Example #1
0
 function createNew()
 {
     $this->load->library('form_validation');
     $this->form_validation->set_rules('username', 'Username', 'required|is_unique[user.login]');
     $this->form_validation->set_rules('password', 'Password', 'required');
     $this->form_validation->set_rules('first', 'First', "required");
     $this->form_validation->set_rules('last', 'last', "required");
     $this->form_validation->set_rules('email', 'Email', "required|is_unique[user.email]");
     if ($this->form_validation->run() == FALSE) {
         $this->load->view('account/newForm');
     } else {
         include_once $_SERVER['DOCUMENT_ROOT'] . '/securimage/securimage.php';
         $securimage = new Securimage();
         if ($securimage->check($_POST['captcha_code']) == false) {
             echo "The security code entered was incorrect.<br /><br />";
             echo "Please go <a href='javascript:history.go(-1)'>back</a> and try again.";
             exit;
         }
         $user = new User();
         $user->login = $this->input->post('username');
         $user->first = $this->input->post('first');
         $user->last = $this->input->post('last');
         $clearPassword = $this->input->post('password');
         $user->encryptPassword($clearPassword);
         $user->email = $this->input->post('email');
         $this->load->model('user_model');
         $error = $this->user_model->insert($user);
         $this->load->view('account/loginForm');
     }
 }
 public function actionRegister()
 {
     $formModel = new Registration();
     //$this->performAjaxValidation($formModel);
     if (isset($_POST['Registration'])) {
         $formModel->email = $_POST['Registration']['email'];
         $formModel->username = $_POST['Registration']['username'];
         $formModel->password = $_POST['Registration']['password'];
         $formModel->password_repeat = $_POST['Registration']['password_repeat'];
         $formModel->verification_code = $_POST['Registration']['verification_code'];
         if ($formModel->validate()) {
             $model = new User();
             if ($model->insert(CassandraUtil::uuid1(), array('email' => $_POST['Registration']['email'], 'username' => $_POST['Registration']['username'], 'password' => User::encryptPassword($_POST['Registration']['password']), 'active' => false, 'blocked' => false)) === true) {
                 echo 'Model email ' . $formModel->email . ' && username ' . $formModel->username;
                 if (!User::sendRegisterVerification($formModel->email, $formModel->username)) {
                     echo 'failed';
                 } else {
                     echo 'done';
                 }
                 die;
                 //$this->redirect(array('user/profile'));
             }
         }
     }
     $this->render('register', array('model' => $formModel));
 }
Example #3
0
 /**
  * @param User $model
  */
 public function beforeSave(&$model)
 {
     if ($model->varPassword) {
         $model->varPassword = $model->encryptPassword($model->varPassword);
     } else {
         unset($model->varPassword);
     }
 }
Example #4
0
 protected function resolvePasswordParameter(&$params)
 {
     // We have to encrypt password
     if (isset($params['data']['password']) && $params['data']['password'] != '') {
         $params['data']['hash'] = User::encryptPassword($params['data']['password']);
     }
     unset($params['data']['password']);
 }
function loginMail()
{
    $errMsg = '';
    if (!isset($_GET['email'])) {
        $errMsg .= 'email';
    }
    if (!isset($_GET['password'])) {
        if (strlen($errMsg) > 0) {
            $errMsg .= ', ';
        }
        $errMsg .= 'password';
    }
    if (strlen($errMsg) > 0) {
        // At least one of the fields is not set, so return an error
        sendMessage(ERR, 'The following required parameters are not set: [' . $errMsg . ']');
        return;
    }
    $email = $_GET['email'];
    $password = $_GET['password'];
    // Check if user exists
    $db = acquireDatabase();
    $loader = new User($db);
    try {
        $res = $loader->loadWhere('email=?', [$email]);
        if (sizeof($res) > 0) {
            $user = $res[0];
            // Check if password is correct
            $validPassword = $user->getPassword();
            $password = User::encryptPassword($password);
            if ($validPassword == $password) {
                // Login successful -> return session id
                session_start();
                $_SESSION['uid'] = $user->getId();
                $_SESSION['email'] = $user->getEmail();
                if ($user->getState() == 'FILL_DATA') {
                    sendMessage(WARN, 'Login successful. Please complete your registration.');
                } else {
                    $_SESSION['name'] = $user->getName();
                    sendMessage(OK, 'Login successful.');
                }
            } else {
                sendMessage(ERR, 'Password invalid.');
            }
        } else {
            // User doesn't exist
            sendMessage(ERR, 'User invalid.');
        }
    } catch (DbException $e) {
        sendMessage(ERR, $e->getMessage());
    }
    $db->close();
}
Example #6
0
 /**
  * Authenticates a user.
  * @return boolean whether authentication succeeds.
  */
 public function authenticate()
 {
     $user = Customer::model()->findByAttributes(array('email' => $this->username, 'status' => 1));
     if (is_null($user)) {
         $this->errorCode = self::ERROR_USERNAME_INVALID;
     } else {
         if ($user->password != User::encryptPassword($this->password, $user->salt)) {
             $this->errorCode = self::ERROR_PASSWORD_INVALID;
         } else {
             $this->errorCode = self::ERROR_NONE;
         }
     }
     return !$this->errorCode;
 }
Example #7
0
 /**
  * Authenticates a user.
  * @return boolean whether authentication succeeds.
  */
 public function authenticate()
 {
     $user = User::model()->findByAttributes(array('username' => $this->username));
     if ($user === null) {
         $this->errorCode = self::ERROR_USERNAME_INVALID;
     } else {
         if ($user->password !== User::encryptPassword($this->password)) {
             $this->errorCode = self::ERROR_PASSWORD_INVALID;
         } else {
             $this->_id = $user->id;
             $this->errorCode = self::ERROR_NONE;
         }
     }
     return !$this->errorCode;
 }
Example #8
0
 /**
  * 创建新账号
  */
 public function signup()
 {
     $user = new User();
     $user->email = $this->email;
     $user->name = $this->username;
     $user->password = $this->password;
     $user->state = param('user_required_admin_verfiy') || param('用户注册是否需要管理员审核') ? USER_STATE_UNVERIFY : USER_STATE_ENABLED;
     $user->encryptPassword();
     $result = $user->save();
     if ($result) {
         $this->afterSignup($user);
         return true;
     } else {
         return false;
     }
 }
 /**
  * Creates a new model.
  * If creation is successful, the browser will be redirected to the 'view' page.
  */
 public function actionCreate()
 {
     Yii::app()->theme = '';
     $model = new User('admin');
     // Uncomment the following line if AJAX validation is needed
     // $this->performAjaxValidation($model);
     if (isset($_POST['User'])) {
         $model->attributes = $_POST['User'];
         $model->encryptPassword($model->password);
         $model->rePassword = $model->password;
         if ($model->save()) {
             $this->redirect(array('view', 'id' => $model->id));
         }
     }
     $model->password = '';
     $model->rePassword = '';
     $this->render('create', array('model' => $model));
 }
 /**
  * @param mixed $value
  * @param string $columnName
  * @param array $columnMappingData
  * @param ImportSanitizeResultsUtil $importSanitizeResultsUtil
  * @return array|void
  */
 public function resolveValueForImport($value, $columnName, $columnMappingData, ImportSanitizeResultsUtil $importSanitizeResultsUtil)
 {
     $attributeNames = $this->getRealModelAttributeNames();
     assert('count($attributeNames) == 1');
     assert('$attributeNames[0] == "hash"');
     assert('is_string($columnName)');
     assert('is_array($columnMappingData)');
     $modelClassName = $this->getModelClassName();
     $value = ImportSanitizerUtil::sanitizeValueBySanitizerTypes(static::getSanitizerUtilTypesInProcessingOrder(), $modelClassName, 'hash', $value, $columnName, $columnMappingData, $importSanitizeResultsUtil);
     if ($value == null) {
         $mappingRuleFormClassName = 'PasswordDefaultValueModelAttributeMappingRuleForm';
         $mappingRuleData = $columnMappingData['mappingRulesData'][$mappingRuleFormClassName];
         assert('$mappingRuleData != null');
         if (isset($mappingRuleData['defaultValue'])) {
             $value = $mappingRuleData['defaultValue'];
         }
     }
     return array('hash' => User::encryptPassword($value));
 }
Example #11
0
 /**
  * Creates a new model.
  * If creation is successful, the browser will be redirected to the 'view' page.
  */
 public function actionCreate()
 {
     //create is name of scenario
     $model = new User('scenarioCreate');
     // Uncomment the following line if AJAX validation is needed
     // $this->performAjaxValidation($model);
     if (isset($_POST['User'])) {
         $model->attributes = $_POST['User'];
         $model->encryptPassword();
         $transaction = Yii::app()->db->beginTransaction();
         try {
             if ($model->save()) {
                 $successful = true;
                 if ($model->assignRolesToUser($model->id) == $successful) {
                     $transaction->commit();
                     /*if (!empty($_POST['yt1'])) 
                       {
                           Yii::app()->user->setFlash('activityGuarantee-created', "¡La actividad <b><i>&quot;$model->description&quot;</i></b> fue creada exitosamente!");
                           $model=new ActivityGuarantee;
                       }
                       else*/
                     $this->redirect(array('view', 'id' => $model->id));
                 } else {
                     $transaction->rollBack();
                 }
             }
         } catch (Exception $e) {
             $transaction->rollBack();
         }
     }
     if (Role::model()->count('active = 1') > 0) {
         $this->render('create', array('model' => $model));
     } else {
         if (Role::model()->count('active = 0') > 0) {
             throw new CHttpException('', 'Primero debes ' . CHtml::link('crear rol', array('role/create')) . ' o ' . CHtml::link('activar ', array('role/admin')) . 'algún rol' . '.');
         } else {
             throw new CHttpException('', 'Primero debes ' . CHtml::link('crear rol', array('role/create')) . '.');
         }
     }
 }
Example #12
0
 public function configure()
 {
     try {
         $val = Loader::helper('validation/form');
         $val->setData($this->post());
         $val->addRequired("SITE", t("Please specify your site's name"));
         $val->addRequiredEmail("uEmail", t('Please specify a valid email address'));
         $val->addRequired("DB_DATABASE", t('You must specify a valid database name'));
         $val->addRequired("DB_SERVER", t('You must specify a valid database server'));
         $e = Loader::helper('/validation/error');
         if (is_object($this->fileWriteErrors)) {
             $e = $this->fileWriteErrors;
         }
         if (!function_exists('mysql_connect')) {
             $e->add($this->getDBErrorMsg());
         } else {
             // attempt to connect to the database
             $db = Loader::db($_POST['DB_SERVER'], $_POST['DB_USERNAME'], $_POST['DB_PASSWORD'], $_POST['DB_DATABASE'], true);
             if ($_POST['DB_SERVER'] && $_POST['DB_DATABASE']) {
                 if (!$db) {
                     $e->add(t('Unable to connect to database.'));
                 } else {
                     $num = $db->GetCol("show tables");
                     if (count($num) > 0) {
                         $e->add(t('There are already %s tables in this database. Concrete must be installed in an empty database.', count($num)));
                     }
                 }
             }
         }
         if ($val->test() && !$e->has()) {
             if (!is_dir($this->installData['DIR_FILES_UPLOADED_THUMBNAILS'])) {
                 mkdir($this->installData['DIR_FILES_UPLOADED_THUMBNAILS']);
             }
             if (!is_dir($this->installData['DIR_FILES_INCOMING'])) {
                 mkdir($this->installData['DIR_FILES_INCOMING']);
             }
             if (!is_dir($this->installData['DIR_FILES_TRASH'])) {
                 mkdir($this->installData['DIR_FILES_TRASH']);
             }
             if (!is_dir($this->installData['DIR_FILES_CACHE'])) {
                 mkdir($this->installData['DIR_FILES_CACHE']);
             }
             if (!is_dir($this->installData['DIR_FILES_CACHE_DB'])) {
                 mkdir($this->installData['DIR_FILES_CACHE_DB']);
             }
             if (!is_dir($this->installData['DIR_FILES_AVATARS'])) {
                 mkdir($this->installData['DIR_FILES_AVATARS']);
             }
             if (isset($_POST['uPasswordForce'])) {
                 $this->installData['uPassword'] = $_POST['uPasswordForce'];
             }
             if (isset($_POST['packages'])) {
                 $this->installData['packages'] = $_POST['packages'];
             }
             $this->installDB();
             $vh = Loader::helper('validation/identifier');
             // copy the files
             $fh = Loader::helper('file');
             if ($_POST['INSTALL_SAMPLE_CONTENT']) {
                 $fh->copyAll($this->installData['DIR_BASE_CORE'] . '/config/install/files', DIR_FILES_UPLOADED);
             }
             // insert admin user into the user table
             $salt = defined('MANUAL_PASSWORD_SALT') ? MANUAL_PASSWORD_SALT : $vh->getString(64);
             if (!isset($this->installData['uPassword'])) {
                 $uPassword = rand(100000, 999999);
             } else {
                 $uPassword = $this->installData['uPassword'];
             }
             $uEmail = $_POST['uEmail'];
             $uPasswordEncrypted = User::encryptPassword($uPassword, $salt);
             UserInfo::addSuperUser($uPasswordEncrypted, $uEmail);
             if (defined('PERMISSIONS_MODEL') && PERMISSIONS_MODEL != 'simple') {
                 $setPermissionsModel = PERMISSIONS_MODEL;
             }
             if (file_exists($this->installData['DIR_CONFIG_SITE'])) {
                 $this->fp = @fopen($this->installData['DIR_CONFIG_SITE'] . '/site.php', 'w+');
                 if ($this->fp) {
                     Cache::flush();
                     if (is_array($this->installData['packages'])) {
                         foreach ($this->installData['packages'] as $pkgHandle) {
                             $p = Loader::package($pkgHandle);
                             $p->install();
                         }
                     }
                     // write the config file
                     $configuration = "<?php\n";
                     $configuration .= "define('DB_SERVER', '" . addslashes($_POST['DB_SERVER']) . "');\n";
                     $configuration .= "define('DB_USERNAME', '" . addslashes($_POST['DB_USERNAME']) . "');\n";
                     $configuration .= "define('DB_PASSWORD', '" . addslashes($_POST['DB_PASSWORD']) . "');\n";
                     $configuration .= "define('DB_DATABASE', '" . addslashes($_POST['DB_DATABASE']) . "');\n";
                     $configuration .= "define('BASE_URL', '" . $this->installData['BASE_URL'] . "');\n";
                     $configuration .= "define('DIR_REL', '" . $this->installData['DIR_REL'] . "');\n";
                     if (isset($setPermissionsModel)) {
                         $configuration .= "define('PERMISSIONS_MODEL', '" . addslashes($setPermissionsModel) . "');\n";
                     }
                     $configuration .= "define('PASSWORD_SALT', '{$salt}');\n";
                     if (is_array($_POST['SITE_CONFIG'])) {
                         foreach ($_POST['SITE_CONFIG'] as $key => $value) {
                             $configuration .= "define('" . $key . "', '" . $value . "');\n";
                         }
                     }
                     $res = fwrite($this->fp, $configuration);
                     fclose($this->fp);
                     chmod($this->installData['DIR_CONFIG_SITE'] . '/site.php', 0777);
                     // save some options into the database
                     Config::save('SITE', $_POST['SITE']);
                     // add the current app version as our site's app version
                     Config::save('SITE_APP_VERSION', $this->installData['APP_VERSION']);
                     Config::save('SITE_DEBUG_LEVEL', $this->installData['DEBUG_DISPLAY_ERRORS']);
                     Config::save('ENABLE_LOG_EMAILS', 1);
                     Config::save('ENABLE_LOG_ERRORS', 1);
                     Config::save('FULL_PAGE_CACHE_GLOBAL', 0);
                     // login
                     define('PASSWORD_SALT', $salt);
                     $u = new User($this->installData['USER_SUPER'], $uPassword);
                     $this->set('message', t('Congratulations. concrete5 has been installed. You have been logged in as <b>%s</b> with the password <b>%s</b>.<br/><br/>If you wish to change this password, you may do so from the users area of the dashboard.', $this->installData['USER_SUPER'], $uPassword));
                 } else {
                     throw new Exception(t('Unable to open config/site.php for writing.'));
                 }
             } else {
                 throw new Exception(t('Unable to locate config directory.'));
             }
         } else {
             if ($e->has()) {
                 $this->set('error', $e);
             } else {
                 $this->set('error', $val->getError());
             }
         }
     } catch (Exception $e) {
         // remove site.php so that we can try again ?
         if (is_resource($this->fp)) {
             fclose($this->fp);
         }
         if (file_exists($this->installData['DIR_CONFIG_SITE'] . '/site.php')) {
             unlink($this->installData['DIR_CONFIG_SITE'] . '/site.php');
         }
         $this->set('error', $e);
     }
 }
Example #13
0
 public function __construct()
 {
     $args = func_get_args();
     if (isset($args[1])) {
         // first, we check to see if the username and password match the admin username and password
         // $username = uName normally, but if not it's email address
         $username = $args[0];
         $password = $args[1];
         if (!$args[2]) {
             $_SESSION['uGroups'] = false;
         }
         $password = User::encryptPassword($password, PASSWORD_SALT);
         $v = array($username, $password);
         if (defined('USER_REGISTRATION_WITH_EMAIL_ADDRESS') && USER_REGISTRATION_WITH_EMAIL_ADDRESS == true) {
             $q = "select uID, uName, uIsActive, uIsValidated, uTimezone, uDefaultLanguage from Users where uEmail = ? and uPassword = ?";
         } else {
             $q = "select uID, uName, uIsActive, uIsValidated, uTimezone, uDefaultLanguage from Users where uName = ? and uPassword = ?";
         }
         $db = Loader::db();
         $r = $db->query($q, $v);
         if ($r) {
             $row = $r->fetchRow();
             if ($row['uID'] && $row['uIsValidated'] === '0' && defined('USER_VALIDATE_EMAIL_REQUIRED') && USER_VALIDATE_EMAIL_REQUIRED == TRUE) {
                 $this->loadError(USER_NON_VALIDATED);
             } else {
                 if ($row['uID'] && $row['uIsActive']) {
                     $this->uID = $row['uID'];
                     $this->uName = $row['uName'];
                     $this->uIsActive = $row['uIsActive'];
                     $this->uTimezone = $row['uTimezone'];
                     $this->uDefaultLanguage = $row['uDefaultLanguage'];
                     $this->uGroups = $this->_getUserGroups($args[2]);
                     if ($row['uID'] == USER_SUPER_ID) {
                         $this->superUser = true;
                     } else {
                         $this->superUser = false;
                     }
                     $this->recordLogin();
                     if (!$args[2]) {
                         $_SESSION['uID'] = $row['uID'];
                         $_SESSION['uName'] = $row['uName'];
                         $_SESSION['superUser'] = $this->superUser;
                         $_SESSION['uBlockTypesSet'] = false;
                         $_SESSION['uGroups'] = $this->uGroups;
                         $_SESSION['uTimezone'] = $this->uTimezone;
                         $_SESSION['uDefaultLanguage'] = $this->uDefaultLanguage;
                     }
                 } else {
                     if ($row['uID'] && !$row['uIsActive']) {
                         $this->loadError(USER_INACTIVE);
                     } else {
                         $this->loadError(USER_INVALID);
                     }
                 }
             }
             $r->free();
         } else {
             $this->loadError(USER_INVALID);
         }
     } else {
         // then we just get session info
         if (isset($_SESSION['uID'])) {
             $this->uID = $_SESSION['uID'];
             $this->uName = $_SESSION['uName'];
             $this->uTimezone = $_SESSION['uTimezone'];
             $this->uDefaultLanguage = $_SESSION['uDefaultLanguage'];
             $this->superUser = $_SESSION['uID'] == USER_SUPER_ID ? true : false;
         } else {
             $this->uID = null;
             $this->uName = null;
             $this->superUser = false;
             $this->uDefaultLanguage = null;
             $this->uTimezone = null;
         }
         $this->uGroups = $this->_getUserGroups();
         if (!isset($args[2])) {
             $_SESSION['uGroups'] = $this->uGroups;
         }
     }
     return $this;
 }
Example #14
0
		function resetUserPassword() {
			// resets user's password, and returns the value of the reset password
			$db = Loader::db();
			if ($this->uID > 0) {
				$newPassword = '';
				$salt = "abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789";
				for ($i = 0; $i < 7; $i++) {
					$newPassword .= substr($salt, rand() %strlen($salt), 1);
				}
				$v = array(User::encryptPassword($newPassword), $this->uID);
				$q = "update Users set uPassword = ? where uID = ?";
				$r = $db->query($q, $v);
				if ($r) {
					return $newPassword;
				}
			}
		}
Example #15
0
 }
 if (strlen($password) < 5) {
     $error = true;
     $oUser->addStatusMessage(_('password is too short'), 'warning');
 } elseif ($password != $confirmation) {
     $error = true;
     $oUser->addStatusMessage(_('password confirmation does not match'), 'warning');
 }
 $allreadyExists = \Ease\Shared::db()->queryToValue('SELECT id FROM user WHERE login=\'' . $oPage->EaseAddSlashes($login) . '\'');
 if ($allreadyExists) {
     $error = true;
     $oUser->addStatusMessage(sprintf(_('Given Username %s already exists'), $login), 'warning');
 }
 if ($error == false) {
     $newOUser = new User();
     $customerData = ['firstname' => $firstname, 'lastname' => $lastname, 'email' => $email_address, 'password' => $newOUser->encryptPassword($password), 'login' => $login];
     $customerID = $newOUser->insertToSQL($customerData);
     if ($customerID) {
         $newOUser->setMyKey($customerID);
         $oUser->addStatusMessage(_('Account Was Created'), 'success');
         $newOUser->loginSuccess();
         $email = $oPage->addItem(new \Ease\Mail($newOUser->getDataValue('email'), _('New LinkQuick account')));
         $email->setMailHeaders(['From' => EMAIL_FROM]);
         $email->addItem(new \Ease\Html\Div(_("Welcome to LinkQuick") . "\n"));
         $email->addItem(new \Ease\Html\Div(_('Login') . ': ' . $newOUser->getUserLogin() . "\n"));
         $email->addItem(new \Ease\Html\Div(_('Password') . ': ' . $password . "\n"));
         $email->send();
         \Ease\Shared::user($newOUser);
         //Assign newly created user as default
         $oPage->redirect('index.php');
         exit;
Example #16
0
 public function processAffiliateUser($auth)
 {
     $provider = $auth['provider'];
     $uid = $auth['uid'];
     $info = $auth['info'];
     $email = $provider . ":" . $uid;
     $username = $provider . ":" . $uid;
     if (isset($info['first_name']) and isset($info['last_name'])) {
         $first_name = $info['first_name'];
         $last_name = $info['last_name'];
     } else {
         if (isset($info['name'])) {
             $name = explode(" ", $info['name']);
             $last_name = array_pop($name);
             $first_name = implode(" ", $name);
         } else {
             $first_name = $provider . ":" . $uid;
             $last_name = " ";
         }
     }
     #check if exist user
     $user = User::findAffiliateUser($provider, $uid);
     if (!$user) {
         $user = new User();
         $user->email = $email;
         $user->username = $username;
         $user->first_name = $first_name;
         $user->last_name = $last_name;
         $user->role = 'user';
         $user->affiliation = $provider;
         if ($provider == "Facebook") {
             $user->facebook_id = $uid;
         } else {
             if ($provider == "Twitter") {
                 $user->twitter_id = $uid;
             } else {
                 if ($provider == "LinkedIn") {
                     $user->linkedin_id = $uid;
                 } else {
                     if ($provider == "Google") {
                         $user->google_id = $uid;
                     } else {
                         if ($provider == "Orcid") {
                             $user->orcid_id = $uid;
                         }
                     }
                 }
             }
         }
         #generate some credential data
         $user->password = self::generatePassword(32);
         $user->encryptPassword();
     }
     # if login with fb, activate the user
     $user->is_activated = true;
     if ($user->save(false)) {
         return $user;
     }
 }
Example #17
0
 public function getByAuth($email, $password)
 {
     $user = null;
     $password = User::encryptPassword(trim($password));
     if (strpos($email, '@') !== false) {
         $user_sql = User::Q()->getByEmail($email)->where(array('password = %s', $password));
         //$user =  User::Q()->where(array('this.email = %s', $email));
     }
     return $user_sql;
 }
 public function add_users()
 {
     // insert the default groups
     // create the groups our site users
     // have to add these in the right order so their IDs get set
     // starting at 1 w/autoincrement
     $g1 = Group::add(t("Guest"), t("The guest group represents unregistered visitors to your site."));
     $g2 = Group::add(t("Registered Users"), t("The registered users group represents all user accounts."));
     $g3 = Group::add(t("Administrators"), "");
     // insert admin user into the user table
     if (defined('INSTALL_USER_PASSWORD')) {
         $uPassword = INSTALL_USER_PASSWORD;
         $uPasswordEncrypted = User::encryptPassword($uPassword, PASSWORD_SALT);
     } else {
         $uPasswordEncrypted = INSTALL_USER_PASSWORD_HASH;
     }
     $uEmail = INSTALL_USER_EMAIL;
     UserInfo::addSuperUser($uPasswordEncrypted, $uEmail);
     $u = User::getByUserID(USER_SUPER_ID, true, false);
     Loader::library('mail/importer');
     MailImporter::add(array('miHandle' => 'private_message'));
 }
Example #19
0
 /**
  * Get the user record entry by username and password.
  *
  * @return mixed Array on success, otherwise FALSE
  */
 public function getUserByEmailAndPassword($email = null, $password = null)
 {
     if ($email == '' || $password == '') {
         return false;
     }
     $res = $this->db->one($sql = "SELECT * FROM `{$this->mySqlTablePrefix}user` WHERE `id`=:email", array(':email' => $email));
     if ($res) {
         if (password_verify($password, $res['password'])) {
             return $this->normalizeUser($res);
         } else {
             // Backwards compatibility: rehash old password
             $userObj = new User();
             if ($res['password'] == $userObj->encryptPasswordDeprecated($password)) {
                 $res['password'] = $userObj->encryptPassword($password);
                 $this->postUser($res);
                 return $this->normalizeUser($res);
             }
         }
     }
     return false;
 }
Example #20
0
     $oUser->addStatusMessage(_('Password is short'), 'warning');
 } elseif ($password != $confirmation) {
     $error = true;
     $oUser->addStatusMessage(_('Password control not match'), 'warning');
 }
 $testuser = new \Ease\User();
 $testuser->setmyKeyColumn('login');
 $testuser->loadFromSQL($oPage->EaseAddSlashes($login));
 $testuser->resetObjectIdentity();
 if ($testuser->getMyKey()) {
     $error = true;
     $oUser->addStatusMessage(sprintf(_('Username %s is already taken. Please use another.'), $login), 'warning');
 }
 if ($error == false) {
     $newOUser = new User();
     $newOUser->setData(['email' => $emailAddress, 'login' => $login, $newOUser->passwordColumn => $newOUser->encryptPassword($password), 'firstname' => $firstname, 'lastname' => $lastname]);
     $userID = $newOUser->insertToSQL();
     if (!is_null($userID)) {
         $newOUser->setMyKey($userID);
         if ($userID == 1) {
             $newOUser->setSettingValue('admin', TRUE);
             $oUser->addStatusMessage(_('Administrator\'s account created'), 'success');
             $newOUser->saveToSQL();
         } else {
             $oUser->addStatusMessage(_('User account created'), 'success');
         }
         $newOUser->loginSuccess();
         $email = $oPage->addItem(new \Ease\Mailer($newOUser->getDataValue('email'), _('New account confirmation')));
         $email->setMailHeaders(['From' => EMAIL_FROM]);
         $email->addItem(new \Ease\Html\Div("Account created:\n"));
         $email->addItem(new \Ease\Html\Div(' Login: ' . $newOUser->GetUserLogin() . "\n"));
Example #21
0
 public function join()
 {
     if (!empty($_POST)) {
         $valid = true;
         if (empty($_POST['username'])) {
             $this->message->put(Language::gettext('login-empty-required-field', 'login-form-username'));
             $valid = false;
         }
         if (empty($_POST['password'])) {
             $this->message->put(Language::gettext('login-empty-required-field', 'login-form-password'));
             $valid = false;
         }
         if (empty($_POST['repassword']) || $_POST['password'] != $_POST['repassword']) {
             $this->message->put(Language::gettext('login-empty-required-field', 'login-form-password-confirm'));
             $valid = false;
         } else {
             if ($valid) {
                 if ($_POST['password'] != $_POST['repassword']) {
                     $this->message->put(Language::gettext('login-required-password-confirm'));
                     $valid = false;
                 }
             }
         }
         if (empty($_POST['full_name'])) {
             $this->message->put(Language::gettext('login-empty-required-field', 'login-form-username'));
             $valid = false;
         }
         if (empty($_POST['gender'])) {
             $this->message->put(Language::gettext('login-empty-required-field', 'login-form-gender'));
             $valid = false;
         }
         if (empty($_POST['dob'])) {
             $this->message->put(Language::gettext('login-empty-required-field', 'login-form-dob'));
             $valid = false;
         }
         if (empty($_POST['sin'])) {
             $this->message->put(Language::gettext('login-empty-required-field', 'login-form-sin'));
             $valid = false;
         }
         if (empty($_POST['email']) || !Validator::email($_POST['email'])) {
             $this->message->put(Language::gettext('login-empty-required-field', 'login-form-email'));
             $valid = false;
         }
         if (empty($_POST['phone_home']) && empty($_POST['phone_cell']) && empty($_POST['phone_work'])) {
             $this->message->put(Language::gettext('login-required-contact-info'));
             $valid = false;
         }
         if ($valid) {
             $session_user = Session::get(Session::USER);
             $user = new User($_POST);
             $user->created = $session_user->created;
             $user->last = time();
             $user->access = User::MEMBER;
             $user->password = User::encryptPassword($_POST['password'], $_POST['username']);
             $user->update();
         }
         if (!empty($user->user_id)) {
             Session::set(Session::USER, $user);
         }
     }
     if (!empty($user->user_id) && Session::isLoggedIn()) {
         $this->followup();
     } else {
         unset($_POST['username']);
         unset($_POST['password']);
         $this->login();
     }
 }
Example #22
0
 function createNew()
 {
     include_once $_SERVER['DOCUMENT_ROOT'] . '/tanks/securimage/securimage.php';
     $securimage = new Securimage();
     if ($securimage->check($_POST['captcha_code']) == false) {
         // the code was incorrect
         // you should handle the error so that the form processor doesn't continue
         // or you can use the following code if there is no validation
         echo "The security code entered was incorrect.<br /><br />";
         echo "Please go <a href='javascript:history.go(-1)'>back</a> and try again.";
         exit;
     }
     $this->load->library('form_validation');
     $this->form_validation->set_rules('username', 'Username', 'required|is_unique[user.login]');
     $this->form_validation->set_rules('password', 'Password', 'required');
     $this->form_validation->set_rules('first', 'First', "required");
     $this->form_validation->set_rules('last', 'last', "required");
     $this->form_validation->set_rules('email', 'Email', "required|is_unique[user.email]");
     if ($this->form_validation->run() == FALSE) {
         $this->load->view('account/newForm');
     } else {
         //FIXME: notify user on success
         $user = new User();
         $user->login = $this->input->post('username');
         $user->first = $this->input->post('first');
         $user->last = $this->input->post('last');
         $clearPassword = $this->input->post('password');
         $user->encryptPassword($clearPassword);
         $user->email = $this->input->post('email');
         $this->load->model('user_model');
         $this->user_model->insert($user);
         $this->load->view('account/loginForm');
     }
 }
Example #23
0
 function createNew()
 {
     $this->load->library('form_validation');
     $this->form_validation->set_rules('username', 'Username', 'required|is_unique[user.login]');
     $this->form_validation->set_rules('password', 'Password', 'required');
     $this->form_validation->set_rules('first', 'First Name', "required");
     $this->form_validation->set_rules('last', 'Last Name', "required");
     $this->form_validation->set_rules('email', 'Email', "required|is_unique[user.email]");
     // captcha code securimage
     $this->form_validation->set_rules('captcha_code', 'Captcha', "required|callback_verifyCaptcha");
     if ($this->form_validation->run() == FALSE) {
         $this->load->view('account/newForm');
     } else {
         $user = new User();
         $user->login = $this->input->post('username');
         $user->first = $this->input->post('first');
         $user->last = $this->input->post('last');
         $clearPassword = $this->input->post('password');
         $user->encryptPassword($clearPassword);
         $user->email = $this->input->post('email');
         $this->load->model('user_model');
         $error = $this->user_model->insert($user);
         $this->load->view('account/loginForm');
     }
 }
Example #24
0
 include "includes/protection.php";
 if ($actpass != null) {
     remhtml($actpass);
 }
 if ($newpass != null) {
     remhtml($newpass);
 }
 if ($renewpass != null) {
     remhtml($renewpass);
 }
 if (!$partOf) {
     echo "<p class=\"error\">" . T_("You must be the manager of this group") . ".</p>";
 } else {
     if ($actpass != null && $newpass != null && $renewpass != null && valid($actpass, 20) && valid($newpass, 20) && valid($renewpass, 20)) {
         //Change the password
         $passencrypt = $user->encryptPassword($actpass);
         $Query = "select manager from " . TABLE_PREFIX . "groups where group_id=" . $group_id . " and password='******'";
         $dbResult = $dblink->query($Query);
         $count = 0;
         while ($row =& $dbResult->fetchRow(DB_FETCHMODE_ASSOC)) {
             $count++;
         }
         if ($count == 0) {
             echo "<p class=\"error\">" . T_("The actual password is incorrect") . ".</p>";
         } else {
             if ($newpass != $renewpass) {
                 echo "<p class=\"error\">" . T_("The new password does not match in both fields") . ".</p>";
             } else {
                 $newpassencrypt = sha1($newpass);
                 $Query = "update " . TABLE_PREFIX . "groups set password='******' where group_id='" . $group_id . "'";
                 $AffectedRows = $dblink->exec($Query);
Example #25
0
 /**
  * @depends testCreateUser
  */
 public function testUpdateUser()
 {
     $super = User::getByUsername('super');
     Yii::app()->user->userModel = $super;
     $authenticationData = $this->login();
     $headers = array('Accept: application/json', 'ZURMO_SESSION_ID: ' . $authenticationData['sessionId'], 'ZURMO_TOKEN: ' . $authenticationData['token'], 'ZURMO_API_REQUEST_TYPE: REST');
     $user = User::getByUsername('diggy011');
     $redBeanModelToApiDataUtil = new RedBeanModelToApiDataUtil($user);
     $compareData = $redBeanModelToApiDataUtil->getData();
     $user->forget();
     $data['firstName'] = "John";
     $data['password'] = "******";
     $response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/users/user/api/update/' . $compareData['id'], 'PUT', $headers, array('data' => $data));
     $response = json_decode($response, true);
     $this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']);
     // We need to unset some empty values from response and dates.
     unset($response['data']['modifiedDateTime']);
     unset($compareData['modifiedDateTime']);
     unset($response['data']['lastLoginDateTime']);
     unset($compareData['lastLoginDateTime']);
     $compareData['firstName'] = "John";
     ksort($compareData);
     ksort($response['data']);
     $this->assertEquals($compareData, $response['data']);
     // Check if password is updated
     RedBeanModel::forgetAll();
     $updatedUser = User::getByUsername('diggy011');
     $this->assertEquals(User::encryptPassword($data['password']), $updatedUser->hash);
     $response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/users/user/api/read/' . $user->id, 'GET', $headers);
     $response = json_decode($response, true);
     $this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']);
     unset($response['data']['modifiedDateTime']);
     unset($response['data']['lastLoginDateTime']);
     ksort($response['data']);
     $this->assertEquals($compareData, $response['data']);
 }
Example #26
0
?>
<h2><?php 
echo T_("Forgot password");
?>
</h2>
<?php 
$user = new User();
// Get the user s input from the form
$aname = $_POST['aname'];
$email = $_POST['email'];
if ($aname != null && $email != null) {
    include 'conn.php';
    //Generate a new pass with a random hash
    $newpass = uniqid(rand());
    $domain = $_SERVER['REMOTE_ADDR'];
    $passencrypt = $user->encryptPassword($newpass);
    $Query = "update " . TABLE_PREFIX . "session set pass='******' where name='{$aname}'";
    $AffectedRows = $dblink->exec($Query);
    if ($AffectedRows == 1) {
        $mailheaders = "From: " . WEBSITE_NAME . " Support <> \r\n";
        // Please change to your email (for support, abuse or anything else)
        $mailheaders .= "Reply-To: support@getboo.com\r\n";
        $emailmsg = sprintf(T_("There has been a password change request.\n\nYour account information is:\n\n--------\nUsername: %s\nPassword: %s\n--------\n\nPlease keep this information.\nOnce you log in with the new password, you can change it in your settings.\n\nIf you didn't ask for a new password, please forward this message to: abuse@getboo.com\nIP address of the user requesting a new password: {$domain}\n\nSincerely,\n" . WEBSITE_NAME), $aname, $newpass);
        //Message in case the php mail function doesn't work
        $dieMessage = str_replace("\n", "<br>", $emailmsg);
        @mail($email, sprintf(T_("New password for your %s account"), WEBSITE_NAME), $emailmsg, $mailheaders) or die("<p class=\"notice\">" . T_("Could not send the email: Here is a copy of the email") . ":</p><p>{$dieMessage}</p>");
        echo "<p class=\"success\">" . T_("New password generated") . "!</p><p>" . T_("Please check your email and log in with the new password") . ".<br>\n" . T_("The email is already sent, but with some free email providers, it might take a few hours") . ".</p>";
    } else {
        echo "<p class=\"error\">" . T_("Could not store the new password") . ".</p>\n";
    }
} else {
    die('Contraseña vacía');
}
if ($id == '') {
    die('Ha ocurrido un error con su invitación. Por favor intentelo de nuevo.');
}
//Comprobar que el e-mail es unico
$sqlEmail = "select count(idUser) from `User` where emailAddress='{$e}'";
$result = mysqli_query($con, $sqlEmail);
$row = mysqli_fetch_array($result);
if ($row[0] > 0) {
    die('Error: E-mail ya registrado');
}
//Comprobar que el e-mail es unico
$sqlEmail = "SELECT (idGroup) FROM `Invitation` WHERE email='{$e}' AND idInvitation = {$id} AND expireDate > NOW()";
$result = mysqli_query($con, $sqlEmail);
$count = mysqli_num_rows($result);
$row = mysqli_fetch_array($result);
if ($count == 0) {
    die('No se encuentra su invitación o ha caducado, por favor solicite otra o puede registrarse.');
}
$idGroup = $row[0];
mysqli_close($con);
//Crea objeto usuario y llama a la funcion insertar
$user = new User(array('userName' => $u, 'emailAddress' => $e, 'plaintextPassword' => $p));
$user->encryptPassword();
$user->insert();
$user->createLoginSession();
$grupo = new Group();
$grupo->id = $idGroup;
$grupo->insertUser($e);
echo 'success';
Example #28
0
	public function configure() {	
		try {

			$val = Loader::helper('validation/form');
			$val->setData($this->post());
			$val->addRequired("SITE", t("Please specify your site's name"));
			$val->addRequiredEmail("uEmail", t('Please specify a valid email address'));
			$val->addRequired("DB_DATABASE", t('You must specify a valid database name'));
			$val->addRequired("DB_SERVER", t('You must specify a valid database server'));
			
			$password = $_POST['uPassword'];
			$passwordConfirm = $_POST['uPasswordConfirm'];

			$e = Loader::helper('validation/error');
			$uh = Loader::helper('concrete/user');
			$uh->validNewPassword($password, $e);
	
			if ($password) {
				if ($password != $passwordConfirm) {
					$e->add(t('The two passwords provided do not match.'));
				}
			}
			
			if(is_object($this->fileWriteErrors)) {
				$e = $this->fileWriteErrors;
			}
			
			$e = $this->validateDatabase($e);
			$e = $this->validateSampleContent($e);
			
			if ($val->test() && (!$e->has())) {


				// write the config file
				$vh = Loader::helper('validation/identifier');
				$salt = ( defined('MANUAL_PASSWORD_SALT') ) ? MANUAL_PASSWORD_SALT : $vh->getString(64);
				$this->fp = @fopen(DIR_CONFIG_SITE . '/site_install.php', 'w+');
				$this->fpu = @fopen(DIR_CONFIG_SITE . '/site_install_user.php', 'w+');
				if ($this->fp) {
					$configuration = "<?php 
?>
<?php\n";
					$configuration .= "define('DB_SERVER', '" . addslashes($_POST['DB_SERVER']) . "');\n";
					$configuration .= "define('DB_USERNAME', '" . addslashes($_POST['DB_USERNAME']) . "');\n";
					$configuration .= "define('DB_PASSWORD', '" . addslashes($_POST['DB_PASSWORD']) . "');\n";
					$configuration .= "define('DB_DATABASE', '" . addslashes($_POST['DB_DATABASE']) . "');\n";
					if (isset($setPermissionsModel)) {
						$configuration .= "define('PERMISSIONS_MODEL', '" . addslashes($setPermissionsModel) . "');\n";
					}
					$configuration .= "define('PASSWORD_SALT', '{$salt}');\n";
					if (is_array($_POST['SITE_CONFIG'])) {
						foreach($_POST['SITE_CONFIG'] as $key => $value) { 
							$configuration .= "define('" . $key . "', '" . $value . "');\n";
						}
					}
					$res = fwrite($this->fp, $configuration);
					fclose($this->fp);
					chmod(DIR_CONFIG_SITE . '/site_install.php', 0700);
				} else {
					throw new Exception(t('Unable to open config/site.php for writing.'));
				}

				if ($this->fpu) {
					$configuration = "<?php 
?>
<?php\n";
					$configuration .= "define('INSTALL_USER_EMAIL', '" . $_POST['uEmail'] . "');\n";
					$configuration .= "define('INSTALL_USER_PASSWORD_HASH', '" . User::encryptPassword($_POST['uPassword'], $salt) . "');\n";
					$configuration .= "define('INSTALL_STARTING_POINT', '" . $this->post('SAMPLE_CONTENT') . "');\n";
					$configuration .= "define('SITE', '" . addslashes($_POST['SITE']) . "');\n";
					if (defined('ACTIVE_LOCALE') && ACTIVE_LOCALE != '' && ACTIVE_LOCALE != 'en_US') {
						$configuration .= "define('ACTIVE_LOCALE', '" . ACTIVE_LOCALE . "');\n";
					}
					$res = fwrite($this->fpu, $configuration);
					fclose($this->fpu);
					chmod(DIR_CONFIG_SITE . '/site_install_user.php', 0700);
					if (PHP_SAPI != 'cli') {
						$this->redirect('/');
					}
				} else {
					throw new Exception(t('Unable to open config/site_user.php for writing.'));
				}

			
			} else {
				if ($e->has()) {
					$this->set('error', $e);
				} else {
					$this->set('error', $val->getError());
				}
			}
			
		} catch (Exception $e) {
			$this->reset();
			$this->set('error', $e);
		}
	}
Example #29
0
 $cachedir = dirname(__FILE__) . '/cache/';
 $cachedir = str_replace('\\', '/', $cachedir);
 $cachedir = str_replace('/install', '', $cachedir);
 $website_dir = dirname(__FILE__);
 $website_dir = str_replace('\\', '/', $website_dir);
 $website_dir = str_replace('/install', '', $website_dir);
 $configVars = array("WEBSITE_NAME" => $website_name, "WEBSITE_LOCALE" => $website_locale, "WEBSITE_ROOT" => $website_root, "WEBSITE_DIR" => $website_dir, "USECACHE" => $usecache, "USE_DEMO" => $use_demo, "CURL_AVAILABLE" => $curl_available, "ANTI_SPAM" => $anti_spam, "CACHE_DIR" => $cachedir, "VERSION" => VERSION_NUMBER);
 foreach ($configVars as $key => $configVar) {
     $result = Configuration::SetConfig($key, $configVar, "../");
     if (!$result) {
         $errors[] = "Error when assigning the config variables";
         break;
     }
 }
 // Create admin account
 $passencrypt = $user->encryptPassword($admin_password);
 $Query = "insert into " . TABLE_PREFIX . "session (Name, Pass, Email, LastLog, DateJoin, Status, Style) " . "values('{$admin_username}','{$passencrypt}','{$admin_email}', now(), now(), 'admin', 'Auto')";
 //echo($Query . "<br>\n");
 $AffectedRows = $dblink->exec($Query);
 $Query = "INSERT INTO " . TABLE_PREFIX . "activation values ('{$admin_username}', '0', 'Y', NULL, '{$admin_email}')";
 $dbResult = $dblink->exec($Query);
 $AffectedRows += $dbResult;
 if ($AffectedRows != 2) {
     $errors[] = "Error when creating the admin user";
 }
 // Create demo account if true
 if ($use_demo) {
     $passencryptDemo = $user->encryptPassword("demo");
     $Query = "insert into " . TABLE_PREFIX . "session (Name, Pass, Email, LastLog, DateJoin, Status, Style) " . "values('demo','{$passencryptDemo}','*****@*****.**', now(), now(), 'normal', 'Auto')";
     //echo($Query . "<br>\n");
     $AffectedRows = $dblink->exec($Query);