PHP Database::getDatabaseConnection Examples

Example #1

File: Login.class.php Project: k0nd0r/seclab-www

 public function __construct(Database $db)
 {
     $this->connection = $db->getDatabaseConnection();
     // get the previously opened database connection
     if ($this->connection) {
         // if connection previously successfully established do normal actions
         session_start();
         // create or pick up established php session
         # check:
         if (isset($_SESSION['HTTP_USER_AGENT'])) {
             // checks to see if User Agent has changed during the login session.
             if ($_SESSION['HTTP_USER_AGENT'] != hash('sha512', $_SERVER['HTTP_USER_AGENT'] . "aX56kIx53KSil9xu")) {
                 $this->messages[] = "You have switched your user agent.";
                 $this->doLogout();
             }
         } else {
             $_SESSION['HTTP_USER_AGENT'] = hash('sha512', $_SERVER['HTTP_USER_AGENT'] . "aX56kIx53KSil9xu");
         }
         if (isset($_GET["logout"])) {
             // logout if user clicked on logout
             $this->doLogout();
         } elseif (!empty($_SESSION['timeout_time']) && time() > $this->timeout_time + $_SESSION['timeout_time']) {
             // check if timout has been reached and proceed to logout.
             # debugging:
             #$this->messages[] = "login time ".$_SESSION['timeout_time']." and ".time();
             $this->messages[] = "Session has timed out. You have been logged out.";
             $this->doLogout();
         } elseif (!empty($_SESSION['user_name']) && $_SESSION['user_logged_in'] == 1) {
             // log in with session data, if authenticated session is running
             $this->loginWithSessionData();
         } elseif (!empty($_SERVER['SSL_CLIENT_S_DN_CN'])) {
             $this->loginWithCertificate();
         } elseif (isset($_POST["login"])) {
             // attempt log in if user has entered both username and password
             if (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {
                 # check:
                 # regenerate session ID on every new login. protects against session ID fixation attacks.
                 session_regenerate_id();
                 $this->loginWithPostData();
             } elseif (empty($_POST['user_name'])) {
                 $this->errors[] = "Username field was empty.";
             } elseif (empty($_POST['user_password'])) {
                 $this->errors[] = "Password field was empty.";
             }
         }
     } else {
         // catch broken database connection. will redirect to not_logged_in.php from index.php again.
         $this->errors[] = "No database connection.";
     }
     #if (isset($_COOKIE['user_name'])) { // set the display value on the not_logged_in.php page into the username form field
     #	$this->view_user_name = strip_tags($_COOKIE["user_name"]);
     #} else {
     #	$this->view_user_name = "Username";
     #}
 }