function checkAuth($action, &$options) { if ($action == 'login' or $action == 'logout') { $options['custom'] = 'basicAuth'; unset($_SERVER['PHP_AUTH_USER']); unset($_SERVER['PHP_AUTH_PW']); return 0; } if (isset($_SERVER['PHP_AUTH_USER']) and $_SERVER['PHP_AUTH_PW']) { $id = $_SERVER['PHP_AUTH_USER']; $userdb = new UserDB($this->DB); $user = new WikiUser(); # get from COOKIE VARS if ($user->id == $id) { return 1; } if ($userdb->_exists($id)) { $user = $userdb->getUser($id); # check password if ($user->checkPasswd($_SERVER['PHP_AUTH_PW']) === true) { $dummy = $user->setCookie(); $dummy = $userdb->saveUser($user); return 1; } } } unset($_SERVER['PHP_AUTH_USER']); unset($_SERVER['PHP_AUTH_PW']); return 0; }
function Security_htaccesslogin($DB = "") { $this->DB = $DB; # BEGIN LOGIN $id = getenv('REMOTE_USER'); if ($id != "") { $userdb = new UserDB($DB); $user = new WikiUser(); # get from COOKIE VARS if ($userdb->_exists($id)) { # login $user = $userdb->getUser($id); $options['id'] = $user->id; $options['login_id'] = $user->id; $dummy = $user->setCookie(); $dummy = $userdb->saveUser($user); } else { # create account $user->id = $id; $options['id'] = $user->id; #$ticket=md5(time().$user->id.$options['email']); #$user->info['eticket']=''; $dummy = $user->setCookie(); $dummy = $userdb->addUser($user); } } # END LOGIN }
public function addComment($parent_id, $article_id, $text) { $comment = new CommentDB(); if (!$this->auth_user) { return false; } $comment->article_id = $article_id; $comment->user_id = $this->auth_user->id; $comment->parent_id = $parent_id; $comment->text = $text; try { $comment->save(); /*не верно*/ $comment_parent = new CommentDB(); $comment_parent->load($parent_id); if ($comment_parent->isSaved() && $comment_parent->user_id != $this->auth_user->id) { $user = new UserDB(); $user->load($comment_parent->user_id); $this->mail->send($user->email, array("user" => $user, "link" => $comment_parent->link), "comment_subscribe"); } return json_encode(array("id" => $comment->id, "parent_id" => $comment->parent_id, "user_id" => $this->auth_user->id, "name" => $this->auth_user->name, "avatar" => $this->auth_user->avatar, "text" => $comment->text, "date" => $comment->date)); } catch (Exception $e) { return false; } }
public function login(UserDB $user) { session_regenerate_id(); if ($user) { $this->user_id = $_SESSION['user_id'] = $user->id; $_SESSION['logged_in'] = true; $this->logged_in = true; $user->update_last_login(); } }
public function loginCheck($num, $password) { $userdb = new UserDB(); $u = $userdb->login($num, $password); if ($u) { $d = array("id" => $u[0], "num" => $u[1], "username" => $u[2]); return $d; } else { return false; } }
function testAuthorizeUser() { $info = new UserInfo($this->data); $store = new UserDB(); $store->updateUser($info); $result = $store->authorizeUser($info); $this->assertEquals($info->userid, $result->userid); $this->assertEquals($info->username, $result->username); $fake = new UserInfo(array('username' => 'test', 'password' => 1111)); $result = $store->authorizeUser($fake); $this->assertEquals(null, $result); }
function User_nforge($id = '') { if ($id) { $this->setID($id); $u =& user_get_object_by_name($id); } else { $u =& user_get_object(user_getid()); if ($u and is_object($u) and !$u->isError()) { global $DBInfo; $id = $u->getUnixName(); } if (!empty($id)) { $this->setID($id); $udb = new UserDB($DBInfo); $tmp = $udb->getUser($id); // get timezone and make timezone offset $tz_offset = date('Z'); $update = 0; if ($tz_offset != $tmp->info['tz_offset']) { $update = 1; } if (!empty($DBInfo->use_homepage_url) and empty($tmp->info['home']) or $update or empty($tmp->info['nick']) or $tmp->info['nick'] != $u->data_array['realname']) { // register user $tmp->info['tz_offset'] = $tz_offset; $tmp->info['nick'] = $u->data_array['realname']; if (!empty($DBInfo->use_homepage_url)) { $tmp->info['home'] = util_make_url_u($u->getID(), true); } $udb->saveUser($tmp); } } else { $id = 'Anonymous'; $this->setID('Anonymous'); } } $this->css = isset($_COOKIE['MONI_CSS']) ? $_COOKIE['MONI_CSS'] : ''; $this->theme = isset($_COOKIE['MONI_THEME']) ? $_COOKIE['MONI_THEME'] : ''; $this->bookmark = isset($_COOKIE['MONI_BOOKMARK']) ? $_COOKIE['MONI_BOOKMARK'] : ''; $this->trail = isset($_COOKIE['MONI_TRAIL']) ? _stripslashes($_COOKIE['MONI_TRAIL']) : ''; $this->tz_offset = isset($_COOKIE['MONI_TZ']) ? _stripslashes($_COOKIE['MONI_TZ']) : ''; $this->nick = isset($_COOKIE['MONI_NICK']) ? _stripslashes($_COOKIE['MONI_NICK']) : ''; if ($this->tz_offset == '') { $this->tz_offset = date('Z'); } if (!empty($id) and $id != 'Anonymous') { global $DBInfo; $udb = new UserDB($DBInfo); if (!$udb->_exists($id)) { $dummy = $udb->saveUser($this); } } }
public static function get() { $page = new Page(); $page->data['title'] = 'Geld beheren'; //Redirect if user is not set if (!isset($_GET['user'])) { header('Location: manageuser', true, 303); } else { try { $_SESSION['Stippers']['ManageUserMoney']['user'] = UserDB::getFullUserById($_GET['user']); ManageUserMoneyController::buildEnterTransactionView($page, false); } catch (UserDBException $ex) { if ($ex->getCode() == UserDBException::NOUSERFORCARDNUMER) { $page->data['ErrorMessageNoDescriptionWithLinkView']['errorTitle'] = 'Er is geen gebruiker met deze id'; } else { $page->data['ErrorMessageNoDescriptionWithLinkView']['errorTitle'] = 'Kan gegevens niet ophalen uit de database'; } $page->data['ErrorMessageNoDescriptionWithLinkView']['tryAgainUrl'] = $_SERVER['REQUEST_URI']; $page->addView('error/ErrorMessageNoDescriptionWithLinkView'); } catch (Exception $ex) { $page->data['ErrorMessageNoDescriptionWithLinkView']['errorTitle'] = 'Kan gegevens niet ophalen uit de database'; $page->data['ErrorMessageNoDescriptionWithLinkView']['tryAgainUrl'] = $_SERVER['REQUEST_URI']; $page->addView('error/ErrorMessageNoDescriptionWithLinkView'); } $page->showWithMenu(); } }
public function usersLogin() { Logger::debug('main', 'USERSGROUP::usersLogin (for id=' . $this->getUniqueID() . ')'); $logins = array(); $prefs = Preferences::getInstance(); if (!$prefs) { Logger::critical('main', 'USERSGROUP::usersLogin (for id=' . $this->getUniqueID() . ') get prefs failed'); die_error('get Preferences failed', __FILE__, __LINE__); } $user_default_group = $prefs->get('general', 'user_default_group'); if ($user_default_group === $this->getUniqueID()) { // it's the default group -> we add all users $userdb = UserDB::getInstance(); $users = $userdb->getList(); foreach ($users as $a_user) { $logins[] = $a_user->getAttribute('login'); } } else { $ls = Abstract_Liaison::load('UsersGroup', NULL, $this->getUniqueID()); if (is_array($ls)) { foreach ($ls as $l) { $logins[] = $l->element; } } } return $logins; }
public function makeLDAPconfig($config_ = NULL) { if (is_null($config_) === false) { return $config_; } else { $userDBAD = UserDB::getInstance(); if (method_exists($userDBAD, 'makeLDAPconfig') === false) { Logger::error('main', 'UserGroupDB::ldap_posix::makeLDAPconfig makeLDAPconfig is not avalaible'); return NULL; } $configLDAP = $userDBAD->makeLDAPconfig(); $configLDAP['match'] = array(); if (array_key_exists('match', $this->preferences)) { $configLDAP['match'] = $this->preferences['match']; } $configLDAP['userbranch'] = ''; if (array_key_exists('group_dn', $this->preferences)) { $configLDAP['userbranch'] = $this->preferences['group_dn']; } if (array_key_exists('filter', $this->preferences)) { $configLDAP['filter'] = $this->preferences['filter']; } return $configLDAP; } }
public function get_login() { $userDB = UserDB::getInstance(); if (!is_object($userDB)) { return NULL; } $prefs = Preferences::getInstance(); $config = $prefs->get('AuthMethod', 'Auto'); if (array_key_exists('login', $_POST) && array_key_exists('uselogin', $config) && $config['uselogin'] == '1') { $this->login = $_POST['login']; } else { $this->login = '******' . gen_unique_string(); } $u = new User(); $u->setAttribute('login', $this->login); $u->setAttribute('password', $u->getAttribute('login')); $u->setAttribute('displayname', 'user ' . $u->getAttribute('login')); if ($userDB->add($u)) { $user = $userDB->import($u->getAttribute('login')); } else { Logger::error('main', 'AuthMethod::Auto::get_login failed to add user ' . $u->getAttribute('login')); return NULL; } if (!is_object($user)) { return NULL; } $this->login = $user->getAttribute('login'); return $this->login; }
public static function post() { $page = new Page(); $page->data['title'] = 'Kassa'; if (isset($_POST['to_enter_transaction_view'])) { $errMsgs = CashRegisterEnterCardViewValidator::validate($_POST); if (empty($errMsgs)) { try { $_SESSION['Stippers']['CashRegister']['user'] = UserDB::getFullUserByCardNumber($_POST['card_number']); if (!$_SESSION['Stippers']['CashRegister']['user']) { CashRegisterController::buildEnterCardView($page, true); $page->data['CashRegisterEnterCardView']['errMsgs']['global'] = '<h2 class="error_message" id="enter_card_form_error_message">Dit kaartnummer is niet gekoppeld aan een gebruiker.</h2>'; } else { CashRegisterController::buildEnterTransactionView($page, false); } } catch (Exception $ex) { CashRegisterController::buildEnterCardView($page, true); $page->data['CashRegisterEnterCardView']['errMsgs']['global'] = '<h2 class="error_message" id="enter_card_form_error_message">Kan gebruiker niet ophalen, probeer opnieuw.</h2>'; } } else { CashRegisterController::buildEnterCardView($page, true); $page->data['CashRegisterEnterCardView']['errMsgs'] = array_merge($page->data['CashRegisterEnterCardView']['errMsgs'], $errMsgs); } } elseif (isset($_POST['register_transaction'])) { $errMsgs = CashRegisterEnterTransactionViewValidator::validate($_POST); if (empty($errMsgs)) { try { $decrMoney = $_POST['decrease_money'] == '' ? 0 : SafeMath::getCentsFromString($_POST['decrease_money']); $executingBrowserName = BrowserDB::getBrowserById($_SESSION['Stippers']['browser']->browserId)->name; $trans = new MoneyTransaction(null, $_SESSION['Stippers']['CashRegister']['user']->userId, $_SESSION['Stippers']['CashRegister']['user']->balance, 0, $decrMoney, MoneyTransactionConfig::DEFAULT_DISCOUNT_PERC, false, null, $executingBrowserName, null); if ($trans->getBalAfter() < 0) { $page->data['ErrorMessageWithDescriptionWithLinkView']['tryAgainUrl'] = $_SERVER['REQUEST_URI']; $page->data['ErrorMessageWithDescriptionWithLinkView']['errorTitle'] = 'Saldo te laag'; $page->data['ErrorMessageWithDescriptionWithLinkView']['errorDescription'] = 'Het saldo de kaart is te laag.<br>Je komt onder nul uit.'; $page->addView('error/ErrorMessageWithDescriptionWithLinkView'); } else { MoneyTransactionDB::addTransaction($_SESSION['Stippers']['CashRegister']['user'], $trans); $page->data['CashRegisterTransactionResultView']['balBefore'] = $trans->getBalBefore() / 100; $page->data['CashRegisterTransactionResultView']['balAfter'] = $trans->getBalAfter() / 100; $page->data['CashRegisterTransactionResultView']['discount'] = $trans->getDiscount() / 100; $page->data['CashRegisterTransactionResultView']['decrMoney'] = $trans->getDecrMoney() / 100; $page->addView('cashRegister/CashRegisterTransactionResultView'); } } catch (Exception $ex) { CashRegisterController::buildEnterTransactionView($page, true); $page->data['CashRegisterEnterTransactionView']['errMsgs']['global'] = '<h2 class="error_message" id="enter_transaction_form_error_message">Kan transactie niet registreren, probeer opnieuw.</h2>'; } } else { CashRegisterController::buildEnterTransactionView($page, true); $page->data['CashRegisterEnterTransactionView']['errMsgs'] = array_merge($page->data['CashRegisterEnterTransactionView']['errMsgs'], $errMsgs); } } $page->showWithMenu(); }
public static function post() { //If required data is not in session go to search page if (!isset($_SESSION['Stippers']['ManageUserSearch']['inputData']['values'])) { header('Location: manageuser', TRUE, 303); } else { $page = new Page(); $page->data['title'] = 'E-mail versturen naar gebruikers'; $errMsgs = SendEmailToUsersViewValidator::validate($_POST); if (empty($errMsgs)) { try { //Get search users $select = ['email' => true, 'firstName' => true, 'lastName' => true]; $users = array_column(UserDB::getSearchUsers($select, $_SESSION['Stippers']['ManageUserSearch']['inputData']['values'], null), 'user'); //Send email $failedAddresses = Email::sendEmails($_POST['email_file'], $_POST['subject'], EmailConfig::FROM_ADDRESS, $users, null); //Check if some emails failed if (empty($failedAddresses)) { $page->date['SuccessMessageNoDescriptionWithLinkView']['successTitle'] = 'E-mails succesvol verzonden'; $page->date['SuccessMessageNoDescriptionWithLinkView']['redirectUrl'] = 'manageuser'; $page->addView('success/SuccessMessageNoDescriptionWithLinkView'); } else { $page->data['ErrorMessageWithDescriptionNoLinkView']['errorTitle'] = 'Kan niet alle e-mails verzenden'; $page->data['ErrorMessageWithDescriptionNoLinkView']['errorDescription'] = 'Het verzenden van de e-mail naar onderstaande addressen is mislukt.'; $page->addView('error/ErrorMessageWithDescriptionNoLinkView'); $page->data['FailedEmailListView']['addresses'] = $failedAddresses; $page->data['FailedEmailListView']['redirectUrl'] = 'manageuser'; $page->addView('sendEmailToUsers/FailedEmailListView'); } } catch (UserDBException $ex) { $page->data['ErrorMessageNoDescriptionWithLinkView']['errorTitle'] = 'Kan gebruikers niet ophalen'; $page->data['ErrorMessageNoDescriptionWithLinkView']['tryAgainUrl'] = $_SERVER['REQUEST_URI']; $page->addView('error/ErrorMessageNoDescriptionWithLinkView'); } catch (EmailException $ex) { if ($ex->getCode() == EmailException::CANNOTREADEMAILFILE) { $page->data['ErrorMessageNoDescriptionWithLinkView']['errorTitle'] = 'Kan e-mailbestand niet lezen'; } else { $page->data['ErrorMessageNoDescriptionWithLinkView']['errorTitle'] = 'Kan e-mails niet verzenden'; } $page->data['ErrorMessageNoDescriptionWithLinkView']['tryAgainUrl'] = $_SERVER['REQUEST_URI']; $page->addView('error/ErrorMessageNoDescriptionWithLinkView'); } catch (Exception $ex) { $page->data['ErrorMessageNoDescriptionWithLinkView']['errorTitle'] = 'Kan e-mails niet verzenden'; $page->data['ErrorMessageNoDescriptionWithLinkView']['tryAgainUrl'] = $_SERVER['REQUEST_URI']; $page->addView('error/ErrorMessageNoDescriptionWithLinkView'); } } else { $page->addView('sendEmailToUsers/SendEmailToUsersTitleView'); SendEmailToUsersController::buildSendEmailToUsersFormView($page, true); $page->data['SendEmailToUsersFormView']['errMsgs'] = array_merge($page->data['SendEmailToUsersFormView']['errMsgs'], $errMsgs); } $page->showWithMenu(); } }
function search() { $userDB = UserDB::getInstance(); list($this->result, $nb) = $userDB->getUsersContains($this->search_item, $this->search_fields, $this->search_limit + 1); if ($nb || count($this->result) > $this->search_limit) { array_pop($this->result); $this->partial_result = true; } else { $this->partial_result = false; } return $this->result; }
public static function post() { $page = new Page(); $page->data['title'] = 'Wachtwoord resetten'; $errMsgs = ResetPasswordViewValidator::validate($_POST); if (empty($errMsgs)) { try { //Get the user's password salt and calculate password hash $passwordSalt = UserDB::getPasswordSaltByEmail($_POST['email']); $newPassword = Random::getPassword(); $newPasswordHash = hash_pbkdf2('sha256', $newPassword, $passwordSalt, SecurityConfig::N_PASSWORD_HASH_ITERATIONS); //Get user from database and reset password. $user = UserDB::getBasicUserByEmail($_POST['email']); UserDB::resetPassword($_POST['email'], $newPasswordHash); //Show success message $page->data['ResetSuccessfulView']['redirectUrl'] = 'login'; $page->addView('resetPassword/ResetSuccessfulView'); //Send email with password $failedEmails = Email::sendEmails('ResetPassword.html', 'JH De Stip - Wachtwoord reset', EmailConfig::FROM_ADDRESS, [$user], array($user->userId => array('newPassword' => $newPassword))); //If failedEmails is not empty the mail was not sent if (!empty($failedEmails)) { $page->data['ErrorMessageNoDescriptionNoLinkView']['errorTitle'] = 'Kan e-mail met nieuwe wachtwoord niet verzenden.'; $page->addView('error/ErrorMessageNoDescriptionNoLinkView'); } } catch (UserDBException $ex) { $page->data['ResetPasswordView']['reset_password_formAction'] = $_SERVER['REQUEST_URI']; $page->data['ResetPasswordView']['email'] = $_POST['email']; $page->data['ResetPasswordView']['errMsgs'] = ResetPasswordViewValidator::initErrMsgs(); if ($ex->getCode() == UserDBException::NOUSERFOREMAIL) { $page->data['ResetPasswordView']['errMsgs']['global'] = '<h2 class="error_message" id="reset_password_form_error_message">Er is geen gebruiker met dit e-mailadres.</h2>'; } else { $page->data['ResetPasswordView']['errMsgs']['global'] = '<h2 class="error_message" id="reset_password_form_error_message">Kan wachtwoord niet resetten, probeer het opnieuw.</h2>'; } $page->addView('resetPassword/ResetPasswordView'); } catch (EmailException $ex) { $page->data['ErrorMessageNoDescriptionNoLinkView']['errorTitle'] = 'Kan e-mail met nieuwe wachtwoord niet verzenden.'; $page->addView('error/ErrorMessageNoDescriptionNoLinkView'); } catch (Exception $ex) { $page->data['ResetPasswordView']['reset_password_formAction'] = $_SERVER['REQUEST_URI']; $page->data['ResetPasswordView']['email'] = $_POST['email']; $page->data['ResetPasswordView']['errMsgs']['global'] = '<h2 class="error_message" id="reset_password_form_error_message">Kan wachtwoord niet resetten, probeer het opnieuw.</h2>'; $page->addView('resetPassword/ResetPasswordView'); } } else { $page->data['ResetPasswordView']['reset_password_formAction'] = $_SERVER['REQUEST_URI']; $page->data['ResetPasswordView']['email'] = $_POST['email']; $page->data['ResetPasswordView']['errMsgs'] = ResetPasswordViewValidator::initErrMsgs(); $page->data['ResetPasswordView']['errMsgs'] = array_merge($page->data['ResetPasswordView']['errMsgs'], $errMsgs); $page->addView('resetPassword/ResetPasswordView'); } $page->showWithMenu(); }
public static function post() { if (isset($_POST['edit'])) { $page = new Page(); $page->data['title'] = 'Profiel'; ProfileController::buildProfileTopView($page, true, false); $page->addView('profile/ProfileEnabledFormBottomView'); ProfileController::buildMembershipDetailsView($page); $page->showWithMenu(); } elseif (isset($_POST['save'])) { $page = new Page(); $page->data['title'] = 'Profiel'; $errMsgs = ProfileTopViewValidator::validate($_POST); if (empty($errMsgs)) { //If no error: create a new user from posted data and try to save it $newUser = ProfileController::createUserFromPost(); try { UserDB::updateUser($_SESSION['Stippers']['Profile']['user'], $newUser); $page->data['SuccessMessageNoDescriptionWithLinkView']['successTitle'] = 'Gegevens succesvol bijgewerkt'; $page->data['SuccessMessageNoDescriptionWithLinkView']['redirectUrl'] = $_SERVER['REQUEST_URI']; $page->addView('success/SuccessMessageNoDescriptionWithLinkView'); } catch (UserDBException $ex) { //Show correct error message for errors if ($ex->getCode() == UserDBException::USEROUTOFDATE) { $page->data['ErrorMessageWithDescriptionWithLinkView']['errorTitle'] = 'Gegevens niet bijgewerkt'; $page->data['ErrorMessageWithDescriptionWithLinkView']['errorDescription'] = 'Iemand anders heeft je gegevens in tussentijd al gewijzigd.'; $page->data['ErrorMessageWithDescriptionWithLinkView']['tryAgainUrl'] = $_SERVER['REQUEST_URI']; $page->addView('error/ErrorMessageWithDescriptionWithLinkView'); } else { ProfileController::buildProfileTopView($page, true, true); if ($ex->getCode() == UserDBException::EMAILALREADYEXISTS) { $page->data['ProfileTopView']['errMsgs']['global'] = '<h2 class="error_message" id="profile_form_error_message">Dit e-mailadres is al in gebruik.</h2>'; } else { $page->data['ProfileTopView']['errMsgs']['global'] = '<h2 class="error_message" id="profile_form_error_message">Kan gegevens niet bijwerken, probeer het opnieuw.</h2>'; } $page->addView('profile/ProfileEnabledFormBottomView'); } } } else { //If we had an error we show the views with enabled controls and take data from POST ProfileController::buildProfileTopView($page, true, true); $page->addView('profile/ProfileEnabledFormBottomView'); $page->data['ProfileTopView']['errMsgs'] = array_merge($page->data['ProfileTopView']['errMsgs'], $errMsgs); ProfileController::buildMembershipDetailsView($page); } $page->showWithMenu(); } else { ProfileController::get(); } }
function setUpUserDB() { if (!file_exists(USERDB_FILE_LOCATION)) { $aUserDB = new UserDB(); $aUserDB->setFileName(USERDB_FILE_LOCATION); $aNewUser = new User(); $aNewUser->setUserName("admin"); $aNewUser->setMD5Password("1234"); $aNewUser->setSecurityLevel(0); $aNewUser->setSecurityLevelType(SEC_LEVEL_GREATER_D); $aNewUser->rebuildElementLine(); $aUserDB->addElement($aNewUser); $aNewUser = new User(); $aNewUser->setType(PIN_TYPE_D); $aNewUser->setUserName("pin1"); $aNewUser->setMD5Password("1234"); $aNewUser->setSecurityLevel(0); $aNewUser->setSecurityLevelType(SEC_LEVEL_GREATER_D); $aNewUser->rebuildElementLine(); $aUserDB->addElement($aNewUser); $aUserDB->save(); } }
public function getUsers() { $liaisons = Abstract_Liaison::load('UserProfile', NULL, $this->id); if (is_array($liaisons) == false) { Logger::error('main', 'NetworkFolder::getUsers()'); return false; } $userDB = UserDB::getInstance(); $users = array(); foreach ($liaisons as $liaison) { array_push($users, $liaison->element); } return $userDB->imports($users); }
/** * Get search results and load the data into the page. * * @param Page $page */ private static function loadSearchResults($page) { try { $users = UserDB::getSearchUsers(['firstName' => true, 'lastName' => true, 'email' => true], ['firstName' => $_POST['first_name'], 'lastName' => $_POST['last_name'], 'email' => $_POST['email']], null); if (count($users) == 0) { $page->addView('userSearch/UserSearchNoResultsView'); } else { $page->data['RenewUserSearchResultsView']['users'] = $users; $page->addView('addRenewUser/renewUserSearch/RenewUserSearchResultsView'); } } catch (Exception $ex) { $page->data['ErrorMessageNoDescriptionNoLinkView']['errorTitle'] = 'Kan gebruikers niet ophalen.'; $page->addView('error/ErrorMessageNoDescriptionNoLinkView'); } }
public static function post() { if (isset($_POST['save'])) { $page = new Page(); $page->data['title'] = 'Wachtwoord wijzigen'; $errMsgs = ChangePasswordViewValidator::validate($_POST); if (empty($errMsgs)) { try { $passwordSalt = UserDB::getPasswordSaltByUserId($_SESSION['Stippers']['user']->userId); $oldPasswordHash = hash_pbkdf2('sha256', $_POST['old_password'], $passwordSalt, SecurityConfig::N_PASSWORD_HASH_ITERATIONS); //If the old password is incorrect, show an error if ($_SESSION['Stippers']['ChangePassword']['user']->passwordHash != $oldPasswordHash) { ChangePasswordController::buildChangePasswordView($page); $page->data['ChangePasswordView']['errMsgs']['global'] = '<h2 class="error_message" id="change_password_form_error_message">Het oude wachtwoord is fout.</h2>'; } else { $newPasswordHash = hash_pbkdf2('sha256', $_POST['new_password'], $passwordSalt, SecurityConfig::N_PASSWORD_HASH_ITERATIONS); UserDB::updatePassword($_SESSION['Stippers']['ChangePassword']['user'], $newPasswordHash); $_SESSION['Stippers']['user']->passwordHash = $newPasswordHash; //Show success view $page->data['SuccessMessageNoDescriptionWithLinkView']['successTitle'] = 'Wachtwoord succesvol gewijzigd'; $page->data['SuccessMessageNoDescriptionWithLinkView']['redirectUrl'] = 'profile'; $page->addView('success/SuccessMessageNoDescriptionWithLinkView'); } } catch (UserDBException $ex) { //Show correct error message for errors if ($ex->getCode() == UserDBException::USEROUTOFDATE) { $page->data['ErrorMessageWithDescriptionWithLinkView']['errorTitle'] = 'Wachtwoord niet gewijzigd'; $page->data['ErrorMessageWithDescriptionWithLinkView']['errorDescription'] = 'Iemand anders heeft je gegevens in tussentijd al gewijzigd.'; $page->data['ErrorMessageWithDescriptionWithLinkView']['tryAgainUrl'] = $_SERVER['REQUEST_URI']; $page->addView('error/ErrorMessageWithDescriptionWithLinkView'); } else { ChangePasswordController::buildChangePasswordView($page); $page->data['ChangePasswordView']['errMsgs']['global'] = '<h2 class="error_message" id="change_password_form_error_message">Kan wachtwoord niet wijzigen, probeer het opnieuw.</h2>'; } } catch (Exception $ex) { ChangePasswordController::buildChangePasswordView($page); $page->data['ChangePasswordView']['errMsgs']['global'] = '<h2 class="error_message" id="change_password_form_error_message">Kan wachtwoord niet wijzigen, probeer het opnieuw.</h2>'; } } else { //If we had an error we show the page again with errors ChangePasswordController::buildChangePasswordView($page); $page->data['ChangePasswordView']['errMsgs'] = array_merge($page->data['ChangePasswordView']['errMsgs'], $errMsgs); } $page->showWithMenu(); } else { ChangePasswordController::get(); } }
public static function getInstance() { if (is_null(self::$instance)) { $prefs = Preferences::getInstance(); if (!$prefs) { die_error('get Preferences failed', __FILE__, __LINE__); } $mods_enable = $prefs->get('general', 'module_enable'); if (!in_array('UserDB', $mods_enable)) { die_error(_('UserDB module must be enabled'), __FILE__, __LINE__); } $mod_app_name = 'UserDB_' . $prefs->get('UserDB', 'enable'); self::$instance = new $mod_app_name(); } return self::$instance; }
public function getUsers() { $liaisons = Abstract_Liaison::load('UserProfile', NULL, $this->id); if (is_array($liaisons) == false) { Logger::error('main', 'NetworkFolder::getUsers()'); return false; } $userDB = UserDB::getInstance(); $users = array(); foreach ($liaisons as $liaison) { $user = $userDB->import($liaison->element); if (!is_object($user)) { continue; } $users[$user->getAttribute('login')] = $user; } return $users; }
public function checkPendingSession($session_) { $sessions = Abstract_Session::getByUser($session_->user_login); foreach ($sessions as $i => $session) { if ($session->id == $session_->id) { unset($sessions[$i]); continue; } } if (count($sessions) != 1) { return true; } $session = reset($sessions); if ($session->need_creation == 0) { return true; } // Start the creation try { $sessionManagement = SessionManagement::getInstance(); } catch (Exception $err) { Logger::error('main', "SessionStatusChangedPendingSessionCreation:: Failed to get SessionManagement instance"); return false; } if (!$sessionManagement->initialize()) { Logger::error('main', "SessionStatusChangedPendingSessionCreation:: SessionManagement initialization failed"); return false; } $userDB = UserDB::getInstance(); $user = $userDB->import($session->user_login); if (!is_object($user)) { Logger::error('main', 'SessionStatusChangedPendingSessionCreation:: Unable to import a valid user with login "' . $session->user_login . '"'); return false; } $sessionManagement->user = $user; if (!$sessionManagement->prepareSession($session)) { Logger::error('main', "SessionStatusChangedPendingSessionCreation:: SessionManagement initialization failed"); return false; } // prepareSession can take some time $session = Abstract_Session::load($session->id); $session->need_creation = 0; Abstract_Session::save($session); return true; }
public static function get() { $page = new Page(); $page->data['title'] = 'Transacties'; //Checks if user is set, if not redirect to manage user if (!isset($_GET['user'])) { header('Location: manageuser', true, 303); } else { //Gets the amount from GET or use default if (isset($_GET['amount'])) { $amount = $_GET['amount']; } else { $amount = MoneyTransactionsViewConfig::DEFAULT_AMOUNT; } try { //Get user for his name $page->data['TransactionsNameView']['fullName'] = UserDB::getBasicUserById($_GET['user'])->getFullName(); //Get transactions for user $transactions = MoneyTransactionDB::getTransactionsByUserId($_GET['user'], $amount); $transactionCount = count($transactions); //If no transactions show no transactions view, otherwise show list with transactions if ($transactionCount > 0) { $page->data['TransactionsWithDiscountListView']['transactions'] = $transactions; $page->data['TransactionsWithDiscountListView']['totalAmount'] = $transactionCount; $page->addView('transactions/TransactionsTitleView'); $page->addView('transactions/TransactionsNameView'); $page->addView('transactions/TransactionsBackToManageUserLinkView'); $page->addView('transactions/TransactionsWithDiscountListView'); } else { $page->data['InfoMessageNoDescriptionWithLinkView']['infoTitle'] = 'Er zijn nog geen transacties'; $page->data['InfoMessageNoDescriptionWithLinkView']['redirectUrl'] = 'manageuser'; $page->addView('transactions/TransactionsTitleView'); $page->addView('transactions/TransactionsNameView'); $page->addView('info/InfoMessageNoDescriptionWithLinkView'); } } catch (Exception $ex) { $page->data['ErrorMessageNoDescriptionWithLinkView']['errorTitle'] = 'Kan gegevens niet ophalen uit de database'; $page->data['ErrorMessageNoDescriptionWithLinkView']['tryAgainUrl'] = $_SERVER['REQUEST_URI']; $page->addView('error/ErrorMessageNoDescriptionWithLinkView'); } $page->showWithMenu(); } }
public static function CheckLogin() { $Username = isset($_SESSION["Username"]) ? $_SESSION["Username"] : ""; $Password = isset($_SESSION["Password"]) ? $_SESSION["Password"] : ""; if ($Username == "") { return false; } if ($Password == "") { return false; } $UserRecord = UserDB::get($Username); echo "UserDBInterface:CheckLogin() -----> UserRecord : "; //var_dump($UserRecord); /*echo "----CheckLogin----"; echo "Username:"******"Password:"******"<br/>----->"; echo ($UserRecord["Username"]==$Username ) && ($UserRecord["Password"]=="111"); echo "-----><br/>";*/ //var_dump($UserRecord); // echo "----CheckLogin-----"; // echo (($UserRecord["Username"]==$Username ) && ($UserRecord["Password"]=="aaa")); // echo "--------------------"; //return true; if ($UserRecord["Username"] === $Username && $UserRecord["Password"] === $Password) { echo "----CheckLogin Succcess----"; echo "Username:"******"=!=" . $UserRecord["Username"] . "<br/>"; //echo "Password:"******"=!=".$UserRecord["Password"]."<br/>"; echo "Password: ****** =!= ****** <br/>"; //echo "<br/>----->"; //echo ($UserRecord["Username"]==$Username ) && ($UserRecord["Password"]=="111"); echo "-----><br/>"; return true; } else { echo "Login failed."; echo "Username:"******"<br/>"; //echo "Password:"******"<br/>"; echo "Password: ****** <br/>"; return false; } }
public static function get() { $page = new Page(); $page->data['title'] = 'Winnaar van de week'; $page->addView('weeklyWinner/WeeklyWinnerTopView'); try { $weeklyWinnerData = WeeklyWinnerDB::getThisWeeksWinnerData(); //If there's already a winner we show it's data if ($weeklyWinnerData) { $user = UserDB::getBasicUserById($weeklyWinnerData->userId); $page->data['WeeklyWinnerShowWinnerView']['winnerFullName'] = $user->getFullName(); $page->data['WeeklyWinnerShowWinnerView']['hasCollectedPrize'] = $weeklyWinnerData->hasCollectedPrize; $page->addView('weeklyWinner/WeeklyWinnerShowWinnerView'); } else { $page->data['WeeklyWinnerGenerateFormView']['generate_winner_formAction'] = $_SERVER['REQUEST_URI']; $page->addView('weeklyWinner/WeeklyWinnerGenerateFormView'); } } catch (Exception $ex) { $page->data['ErrorMessageNoDescriptionNoLinkView']['errorTitle'] = 'Kon winnaar niet ophalen'; $page->addView('error/ErrorMessageNoDescriptionNoLinkView'); } $page->showWithMenu(); }
function authenticate_ovd_user($login_, $password_) { // it's not the login&password from the conf file in /etc // let's try to login a real user if (Preferences::fileExists() === false) { $_SESSION['admin_error'] = _('The system is not configured'); Logger::info('main', 'admin/login.php::authenticate_ovd_user the system is not configured'); return false; } if (Preferences::moduleIsEnabled('UserDB') === false) { $_SESSION['admin_error'] = _('The module UserDB is not enabled'); Logger::info('main', 'admin/login.php::authenticate_ovd_user module UserDB is not enabled'); return false; } $userDB = UserDB::getInstance(); $user = $userDB->import($login_); if (!is_object($user)) { // the user does not exist $_SESSION['admin_error'] = _('There was an error with your authentication'); Logger::info('main', 'admin/login.php::authenticate_ovd_user authentication failed: user(login='******') does not exist'); return false; } $auth = $userDB->authenticate($user, $password_); if (!$auth) { $_SESSION['admin_error'] = _('There was an error with your authentication'); Logger::info('main', 'admin/login.php::authenticate_ovd_user authentication failed for user(login='******'): wrong password'); return false; } // the user exists, does he have right to log in the admin panel ? $policy = $user->getPolicy(); if (isset($policy['canUseAdminPanel']) && $policy['canUseAdminPanel'] == true) { return $user; } Logger::info('main', 'login.php failed to log in ' . $login_ . ' : access denied to admin panel'); $_SESSION['admin_error'] = _('Unauthorized access'); return false; }
<?php session_start(); include_once "db/BookReservationDB.php"; include_once "db/BookDB.php"; include_once "db/UserDB.php"; $db = new DBHandler(); $bookDB = new BookDB($db); $reservationDB = new BookReservationDB($db); $userDB = new UserDB($db); $reservations = array(); $user = NULL; if ($_SERVER['REQUEST_METHOD'] === 'GET' && isset($_GET['userId'])) { $user = $userDB->GetUser($_GET['userId']); $reservations = $reservationDB->GetReservationForUser($user['id']); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags --> <title>BookÉTS</title> <!-- Favicon --> <link rel="shortcut icon" type="image/icon" href="assets/images/favicon.ico"/> <!-- Font Awesome --> <link href="assets/css/font-awesome.css" rel="stylesheet"> <!-- Bootstrap -->
<?php session_start(); include "db/UserDB.php"; $userDB = new UserDB(); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $email = $_POST["email"]; $password = $_POST["pwd"]; $name = $_POST["name"]; $confirmPwd = $_POST["confirmPwd"]; $errorMessage = array(); if (trim($email) == '' || trim($password) == '' || trim($confirmPwd) == '' || $name == '' || $email == NULL || $password == NULL || $name == NULL || $confirmPwd == NULL) { $errorMessage[] = "Aucun champ ne peut être vide."; } if ($userDB->UserOwnEmail($email)) { $errorMessage[] = "Email déjà associé à un compte."; } if ($password != $confirmPwd) { $errorMessage[] = "Le mot de passe ne concorde pas avec la confirmation."; } $errors = $userDB->PasswordIsValid($password); for ($i = 0; $i < count($errors); $i++) { $errorMessage[] = $errors[$i]; } if (count($errorMessage) == 0) { $userDB->Register($email, $name, $password); $userDB->SignIn($email, $password); } if (count($errorMessage) == 0 && isset($_SESSION['user']) && isset($_SESSION['user']['email']) && $_SESSION['user']['email'] == $email) { ?> <span class="label label-success">Compte créé</span>
public static function loadUnique($type_, $element_, $group_) { Logger::debug('main', "Abstract_Liaison_dynamic::loadUnique ({$type_},{$element_},{$group_})"); $userGroupDB = UserGroupDB::getInstance(); $userDB = UserDB::getInstance(); $group = $userGroupDB->import($group_); if (!is_object($group)) { Logger::error('main', "Abstract_Liaison_dynamic::loadUnique load group ({$group_}) failed"); return NULL; } $user = $userDB->import($element_); if (!is_object($user)) { Logger::error('main', "Abstract_Liaison_dynamic::loadUnique load {$element} ({$element_}) failed"); return NULL; } if (!$group->containUser($user)) { Logger::error('main', "Abstract_Liaison_dynamic::loadUnique({$type_},{$element_},{$group_}) group does not contain the user"); return NULL; } else { return new Liaison($user->getAttribute('login'), $group_); } }