip
    if (AUTH::is_block()) {
        $app->redirect('login');
    }
    $post = $app->request()->post();
    if (isset($post['uid']) && isset($post['pwd'])) {
        $uid = $post['uid'];
        $pwd = $post['pwd'];
        if ($uid == '' || $pwd == '') {
            $app->redirect('login');
        }
        $auth = new AUTH($uid);
        if ($auth->login($pwd) === true) {
            $_SESSION['auth'] = true;
            $_SESSION['auth_uid'] = $uid;
            $app->applyHook('account.login_success', $uid);
            $app->redirect('./');
        } else {
            if ($auth->acc_flag == 'locked') {
                $app->applyHook('account.log', array($uid, 'locked'));
            } else {
                $app->applyHook('account.login_failed', $uid);
            }
        }
    }
    $app->redirect('login');
});
Example #2
0
        $opt[$item->option_key] = $item->option_value;
    }
    $tpl['option'] = $opt;
    $info = unserialize($user->acc_company);
    if (is_array($info)) {
        while ($k = key($info)) {
            $tpl['info_' . $k] = $info[$k];
            next($info);
        }
    }
    $app->render('profile.html', $tpl);
});
$app->post('/ajax_save_pwd', function () use($app) {
    $post = $app->request()->post();
    $auth = new AUTH($_SESSION['auth_uid']);
    if ($auth->login($post['old_pwd'])) {
        if ($post['new_pwd'] != $post['confirm_pwd']) {
            $msg = array('class' => 'error', 'msg' => '兩次輸入的密碼不同');
        } else {
            $rt = $auth->setpwd($post['new_pwd']);
            if ($rt) {
                $msg = array('class' => 'success', 'msg' => '變更密碼完成');
            } else {
                $msg = array('class' => 'error', 'msg' => '變更失敗');
            }
        }
    } else {
        $msg = array('class' => 'error', 'msg' => '舊密碼錯誤');
    }
    $app->render('_notice.html', $msg);
});
Example #3
0
<?php

include_once $_SERVER['DOCUMENT_ROOT'] . '/xtracks-app/bootstrap.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    try {
        AUTH::login($_POST['user_name'], $_POST['user_pass']);
        //redirect to account screen
        header('location: /overview/');
    } catch (Exception $e) {
        $error['user'] = sprintf('<div class="error">%s</div>', $e->getMessage());
    }
    $html['user_name'] = htmlentities($_POST['user_name'], ENT_QUOTES, 'UTF-8');
}
info_top();
?>
	<form method="post" action="">
		<input type="hidden" name="token" value="<?php 
echo $_SESSION['token'];
?>
"/>
		<table cellspacing="0" cellpadding="5" style="margin: 0px auto;" >
			<?php 
if ($error['token']) {
    printf('<tr><td colspan="2">%s</td></tr>', $error['token']);
}
?>
			<tr>
				<td>Username:</td>
				<td><input id="user_name" type="text" name="user_name" value="<?php 
echo $html['user_name'];
?>