public function post_issue_upload_attachment()
{
$user_id = Crypter::decrypt(str_replace(' ', '+', Input::get('session')));
Auth::login($user_id);
if (!Auth::user()->project_permission(Input::get('project_id'))) {
return Response::error('404');
}
Project\Issue\Attachment::upload(Input::all());
return true;
}
/**
* Attempt to login a user based on a long-lived "remember me" cookie.
*
* @param string $recaller
* @return mixed
*/
protected static function recall($recaller)
{
$recaller = explode('|', Crypter::decrypt($recaller));
// We'll pass the ID that was stored in the cookie into the same user
// Closure that is used by the "user" method. If the method returns
// a user, we will log them into the application.
$user = call_user_func(Config::get('auth.user'), $recaller[0]);
if (!is_null($user)) {
static::login($user);
return $user;
}
}
/**
* Авторизация
*/
public function auth()
{
$cookie = Cookie::get('zzz');
if (is_null($cookie)) {
return false;
}
$SeSData = @unserialize(Crypter::decrypt($cookie));
if (!is_array($SeSData)) {
return false;
}
if (!isset($SeSData['user_id'])) {
return false;
}
if (!isset($SeSData['user_key'])) {
return false;
}
if (!isset($SeSData['user_token'])) {
return false;
}
$user = false;
// заглушка
// Тут нужна реализованная модель пользователя
//$user = Model::get('user')->getUserByID($SeSData['user_id']);
try {
if ($user === false) {
throw new Exception();
}
if ($user['user_status'] != 'active') {
throw new Exception();
}
if ($SeSData['user_key'] != $user['user_key']) {
throw new Exception();
}
if ($SeSData['user_token'] != $user['user_token']) {
throw new Exception();
}
} catch (Exception $e) {
$this->logout();
return false;
}
$this->add('user', (object) $user);
$this->add('vars', new stdObject());
$this->is_login = true;
return true;
}
protected function decodeValue($value)
{
$value = str_replace(array('_', '-'), array('/', '+'), $value);
return \Crypter::decrypt($value);
}
<?php
// Create a Form macro which generates the fake honeypot field
// as well as the time check field
Form::macro('honeypot', function ($honey_name, $honey_time) {
return View::make("honeypot::fields", get_defined_vars());
});
// We add a custom validator to validate the honeypot text and time check fields
Validator::register('honeypot', function ($attribute, $value, $parameters) {
// We want the value to be empty, empty means it wasn't a spammer
return $value == '';
});
Validator::register('honeytime', function ($attribute, $value, $parameters) {
// The timestamp is encrypted so let's decrypt it
$value = Crypter::decrypt($value);
// The current time should be greater than the time the form was built + the speed option
return is_numeric($value) && time() > $value + $parameters[0];
});
/**
* Attempt to login a user based on a long-lived "remember me" cookie.
*
* @param string $recaller
* @return mixed
*/
protected static function recall($recaller)
{
// When the "remember me" cookie is stored, it is encrypted and contains the
// user's ID and a long, random string. The ID and string are separated by
// a pipe character. Since we exploded the decrypted string, we can just
// pass the first item in the array to the user Closure.
$recaller = explode('|', Crypter::decrypt($recaller));
if (!is_null($user = call_user_func(Config::get('auth.user'), $recaller[0]))) {
static::login($user);
return $user;
}
}
}
}
}
}
$crypter = new Crypter(MODE_ECB, 'blowfish', 'key52345346_change_it');
if (isset($_REQUEST['logon'])) {
if (isset($_POST['login']) && isset($_POST['pass'])) {
$_SESSION['login'] = $_POST['login'];
$_SESSION['pass'] = $_POST['pass'];
if (isset($_POST['remember'])) {
setcookie("login", base64_encode($crypter->encrypt($_POST['login'])), time() + 1209600);
setcookie("pass", base64_encode($crypter->encrypt($_POST['pass'])), time() + 1209600);
}
}
}
$login = isset($_SESSION['login']) ? $_SESSION['login'] : (isset($_COOKIE['login']) ? trim($crypter->decrypt(base64_decode($_COOKIE['login']))) : "");
$pass = isset($_SESSION['pass']) ? $_SESSION['pass'] : (isset($_COOKIE['pass']) ? trim($crypter->decrypt(base64_decode($_COOKIE['pass']))) : "");
$_SESSION['login'] = $login;
$_SESSION['pass'] = $pass;
$user = GetUserID($login, $pass);
$exit = isset($_GET['exit']) ? $_GET['exit'] : 0;
if (!$exit && !$user && !$login && !$pass && !isset($_REQUEST['register'])) {
$login = "******";
$pass = "******";
$user = GetUserID($login, $pass);
if ($user) {
$_SESSION['login'] = $login;
$_SESSION['pass'] = $pass;
}
}
if (!$user) {
/**
* Attempt to find a "remember me" cookie for the user.
*
* @return string|null
*/
protected function recall()
{
$cookie = Cookie::get($this->recaller());
// By default, "remember me" cookies are encrypted and contain the user
// token as well as a random string. If it exists, we'll decrypt it
// and return the first segment, which is the user's ID token.
if (!is_null($cookie)) {
return head(explode('|', Crypter::decrypt($cookie)));
}
}
/**
* Pasa de la clave cifrada a una clave de texto plano
*
*/
public function limpiarClave($clave = '')
{
$crypt = new Crypter(sfConfig::get('app_general_cifrado_usuario'));
if ($clave != "") {
$otra_clave = $crypt->decrypt($clave);
} else {
$otra_clave = $crypt->decrypt($this->getClave());
$this->setClavelimpia($otra_clave);
}
return $otra_clave;
}
