public static function run()
{
if (!($user = CookieController::readSessionCookie())) {
header("Location: home");
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
if (UserDatabase::updateUser($user, $_POST)) {
# First Name
if (isset($_POST["firstName"])) {
$firstName = $_POST["firstName"];
if (strcmp($firstName, $user->getFirstName()) !== 0) {
$user->setFirstName($firstName);
}
}
# Last Name
if (isset($_POST["lastName"])) {
$lastName = $_POST["lastName"];
if (strcmp($lastName, $user->getLastName()) !== 0) {
$user->setLastName($lastName);
}
}
# Email
if (isset($_POST["email"])) {
$email = $_POST["email"];
if (strcmp($email, $user->getEmail()) !== 0) {
$user->setEmail($email);
}
}
# Handle
if (isset($_POST["handle"])) {
$handle = $_POST["handle"];
if (strcmp($handle, $user->getHandle()) !== 0) {
$user->setHandle($handle);
}
}
# About
if (isset($_POST["about"])) {
$about = $_POST["about"];
if (strcmp($about, $user->getAbout()) !== 0) {
$user->setAbout($about);
}
}
# Password
if (isset($_POST["cur-password"]) && isset($_POST["new-password"]) && isset($_POST["confirm-password"])) {
$curPassword = $POST["cur-password"];
echo $curPassword;
$newPassword = $POST["new-password"];
$confirmPassword = $POST["confirm-password"];
if (strcmp($curPassword, $newPassword) !== 0) {
$user->setPassword($curPassword, $newPassword, $confirmPassword);
}
}
CookieController::setSessionCookie($user);
header("Location: view-profile");
} else {
EditProfileView::show($user);
}
} else {
EditProfileView::show($user);
}
}
public static function run()
{
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$user = new User($_POST);
if ($user->hasErrors()) {
SignUpView::show($user);
} else {
if (UserDatabase::createUser($user)) {
echo "Account Created :)<br/>";
header("Location: home");
} else {
$user->setError("database", "CREATE_ACCOUNT_FAILED");
SignUpView::show($user);
}
}
} else {
SignUpView::show(null);
}
}
public static function run()
{
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST["handle"]) && isset($_POST["password"])) {
$handle = $_POST["handle"];
$password = $_POST["password"];
if (UserDatabase::validatePassword($handle, $password)) {
$user = UserDatabase::getUserByHandle($handle);
if (CookieController::setSessionCookie($user)) {
header("Location: dashboard");
} else {
$user->setError("login", "LOG_IN_FAILED");
LogInController::show($user);
}
} else {
LogInView::show(null);
}
}
} else {
LogInView::show(null);
}
}
public function changePassword($password)
{
$this->pass = UserDatabase::generatePasswordHash($password);
}
<?php
include '../includer.php';
include '../models/UserDatabase.class.php';
echo "<hr/>";
echo "createUser:<br/>";
$array = array("firstName" => "Michael", "lastName" => "Schappel", "email" => "*****@*****.**", "handle" => "mikeschap", "about" => "I'm the developer", "password" => "11orange!", "confirm-password" => "llorange!");
$user = new User($array);
if (UserDatabase::createUser($user)) {
echo "Success<br/>";
} else {
echo "Failure<br/>";
}
echo "<hr/>";
echo "updateUserField:<br/>";
$fields = array("firstName" => "James", "lastName" => "Patterson", "email" => "*****@*****.**", "handle" => "testtest", "about" => "Chill.");
if (UserDatabase::updateUserField($user, $fields)) {
echo "Success<br/>";
} else {
echo "Failure<br/>";
}
echo "<hr/>";
echo "updateUserPassword:<br/>";
if (UserDatabase::updateUserPassword($user->getID(), "apples")) {
echo "Success<br/>";
} else {
echo "Failure<br/>";
}
echo "<hr/>";
<?php
// User Control Panel
require_once dirname(__FILE__) . "/config.inc.php";
require_once dirname(__FILE__) . "/functions.inc.php";
require_once dirname(__FILE__) . "/class/UserDatabase.class.php";
require_once dirname(__FILE__) . "/class/Mailman.class.php";
require_once dirname(__FILE__) . "/class/Hash.class.php";
require_once "Smarty/Smarty.class.php";
session_start();
// Establish the LDAP connection and set some options
$userdb = new UserDatabase($config["admins"], $config["ldap"]["server"], $config["ldap"]["rdn"], $config["ldap"]["pass"], $config["ldap"]["base_dn"], $config["mysql"]["server"], $config["mysql"]["user"], $config["mysql"]["pass"], $config["mysql"]["db"]);
$userdb->open();
// Create the smarty object (templating engine)
$smarty = new Smarty();
$smarty->template_dir = "data/templates";
$smarty->compile_dir = "data/templates_c";
// If we are authenticated, load User-informations from UserDB
$user = null;
if (isset($_SESSION["authenticated"]) && $_SESSION["authenticated"]) {
$user = $userdb->getUser($_SESSION["user"]);
}
// If a module name has been specified by a GET variable, it is made the current module and saved inside a session variable.
// Otherwise, the module specified by the session variable is made the current module.
$module = "home";
if (isset($_GET["module"])) {
$module = $_GET["module"];
$_SESSION["module"] = $module;
} else {
if (isset($_SESSION["module"])) {
$module = $_SESSION["module"];
public static function updateUserPassword($userID, $newPassword)
{
$newPassword = UserDatabase::sanitize($newPassword);
$updateQuery = "UPDATE Users SET userPasswordHash=:newPasswordHash, userSalt=:newSalt WHERE userID=:userID";
try {
# Get Database
$db = Database::getDB();
# Parse .ini Config File
$configPath = dirname(__FILE__) . DIRECTORY_SEPARATOR . ".." . DIRECTORY_SEPARATOR . ".." . DIRECTORY_SEPARATOR . ".." . DIRECTORY_SEPARATOR . "userConfig.ini";
if (($passArray = parse_ini_file($configPath)) === null) {
return false;
}
$method = $passArray["method"];
$hashPassword = $passArray["password"];
$initVector = $passArray["initVector"];
# Generate Salt
$newSalt = openssl_random_pseudo_bytes(16);
$newSalt = bin2hex($newSalt);
# Hash Password
$newPasswordHash = $newPassword . $newSalt;
$newPasswordHash = openssl_encrypt($newPasswordHash, $method, $hashPassword, 0, $initVector);
# Update Password Hash and Salt
$statement = $db->prepare($updateQuery);
$statement->bindValue(":newPasswordHash", $newPasswordHash);
$statement->bindValue(":newSalt", $newSalt);
$statement->bindValue(":userID", $userID);
$statement->execute();
$statement->closeCursor();
return true;
} catch (Exception $e) {
echo $e->getMessage() . "<br/>";
return false;
}
}
$sAnsArr[] = explode(",", $sAnsArrCsv[$i]);
}
$score = 0;
// Question generator
checkAnswers($qAmt, $qTopics);
$submissionParams = array();
$submissionParams["answer"] = $sAnsArr;
$submissionParams["grade"] = $score;
$testModeDb->submit($username, $password, $submissionParams);
echo $score;
} else {
if ($mode == MODE_TEST_GET_INFO) {
$username = $_GET["username"];
$password = $_GET["password"];
$testModeDb = new TestModeDatabase();
$userDb = new UserDatabase();
$testParams = $testModeDb->getTestParams();
$info = array();
$info["timeElapsed"] = $testModeDb->getTimeElapsed($username, $password);
$info["name"] = $userDb->getName($username, $password);
$info["timeLimit"] = $testParams["timeLimit"];
echo json_encode($info);
} else {
if ($mode == MODE_TEST_GET_ANSWERS) {
$username = $_GET["username"];
$password = $_GET["password"];
$testModeDb = new TestModeDatabase();
$params = $testModeDb->getTestParams();
if ($params["answerIsOpen"] != 0) {
$qSeed = $params["seed"];
$qAmt = $params["questionAmount"];
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
require("../../main.inc.php");
require_once(DOL_DOCUMENT_ROOT . "/user/class/userdatabase.class.php");
$langs->load("users");
$id = GETPOST('id', 'alpha');
$action = GETPOST("action");
$confirm = GETPOST("confirm");
$object = new UserDatabase($db);
/*
* View
*/
if ($_GET['json'] == "list") {
$output = array(
"sEcho" => intval($_GET['sEcho']),
"iTotalRecords" => 0,
"iTotalDisplayRecords" => 0,
"aaData" => array()
);
try {
$result = $object->couchdb->listDatabases();
<?php
include "includer.php";
echo "<h1>All Users</h1>";
$users = UserDatabase::getAllUsers();
foreach ($users as $user) {
echo "<fieldset>";
echo "<legend>User:"******"userID"] . "</legend>";
ProfileView::show(UserDatabase::getUserByHandle($user["userHandle"]));
echo "</fieldset><br/>";
}
if ($errors['Password1'] == "") {
if ($_POST['Password1'] != $_POST['Password2']) {
$errors['Password1'] = "Values don't match";
}
}
$totalErrors = "";
foreach ($formFields as $fields) {
$totalErrors .= $errors[$fields];
echo $totalErrors;
//echo "error :{$fields}".$errors[$fields]."<br/>";
//echo $totalErrors;
}
if ($totalErrors == "") {
//No error, proceed with insertion
echo "no error";
$user = new UserDatabase();
$fname = mysqlPrep($_POST['FirstName']);
$lname = mysqlPrep($_POST['LastName']);
$email = mysqlPrep($_POST['Email']);
$pass = encrypt(mysqlPrep(trim($_POST['Password1'])));
$registerTime = getStandardTime(time());
$exists = $user->CheckIfUserExists($_POST['Email']);
if (!$exists) {
echo "not exists";
$user->InsertUserDetails($fname, $lname, $course, $year, $email, $pass, $registerTime, $dateBirth);
header("Location:successfulSignup.php");
} else {
echo "exist";
$errors['userExists'] = "This email id is already taken";
}
//
}
}
} else {
$langs->load("errors");
$message = '<div class="error">' . $langs->trans('ErrorForbidden') . '</div>';
}
}
// Add/Remove database into roles
if ($action == 'adddatabase' || $action == 'removedatabase') {
if ($caneditperms) {
if ($databaseid) {
$object->load($id);
$database = new UserDatabase($db);
$database->fetch($databaseid);
if ($action == 'adddatabase') {
if($_POST['admin'])
$database->couchAdmin->addDatabaseAdminRole($object->name);
else
$database->couchAdmin->addDatabaseReaderRole($object->name);
}
if ($action == 'removedatabase') {
$database->couchAdmin->removeDatabaseAdminRole($object->name);
$database->couchAdmin->removeDatabaseReaderRole($object->name);
}
if ($result > 0) {
header("Location: fiche.php?id=" . $object->id);
$caneditperms = ($user->admin );
$candisableperms = ($user->admin );
$langs->load("users");
$langs->load("other");
$id = GETPOST('id', 'alpha');
$action = GETPOST('action', 'alpha');
$confirm = GETPOST('confirm', 'alpha');
$userid = GETPOST('user', 'alpha');
$groupid = GETPOST('group', 'alpha');
// Security check
$result = restrictedArea($user, 'user', $id, 'usergroup&usergroup', 'user');
$object = new UserDatabase($db);
/**
* Action remove group
*/
if ($action == 'confirm_delete' && $confirm == "yes") {
if ($caneditperms) {
$object->fetch($id);
$object->delete();
Header("Location: index.php");
exit;
} else {
$langs->load("errors");
$message = '<div class="error">' . $langs->trans('ErrorForbidden') . '</div>';
}
<?php
require_once 'Everything.php';
$userDb = new UserDatabase();
// $f = fopen('/Users/ivanreinaldo/Work-repo/phpout.txt', 'w');
// fwrite($f, "Test!");
if ($_FILES["file"]["error"] > 0) {
// fwrite($f, "Error: " . $_FILES["file"]["error"]);
} else {
// fwrite($f, "Upload: " . $_FILES["file"]["name"]);
// fwrite($f, "Type: " . $_FILES["file"]["type"]);
// fwrite($f, "Size: " . ($_FILES["file"]["size"] / 1024));
// fwrite($f, "Stored in: " . $_FILES["file"]["tmp_name"]);
// $db = mysqli_connect("localhost",DB_USERNAME,DB_PASSWORD,DB_NAME);
// mysqli_query($db, "INSERT INTO `fileUpload` (`testFile`) VALUES ('".file_get_contents($_FILES['file']['tmp_name'])."')");
// fwrite($f, mysqli_error($db));
// fwrite($f, "file uploaded ");
// fwrite($f, file_get_contents($_FILES['file']['tmp_name']));
$filename = $_FILES['file']['tmp_name'];
$rows = explode("\n", file_get_contents($filename));
// Data: name, username, password
$dataTitle = explode(",", $rows[0]);
if (trim($dataTitle[0]) != "name" || trim($dataTitle[1]) != "username" || trim($dataTitle[2]) != "password") {
echo "Error: file doesn't contain proper information. The correct format is 'name', 'username', 'password'";
return;
}
$userDb->removeAllUsers(ADMIN_PASSWORD);
for ($i = 1; $i < count($rows); $i++) {
// Assume data contains title
$data = explode(",", $rows[$i]);
if (count($data) <= 1) {
/**
* Charge un objet group avec toutes ces caracteristiques (excpet ->members array)
*
* @param int $id id du groupe a charger
* @return int <0 if KO, >0 if OK
*/
function load($id, $loaddb = false) {
global $conf;
parent::load($id);
if ($loaddb) {
$database = new UserDatabase($this->db);
try {
$result = $database->couchdb->listDatabases();
} catch (Exception $exc) {
print $exc->getMessage();
}
foreach ($result as $aRow) {
if ($aRow[0] != "_") { // Not _users and _replicator
try {
$database->fetch($aRow);
$info = $database->values;
$secu = $database->couchAdmin->getSecurity();
foreach ($secu as $key => $type) {
if (in_array($this->values->name, $type->roles)) {
if ($key == "admins")
$info->Administrator = true;
$this->databases[] = $info;
}
}
} catch (Exception $exc) {
print $exc->getMessage();
}
}
}
}
return 1;
}
public function setPassword($oldPassword, $newPassword, $confirmPassword)
{
if (UserDatabase::validatePassword($this->handle, $oldPassword)) {
if ($this->validatePassword($newPassword, $confirmPassword)) {
if (UserDatabase::updateUserPassword($this->iD, $newPassword)) {
$this->password = $newPassword;
} else {
$this->setError("password", "PASSWORD_CHANGE_FAILURE");
}
}
}
}
/**
* Return select list of databases
*
* @param string $selected Id group preselected
* @param string $htmlname Field name in form
* @param int $show_empty 0=liste sans valeur nulle, 1=ajoute valeur inconnue
* @param string $exclude Array list of groups id to exclude
* @param int $disabled If select list must be disabled
* @param string $include Array list of groups id to include
* @param int $enableonly Array list of groups id to be enabled. All other must be disabled
* @return void
*/
function select_doldatabases($selected = '', $htmlname = 'databaseid', $show_empty = 0, $exclude = '', $disabled = 0, $include = '', $enableonly = '')
{
global $conf, $user, $langs;
$out = '';
$object = new UserDatabase($db);
try {
$result = $object->couchdb->listDatabases();
} catch (Exception $exc) {
print $exc->getMessage();
}
if (count($result) && is_array($exclude)) {
foreach ($result as $key => $obj) {
if (in_array($obj, $exclude, true)) {
unset($result[$key]);
}
}
}
$i = 0;
if (count($result)) {
$out .= '<select class="flat" name="' . $htmlname . '"' . ($disabled ? ' disabled="disabled"' : '') . '>';
if ($show_empty) {
$out .= '<option value="-1"' . ($selected == -1 ? ' selected="selected"' : '') . '> </option>' . "\n";
}
foreach ($result as $aRow) {
if ($aRow[0] != "_") {
// Not _users and _replicator
try {
$object->fetch($aRow);
$obj = $object->values;
$secu = $object->couchAdmin->getSecurity();
if (count($secu->admins->names) + count($secu->readers->names) + count($secu->admins->roles) + count($secu->admins->roles) > 0) {
$obj->Status = "SECURE";
} else {
$obj->Status = "INSECURE";
}
} catch (Exception $exc) {
print $exc->getMessage();
}
$disableline = 0;
if (is_array($enableonly) && count($enableonly) && !in_array($obj->db_name, $enableonly)) {
$disableline = 1;
}
$out .= '<option value="' . $obj->db_name . '"';
if ($disableline) {
$out .= ' disabled="disabled"';
}
if (is_object($selected) && $selected->id == $obj->db_name || !is_object($selected) && $selected == $obj->db_name) {
$out .= ' selected="selected"';
}
$out .= '>';
$out .= $obj->db_name;
$out .= '</option>';
$i++;
}
}
} else {
$out .= '<select class="flat" name="' . $htmlname . '" disabled="disabled">';
$out .= '<option value="">' . $langs->trans("None") . '</option>';
}
$out .= '</select>';
return $out;
}
<?php
require_once 'header.php';
require_once '../Includes/database.php';
@session_start();
if (isset($_SESSION['username']) || isset($_COOKIE['userid'])) {
redirect('/newForum');
}
if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "") {
$redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
header("HTTP/1.1 301 Moved Permanently");
header("Location: {$redirect}");
}
if (!isset($_SESSION['username'])) {
if (isset($_POST['login'])) {
$user = new UserDatabase();
$eror = $user->login(mysqlPrep($_POST['txtUsername']), mysqlPrep(trim($_POST['txtPassword'])));
if ($eror) {
echo ";;fkjd";
$loginError = "Login Successful";
@session_start();
$_SESSION['username'] = $eror[2];
$_SESSION['id'] = $eror[0];
$_SESSION['firstname'] = $eror[1];
if (isset($_POST['remember']) && $_POST['remember'] == 0) {
//echo "posted";
setcookie('userid', $eror[0], time() + 24 * 7 * 60 * 60);
setcookie('firstName', $eror[1], time() + 24 * 7 * 60 * 60);
}
//print_r($_POST);
redirect("/newForum/index.php?usrid={$eror[1]}");
/**
* Load a user from database with its id or ref (login)
*
* @param string $id Si defini, id a utiliser pour recherche
* @param string $login Si defini, login a utiliser pour recherche
* @param strinf $sid Si defini, sid a utiliser pour recherche
* @param int $loadpersonalconf Also load personal conf of user (in $user->conf->xxx)
* @return int <0 if KO, 0 not found, >0 if OK
*/
function fetch($login = "") {
global $conf;
// Clean parametersadmin
$login = trim($login);
if (empty($login)) {
//try {
$login = "******" . $this->couchAdmin->getLoginSession();
//} catch (Exception $e) {
// return 0;
//}
}
try {
$this->values = $this->couchdb->getDoc($login);
} catch (Exception $e) {
return 0;
}
// Test if User is a global administrator
try {
$admins = $this->couchAdmin->getUserAdmins();
$name = substr($login, 17); // suppress org.couchdb.user:
if (isset($admins->$name))
$this->admin = true;
else
$this->admin = false;
} catch (Exception $e) {
$this->admin = false;
}
try {
$database = new UserDatabase($this->db);
$database->fetch($conf->Couchdb->name); // TODO Modify to put it in SESSION
$result = $database->couchAdmin->getDatabaseAdminUsers(); // Administrateur local de la bd
if (in_array($this->values->name, $result)) {
$this->admin = true;
}
} catch (Exception $e) {
}
$this->id = $this->values->_id;
$this->login = $this->values->name;
return 1;
}
