private function login() { $Auth = new cAuthentication(); /// unsuccessful login proces /// if (!$Auth->login($_POST['login'], $_POST['password_hmac'], $_POST['challenge'])) { $this->aErrors[] = getString("Přihlášení se nezdařilo!", 'login'); foreach ($Auth->getErrors() as $error) { $this->aErrors[] = $error; } $this->db->delete('core_challenges', array('id', '=', $_POST['challenge'])); } }
public function authenticate() { /// user is logged /// if ($aUser = $this->checkLoggedUser()) { self::$bAuthenticated = $this->update($aUser); } if (self::$bAuthenticated) { cCfg::setCapability(); } return self::$bAuthenticated; }
$passwPat = '/^[a-zA-Z0-9_-]{1,50}$/'; if ($Check->check('password', 'strlen($test)>5 && strlen($test)<51', 'The password must have at least 6 symbols and max. 50, without diacritical marks and whitespaces!', $_POST['passw'])) { $Check->check('password', '$test==true', 'Verification of password is not correct!', $_POST['passw'] == $_POST['passw_ver']); } $Logs->addLog($Check->isValid(), 'add new one valid'); if (!$Check->isValid()) { foreach ($Check->getErrors() as $k => $error) { $aErrors[] = admin_getErrorToPrint($k, $error); } } else { try { $aVals = array(); $aVals[] = array('name', $_POST['name']); $aVals[] = array('surname', $_POST['surname']); $aVals[] = array('login', $_POST['login']); $aVals[] = array('password', cAuthentication::cyphrePassword($_POST['passw'])); $aVals[] = array('role', $_POST['role'], false); /// insert values /// if (!$DB->insert('core_users', $aVals)) { throw new cException("Some error during insert operation!"); } $aAlerts[] = "New user was added."; } catch (cException $e) { $msg = $e->getDbMessageError(__METHOD__ . '(line:' . __LINE__ . ')', $query); $aErrors[] = $msg; cLogsDb::addFileLog($msg); } } } /// end of POST data sent /// $roles = admin_getAllRoles();
if (!session_id()) { @session_start(); } require_once "../core/core_defines.inc.php"; require_once ROOT_PATH . "core/global_fce.php"; requireFile("admin/admin_fce.php"); $DB = new cDb(); $DB->connect(); $CFG = new cCfg(); $Logs = new cLogs("index.php"); $Logs->on(); $Logs->addLog($_POST, "POST"); $_aErrors = array(); $_aAlerts = array(); $Authent = new cAuthentication(); $bAut = $Authent->authenticate(); if (!$bAut && ADMIN_PAGE_ACCESS_AUTHORIZIED || $bAut && !$CFG->hasCapability('superadmin')) { header("Location: " . HTTP_PATH); } $_index_rights = true; foreach ($_GET as $k => $v) { $_GET[$k] = get_magic_quotes_gpc() ? trim($v) : trim(addslashes($v)); } /// update capabilities /// if (isset($_POST['update_capab'])) { _updateCapabilities(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml">
if (!isset($_GET['_pageAction_'])) { if (is_string($CFG->getDefaultPage('path'))) { header("Location: " . $CFG->getDefaultPage('path')); } else { if (!ADMIN_PAGE_ACCESS_AUTHORIZIED) { header("Location: " . HTTP_PATH . "admin"); } } } $action = get_magic_quotes_gpc() ? $_GET['_pageAction_'] : addslashes($_GET['_pageAction_']); //$Logs->addLog($action,"_pageAction_"); $CORE = new cBuildIndex($action); if (MK_DEBUG) { $CORE->addCssToHead("core/logs.css"); } $Authent = new cAuthentication(); $Authent->authenticate(); /// user authenticated /// if ($CFG->isAuthenticated()) { $Logs->addLog("user authenticated", "authentication process"); $CFG->setUserAccount(); } $CORE->buildPage(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <?php if (isset($CORE)) { $CORE->printHead();