public static function run() { if (!($user = CookieController::readSessionCookie())) { header("Location: home"); } elseif ($_SERVER["REQUEST_METHOD"] == "POST") { if (UserDatabase::updateUser($user, $_POST)) { # First Name if (isset($_POST["firstName"])) { $firstName = $_POST["firstName"]; if (strcmp($firstName, $user->getFirstName()) !== 0) { $user->setFirstName($firstName); } } # Last Name if (isset($_POST["lastName"])) { $lastName = $_POST["lastName"]; if (strcmp($lastName, $user->getLastName()) !== 0) { $user->setLastName($lastName); } } # Email if (isset($_POST["email"])) { $email = $_POST["email"]; if (strcmp($email, $user->getEmail()) !== 0) { $user->setEmail($email); } } # Handle if (isset($_POST["handle"])) { $handle = $_POST["handle"]; if (strcmp($handle, $user->getHandle()) !== 0) { $user->setHandle($handle); } } # About if (isset($_POST["about"])) { $about = $_POST["about"]; if (strcmp($about, $user->getAbout()) !== 0) { $user->setAbout($about); } } # Password if (isset($_POST["cur-password"]) && isset($_POST["new-password"]) && isset($_POST["confirm-password"])) { $curPassword = $POST["cur-password"]; echo $curPassword; $newPassword = $POST["new-password"]; $confirmPassword = $POST["confirm-password"]; if (strcmp($curPassword, $newPassword) !== 0) { $user->setPassword($curPassword, $newPassword, $confirmPassword); } } CookieController::setSessionCookie($user); header("Location: view-profile"); } else { EditProfileView::show($user); } } else { EditProfileView::show($user); } }
public static function run() { if ($_SERVER["REQUEST_METHOD"] == "POST") { $user = new User($_POST); if ($user->hasErrors()) { SignUpView::show($user); } else { if (UserDatabase::createUser($user)) { echo "Account Created :)<br/>"; header("Location: home"); } else { $user->setError("database", "CREATE_ACCOUNT_FAILED"); SignUpView::show($user); } } } else { SignUpView::show(null); } }
public static function run() { if ($_SERVER["REQUEST_METHOD"] == "POST") { if (isset($_POST["handle"]) && isset($_POST["password"])) { $handle = $_POST["handle"]; $password = $_POST["password"]; if (UserDatabase::validatePassword($handle, $password)) { $user = UserDatabase::getUserByHandle($handle); if (CookieController::setSessionCookie($user)) { header("Location: dashboard"); } else { $user->setError("login", "LOG_IN_FAILED"); LogInController::show($user); } } else { LogInView::show(null); } } } else { LogInView::show(null); } }
public function changePassword($password) { $this->pass = UserDatabase::generatePasswordHash($password); }
<?php include '../includer.php'; include '../models/UserDatabase.class.php'; echo "<hr/>"; echo "createUser:<br/>"; $array = array("firstName" => "Michael", "lastName" => "Schappel", "email" => "*****@*****.**", "handle" => "mikeschap", "about" => "I'm the developer", "password" => "11orange!", "confirm-password" => "llorange!"); $user = new User($array); if (UserDatabase::createUser($user)) { echo "Success<br/>"; } else { echo "Failure<br/>"; } echo "<hr/>"; echo "updateUserField:<br/>"; $fields = array("firstName" => "James", "lastName" => "Patterson", "email" => "*****@*****.**", "handle" => "testtest", "about" => "Chill."); if (UserDatabase::updateUserField($user, $fields)) { echo "Success<br/>"; } else { echo "Failure<br/>"; } echo "<hr/>"; echo "updateUserPassword:<br/>"; if (UserDatabase::updateUserPassword($user->getID(), "apples")) { echo "Success<br/>"; } else { echo "Failure<br/>"; } echo "<hr/>";
<?php // User Control Panel require_once dirname(__FILE__) . "/config.inc.php"; require_once dirname(__FILE__) . "/functions.inc.php"; require_once dirname(__FILE__) . "/class/UserDatabase.class.php"; require_once dirname(__FILE__) . "/class/Mailman.class.php"; require_once dirname(__FILE__) . "/class/Hash.class.php"; require_once "Smarty/Smarty.class.php"; session_start(); // Establish the LDAP connection and set some options $userdb = new UserDatabase($config["admins"], $config["ldap"]["server"], $config["ldap"]["rdn"], $config["ldap"]["pass"], $config["ldap"]["base_dn"], $config["mysql"]["server"], $config["mysql"]["user"], $config["mysql"]["pass"], $config["mysql"]["db"]); $userdb->open(); // Create the smarty object (templating engine) $smarty = new Smarty(); $smarty->template_dir = "data/templates"; $smarty->compile_dir = "data/templates_c"; // If we are authenticated, load User-informations from UserDB $user = null; if (isset($_SESSION["authenticated"]) && $_SESSION["authenticated"]) { $user = $userdb->getUser($_SESSION["user"]); } // If a module name has been specified by a GET variable, it is made the current module and saved inside a session variable. // Otherwise, the module specified by the session variable is made the current module. $module = "home"; if (isset($_GET["module"])) { $module = $_GET["module"]; $_SESSION["module"] = $module; } else { if (isset($_SESSION["module"])) { $module = $_SESSION["module"];
public static function updateUserPassword($userID, $newPassword) { $newPassword = UserDatabase::sanitize($newPassword); $updateQuery = "UPDATE Users SET userPasswordHash=:newPasswordHash, userSalt=:newSalt WHERE userID=:userID"; try { # Get Database $db = Database::getDB(); # Parse .ini Config File $configPath = dirname(__FILE__) . DIRECTORY_SEPARATOR . ".." . DIRECTORY_SEPARATOR . ".." . DIRECTORY_SEPARATOR . ".." . DIRECTORY_SEPARATOR . "userConfig.ini"; if (($passArray = parse_ini_file($configPath)) === null) { return false; } $method = $passArray["method"]; $hashPassword = $passArray["password"]; $initVector = $passArray["initVector"]; # Generate Salt $newSalt = openssl_random_pseudo_bytes(16); $newSalt = bin2hex($newSalt); # Hash Password $newPasswordHash = $newPassword . $newSalt; $newPasswordHash = openssl_encrypt($newPasswordHash, $method, $hashPassword, 0, $initVector); # Update Password Hash and Salt $statement = $db->prepare($updateQuery); $statement->bindValue(":newPasswordHash", $newPasswordHash); $statement->bindValue(":newSalt", $newSalt); $statement->bindValue(":userID", $userID); $statement->execute(); $statement->closeCursor(); return true; } catch (Exception $e) { echo $e->getMessage() . "<br/>"; return false; } }
$sAnsArr[] = explode(",", $sAnsArrCsv[$i]); } $score = 0; // Question generator checkAnswers($qAmt, $qTopics); $submissionParams = array(); $submissionParams["answer"] = $sAnsArr; $submissionParams["grade"] = $score; $testModeDb->submit($username, $password, $submissionParams); echo $score; } else { if ($mode == MODE_TEST_GET_INFO) { $username = $_GET["username"]; $password = $_GET["password"]; $testModeDb = new TestModeDatabase(); $userDb = new UserDatabase(); $testParams = $testModeDb->getTestParams(); $info = array(); $info["timeElapsed"] = $testModeDb->getTimeElapsed($username, $password); $info["name"] = $userDb->getName($username, $password); $info["timeLimit"] = $testParams["timeLimit"]; echo json_encode($info); } else { if ($mode == MODE_TEST_GET_ANSWERS) { $username = $_GET["username"]; $password = $_GET["password"]; $testModeDb = new TestModeDatabase(); $params = $testModeDb->getTestParams(); if ($params["answerIsOpen"] != 0) { $qSeed = $params["seed"]; $qAmt = $params["questionAmount"];
* GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT . "/user/class/userdatabase.class.php"); $langs->load("users"); $id = GETPOST('id', 'alpha'); $action = GETPOST("action"); $confirm = GETPOST("confirm"); $object = new UserDatabase($db); /* * View */ if ($_GET['json'] == "list") { $output = array( "sEcho" => intval($_GET['sEcho']), "iTotalRecords" => 0, "iTotalDisplayRecords" => 0, "aaData" => array() ); try { $result = $object->couchdb->listDatabases();
<?php include "includer.php"; echo "<h1>All Users</h1>"; $users = UserDatabase::getAllUsers(); foreach ($users as $user) { echo "<fieldset>"; echo "<legend>User:"******"userID"] . "</legend>"; ProfileView::show(UserDatabase::getUserByHandle($user["userHandle"])); echo "</fieldset><br/>"; }
if ($errors['Password1'] == "") { if ($_POST['Password1'] != $_POST['Password2']) { $errors['Password1'] = "Values don't match"; } } $totalErrors = ""; foreach ($formFields as $fields) { $totalErrors .= $errors[$fields]; echo $totalErrors; //echo "error :{$fields}".$errors[$fields]."<br/>"; //echo $totalErrors; } if ($totalErrors == "") { //No error, proceed with insertion echo "no error"; $user = new UserDatabase(); $fname = mysqlPrep($_POST['FirstName']); $lname = mysqlPrep($_POST['LastName']); $email = mysqlPrep($_POST['Email']); $pass = encrypt(mysqlPrep(trim($_POST['Password1']))); $registerTime = getStandardTime(time()); $exists = $user->CheckIfUserExists($_POST['Email']); if (!$exists) { echo "not exists"; $user->InsertUserDetails($fname, $lname, $course, $year, $email, $pass, $registerTime, $dateBirth); header("Location:successfulSignup.php"); } else { echo "exist"; $errors['userExists'] = "This email id is already taken"; } //
} } } else { $langs->load("errors"); $message = '<div class="error">' . $langs->trans('ErrorForbidden') . '</div>'; } } // Add/Remove database into roles if ($action == 'adddatabase' || $action == 'removedatabase') { if ($caneditperms) { if ($databaseid) { $object->load($id); $database = new UserDatabase($db); $database->fetch($databaseid); if ($action == 'adddatabase') { if($_POST['admin']) $database->couchAdmin->addDatabaseAdminRole($object->name); else $database->couchAdmin->addDatabaseReaderRole($object->name); } if ($action == 'removedatabase') { $database->couchAdmin->removeDatabaseAdminRole($object->name); $database->couchAdmin->removeDatabaseReaderRole($object->name); } if ($result > 0) { header("Location: fiche.php?id=" . $object->id);
$caneditperms = ($user->admin ); $candisableperms = ($user->admin ); $langs->load("users"); $langs->load("other"); $id = GETPOST('id', 'alpha'); $action = GETPOST('action', 'alpha'); $confirm = GETPOST('confirm', 'alpha'); $userid = GETPOST('user', 'alpha'); $groupid = GETPOST('group', 'alpha'); // Security check $result = restrictedArea($user, 'user', $id, 'usergroup&usergroup', 'user'); $object = new UserDatabase($db); /** * Action remove group */ if ($action == 'confirm_delete' && $confirm == "yes") { if ($caneditperms) { $object->fetch($id); $object->delete(); Header("Location: index.php"); exit; } else { $langs->load("errors"); $message = '<div class="error">' . $langs->trans('ErrorForbidden') . '</div>'; }
<?php require_once 'Everything.php'; $userDb = new UserDatabase(); // $f = fopen('/Users/ivanreinaldo/Work-repo/phpout.txt', 'w'); // fwrite($f, "Test!"); if ($_FILES["file"]["error"] > 0) { // fwrite($f, "Error: " . $_FILES["file"]["error"]); } else { // fwrite($f, "Upload: " . $_FILES["file"]["name"]); // fwrite($f, "Type: " . $_FILES["file"]["type"]); // fwrite($f, "Size: " . ($_FILES["file"]["size"] / 1024)); // fwrite($f, "Stored in: " . $_FILES["file"]["tmp_name"]); // $db = mysqli_connect("localhost",DB_USERNAME,DB_PASSWORD,DB_NAME); // mysqli_query($db, "INSERT INTO `fileUpload` (`testFile`) VALUES ('".file_get_contents($_FILES['file']['tmp_name'])."')"); // fwrite($f, mysqli_error($db)); // fwrite($f, "file uploaded "); // fwrite($f, file_get_contents($_FILES['file']['tmp_name'])); $filename = $_FILES['file']['tmp_name']; $rows = explode("\n", file_get_contents($filename)); // Data: name, username, password $dataTitle = explode(",", $rows[0]); if (trim($dataTitle[0]) != "name" || trim($dataTitle[1]) != "username" || trim($dataTitle[2]) != "password") { echo "Error: file doesn't contain proper information. The correct format is 'name', 'username', 'password'"; return; } $userDb->removeAllUsers(ADMIN_PASSWORD); for ($i = 1; $i < count($rows); $i++) { // Assume data contains title $data = explode(",", $rows[$i]); if (count($data) <= 1) {
/** * Charge un objet group avec toutes ces caracteristiques (excpet ->members array) * * @param int $id id du groupe a charger * @return int <0 if KO, >0 if OK */ function load($id, $loaddb = false) { global $conf; parent::load($id); if ($loaddb) { $database = new UserDatabase($this->db); try { $result = $database->couchdb->listDatabases(); } catch (Exception $exc) { print $exc->getMessage(); } foreach ($result as $aRow) { if ($aRow[0] != "_") { // Not _users and _replicator try { $database->fetch($aRow); $info = $database->values; $secu = $database->couchAdmin->getSecurity(); foreach ($secu as $key => $type) { if (in_array($this->values->name, $type->roles)) { if ($key == "admins") $info->Administrator = true; $this->databases[] = $info; } } } catch (Exception $exc) { print $exc->getMessage(); } } } } return 1; }
public function setPassword($oldPassword, $newPassword, $confirmPassword) { if (UserDatabase::validatePassword($this->handle, $oldPassword)) { if ($this->validatePassword($newPassword, $confirmPassword)) { if (UserDatabase::updateUserPassword($this->iD, $newPassword)) { $this->password = $newPassword; } else { $this->setError("password", "PASSWORD_CHANGE_FAILURE"); } } } }
/** * Return select list of databases * * @param string $selected Id group preselected * @param string $htmlname Field name in form * @param int $show_empty 0=liste sans valeur nulle, 1=ajoute valeur inconnue * @param string $exclude Array list of groups id to exclude * @param int $disabled If select list must be disabled * @param string $include Array list of groups id to include * @param int $enableonly Array list of groups id to be enabled. All other must be disabled * @return void */ function select_doldatabases($selected = '', $htmlname = 'databaseid', $show_empty = 0, $exclude = '', $disabled = 0, $include = '', $enableonly = '') { global $conf, $user, $langs; $out = ''; $object = new UserDatabase($db); try { $result = $object->couchdb->listDatabases(); } catch (Exception $exc) { print $exc->getMessage(); } if (count($result) && is_array($exclude)) { foreach ($result as $key => $obj) { if (in_array($obj, $exclude, true)) { unset($result[$key]); } } } $i = 0; if (count($result)) { $out .= '<select class="flat" name="' . $htmlname . '"' . ($disabled ? ' disabled="disabled"' : '') . '>'; if ($show_empty) { $out .= '<option value="-1"' . ($selected == -1 ? ' selected="selected"' : '') . '> </option>' . "\n"; } foreach ($result as $aRow) { if ($aRow[0] != "_") { // Not _users and _replicator try { $object->fetch($aRow); $obj = $object->values; $secu = $object->couchAdmin->getSecurity(); if (count($secu->admins->names) + count($secu->readers->names) + count($secu->admins->roles) + count($secu->admins->roles) > 0) { $obj->Status = "SECURE"; } else { $obj->Status = "INSECURE"; } } catch (Exception $exc) { print $exc->getMessage(); } $disableline = 0; if (is_array($enableonly) && count($enableonly) && !in_array($obj->db_name, $enableonly)) { $disableline = 1; } $out .= '<option value="' . $obj->db_name . '"'; if ($disableline) { $out .= ' disabled="disabled"'; } if (is_object($selected) && $selected->id == $obj->db_name || !is_object($selected) && $selected == $obj->db_name) { $out .= ' selected="selected"'; } $out .= '>'; $out .= $obj->db_name; $out .= '</option>'; $i++; } } } else { $out .= '<select class="flat" name="' . $htmlname . '" disabled="disabled">'; $out .= '<option value="">' . $langs->trans("None") . '</option>'; } $out .= '</select>'; return $out; }
<?php require_once 'header.php'; require_once '../Includes/database.php'; @session_start(); if (isset($_SESSION['username']) || isset($_COOKIE['userid'])) { redirect('/newForum'); } if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "") { $redirect = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; header("HTTP/1.1 301 Moved Permanently"); header("Location: {$redirect}"); } if (!isset($_SESSION['username'])) { if (isset($_POST['login'])) { $user = new UserDatabase(); $eror = $user->login(mysqlPrep($_POST['txtUsername']), mysqlPrep(trim($_POST['txtPassword']))); if ($eror) { echo ";;fkjd"; $loginError = "Login Successful"; @session_start(); $_SESSION['username'] = $eror[2]; $_SESSION['id'] = $eror[0]; $_SESSION['firstname'] = $eror[1]; if (isset($_POST['remember']) && $_POST['remember'] == 0) { //echo "posted"; setcookie('userid', $eror[0], time() + 24 * 7 * 60 * 60); setcookie('firstName', $eror[1], time() + 24 * 7 * 60 * 60); } //print_r($_POST); redirect("/newForum/index.php?usrid={$eror[1]}");
/** * Load a user from database with its id or ref (login) * * @param string $id Si defini, id a utiliser pour recherche * @param string $login Si defini, login a utiliser pour recherche * @param strinf $sid Si defini, sid a utiliser pour recherche * @param int $loadpersonalconf Also load personal conf of user (in $user->conf->xxx) * @return int <0 if KO, 0 not found, >0 if OK */ function fetch($login = "") { global $conf; // Clean parametersadmin $login = trim($login); if (empty($login)) { //try { $login = "******" . $this->couchAdmin->getLoginSession(); //} catch (Exception $e) { // return 0; //} } try { $this->values = $this->couchdb->getDoc($login); } catch (Exception $e) { return 0; } // Test if User is a global administrator try { $admins = $this->couchAdmin->getUserAdmins(); $name = substr($login, 17); // suppress org.couchdb.user: if (isset($admins->$name)) $this->admin = true; else $this->admin = false; } catch (Exception $e) { $this->admin = false; } try { $database = new UserDatabase($this->db); $database->fetch($conf->Couchdb->name); // TODO Modify to put it in SESSION $result = $database->couchAdmin->getDatabaseAdminUsers(); // Administrateur local de la bd if (in_array($this->values->name, $result)) { $this->admin = true; } } catch (Exception $e) { } $this->id = $this->values->_id; $this->login = $this->values->name; return 1; }