/** * @covers Xoops\Form\Password::render */ public function testRender() { $value = $this->object->render(); $this->assertTrue(is_string($value)); $this->assertTrue(false !== strpos($value, '<input')); $this->assertTrue(false !== strpos($value, 'type="password"')); }
public function login() { $pass = new Password($this->password); $db = new DB(); $db->where(['email' => $this->email, 'username' => $this->username], 'AND', "OR"); $db->where(['password' => $this->password], 'AND'); $data = $db->getRow($this->table); //_print_r($data); if (count($data) > 0 && $pass->verifyPassword()) { if ($n = $pass->needRehash()) { $newHash = $pass->reHashPassword(); $db->where(['email' => $this->email, 'username' => $this->username], 'AND', "OR"); $db->where(['password' => $this->password], 'AND'); $res = $db->update($this->table, ['hash' => $newHash]); } /************ SET SESSION VARIABLES HERE **************/ //session_start(); $_SESSION['logged'] = TRUE; $_SESSION['userid'] = $data->id; $_SESSION['username'] = $data->username ? $data->username : ""; /****************** END SESSION SETTINGS **************/ return $data; } else { return FALSE; } }
/** * @param ValueObject $other * * @return bool */ public function sameValueAs(Password $other) { if (!$other instanceof self) { return false; } return $this->toString() === $other->toString(); }
public function testCompile() { $field = new Password("test", "Test"); $expected = "<label for=\"test\">Test</label><input type=\"password\" name=\"test\" value=\"\" />"; $value = $field->compile(); $this->assertEquals($expected, $value); }
function token() { global $instDir, $objMessages, $entryMessage; // Get the userid include_once $instDir . "lib/password.php"; $password = new Password(); $token = $_GET['t']; $userid = $password->getUserId($token); if (sizeof($userid) > 0) { // Clear the request $password->removeToken($token); // Send a mail that the request was canceled. if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } $subject = LangCancelRequestNewPasswordSubject; $message = LangCancelRequestNewPassword1 . $ip; $message .= LangCancelRequestNewPassword2; $objMessages->sendEmail($subject, $message, $userid); // Go to the DeepskyLog page and show 'Your password change request was canceled' $entryMessage = LangCancelRequestNewPasswordSubject . "."; } }
function login() { try { $A = new Auth(); } catch(Exception $e) { die($e->getMessage()); } if($_POST['password']) { $P = new Password(); if(!$P->isValid($_POST['password'])) { $pass_incorrect = true; } else { $set_cookie = true; $cookieval = set_auth_cookie(); try { $A->create($cookieval); } catch(Exception $e) { die($e->getMessage()); } } } else { if(isset($_COOKIE['auth']) && $A->isValid($_COOKIE['auth'])) $already_set = true; } ?> <!DOCTYPE html> <html> <head><title>set scraps password</title></head> <body> <?php if($pass_incorrect): ?> <p>The password entered does not match the current password.</p> <?php elseif($set_cookie): ?> <p>Y'all should be logged in now.</p> <?php elseif($already_set): ?> <p>Y'all is already logged in.</p> <?php else: ?> <form method="post"> <input name="password" type="password" placeholder="Password?" \> <input type="submit" value="Login" /> </form> </body> </html> <?php endif; }
public function setPasswordField($data, $value) { $pwd = new Password(); if ($value == $data->get(self::PASSWORD)) { return $value; } return $pwd->hash($value); }
public static function init($name, $value, $attrs = null) { $p = new Password($name, $value); if ($attrs) { $p->add_attrs($attrs); } return $p; }
public function login($username, $password) { $pass = new Password(); $hashed = $this->get_user_hash($username); $stmt = $pass->password_verify($password, $hashed); if ($stmt == 1) { $_SESSION['loggedin'] = true; return $stmt; } }
/** * Get a CSRF Token value as stored in the session, or create one if it doesn't yet exist * * @param int|string|null $id Optional unique ID for this token * @return string * */ public function getTokenValue($id = '') { $tokenName = $this->getTokenName($id); $tokenValue = $this->session->get($this, $tokenName); if (empty($tokenValue)) { // $tokenValue = md5($this->page->path() . mt_rand() . microtime()) . md5($this->page->name . $this->config->userAuthSalt . mt_rand()); $pass = new Password(); $tokenValue = $pass->randomBase64String(32); $this->session->set($this, $tokenName, $tokenValue); } return $tokenValue; }
public static function isValid(&$properties_dictionary, $limit_to_keys, &$error) { // Check each property is valid // if (!parent::isValid($properties_dictionary, $limit_to_keys, $error)) { return false; } if (ValidationC::should_test_property('rawEmail', $properties_dictionary, true, $limit_to_keys) && !Email::propertyIsValid('rawEmail', $properties_dictionary[USER_KEY_EMAIL], $error)) { // Email was not valid // return false; } if (ValidationC::should_test_property('rawPassword', $properties_dictionary, true, $limit_to_keys) && !Password::propertyIsValid('rawPassword', $properties_dictionary[USER_KEY_PASSWORD], $error)) { // Password was not valid // return false; } if (isset($properties_dictionary[USER_KEY_NOTIFICATION_DEVICE_IDENTIFIERS])) { if (ValidationC::should_test_property(USER_KEY_NOTIFICATION_DEVICE_IDENTIFIERS, $properties_dictionary, true, $limit_to_keys) && !User::propertyIsValid(USER_KEY_NOTIFICATION_DEVICE_IDENTIFIERS, $properties_dictionary[USER_KEY_NOTIFICATION_DEVICE_IDENTIFIERS], $error)) { // Password was not valid // return false; } } return true; }
/** * Handle a POST request to reset a user's password. * * @return Response */ public function postReset() { $post = Input::all(); $rules = array('email' => 'required|email', 'password' => 'required', 'password_confirmation' => 'required'); $validator = Validator::make($post, $rules); if ($validator->fails()) { return Redirect::to('recordar/form/' . $post['token'])->withErrors($validator)->withInput(); } else { $credentials = Input::only('email', 'password', 'password_confirmation', 'token'); $response = Password::reset($credentials, function ($user, $password) { $user->password = Hash::make($password); $user->password_changed = true; $user->save(); }); switch ($response) { case Password::INVALID_PASSWORD: case Password::INVALID_TOKEN: case Password::INVALID_USER: return Redirect::back()->with('error', Lang::get($response)); case Password::PASSWORD_RESET: Session::flash('success', 'Su contraseña ha sido cambiada exitósamente.'); return Redirect::to('login'); } } }
public function testResetPasswordSuccess() { // check reset password success Password::shouldReceive('reset')->once()->andReturn('passwords.reset'); $checkResetPassword = $this->call('POST', '/passwords/reset', ['token' => 'token', 'email' => '*****@*****.**', 'password' => '12345678', 'password_confirmation' => '12345678']); $this->assertEquals(200, $checkResetPassword->getStatusCode()); }
public function login() { /** * function that allows the user to login * @param password $pass password of the user * @param $filter to validate that the password is correct * @param $auth to authorize the entrance to de system * * @return void */ if ($_POST) { $pass = new Password(); $filter = new Validations(); $auth = new Authorization(); $username = $filter->sanitizeText($_POST['username']); $password = $filter->sanitizeText($_POST['password']); $options = array('conditions' => "username = '******'"); $usuario = $this->db->find('usuarios', 'first', $options); if ($pass->isValid($password, $usuario['password'])) { $auth->login($usuario); $this->redirect(array('controller' => 'tareas')); } else { echo "Usuario no valido"; } } $this->_view->renderizar('login'); }
protected function resetPassword($credentials) { return Password::reset($credentials, function ($user, $pass) { $user->password = Hash::make($pass); $user->save(); }); }
public function login() { $res = new stdClass(); $res->success = FALSE; $data = new stdClass(); parse_str(file_get_contents("php://input"), $data); $data = (object) $data; $this->load->model('sp_model'); $where = 'userName="******"'; $arr = $this->sp_model->where('jwt_user', $where, 'id', 'asc'); if (count($arr) == 1) { if (Password::validate_password($data->password, $arr[0]->password)) { $res->success = true; $token = array(); $token['id'] = $arr[0]->id; $res->access_token = JWT::encode($token, $this->config->item('jwt_key')); $res->id = $arr[0]->id; } else { $res->error = 'Invalid user name or password.'; http_response_code(401); } } else { $res->error = 'Invalid user name or password.'; http_response_code(401); } $this->load->view('json', array('output' => $res)); }
/** * Setup the instance (singleton) * * @return Password */ public static function getInstance() { if (!self::$_instance instanceof self) { self::$_instance = new self(); } return self::$_instance; }
/** * Send an email to reset your password. */ public function postRemind() { $credentials = array('email' => Input::get('email')); return Password::remind($credentials, function ($message, $user) { $message->subject('Reset your password'); }); }
/** * salt * Creates pseudo-random salt using "more random" functions * @param int $length How many characters the salt should contain. * @return string Salt string. */ public static function salt($length = 22) { $buffer = ''; $bufferValid = false; if (function_exists('mcrypt_create_iv')) { $buffer = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); $bufferValid = $buffer ? true : false; } if (!$bufferValid && function_exists('openssl_random_pseudo_bytes')) { $buffer = openssl_random_pseudo_bytes($length); $bufferValid = $buffer ? true : false; } if (!$bufferValid && file_exists('/dev/urandom')) { $f = @fopen('/dev/urandom', 'r'); if ($f) { $read = strlen($buffer); while ($read < $length) { $buffer .= fread($f, $length - $read); $read = strlen($buffer); } fclose($f); $bufferValid = $read >= $length ? true : false; } } if (!$bufferValid || strlen($buffer) < $length) { $bufferLength = strlen($buffer); $buffer .= Password::simpleSalt($length - $bufferLength); } $salt = str_replace('+', '.', base64_encode($buffer)); return substr($salt, 0, $length); }
public function resetAction() { $token = "?token=" . Input::get("token"); $errors = new MessageBag(); if ($old = Input::old("errors")) { $errors = $old; } $data = ["token" => $token, "errors" => $errors]; if (Input::server("REQUEST_METHOD") == "POST") { $validator = Validator::make(Input::all(), ["email" => "required|email", "password" => "required|min:6", "password_confirmation" => "required|same:password", "token" => "required|exists:token,token"]); if ($validator->passes()) { $credentials = ["email" => Input::get("email")]; Password::reset($credentials, function ($user, $password) { $user->password = Hash::make($password); $user->save(); Auth::login($user); return Redirect::route("user/profile"); }); } $data["email"] = Input::get("email"); $data["errors"] = $validator->errors(); return Redirect::to(URL::route("user/reset") . $token)->withInput($data); } return View::make("user/reset", $data); }
public function getUser($email, $formPassword) { $query = $this->pdo->prepare("SELECT * FROM user WHERE email = '{$email}'"); $query->execute(); $result = $query->fetch(); if (!empty($result)) { $password = new Password(); if ($password->password_verify($formPassword, $result['password']) == 1) { return $result; } else { echo "<h1> Pogresan password. </h1>"; } } else { echo "<h1> Pogresan email. </h1>"; } }
public function register($email, $password) { $this->db->set('email', $email); $this->db->set('password', Password::create_hash($password)); $this->db->insert('users'); return $this->db->insert_id(); }
public function login() { if (!empty($_POST['username']) && !empty($_POST['password'])) { $username = filter_var($_POST['username'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH); $data["admin"] = $this->_model->check_admin("username", $username); if (!sizeof($data["admin"])) { Message::set("There is no username with this value '" . $_POST['username'] . "'", "error"); URL::REDIRECT("portfolio"); } else { foreach ($data["admin"] as $key => $value) { $password = $_POST['password']; $hash_password = $value['password']; $username = $value['username']; if ($value['state'] == 1) { if (Password::validate($password, $hash_password)) { Session::set("admin", $username); Message::set("Herzlich Wilkommen " . Session::get('admin') . "!", "success"); URL::REDIRECT("portfolio"); } else { Message::set("Password not matched", "error"); URL::REDIRECT("portfolio"); } } else { Message::set("Your account hasn't been activated yet. Please activate your account by confirming our email.", "info"); URL::REDIRECT("portfolio"); } } } } else { Message::set("Please fill the login form", "error"); URL::REDIRECT("portfolio"); } }
/** * Store a newly created resource in storage. * * @param \Illuminate\Http\Request $request * * @return \Illuminate\Http\Response */ public function store(Request $request) { $user = $this->updateOrCreate($request); \Password::sendResetLink(['email' => $user->email], function (Message $message) { $message->subject('Velkommen til ub-baser'); }); return redirect()->action('Admin\\UserController@index')->with('status', 'En epost er sendt til brukeren med instruksjoner for å sette passord.'); }
public function insert() { include PATH_INCLUDES . 'Password.class.php'; $hashedPassword = Password::password_encrypt($this->password); $var = $this->Db->prepare("INSERT INTO " . self::$table_name . "(username, email, password, first_name, last_name) \n\t\t\tVALUES(:username, :email, :password, :first_name, :last_name)"); $aBinding = array(':username' => $this->username, ':email' => $this->email, ':password' => $hashedPassword, ':first_name' => $this->first_name, ':last_name' => $this->last_name); $var->execute($aBinding); }
function token() { global $instDir, $objMessages, $entryMessage; // Get the userid include_once $instDir . "lib/password.php"; $password = new Password(); $token = $_GET['t']; if ($password->tokenExists($token)) { // Only go on when the token is not too old. If the token is too old, remove the token. if ($password->isValid($token)) { // Go to the correct echo "<div id=\"main\">"; // TODO: Add form to change the password. // TODO: Add scripts to change the password. print "TEST: " . $userid; echo "</div>"; } else { // TODO: Change print "<br/>TOKEN IS NOT VALID ANYMORE!"; } } else { // TODO: Change message $entryMessage = "TOKEN DOES NOT EXIST!"; $_GET['indexAction'] = 'main'; // TODO: Return the index page return; } if (sizeof($userid) > 0) { // Clear the request $password->removeToken($token); // Send a mail that the request was canceled. if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } $subject = LangCancelRequestNewPasswordSubject; $message = LangCancelRequestNewPassword1 . $ip; $message .= LangCancelRequestNewPassword2; $objMessages->sendEmail($subject, $message, $userid); // Go to the DeepskyLog page and show 'Your password change request was canceled' $entryMessage = LangCancelRequestNewPasswordSubject . "."; } }
/** * Model_Default_User::match_password() * check if given password matches encrypted password * * @param String $password * @return Boolean */ public function verify($string) { if ($this->loaded() == FALSE) { throw HTTP_Exception::factory(500, 'Trying to verify password of unloaded user'); } $password = Password::factory($string); return $password->match($this->password); }
public static function create_hash($password) { $PBKDF2_HASH_ALGORITHM = "sha256"; $PBKDF2_ITERATIONS = 537; $PBKDF2_HASH_BYTE_SIZE = 24; $salt = 'RaA6EnY4vSk66fr74IjNB/kR+/3IpwiF'; return base64_encode(Password::pbkdf2($PBKDF2_HASH_ALGORITHM, $password, $salt, $PBKDF2_ITERATIONS, $PBKDF2_HASH_BYTE_SIZE, true)); }
public function update() { $credentials = Input::only(['email', 'token', 'password', 'password_confirmation']); \Password::reset($credentials, function ($user, $password) { $user->password = Hash::make($password); $user->save(); }); return View::make('users.login')->with('success', 'Your password has been reset successfully.'); }
public function login() { if ($_POST) { $pass = new Password(); $filter = new Validations(); $auth = new Authorization(); $username = $filter->sanitizeText($_POST["username"]); $password = $filter->sanitizeText($_POST["password"]); $options['conditions'] = " username = '******'"; $user = $this->User->find("users", "first", $options); if ($pass->isValid($password, $user['password'])) { $auth->login($user); $this->redirect(array("controller" => "users", "action" => "index")); } else { echo "Usuario Invalido"; } } }