/** * checks if login & password are correct and save the user in session. * it redirects the user to the $referer link * @param string $referer the url to redirect after login * @todo add the return value * @return boolean */ public function login($referer) { list($login, $password, $isauthenticated) = $this->credentials(); if ($login === false || $password === false) { $this->messages->add('e', _('login failed: you have to fill all fields')); Tools::logm('login failed'); Tools::redirect(); } if (!empty($login) && !empty($password)) { $user = $this->store->login($login, Tools::encodeString($password . $login), $isauthenticated); if ($user != array()) { # Save login into Session $longlastingsession = isset($_POST['longlastingsession']); $passwordTest = $isauthenticated ? $user['password'] : Tools::encodeString($password . $login); Session::login($user['username'], $user['password'], $login, $passwordTest, $longlastingsession, array('poche_user' => new User($user))); # reload l10n $language = $user['config']['language']; @putenv('LC_ALL=' . $language); setlocale(LC_ALL, $language); bindtextdomain($language, LOCALE); textdomain($language); $this->messages->add('s', _('welcome to your wallabag')); Tools::logm('login successful'); Tools::redirect($referer); } $this->messages->add('e', _('login failed: bad login or password')); // log login failure in web server log to allow fail2ban usage error_log('user ' . $login . ' authentication failure'); Tools::logm('login failed'); Tools::redirect(); } }
<?php session_start(); require "required/database.class.php"; if ($_POST['action'] != "" && $_GET['action'] != "logout") { $db = new Database(); $result = $db->login($_POST); } else { if ($_GET['action'] == "logout") { $db = new Database(); $db->logout(); } } ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Profil - <?php echo WEBSITE_NAME; ?> </title> <link rel="stylesheet" type="text/css" href="css.css"> </head> <body> <nav> <ul> <li><a href="index.php">Forside</a></li> <li><a href="list.php">Liste</a></li> <li><a href="search.php">Søk</a></li>
</nav> <div class="container text-center"> <h1>Login Page</h1> </div> <br> <!-- Main --> <?php if (isset($_POST["user_id"]) && isset($_POST["password"])) { require_once "Database.php"; $database = new Database(); $user_id = $_POST["user_id"]; $password = $_POST["password"]; $feedback = ""; $role = $database->login($user_id, $password, $feedback); if ($role != -1) { $_SESSION["user_id"] = $user_id; $_SESSION["role"] = $role; if ($role == 0) { header('Location: admin.php'); } else { header('Location: index.php'); } return; } else { showLoginForm($feedback); } } else { session_unset(); session_destroy();
<?php header('Access-Control-Allow-Origin: *'); header("Content-Type: text/json"); include_once "functions.php"; //session function are here include_once "databse.php"; if (isset($_POST["username"]) && isset($_POST["password"])) { //put values in variables $username = $_POST["username"]; $password = $_POST["password"]; $dataBase = new Database(); //inicialze the databse instance $dataBase->connect(); //connect to database echo json_encode($dataBase->login($username, $password)); $dataBase->close(); //close the database connection }
{ $now = time(); $u = null; if ($this->exists($username) === false) { $this->users->save(array('_id' => $username, 'password' => $password, 'name' => $name, 'gender' => $gender, 'email' => $email, 'created' => $now, 'modified' => $now)); $u = $this->login($username, $password); } return $u; } } $db = new Database(); if (isset($_POST['action'])) { switch ($_POST['action']) { case 'login': if (isset($_POST['username']) && isset($_POST['password'])) { if ($db->login($_POST['username'], $_POST['password'])) { header('HTTP/1.1 200 OK'); echo 'Login successful'; } else { header('HTTP/1.1 500 Bad request'); echo 'Bad credentials'; } } else { header('HTTP/1.1 500 Bad request'); echo 'Missing arguments for login'; } break; case 'create': if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['name']) && isset($_POST['email']) && isset($_POST['gender'])) { $g = $_POST['gender']; if ($g === 'male' || $g === 'female') {