public function process_login_fb() { $email = $_SESSION['sementara']['admin_email']; $fbid = $_SESSION['sementara']['admin_fb_id']; if ($fbid == "" || $email == "") { Redirect::loginFailed(); } $arr = $this->getWhere("admin_email = '{$email}' AND admin_fb_id='{$fbid}' AND admin_aktiv = 1 "); if (count($arr) > 0) { //load by login ID $obj = $arr[0]; $row = toRow($obj); $this->fill($row); if (isset($this->admin_id)) { $_SESSION["admin_session"] = 1; $_SESSION["account"] = $obj; //Update setlastlogin self::setLastUpdate($_SESSION["account"]->admin_id); //lanjut //loading metadata $meta = new AccountMeta(); $meta->getMeta($this->admin_id); //now loading roles $this->loadRole(); //set cookie Auth::setCookie($this->rememberme, $this->admin_id, $this->admin_email, $this->admin_password); //kalau sukses if (Auth::isLogged()) { //load school setting // $ss = new Schoolsetting(); // $ss->loadToSession(); //redirect //Account::setRedirection (); $acl = new AccountLogin(); Hook::processHook($acl->login_hook); //login hook doesnt seem to work =>bypass $qp = new QuizPoints(); $qp->getPoints(); $qp->saveUnsaved(); Redirect::firstPage(); } else { Redirect::loginFailed(); } } else { return 0; } } }
<?php // Страница авторизации //include ("auth.class.php"); include_once 'auth.class.php'; if (isset($_GET['out']) && $_GET['out'] == 1) { setcookie("id", "", 0, '/'); setcookie("hash", "", 0, '/'); // header("Location: check.php"); exit(); } if (isset($_POST['submit'])) { # Вытаскиваем из БД запись, у которой логин равняеться введенному $login = $_POST['login']; $password = $_POST['password']; $auth = new Auth(); $data = $auth->getUserDataByLogin($login); # Сравниваем пароли if ($data['password'] === $auth->getHash($password)) { $auth->setCookie($data['id']); header("Location: /chat/check.php"); exit; } else { print "Вы ввели неправильный логин/пароль"; } } include 'login.html';
function __autoload($class) { include 'lib/' . $class . '.php'; } $view = empty($_GET['page']) ? 'Autorization' : $_GET['page']; switch ($view) { case 'Autorization': $objAuth = new Auth($_POST); if ($objAuth->getCookie()) { header("Location: Templates/new.php"); } if ($objAuth->getSession()) { header("Location: Templates/new.php"); } $objAuth->getUser(); $objAuth->setCookie(); $objAuth->setSession(); if ($objAuth->comparePassword()) { header("Location: Templates/new.php"); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $error = $objAuth->getError(); } include 'Templates\\template.php'; break; case 'reg': $objReg = new Reg($_POST); $objReg->getUser(); $objReg->comparePassword(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $error = $objReg->getError();
/** * Sets the current selected project for the user session. * If rememner is NULL, then existing value is attempted to autodetect from existing cookie * * @param int $prj_id The project ID * @param bool $remember Whether to automatically remember the setting or not */ public static function setProjectCookie($prj_id, $remember = null) { // try to preserve "remember" from existing cookie if ($remember === null) { $cookie = self::getProjectCookie(); $remember = $cookie ? (bool) $cookie['remember'] : false; } $cookie = self::generateProjectCookie($prj_id, $remember); Auth::setCookie(APP_PROJECT_COOKIE, $cookie, APP_PROJECT_COOKIE_EXPIRE); $_COOKIE[APP_PROJECT_COOKIE] = $cookie; }
// +----------------------------------------------------------------------+ // | Authors: João Prado Maia <*****@*****.**> | // +----------------------------------------------------------------------+ require_once dirname(__FILE__) . '/../init.php'; $tpl = new Template_Helper(); $tpl->setTemplate('main.tpl.html'); Auth::checkAuthentication(APP_COOKIE); $prj_id = Auth::getCurrentProject(); $role_id = Auth::getCurrentRole(); $usr_id = Auth::getUserID(); // redirect partners to list.php instead of sanitizing this page if (User::isPartner($usr_id)) { Auth::redirect('list.php'); } if (isset($_REQUEST['hide_closed'])) { Auth::setCookie(APP_HIDE_CLOSED_STATS_COOKIE, $_REQUEST['hide_closed'], time() + Date_Helper::YEAR); $_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE] = $_REQUEST['hide_closed']; } if (isset($_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE])) { $hide_closed = $_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE]; } else { $hide_closed = 0; } $tpl->assign('hide_closed', $hide_closed); if ($role_id == User::getRoleID('customer')) { $crm = CRM::getInstance($prj_id); // need the activity dashboard here $contact_id = User::getCustomerContactID($usr_id); $customer_id = Auth::getCurrentCustomerID(); $tpl->assign(array('contact' => $crm->getContact($contact_id), 'customer' => $crm->getCustomer($customer_id))); } else {
public function identify() { if (!$this->id) { $this->id = Auth::validateCookie(); $this->load($this->id); // Log::debug( "cookie: ". $this->id ); } $this->identifyConnections(); if ($this->id) { foreach ($this->identifiedConnections as $id => $user) { if (isset($this->connections[$id])) { Log::debug("identified {$id}, already linked in store"); // TODO: compare connections and only load remote data if old is missing // $storedConnection = $this->connections[$id]; // Identified user // Re-link connection to ensure the latest data is used (especially access token) $user->loadRemoteData(); $user->verifyToken(); $user->link($this->id); // Use identified connection, it is the latest $this->connections[$id] = $user; } else { Log::debug("identified {$id}, store link"); // Identified user $user->loadRemoteData(); $user->link($this->id); $this->connections[$id] = $user; } } } else { if (count($this->identifiedConnections)) { $possibleUsers = array(); foreach ($this->identifiedConnections as $id => $user) { $possibleUsers = array_merge($possibleUsers, $user->kikiUserIds()); } $possibleUsers = array_unique($possibleUsers); $n = count($possibleUsers); switch ($n) { case 0: Log::debug("register new user for found connections"); // Register new user. Use random password, user must change it // (and set email) before he/she can login with just a local ID. $this->storeNew(uniqid(), uniqid()); Auth::setCookie($this->id); // Link the connection $user->loadRemoteData(); $user->link($this->id); $this->connections[] = $user; break; case 1: // deducted user, rerun self so unknown connections can be stored $this->id = $possibleUsers[0]; $this->load(); Log::debug("deducted user " . $this->id . " recalling identify to check for unstored connections"); Auth::setCookie($this->id); $this->identify(); return; break; default: Log::debug("cannot detect user, multiple candidates"); Log::debug(print_r($this->identifiedConnections, true)); // cannot detect user, multiple candidates } } else { // Log::debug( "no user, no connections" ); } } // Log::debug( "id: ". $this->id ); }
<?php // Страница авторизации include "auth.class.php"; if (isset($_POST['submit'])) { # Вытаскиваем из БД запись, у которой логин равняеться введенному //$query = mysql_query("SELECT user_id, user_password FROM users WHERE user_login='******'login'])."' LIMIT 1"); //$data = mysql_fetch_assoc($query); $login = $_POST['login']; $password = $_POST['password']; $auth = new Auth($login, $password); $data = $auth->getUserData(); # Соавниваем пароли if ($data['user_password'] === $auth->getHash($password)) { $auth->setCookie($data['user_id']); # Переадресовываем браузер на страницу проверки нашего скрипта header("Location: check.php"); exit; } else { print "Вы ввели неправильный логин/пароль"; } } ?> <span>Войти как</span> <form method="POST"> Логин <input name="login" type="text">Пароль <input name="password" type="password">Не прикреплять к IP(не безопасно) <input type="checkbox" name="not_attach_ip"><br> <br /><input name="submit" type="submit" value="Войти"></form> <div><a href="register.php">Регистрация</a></div>
public function verifyAction() { $this->status = 200; $this->template = 'pages/default'; $this->title = _("Verify account"); $template = new \Kiki\Template('content/account-verify'); $errors = array(); $warnings = array(); $user = \Kiki\Core::getUser(); $token = isset($_GET['token']) ? $_GET['token'] : null; if (empty($token)) { $errors[] = "Auth token missing."; } else { // Get user by auth token. $verifyUserId = $user->getIdByToken($token); if (!$verifyUserId) { $errors[] = "Invalid auth token. Auth tokens expire. [Send new verification e-mail]"; } else { $verifyUser = new \Kiki\User($verifyUserId); $verifyUser->setIsVerified(true); $verifyUser->save(); if ($user->id() && $user->id() != $verifyUser->id()) { $warnings[] = sprintf("Because you verified account <strong>%s</strong> (%d), you are no longer logged in as <strong>%s</strong> (%d).", $verifyUser->email(), $verifyUser->id(), $user->email(), $user->id()); } else { Auth::setCookie($verifyUser->id()); $user = $verifyUser; \Kiki\Core::setUser($verifyUser); $mainTemplate = \Kiki\Template::getInstance(); $mainTemplate->assign('user', $user->templateData()); } } } $template->assign('warnings', $warnings); $template->assign('errors', $errors); $this->content = $template->fetch(); return true; }