public function requestformAction() { $tokenObj = new TokenGenerator(); try { $userID = $this->_getParam("userID"); $token = $tokenObj->getToken($userID); $this->view->pToken = DataFormat::hexstr($token->pToken); $this->view->timestamp = $token->timestamp; $warmupObj = new Warmup(); $warmupObj->warmup($userID); } catch (Exception $e) { print_r($e); } $this->view->formaction = "/billing/bill"; $this->render('billingex'); }
private function generateToken() { //get from memcached first $key = $this->getCachedKey(); $dataToken = $this->_cache->getTokenCache($key); if ($dataToken == FALSE) { $tokenObj = new TokenGenerator(); $token = $tokenObj->getToken($this->userID); $pToken = DataFormat::hexstr($token->pToken); $this->view->pToken = $pToken; $dataToken = array('billstat' => 0, 'tokenkey' => $pToken); //billstat:0-chua xac nhan,1-hoan thanh xac nhan $this->_cache->setTokenCache($key, $dataToken); return true; } else { if ($dataToken['billstat'] == "1") { return false; } $this->view->pToken = $dataToken['tokenkey']; return true; } }
public function handleLOGIN($params) { global $dbConn; $username = $params['username']; $password = $params['password']; $username = $dbConn->real_escape_string($username); $password = $dbConn->real_escape_string($password); /* * We need to get the user's salt based on his username in order to * continue with his password authentication. */ $result = $dbConn->query("SELECT * FROM `accounts` WHERE `username`='{$username}';"); $salt = ""; $storedHash = ""; /* We get the salt and the stored hash. */ if ($result) { /* We ensure that the username exists. */ if ($result->num_rows > 0) { $row = $result->fetch_array(); $salt = $row["salt"]; $storedHash = $row["password"]; $hashedPassword = hash("sha256", $salt . $password . $salt); if ($hashedPassword != $storedHash) { $this->addError("Invalid credentials"); return; } } else { $this->addError("Invalid credentials"); return; } } //Generate new token. $tokenGen = new TokenGenerator($username); $token = $tokenGen->getToken(); if (!TokenGenerator::checkExpired($token)) { //if token has not expired set the variable to the token, and return it to the user. $this->returnData["token"] = $token; $this->token = $token; } else { //if the token has expired show a friendly message to the user and log him out. $this->addError("Your token has expired or does not exist, please login again."); $this->handleLOGOUT(["token" => $token]); } }