Example #1
0
 public function displayMain()
 {
     global $smarty, $link, $cookie;
     if ($cookie->logged) {
         Tools::redirect($link->getPage('MyaccountView'));
     }
     if (Tools::isSubmit('loginSubmit')) {
         if (Tools::getRequest('email') && Tools::getRequest('passwd')) {
             $user = new User();
             if ($user->getByEmail(Tools::getRequest('email'), Tools::getRequest('passwd'))) {
                 $user->logined();
                 if (Tools::G("step") == 2) {
                     Tools::redirect($link->getPage('CheckoutView'));
                 } else {
                     Tools::redirect($link->getPage('MyaccountView'));
                 }
             } else {
                 $smarty->assign('errors', $user->_errors);
             }
         } else {
             $smarty->assign('errors', 'invalid email password combination');
         }
     }
     return $smarty->fetch('login.tpl');
 }
Example #2
0
 public function displayMain()
 {
     global $smarty, $link;
     $errors = array();
     $step = 1;
     $isExp = false;
     if (Tools::getRequest('reset') == 'passwd') {
         $step = 2;
     }
     if ($step == 1 && Tools::isSubmit('ResetPassword')) {
         $user = new User();
         $user->getByEmail(Tools::getRequest('email'));
         if (Validate::isLoadedObject($user)) {
             $md5_key = md5(_COOKIE_KEY_ . $user->email . $user->passwd . $user->upd_date);
             $subject = 'Reset your password in' . Configuration::get('TM_SHOP_DOMAIN');
             $vars = array('{name}' => $user->first_name . ' ' . $user->last_name, '{subject}' => $subject, '{link}' => $link->getPage('PasswordView') . '?reset=passwd&id_user=' . $user->id . '&key=' . $md5_key);
             if (Mail::Send('passwd', $subject, $vars, $user->email)) {
                 $step = 4;
             } else {
                 $errors[] = 'Send mail fail! Pless try agen!';
             }
         } else {
             $errors[] = 'The email don\'t exists!';
         }
     } elseif ($step == 2) {
         $sign = Tools::getRequest('key');
         $id_user = Tools::getRequest('id_user');
         $user = new User($id_user);
         if (Validate::isLoadedObject($user)) {
             $md5_key = md5(_COOKIE_KEY_ . $user->email . $user->passwd . $user->upd_date);
             if ($md5_key == $sign) {
                 if (Tools::isSubmit('confrimPassword')) {
                     $user->copyFromPost();
                     if (Validate::isPasswd(Tools::getRequest('passwd')) && $user->update()) {
                         $step = 3;
                     } else {
                         $errors[] = 'This passwd is incorrect';
                     }
                 }
             } else {
                 $isExp = true;
                 $errors[] = 'This link has expired!';
             }
         } else {
             $isExp = true;
             $errors[] = 'The customer don\'t exists!';
         }
     }
     $smarty->assign(array('step' => $step, 'isExp' => $isExp, 'errors' => $errors));
     return $smarty->fetch('password.tpl');
 }
 public function executeForgot($request)
 {
     $this->form = new ForgotForm();
     if ($this->getRequest()->getMethod() == sfRequest::POST) {
         $this->form->bind($request->getParameter('user'));
         if ($this->form->isValid()) {
             $values = $this->form->getValues();
             $user = User::getByEmail($values['name'], $values['email']);
             if ($user) {
                 $user->sendForgotPasswordEmail();
             }
         }
         $this->redirect('/user/login');
     }
 }
 public function postProcess()
 {
     parent::postProcess();
     // Déconnexion
     if (Tools::getIsset('logout')) {
         Auth::disconnect();
         Flash::add('Vous êtes bien déconnécté');
         Tools::redirect($this->context->link->getPageLink('auth'));
     } elseif (Tools::isSubmit('submitLogin')) {
         $user = (new User())->getByEmail(Tools::getValue('username'), Tools::getValue('password'));
         if (!Validate::isLoadedObject($user)) {
             $this->errors[] = 'Identifiant ou mot de passe incorrect';
         } else {
             Auth::setUser($user);
             Tools::redirect($this->context->link->getPageLink('comments'));
         }
     } elseif (Tools::isSubmit('submitSubscribe')) {
         /**
          * - Vérification des champs
          * - Verification non-existant
          * - Inscription
          * - Login
          */
         if (!Validate::isEmail($email = Tools::getValue('username'))) {
             return $this->errors[] = 'Veuillez saisir une adresse e-mail correcte';
         }
         if (!Validate::isPasswd($password = Tools::getValue('password'))) {
             /// @todo être plus spécifique sur les règles de mot de passes valides
             return $this->errors[] = 'Veuillez saisir un mot de passe correct';
         }
         $user = new User();
         if (Validate::isLoadedObject($user->getByEmail($email))) {
             $this->errors[] = 'Un compte avec cet identifiant existe déjà';
         } else {
             $user->login = $email;
             $user->password = Tools::encrypt($password);
             if (!$user->save()) {
                 $this->errors[] = 'Impossible de vous enregistrer, veuillez réessayer ultérieurement (' . Db::getInstance()->getMsgError() . ')';
             } else {
                 Auth::setUser($user);
                 Flash::success('Bienvenue! Votre compte a bien été créé');
                 Tools::redirect($this->context->link->getPageLink('comments'));
             }
         }
     } elseif (Auth::getUser()) {
         Tools::redirect($this->context->link->getPageLink('comments'));
     }
 }
Example #5
0
<?php

session_start();
include_once 'definition.php';
$User = new User();
$us = $User->getByEmail($_POST['email']);
if (count($us) > 0) {
    $user_id = $us[0][0];
    $username = $us[0][1];
    $chain = $user_id . $username . rand(1, 9999999) . date('Y-m-d');
    $sha_user_id = sha1($user_id);
    $token = sha1($chain);
    $res = $User->addToReset($sha_user_id, $token);
    if ($res) {
        $link = $_SERVER["SERVER_NAME"] . '/recoverpassword.php?id=' . $sha_user_id . '&tk=' . $token;
        //echo 'true';
        echo $link;
    }
} else {
    echo 'false';
}
Example #6
0
        $u = User::CheckUser($_REQUEST['email'], $_REQUEST['password']);
        $fp->log($u);
        if ($u) {
            MyAuth::setLoginAuthenticate($u['uid']);
            header("Location: {$appAfterLoginUrl}");
            die;
        } else {
            echo '<span class="error_message">Login not valid!</span>';
        }
    } else {
        //signup
        $fp->log("Signup!");
        if (!User::RegisterUser($_REQUEST['first_name'], $_REQUEST['last_name'], $_REQUEST['email'], $_REQUEST['password'], $_REQUEST['gender'])) {
            echo '<span class="error_message">Probaly the email has been already used! Plase try wih a different one</span>';
        } else {
            $u = User::getByEmail($_REQUEST['email']);
            MyAuth::setLoginAuthenticate($u['uid']);
            header("Location: {$appAfterLoginUrl}");
            die;
        }
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
        <meta http-equiv="Content-Style-Type" content="text/css">
        <meta http-equiv="Content-Script-Type" content="text/javascript">

        <link rel="stylesheet" type="text/css" href="static/css/main.css<?php 
Example #7
0
     } else {
         system\Helper::arcAddMessage("danger", "Password and retyped password do not match");
         return;
     }
 }
 $user->firstname = ucwords(strtolower($_POST["firstname"]));
 if (empty($_POST["firstname"])) {
     system\Helper::arcAddMessage("danger", "Firstname cannot be empty");
     return;
 }
 $user->lastname = ucwords(strtolower($_POST["lastname"]));
 if (empty($_POST["lastname"])) {
     system\Helper::arcAddMessage("danger", "Lastname cannot be empty");
     return;
 }
 $test = User::getByEmail($_POST["email"]);
 if ($user->id == 0 && $test->id != 0) {
     system\Helper::arcAddMessage("danger", "User already exists with this email address");
     return;
 }
 if ($user->id == 0 && empty($_POST["password"])) {
     system\Helper::arcAddMessage("danger", "New users must have a password");
     return;
 }
 if (!empty($_POST["company"])) {
     $comp = Company::getByName(ucwords($_POST["company"]));
     if ($comp->id == 0) {
         $comp = new Company();
         $comp->name = ucwords($_POST["company"]);
         $comp->update();
     }
Example #8
0
 echo "<p>Group created</p>";
 // go through all the members and see if they match existing users if so add them to the group
 // show results back to user so they know who has/hasn't already got an account
 $memberArr = split(',', trim($members));
 if (trim($members) != "" && sizeof($memberArr) > 0) {
     echo "<ul>";
     foreach ($memberArr as $member) {
         $member = trim($member);
         //check valid email address
         if (!validEmail($member)) {
             echo "<li>" . $member . " is not a valid email address</li>";
         } else {
             //find out if existing user
             $u = new User();
             $u->setEmail($member);
             $user = $u->getByEmail();
             if ($user instanceof User) {
                 //user already exists in db
                 addGroupMember($group->groupid, $user->userid);
                 echo "<li>" . $member . " " . $LNG->GROUP_FORM_IS_MEMBER . "</li>";
             } else {
                 //user doesn't exist so create user and send them an invite code
                 $newU = new User();
                 $names = split('@', $member);
                 $newU->add($member, $names[0], "", "", 'N', $CFG->AUTH_TYPE_EVHUB, "", "", "");
                 $newU->setInvitationCode();
                 addGroupMember($group->groupid, $newU->userid);
                 echo "<li>" . $member . " " . $LNG->GROUP_FORM_NOT_MEMBER . "</li>";
             }
         }
     }
Example #9
0
                $user->update();
                Log::createLog("warning", "ldap", "LDAP user created: " . $_POST["email"]);
                $ad = new SystemSetting();
                $ad->key = "ARC_USER_AD";
                $ad->value = true;
                $ad->userid = $user->id;
                $ad->update();
                doLogin($user);
                return;
            }
        } else {
            Log::createLog("danger", "ldap", "LDAP lookup failed.");
        }
    }
    // end ldap
    $user = \User::getByEmail($_POST["email"]);
    if ($user->verifyPassword($_POST["password"])) {
        if ($user->enabled) {
            doLogin($user);
            return;
        } else {
            system\Helper::arcAddMessage("danger", "Account disabled");
            Log::createLog("danger", "user", "Attempt to access disabled account: " . $_POST["email"]);
            return;
        }
    }
    system\Helper::arcAddMessage("danger", "Invalid username and/or password");
    Log::createLog("warning", "user", "Incorrect password: " . $_POST["email"]);
} else {
    return system\Helper::arcAddFooter("js", system\Helper::arcGetModulePath() . "js/login.js");
}
Example #10
0
function login()
{
    // login.. checks if session already set..
    $results = array();
    $results['pageTitle'] = "Home | Dating website";
    if (!isset($_SESSION['email'])) {
        if (isset($_POST['email'])) {
            $email = $_POST['email'];
            $password = $_POST['password'];
            $passwordHash = Password::hash($password);
            //echo $passwordHash;
            if ($user = User::getByEmail($email)) {
                if ($passwordHash == $user->password) {
                    if ($user->verification == "verified") {
                        $_SESSION['email'] = $email;
                        $_SESSION['userId'] = $user->id;
                        header("Location: ../search.php");
                        // if its a verified account goes to home
                    } elseif ($user->verification == "notVerified") {
                        $results['errorMessage'] = "Account not activated please wait";
                        $_SESSION['email'] = $email;
                        $_SESSION['userId'] = $user->id;
                        header("Location: ../search.php");
                        // if account not verif goes to login form
                    } else {
                        $results['errorMessage'] = "Information provided is not valid";
                        header("Location: ../index.php");
                    }
                } else {
                    $results['errorMessage'] = "Username and password do not match.";
                    header("Location: ../index.php");
                }
            } else {
                $results['errorMessage'] = "Username not found, please register first.";
                require TEMPLATE_PATH . "/index.php";
            }
        } else {
            header("Location: ../index.php");
        }
    } else {
        $user = User::getByEmail($_SESSION['email']);
        header("Location: ../search.php");
        //temporary until logout is created .. login form musn't be accessible.. looks unproffes... login form is hidden when session is on.
    }
}
Example #11
0
            }
        } else {
            $message = 'Please provide your email address.';
        }
    } else {
        $message = 'Please provide your email address.';
    }
} else {
    if (REQMETHOD == 'GET') {
        if (isset($_GET['email']) || isset($_GET['key'])) {
            $email = trim(urldecode($_GET['email']));
            $key = trim(urldecode($_GET['key']));
            if (strlen($email) > 0 && strlen($key) > 0) {
                try {
                    $email = strtolower($email);
                    $user = User::getByEmail($email);
                    if (!$user->isVerified()) {
                        $user->verifyUserEmail($key);
                    }
                    $verifyiserror = false;
                } catch (Exception $e) {
                    trigger_error($e->getMessage(), E_USER_WARNING);
                    $message = 'Cannot verify email.';
                }
            } else {
                $message = 'Cannot verify email.';
            }
        }
    } else {
        header("Location: index");
        exit;
Example #12
0
<?php

$id = Url::getParam('id');
if (!empty($id)) {
    $objUser = new User();
    $user = $objUser->getUser($id);
    if (!empty($user)) {
        $objForm = new Form();
        $objValid = new Validation($objForm);
        if ($objForm->isPost('first_name')) {
            $objValid->_expected = array('first_name', 'last_name', 'address_1', 'address_2', 'town', 'county', 'post_code', 'country', 'email');
            $objValid->_required = array('first_name', 'last_name', 'address_1', 'town', 'county', 'post_code', 'country', 'email');
            $objValid->_special = array('email' => 'email');
            $email = $objForm->getPost('email');
            $duplicate = $objUser->getByEmail($email);
            if (!empty($duplicate) && $duplicate['id'] != $user['id']) {
                $objValid->add2Errors('email_duplicate');
            }
            if ($objValid->isValid()) {
                if ($objUser->updateUser($objValid->_post, $user['id'])) {
                    Helper::redirect('/admin' . Url::getCurrentUrl(array('action', 'id')) . '&action=edited');
                } else {
                    Helper::redirect('/admin' . Url::getCurrentUrl(array('action', 'id')) . '&action=edited-failed');
                }
            }
        }
        require_once 'template/_header.php';
        ?>
	
	<h1>Clients :: Edit</h1>
	
Example #13
0
 /**
  * resend confirmation email 
  * @param string $email
  * @return int
  */
 public function resend($email)
 {
     if (empty($email)) {
         return array(false, self::ERROR_INVALID_EMAIL_OR_PSWD);
     }
     if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
         return array(false, self::ERROR_INVALID_EMAIL_OR_PSWD);
     }
     $user = new User($this->db, $this->logger);
     if (!$user->getByEmail($email)) {
         return array(false, self::ERROR_DOES_NOT_EXIST);
     }
     if ($user->status != User::STATUS_UNVERIFIED) {
         return self::ERROR_ALREADY_VERIFIED;
     }
     $vcode = new VerificationCode($this->db, $this->logger);
     if (!$vcode->getByUserId($user->id)) {
         return array(false, self::ERROR_DOES_NOT_EXIST);
     }
     // update the code and send it
     $vcode->code = bin2hex(openssl_random_pseudo_bytes(32));
     if ($vcode->save()) {
         return array(false, self::ERROR_INTERNAL_ERROR);
     }
     $this->sendVerificationEmail($user->id, $email, $vcode->code, $email);
     return array(true, $vcode->code);
 }
<?php

fSession::open();
$id_role = fRequest::get('id_role', 'integer');
$email = fRequest::encode('email', 'string');
if (empty($email)) {
    exit;
}
$arr = array();
if (fAuthorization::checkAuthLevel('super')) {
    if (empty($id_role)) {
        $users = User::getByEmailSup($email);
    } else {
        $users = User::getByRoleAndEmailSup($id_role, $email);
    }
} else {
    if (empty($id_role)) {
        $users = User::getByEmail($email, fSession::get('regs'));
    } else {
        $users = User::getByRoleAndEmail($id_role, $email, fSession::get('regs'));
    }
}
if (!empty($users)) {
    foreach ($users as $user) {
        $arr[] = array('id_user' => $user->getIdUser(), 'email' => $user->getEmail());
    }
}
echo json_encode($arr);
Example #15
0
}
// registration form
if ($objForm->isPost('first_name')) {
    $objValid->_expected = array('first_name', 'last_name', 'address_1', 'address_2', 'town', 'county', 'post_code', 'country', 'email', 'password', 'confirm_password');
    $objValid->_required = array('first_name', 'last_name', 'address_1', 'town', 'county', 'post_code', 'country', 'email', 'password', 'confirm_password');
    $objValid->_special = array('email' => 'email');
    $objValid->_post_remove = array('confirm_password');
    $objValid->_post_format = array('password' => 'password');
    // validate password
    $pass_1 = $objForm->getPost('password');
    $pass_2 = $objForm->getPost('confirm_password');
    if (!empty($pass_1) && !empty($pass_2) && $pass_1 != $pass_2) {
        $objValid->add2Errors('password_mismatch');
    }
    $email = $objForm->getPost('email');
    $user = $objUser->getByEmail($email);
    if (!empty($user)) {
        $objValid->add2Errors('email_duplicate');
    }
    if ($objValid->isValid()) {
        // add hash for activating account
        $objValid->_post['hash'] = mt_rand() . date('YmdHis') . mt_rand();
        // add registration date
        $objValid->_post['date'] = Helper::setDate();
        if ($objUser->addUser($objValid->_post, $objForm->getPost('password'))) {
            $_SESSION['link'] = $_POST['link'];
            Helper::redirect('/start/?page=registered');
        } else {
            Helper::redirect('/start/?page=registered-failed');
        }
    }
Example #16
0
	'forgotpass-email'  => FILTER_VALIDATE_EMAIL,
	'forgotpass-submit' => FILTER_VALIDATE_STRING,
);

$filtered  = filter_input_array(INPUT_POST, $filters);
try {
	if ($filtered['forgotpass-submit']) {
		$email    = $filtered['forgotpass-email'];
		$password = getPassword(); 
	
		if (!$email or !verifyEmail($email)) {
			throw new Exception('Invalid Email address');
		}
		
		$user = new User();
		$user->getByEmail($email);
		if ($user->id and $user->active != 4) {
			// good, they exist.
			$user->password = md5($password);
			$user->active   = 3;
			$user->save();
			
			if (!doEmail($user->username, $password, $user->email)) {
				throw new Exception('Could not send the activation email. Please contact an admin on the forum, or by email');
			}
			
			header('Location: index.php?e=6');
			exit;		 
			
		}
		else {
Example #17
0
<?php

if (system\Helper::arcIsAjaxRequest()) {
    $user = User::getByEmail($_POST["emailf"]);
    // valid user
    if ($user->id > 0) {
        $password = md5(uniqid($user->email, true));
        $user->setPassword($password);
        $user->update();
        $messageS = SystemSetting::getByKey("ARC_PASSWORD_RESET_MESSAGE");
        $message = html_entity_decode($messageS->value);
        $message = str_replace("{password}", $password, $message);
        $mail = new Mail();
        $mail->Send($user->email, "Password Reset Request", $message, true);
        system\Helper::arcAddMessage("success", "Password reset, please check your email.");
        Log::createLog("warning", "user", "Password reset request '" . $_POST["emailf"] . "'.");
    } else {
        system\Helper::arcAddMessage("danger", "Email address is not registered");
        Log::createLog("danger", "user", "Request to reset unknown email address '" . $_POST["emailf"] . "'.");
    }
}
Example #18
0
 /**
  * Display and treat the form to reset the user's password
  */
 public function resetPassword()
 {
     $form = new Form(array('id' => 'reset-password-form', 'fieldsets' => array('form' => array(new TextInput(array('name' => 'code', 'required' => true, 'label' => Lang::get($this->_plugin . '.reset-pwd-form-code-label'))), new PasswordInput(array('name' => 'password', 'required' => true, 'label' => Lang::get($this->_plugin . '.reset-pwd-form-password-label'), 'encrypt' => array('\\Hawk\\Crypto', 'saltHash'))), new PasswordInput(array('name' => 'confirmation', 'required' => true, 'compare' => 'password', 'label' => Lang::get($this->_plugin . '.reset-pwd-form-confirmation-label')))), 'submits' => array(new SubmitInput(array('name' => 'valid', 'label' => Lang::get($this->_plugin . '.valid-button'))), new ButtonInput(array('name' => 'cancel', 'label' => Lang::get($this->_plugin . '.cancel-button'), 'href' => App::router()->getUri('login'), 'target' => 'dialog')))), 'onsuccess' => 'app.dialog(app.getUri("login"));'));
     if (!$form->submitted()) {
         return Dialogbox::make(array('title' => Lang::get($this->_plugin . '.reset-pwd-form-title'), 'icon' => 'lock-alt', 'page' => $form));
     } else {
         if ($form->check()) {
             // Check the verficiation code
             if ($form->getData('code') !== Crypto::aes256Decode(App::session()->getData('forgottenPassword.code'))) {
                 $form->error('code', Lang::get($this->_plugin . '.reset-pwd-form-bad-verification-code'));
                 return $form->response(Form::STATUS_CHECK_ERROR);
             }
             try {
                 $user = User::getByEmail(App::session()->getData('forgottenPassword.email'));
                 if ($user) {
                     $user->set('password', $form->inputs['password']->dbvalue());
                     $user->save();
                 } else {
                     return $form->response(Form::STATUS_ERROR, App::session()->getData('forgottenPassword.email'));
                 }
                 return $form->response(Form::STATUS_SUCCESS, Lang::get($this->_plugin . '.reset-pwd-form-success'));
             } catch (\Exception $e) {
                 return $form->response(Form::STATUS_ERROR, Lang::get($this->_plugin . '.reset-pwd-form-error'));
             }
         }
     }
 }