public function process_login_fb()
 {
     $email = $_SESSION['sementara']['admin_email'];
     $fbid = $_SESSION['sementara']['admin_fb_id'];
     if ($fbid == "" || $email == "") {
         Redirect::loginFailed();
     }
     $arr = $this->getWhere("admin_email = '{$email}' AND admin_fb_id='{$fbid}' AND admin_aktiv = 1 ");
     if (count($arr) > 0) {
         //load by login ID
         $obj = $arr[0];
         $row = toRow($obj);
         $this->fill($row);
         if (isset($this->admin_id)) {
             $_SESSION["admin_session"] = 1;
             $_SESSION["account"] = $obj;
             //Update setlastlogin
             self::setLastUpdate($_SESSION["account"]->admin_id);
             //lanjut
             //loading metadata
             $meta = new AccountMeta();
             $meta->getMeta($this->admin_id);
             //now loading roles
             $this->loadRole();
             //set cookie
             Auth::setCookie($this->rememberme, $this->admin_id, $this->admin_email, $this->admin_password);
             //kalau sukses
             if (Auth::isLogged()) {
                 //load school setting
                 // $ss = new Schoolsetting();
                 // $ss->loadToSession();
                 //redirect
                 //Account::setRedirection ();
                 $acl = new AccountLogin();
                 Hook::processHook($acl->login_hook);
                 //login hook doesnt seem to work =>bypass
                 $qp = new QuizPoints();
                 $qp->getPoints();
                 $qp->saveUnsaved();
                 Redirect::firstPage();
             } else {
                 Redirect::loginFailed();
             }
         } else {
             return 0;
         }
     }
 }
Example #2
0
<?php

// Страница авторизации
//include ("auth.class.php");
include_once 'auth.class.php';
if (isset($_GET['out']) && $_GET['out'] == 1) {
    setcookie("id", "", 0, '/');
    setcookie("hash", "", 0, '/');
    //	header("Location: check.php"); exit();
}
if (isset($_POST['submit'])) {
    # Вытаскиваем из БД запись, у которой логин равняеться введенному
    $login = $_POST['login'];
    $password = $_POST['password'];
    $auth = new Auth();
    $data = $auth->getUserDataByLogin($login);
    # Сравниваем пароли
    if ($data['password'] === $auth->getHash($password)) {
        $auth->setCookie($data['id']);
        header("Location: /chat/check.php");
        exit;
    } else {
        print "Вы ввели неправильный логин/пароль";
    }
}
include 'login.html';
Example #3
0
function __autoload($class)
{
    include 'lib/' . $class . '.php';
}
$view = empty($_GET['page']) ? 'Autorization' : $_GET['page'];
switch ($view) {
    case 'Autorization':
        $objAuth = new Auth($_POST);
        if ($objAuth->getCookie()) {
            header("Location: Templates/new.php");
        }
        if ($objAuth->getSession()) {
            header("Location: Templates/new.php");
        }
        $objAuth->getUser();
        $objAuth->setCookie();
        $objAuth->setSession();
        if ($objAuth->comparePassword()) {
            header("Location: Templates/new.php");
        }
        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
            $error = $objAuth->getError();
        }
        include 'Templates\\template.php';
        break;
    case 'reg':
        $objReg = new Reg($_POST);
        $objReg->getUser();
        $objReg->comparePassword();
        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
            $error = $objReg->getError();
Example #4
0
 /**
  * Sets the current selected project for the user session.
  * If rememner is NULL, then existing value is attempted to autodetect from existing cookie
  *
  * @param int $prj_id The project ID
  * @param bool $remember Whether to automatically remember the setting or not
  */
 public static function setProjectCookie($prj_id, $remember = null)
 {
     // try to preserve "remember" from existing cookie
     if ($remember === null) {
         $cookie = self::getProjectCookie();
         $remember = $cookie ? (bool) $cookie['remember'] : false;
     }
     $cookie = self::generateProjectCookie($prj_id, $remember);
     Auth::setCookie(APP_PROJECT_COOKIE, $cookie, APP_PROJECT_COOKIE_EXPIRE);
     $_COOKIE[APP_PROJECT_COOKIE] = $cookie;
 }
Example #5
0
// +----------------------------------------------------------------------+
// | Authors: João Prado Maia <*****@*****.**>                             |
// +----------------------------------------------------------------------+
require_once dirname(__FILE__) . '/../init.php';
$tpl = new Template_Helper();
$tpl->setTemplate('main.tpl.html');
Auth::checkAuthentication(APP_COOKIE);
$prj_id = Auth::getCurrentProject();
$role_id = Auth::getCurrentRole();
$usr_id = Auth::getUserID();
// redirect partners to list.php instead of sanitizing this page
if (User::isPartner($usr_id)) {
    Auth::redirect('list.php');
}
if (isset($_REQUEST['hide_closed'])) {
    Auth::setCookie(APP_HIDE_CLOSED_STATS_COOKIE, $_REQUEST['hide_closed'], time() + Date_Helper::YEAR);
    $_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE] = $_REQUEST['hide_closed'];
}
if (isset($_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE])) {
    $hide_closed = $_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE];
} else {
    $hide_closed = 0;
}
$tpl->assign('hide_closed', $hide_closed);
if ($role_id == User::getRoleID('customer')) {
    $crm = CRM::getInstance($prj_id);
    // need the activity dashboard here
    $contact_id = User::getCustomerContactID($usr_id);
    $customer_id = Auth::getCurrentCustomerID();
    $tpl->assign(array('contact' => $crm->getContact($contact_id), 'customer' => $crm->getCustomer($customer_id)));
} else {
Example #6
0
 public function identify()
 {
     if (!$this->id) {
         $this->id = Auth::validateCookie();
         $this->load($this->id);
         // Log::debug( "cookie: ". $this->id );
     }
     $this->identifyConnections();
     if ($this->id) {
         foreach ($this->identifiedConnections as $id => $user) {
             if (isset($this->connections[$id])) {
                 Log::debug("identified {$id}, already linked in store");
                 // TODO: compare connections and only load remote data if old is missing
                 // $storedConnection = $this->connections[$id];
                 // Identified user
                 // Re-link connection to ensure the latest data is used (especially access token)
                 $user->loadRemoteData();
                 $user->verifyToken();
                 $user->link($this->id);
                 // Use identified connection, it is the latest
                 $this->connections[$id] = $user;
             } else {
                 Log::debug("identified {$id}, store link");
                 // Identified user
                 $user->loadRemoteData();
                 $user->link($this->id);
                 $this->connections[$id] = $user;
             }
         }
     } else {
         if (count($this->identifiedConnections)) {
             $possibleUsers = array();
             foreach ($this->identifiedConnections as $id => $user) {
                 $possibleUsers = array_merge($possibleUsers, $user->kikiUserIds());
             }
             $possibleUsers = array_unique($possibleUsers);
             $n = count($possibleUsers);
             switch ($n) {
                 case 0:
                     Log::debug("register new user for found connections");
                     // Register new user. Use random password, user must change it
                     // (and set email) before he/she can login with just a local ID.
                     $this->storeNew(uniqid(), uniqid());
                     Auth::setCookie($this->id);
                     // Link the connection
                     $user->loadRemoteData();
                     $user->link($this->id);
                     $this->connections[] = $user;
                     break;
                 case 1:
                     // deducted user, rerun self so unknown connections can be stored
                     $this->id = $possibleUsers[0];
                     $this->load();
                     Log::debug("deducted user " . $this->id . " recalling identify to check for unstored connections");
                     Auth::setCookie($this->id);
                     $this->identify();
                     return;
                     break;
                 default:
                     Log::debug("cannot detect user, multiple candidates");
                     Log::debug(print_r($this->identifiedConnections, true));
                     // cannot detect user, multiple candidates
             }
         } else {
             // Log::debug( "no user, no connections" );
         }
     }
     // Log::debug( "id: ". $this->id );
 }
Example #7
0
<?php

// Страница авторизации
include "auth.class.php";
if (isset($_POST['submit'])) {
    # Вытаскиваем из БД запись, у которой логин равняеться введенному
    //$query = mysql_query("SELECT user_id, user_password FROM users WHERE user_login='******'login'])."' LIMIT 1");
    //$data = mysql_fetch_assoc($query);
    $login = $_POST['login'];
    $password = $_POST['password'];
    $auth = new Auth($login, $password);
    $data = $auth->getUserData();
    # Соавниваем пароли
    if ($data['user_password'] === $auth->getHash($password)) {
        $auth->setCookie($data['user_id']);
        # Переадресовываем браузер на страницу проверки нашего скрипта
        header("Location: check.php");
        exit;
    } else {
        print "Вы ввели неправильный логин/пароль";
    }
}
?>
<span>Войти как</span>
<form method="POST"> Логин <input name="login" type="text">Пароль <input name="password" type="password">Не прикреплять к IP(не безопасно) 
<input type="checkbox" name="not_attach_ip"><br> <br /><input name="submit" type="submit" value="Войти"></form>
<div><a href="register.php">Регистрация</a></div>

Example #8
0
 public function verifyAction()
 {
     $this->status = 200;
     $this->template = 'pages/default';
     $this->title = _("Verify account");
     $template = new \Kiki\Template('content/account-verify');
     $errors = array();
     $warnings = array();
     $user = \Kiki\Core::getUser();
     $token = isset($_GET['token']) ? $_GET['token'] : null;
     if (empty($token)) {
         $errors[] = "Auth token missing.";
     } else {
         // Get user by auth token.
         $verifyUserId = $user->getIdByToken($token);
         if (!$verifyUserId) {
             $errors[] = "Invalid auth token. Auth tokens expire. [Send new verification e-mail]";
         } else {
             $verifyUser = new \Kiki\User($verifyUserId);
             $verifyUser->setIsVerified(true);
             $verifyUser->save();
             if ($user->id() && $user->id() != $verifyUser->id()) {
                 $warnings[] = sprintf("Because you verified account <strong>%s</strong> (%d), you are no longer logged in as <strong>%s</strong> (%d).", $verifyUser->email(), $verifyUser->id(), $user->email(), $user->id());
             } else {
                 Auth::setCookie($verifyUser->id());
                 $user = $verifyUser;
                 \Kiki\Core::setUser($verifyUser);
                 $mainTemplate = \Kiki\Template::getInstance();
                 $mainTemplate->assign('user', $user->templateData());
             }
         }
     }
     $template->assign('warnings', $warnings);
     $template->assign('errors', $errors);
     $this->content = $template->fetch();
     return true;
 }