Example #1
0
 function login()
 {
     $code = '';
     if (isset($_GET['code'])) {
         $code = $_GET['code'];
     }
     if (!isset($_SESSION)) {
         session_start();
     }
     $token_url = "https://graph.facebook.com/oauth/access_token?" . "client_id=" . FB_APP . "&redirect_uri=" . urlencode(FB_URL) . "&client_secret=" . FB_SECRET . "&code=" . $code;
     $response = file_get_contents($token_url);
     $params = null;
     parse_str($response, $params);
     $_SESSION['access_token'] = $params['access_token'];
     $graph_url = "https://graph.facebook.com/me?access_token=" . $_SESSION['access_token'];
     $fb_user = json_decode(file_get_contents($graph_url));
     $user = new User();
     //adding the fb_id to the existing email and login
     if (!$user->checkLogin($fb_user->email)) {
         $user->id = $user->getIDByEmail($fb_user->email);
         $user->username = $user->getUsername();
         $user->addFBID($fb_user->id);
         $user->fb_id = $fb_user->id;
         $auth = new SlideWikiAuth($user);
         $auth->login();
         echo "<script> top.location.href='" . BASE_PATH . "'</script>";
     } else {
         $this->set('fb_user', $fb_user);
     }
 }
Example #2
0
 public function actionLogin()
 {
     $login = '';
     $pass = '';
     if (isset($_POST['ok'])) {
         $login = $_POST['login'];
         $pass = $_POST['pass'];
         $errors = FALSE;
         if (!User::checkPass($pass)) {
             $errors[] = 'Пароль не должен быть меньше 6-ти символов';
         }
         if (!User::checkLogin($login)) {
             $errors[] = 'Логин не должен быть меньше 4-х символов';
         }
         $userId = User::checkUserData($login, $pass);
         if ($userId == FALSE) {
             $errors[] = 'Не верные логин и пароль';
         } else {
             User::auth($userId);
             header("location:/st/main/");
         }
     }
     require_once ROOT . '/views/user/auth.php';
     return TRUE;
 }
Example #3
0
function User_auth()
{
    if (User::checkLogin('kerin', 'wrongpassword') === true) {
        echo "correct!";
    } else {
        echo "not correct!";
    }
}
Example #4
0
 public function login($network = '')
 {
     $this->network = $network;
     $this->setContentType("text/plain");
     $this->setRedirectUrl();
     $this->setPopupCallback();
     $config = $this->get_hybrid_auth_config();
     $hybridauth = new Hybrid_Auth($config);
     if ($this->network == 'facebook') {
         $this->auth = $hybridauth->authenticate("Facebook");
     } elseif ($this->network == 'linkedin') {
         $this->auth = $hybridauth->authenticate("LinkedIn");
     } elseif ($this->network == 'twitter') {
         $this->auth = $hybridauth->authenticate("Twitter");
     } elseif ($this->network == 'google') {
         $this->auth = $hybridauth->authenticate("Google");
     } else {
         $this->redirect('/');
     }
     $is_user_logged_in = $this->auth->isUserConnected();
     $this->user = $this->auth->getUserProfile();
     $u = new User();
     if ($u->checkLogin()) {
         $this->setProfile();
     } else {
         if (!$this->do_login()) {
             if ($this->do_register()) {
                 if ($this->do_login()) {
                     $this->setProfile();
                 }
             }
         }
     }
     if ($popupCallback = $this->getPopupCallback()) {
         $this->setContentType('text/html');
         $this->set('popupCallback', $popupCallback);
     } else {
         $this->externalRedirect($this->getRedirectUrl());
     }
 }
Example #5
0
            header("location:select.php");
            //管理员
        }
    }
    exit;
}
if (isset($_POST['login'])) {
    require_once dirname(dirname(__FILE__)) . '/lib/cls_captcha.php';
    /*	$validator = new captcha();
    		if (!$validator->check_word($_POST['captcha']))
    		{
    			echo "<script>alert('captcha error!');history.back();</script>";
    			exit;
    		}*/
    //
    $bRet = User::checkLogin($_POST['userId'], $_POST['pwd']);
    $rank = User::getByName($_POST['userId']);
    if ($bRet == true) {
        if ($rank['F_RANK'] == 1 || $rank['F_RANK'] == 3) {
            $arrayList = array(date('Y-m-d H:i:s', time()), date('Y-m-d H:i:s', time()), $_SERVER['REMOTE_ADDR'], $_POST['userId']);
            $bRet = User::updataStatus($arrayList);
            if ($bRet == true) {
                //获取待处理的箱门
                $waitDeal = DataDetails::getNeedData();
                //获取处理完成的箱门
                $dealed = DataDetails::getDealed();
                //获取处理的历时记录
                $hisDeal = DataDetails::getHistoryDeal();
                $_SESSION['userId'] = $_POST['userId'];
                $smarty->assign("waitDeal", $waitDeal);
                $smarty->assign("dealed", $dealed);
Example #6
0
if ($userFound === 1) {
    // if login organization is different to organization of config file then create new session variables
    if ($organizationId != $gCurrentOrganization->getValue('org_id')) {
        // read organization of config file with their preferences
        $gCurrentOrganization->readDataById($organizationId);
        $gPreferences = $gCurrentOrganization->getPreferences();
        // read new profile field structure for this organization
        $gProfileFields->readProfileFields($organizationId);
        // save new organization id to session
        $gCurrentSession->setValue('ses_org_id', $organizationId);
        $gCurrentSession->save();
    }
    try {
        // create user object
        $gCurrentUser = new User($gDb, $gProfileFields, $userRow['usr_id']);
        if ($gCurrentUser->checkLogin($password, $bAutoLogin)) {
            // show successful login message
            $login_message = 'SYS_LOGIN_SUCCESSFUL';
            // bei einer Beta-Version noch einen Hinweis ausgeben !
            if (ADMIDIO_VERSION_BETA > 0 && !$gDebug) {
                $login_message = 'SYS_BETA_VERSION';
            }
            // falls noch keine Forward-Url gesetzt wurde, dann nach dem Login auf die Startseite verweisen
            if (!array_key_exists('login_forward_url', $_SESSION)) {
                $_SESSION['login_forward_url'] = $g_root_path . '/' . $gPreferences['homepage_login'];
            }
            // bevor zur entsprechenden Seite weitergeleitet wird, muss noch geprueft werden,
            // ob der Browser Cookies setzen darf -> sonst kein Login moeglich
            $location = 'Location: ' . $g_root_path . '/adm_program/system/cookie_check.php?message_code=' . $login_message;
            header($location);
            exit;
Example #7
0
		$password = isset($_POST['password']) ? $_POST['password'] : '';

		//数据合法性判断
		if(empty($username) || empty($password)){
			//用户信息不全
			redirect('login.html',3,'用户名和密码都不能为空!');
		}

		//判断通过,做登录验证
		//连接数据库
		//connect();
		//创建表对象
		$user_obj = new User();

		//调用函数
		if($user = $user_obj->checkLogin($username,$password)){
			//登录成功
			//修改用户的登录状态
			//如果要判断,发现错误的话应该是将错误写入到日志文件
			$user_obj->updateStatus($user['u_id'],1);

			//进入到系统首页
			//将当前登录用户的ID传给index.php界面,后续处理
			redirect('index.php?id=' . $user['u_id'],2,'登录成功!');
		}else{
			//登录失败
			redirect('login.html',3,'用户名或者密码错误!');
		}

	}else{
		//回到登陆界面
Example #8
0
    $_SESSION['Output'] = null;
}
if (isset($_GET["register"])) {
    handle_registration($Db);
    exit;
} elseif (isset($_GET["resetPassword"])) {
    if (isset($_POST['email'])) {
        $user->resetPassword($_POST['email']);
        redirect("/" . $_SESSION['redirect']);
    } else {
        echo resetPasswordForm();
        insert_header("Jackknife Password Reset");
        echo "<a class=\"smalllink\" href=\"index.php\">[api input]</a>&nbsp;</body></html>";
    }
}
if (isset($_GET['login'])) {
    if (isset($_POST["user"]) && isset($_POST["pass"]) && isset($_GET['login'])) {
        if ($user->checkLogin($_POST["user"], $_POST["pass"])) {
            redirect("/" . $_SESSION['redirect']);
            // logged in OK, redirect to last page
            exit;
        } else {
            fatal_error("Invalid Username or Password");
            exit;
        }
    } else {
        insert_header("Jackknife Login");
        echo get_login_form() . "&nbsp;<a class=\"smalllink\" href=\"index.php\">[api input]</a>&nbsp;</body></html>";
        exit;
    }
}
Example #9
0
<?php

defined('C5_EXECUTE') or die("Access Denied.");
if (!User::isLoggedIn()) {
    User::checkUserForeverCookie();
}
if (User::isLoggedIn()) {
    // check to see if this is a valid user account
    $u = new User();
    if (!$u->checkLogin()) {
        $u->logout();
        $v = View::getInstance();
        $v->setTheme(VIEW_CORE_THEME);
        if (!$u->isActive()) {
            Loader::controller('/login')->redirect("/login", "account_deactivated");
        } else {
            $v->render("/user_error");
        }
    }
}
Example #10
0
            while ($setting = $result->fetch_assoc()) {
                $settings[$setting['setting_name']] = $setting['setting_value'];
            }
            $result->free();
        } else {
            // Redirect to installation page
            header('Location: ' . HOME_URL . 'install.php');
            die('Could not fetch the settings from the database (' . $db->connect_errno . ') ' . $db->connect_error);
        }
    }
    fetchSettings();
    /**
     * INITIALZE CLASSES AND STUFF
     */
    $rc = new rcon\Base();
    $rc->ip = decrypt($settings['server_ip']);
    $rc->port = (int) decrypt($settings['server_admin_port']);
    $rc->pwd = decrypt($settings['server_rcon_password']);
    // User class
    $user = new User($db, $config);
    // Log class
    $log = new Log($db, $config);
    // BattlefieldTools API class
    $api = new Api\Base();
    $api->setUser(decrypt($settings['api_username']));
    $api->setKey(decrypt($settings['api_key']));
    // If user is logged in, then fetch the user
    if ($user->checkLogin()) {
        $userInfo = $user->fetchUser();
    }
}
Example #11
0
<?php
	require_once getenv("DOCUMENT_ROOT")."/lib/config.php";
	require_once("User.php");
	$login = $_POST["login"];
	$pass = (md5($_POST["password"]));
	$user = new User($login, $pass);
	if($user->checkLogin() != false){
		header("Location: /registration.php?log=error");
	}
	else{
		$user->addUser();
		session_start();
		$_SESSION["login"] = $login;
		$_SESSION["pass"] = $pass;
		/*setcookie("login",$login);
		setcookie("pass",$pass);*/
		header("Location: /successreg.php?login=$login");
	}
?>
Example #12
0
    // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
        header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
    }
    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
        header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
    }
}
$app->post('/login', function () use($user, $app) {
    $user->login();
});
$app->get('/login', function () use($user, $app) {
    $user->checkLogin();
});
$app->get('/logout', function () use($user, $app) {
    $user->logout();
});
$app->post('/brands', function () use($brand, $app) {
    if (isset($_SESSION['app']) && isset($_COOKIE['app'])) {
        $brand->newBrand();
    } else {
        echo "<script>window.location='../../'</script>";
    }
});
$app->post('/brands/updateImage', function () use($brand, $app) {
    if (isset($_SESSION['app']) && isset($_COOKIE['app'])) {
        $brand->updateImage();
    } else {
Example #13
0
    define('_DBHOST', $dsn['DB_HOST']);
    define('_DBNAME', $dsn['DB_NAME']);
    define('_DSN', _DBTYPE . '://' . _DBUSER . ':' . _DBPASS . '@' . _DBHOST . '/' . _DBNAME);
    $_SESSION['dsn'] = _DSN;
    $_SESSION['current_lang'] = $_REQUEST['lang'];
    if (substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 6, 2) != "de") {
        $_SESSION['current_lang'] = "en";
    } else {
        $_SESSION['current_lang'] = "de";
    }
}
$_SESSION['translate'] = new Translate("../conf/lang/Messages.properties");
$_SESSION['template'] = new HTML_Template_IT(TEMPLATE_DIR);
$_SESSION['template']->loadTemplateFile(TEMPLATE_DIR . "template.tpl");
$template =& $_SESSION['template'];
User::checkLogin($template, $_SESSION['dsn']);
//$template->setVariable("PROJECTS", Project::getList($template, $_SESSION['dsn']));
Project::getList($template, $_SESSION['dsn']);
if (!empty($_REQUEST['getfile'])) {
    $file = $_REQUEST['getfile'];
    if (!stristr($file, "..")) {
        Download::download($file, "../../dist/");
    }
}
if (!empty($_REQUEST['getdoc'])) {
    $file = $_REQUEST['getdoc'];
    if (!stristr($file, "..")) {
        Download::download($file, "../../doc/");
    }
}
switch ($_REQUEST['lang']) {
Example #14
0
$pageData->addCSS("css/img.css");
$pageData->addScript("js/lightbox.js");
$pageData->addScript("js/editor.js");
//load navigatio
//$pageData->content = include_once "views/admin/admin-navigation.php";
//establsh databse connection
$dbInfo = "mysql:host=localhost;dbname=simple_blog";
$dbUser = "******";
$dbPassword = "******";
$db = new PDO($dbInfo, $dbUser, $dbPassword);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
include_once "models/User.class.php";
$admin = new User();
//load the login controller, which will show the login form
$pageData->content = (include_once "controllers/admin/login.php");
//add a new if statement
//show admin module only if user is logged in
if ($admin->checkLogin()) {
    $pageData->content .= (include_once "views/admin/admin-navigation.php");
    $navigationIsClicked = isset($_GET['page']);
    if ($navigationIsClicked) {
        $controller = $_GET['page'];
    } else {
        $controller = "entries";
    }
    $pathToController = "controllers/admin/{$controller}.php";
    $pageData->content .= (include_once $pathToController);
}
//show the page
$page = (include_once "views/page.php");
echo $page;
Example #15
0
                   AND mem_rol_id     = rol_id
                   AND mem_begin     <= \'' . DATE_NOW . '\'
                   AND mem_end        > \'' . DATE_NOW . '\'
                   AND rol_valid      = 1
                       ' . $sqlWebmaster . '
                   AND rol_cat_id     = cat_id
                   AND cat_org_id     = ' . $gCurrentOrganization->getValue('org_id');
     $result = $gDb->query($sql);
     $userFound = $gDb->num_rows($result);
     $userRow = $gDb->fetch_array($result);
     if ($userFound === 1) {
         // create object with current user field structure und user object
         $gProfileFields = new ProfileFields($gDb, $gCurrentOrganization->getValue('org_id'));
         $gCurrentUser = new User($gDb, $gProfileFields, $userRow['usr_id']);
         // check login. If login failed an exception will be thrown
         $gCurrentUser->checkLogin($password, false, false);
     } else {
         $message = '
             <div class="alert alert-danger alert-small" role="alert">
                 <span class="glyphicon glyphicon-exclamation-sign"></span>
                 <strong>' . $gL10n->get('INS_WEBMASTER_LOGIN_FAILED') . '</strong>
             </div>';
         showNotice($message, 'update.php', $gL10n->get('SYS_BACK'), 'layout/back.png', true);
     }
 } catch (AdmException $e) {
     $message = '
         <div class="alert alert-danger alert-small" role="alert">
             <span class="glyphicon glyphicon-exclamation-sign"></span>
             <strong>' . $e->getText() . '</strong>
         </div>';
     showNotice($message, 'update.php', $gL10n->get('SYS_BACK'), 'layout/back.png', true);
Example #16
0
         $message = '
             <div class="alert alert-danger alert-small" role="alert">
                 <span class="glyphicon glyphicon-exclamation-sign"></span>
                 <strong>' . $gL10n->get('SYS_LOGIN_USERNAME_PASSWORD_INCORRECT') . '</strong>
             </div>';
         showNotice($message, 'update.php', $gL10n->get('SYS_BACK'), 'layout/back.png', true);
     } else {
         $userRow = $userStatement->fetch();
         // create object with current user field structure und user object
         $gProfileFields = new ProfileFields($gDb, $gCurrentOrganization->getValue('org_id'));
         $gCurrentUser = new User($gDb, $gProfileFields, $userRow['usr_id']);
         // check login data. If login failed an exception will be thrown.
         // Don't update the current session with user id and don't do a rehash of the password
         // because in former versions the password field was to small for the current hashes
         // and the update of this field will be done after this check.
         $checkLoginReturn = $gCurrentUser->checkLogin($password, false, false, false, true);
         if (is_string($checkLoginReturn)) {
             $message = '
                 <div class="alert alert-danger alert-small" role="alert">
                     <span class="glyphicon glyphicon-exclamation-sign"></span>
                     <strong>' . $gL10n->get($checkLoginReturn) . '</strong>
                 </div>';
             showNotice($message, 'update.php', $gL10n->get('SYS_BACK'), 'layout/back.png', true);
         }
         // else continue with code below
     }
 }
 // setzt die Ausfuehrungszeit des Scripts auf 2 Min., da hier teilweise sehr viel gemacht wird
 // allerdings darf hier keine Fehlermeldung wg. dem safe_mode kommen
 @set_time_limit(300);
 $mainVersion = substr($installedDbVersion, 0, 1);
Example #17
0
} else {
    // if login organization is different to organization of config file then create new session variables
    if ($organizationId != $gCurrentOrganization->getValue('org_id')) {
        // read organization of config file with their preferences
        $gCurrentOrganization->readDataById($organizationId);
        $gPreferences = $gCurrentOrganization->getPreferences();
        // read new profile field structure for this organization
        $gProfileFields->readProfileFields($organizationId);
        // save new organization id to session
        $gCurrentSession->setValue('ses_org_id', $organizationId);
        $gCurrentSession->save();
    }
    $userRow = $userStatement->fetch();
    // create user object
    $gCurrentUser = new User($gDb, $gProfileFields, $userRow['usr_id']);
    $checkLoginReturn = $gCurrentUser->checkLogin($password, $bAutoLogin);
    if (is_string($checkLoginReturn)) {
        $gMessage->show($gL10n->get($checkLoginReturn));
    } else {
        // show successful login message
        $loginMessage = 'SYS_LOGIN_SUCCESSFUL';
        // bei einer Beta-Version noch einen Hinweis ausgeben !
        if (ADMIDIO_VERSION_BETA > 0 && !$gDebug) {
            $loginMessage = 'SYS_BETA_VERSION';
        }
        // falls noch keine Forward-Url gesetzt wurde, dann nach dem Login auf die Startseite verweisen
        if (!array_key_exists('login_forward_url', $_SESSION)) {
            $_SESSION['login_forward_url'] = $g_root_path . '/' . $gPreferences['homepage_login'];
        }
        // bevor zur entsprechenden Seite weitergeleitet wird, muss noch geprueft werden,
        // ob der Browser Cookies setzen darf -> sonst kein Login moeglich
Example #18
0
如"/nologin/","/nologin/aaa/"
*/
$no_need_login_page = array("/block.php", "/panel/login.php", "/panel/logout.php");
//如果不需要登录就可以访问的话
$action_url = Common::getActionUrl();
if (OSAdmin::checkNoNeedLogin($action_url, $no_need_login_page)) {
    //for login.php logout.php etc....
} else {
    //else之后 需要验证登录信息
    if (empty($_SESSION[UserSession::SESSION_NAME])) {
        $user_id = User::getCookieRemember();
        if ($user_id > 0) {
            User::loginDoSomething($user_id);
        }
    }
    User::checkLogin();
    User::checkActionAccess();
    $current_user_info = UserSession::getSessionInfo();
    //如果非ajax请求
    if (stripos($_SERVER['SCRIPT_NAME'], "/ajax") === false) {
        //显示菜单、导航条、模板
        $sidebar = SideBar::getTree();
        //是否显示quick note
        if ($current_user_info['show_quicknote']) {
            OSAdmin::showQuickNote();
        }
        $menu = MenuUrl::getMenuByUrl(Common::getActionUrl());
        Template::assign('page_title', $menu['menu_name']);
        Template::assign('content_header', $menu);
        Template::assign('sidebar', $sidebar);
        Template::assign('current_module_id', $menu['module_id']);
Example #19
0
        }
        if (!XML_RPC_decode($rsp->value())) {
            $this->failed = true;
            $this->logout();
            return false;
        }
        $result = array("username" => $username, "password" => $password);
        $this->setSession(&$result, $remember);
        return true;
    }
    function checkRemembered($cookie)
    {
        list($username, $cookie) = @unserialize($cookie);
        if (!$username or !$cookie) {
            return;
        }
        $req = new XML_RPC_Value(array("sut_username" => new XML_RPC_Value($username, 'string'), "sut_cookie" => new XML_RPC_Value($cookie, 'string')), 'struct');
        $msg = new XML_RPC_Message('checkRemembered', array($req));
        $rsp = $this->xmlrpc->send($msg);
        if (hasErrors($rsp)) {
            return;
        }
        $this->setSession($rsp, true);
    }
}
if (!isset($_SESSION['uid'])) {
    session_defaults();
}
$user = new User();
$user->checkLogin($_POST['username'], $_POST['password'], true);
header('location:index.php');
Example #20
0
<?php

require_once 'Connections.php';
require_once 'models/User.php';
require_once 'models/Spot.php';
(new Database())->reinstall();
$_POST["login"] = "******";
$_POST["pass"] = "******";
$_POST["email"] = "*****@*****.**";
User::createUser();
User::login();
assert(User::checkLogin());
$id = Spot::createSpot();
echo "spot id:" . $id;
$spot = Spot::getSpotById($id);
assert($spot->id == $id);
Example #21
0
    die;
}
$referer = @$_SERVER['HTTP_REFERER'];
if ($_POST) {
    $username = Util::getPost('username');
    $password = Util::getPost('password');
    $autologin = Util::getPost('autologin');
    $requesturi = Util::getPost('requesturi');
    if (!$username) {
        $error = 'No username given';
        $app->render('login.html', array('error' => $error));
    } elseif (!$password) {
        $error = 'No password given';
        $app->render('login.html', array('error' => $error));
    } elseif ($username && $password) {
        $check = User::checkLogin($username, $password);
        if ($check) {
            // Success
            User::setLogin($username, $password, $autologin);
            $ignoreUris = array('/register/', '/login/', '/logout/');
            if (isset($requesturi) && !in_array($requesturi, $ignoreUris)) {
                $app->redirect($requesturi);
            } else {
                $app->redirect('/');
            }
        } else {
            $error = 'No such user exists, try again';
            $app->render('login.html', array('error' => $error));
        }
    }
} else {
Example #22
0
 static function testUser()
 {
     $user = new User();
     $logout = User::logout();
     $_POST["user"] = self::generateRandomString();
     $_POST["pass"] = self::generateRandomString();
     $_POST["email"] = self::generateRandomString();
     if ($register = User::createUser()) {
         echo 'CREATE USER: <font color="green">Stworzono uzytkownika o id: ' . $register . ' Dane: ' . $_POST["user"] . ' Haslo: ' . $_POST["pass"] . '</font></br>';
     } else {
         echo 'CREATE USER: <font color="red">ERROR!</font>';
     }
     $login = User::login();
     $id = User::getUID();
     if ($login == true) {
         echo 'LOGIN: <font color="green">Zalogowano, twoje UID: ' . $id . '</font></br>';
     } else {
         echo '<font color="red">LOGIN: ERROR!</font></br>';
         return false;
     }
     if (User::checkLogin()) {
         echo 'CHECK LOGIN: <font color="green">Zalogowany</font></br>';
     } else {
         echo 'CHECK LOGIN: <font color="red">Niezalogowany</font></br>';
         return false;
     }
     if ($delete = User::deleteUser() == true) {
         echo 'DELETE USER: <font color="green">Usunieto uzytkownika</font></br>';
     } else {
         echo 'DELETE USER: <font color="red">ERROR</font></br>';
         return false;
     }
     User::logout();
     if (!isset($_SESSION["uid"])) {
         echo 'LOGOUT: <font color="green">Wylogowano!</font></br>';
     } else {
         echo 'LOGOUT: <font color="red">ERROR!</font></br>';
         return false;
     }
     return true;
 }