function login_authenticate($db, $username, $password) { if ($row = login_check_credential($db, $username, $password)) { fAuthorization::setUserToken(array('id' => $row['id'], 'name' => $username, 'email' => $row['email'], 'display_name' => $row['display_name'])); return true; } return false; }
<?php include './resources/init.php'; if (isset($_POST['type'])) { if ($_POST['type'] == "logout") { fAuthorization::destroyUserInfo(); } else { if ($_POST['type'] == "login") { try { $user = new User($_POST['username']); } catch (fException $e) { fURL::redirect(URL_ROOT . "authentication.php"); } if (sha1($_POST['password']) == $user->getPassword()) { fAuthorization::setUserAuthLevel($user->getLevel()); fAuthorization::setUserToken($_POST['username']); fURL::redirect(fAuthorization::getRequestedUrl(true, URL_ROOT . "inventory.php")); } else { fURL::redirect(URL_ROOT . "authentication.php"); } } } } else { if (isset($_GET['type']) == "logout") { fAuthorization::destroyUserInfo(); } } $tmpl->place('header'); $tmpl->place('menu'); ?> <div class="span-24 last">
public function testUserToken() { $this->assertEquals(NULL, fAuthorization::getUserToken()); fAuthorization::setUserToken('*****@*****.**'); $this->assertEquals('*****@*****.**', fAuthorization::getUserToken()); }
public function login() { $username = trim(fRequest::get('username', 'string')); $password = fRequest::get('password', 'string'); $password_hash = static::hashPassword($password); try { if (fRequest::get('action') == '登录') { $user = new User($username); if ($user->getPassword() == $password_hash) { fAuthorization::setUserToken($user->getUsername()); fMessaging::create('success', 'Logged in successfully.'); fURL::redirect(fAuthorization::getRequestedURL(TRUE, Util::getReferer())); } else { throw new fValidationException('Password mismatch.'); } } else { if (fRequest::get('action') == '注册') { if (strlen($username) < 4) { throw new fValidationException('Username is too short.'); } if (strlen($username) > 20) { throw new fValidationException('Username is too long.'); } if (strlen($password) < 6) { throw new fValidationException('Password is too short.'); } if (Util::contains('`~!@#$%^&*()-+=[]\\;\',/{}|:"<>?', $username) or preg_match('/\\s/', $username)) { throw new fValidationException('Username is illegal.'); } $realname = trim(fRequest::get('realname', 'string')); $gender = trim(fRequest::get('gender', 'string')); $school = trim(fRequest::get('school', 'string')); $major = trim(fRequest::get('major', 'string')); $grade = trim(fRequest::get('grade', 'integer', NULL)); $phone = trim(fRequest::get('phone', 'string')); $qq = trim(fRequest::get('qq', 'string')); if (strlen($realname) < 1) { throw new fValidationException('请填写真实姓名'); } if (strlen($gender) < 1) { throw new fValidationException('请选择性别'); } if (strlen($phone) < 1) { throw new fValidationException('请填写手机号码'); } try { $user = new User($username); throw new fValidationException('User already exists.'); } catch (fNotFoundException $e) { $user = new User(); $user->setUsername($username); $user->setPassword($password_hash); $user->store(); try { $profile = new Profile($username); } catch (fNotFoundException $e) { $profile = new Profile(); $profile->setUsername($username); } $profile->setRealname($realname); $profile->setGender($gender); $profile->setSchool($school); $profile->setMajor($major); $profile->setGrade($grade); $profile->setPhoneNumber($phone); $profile->setQq($qq); $profile->store(); fAuthorization::setUserToken($user->getUsername()); fMessaging::create('success', 'Registered successfully.'); Util::redirect('/email/verify'); } } } } catch (fException $e) { fMessaging::create('error', $e->getMessage()); fURL::redirect(fAuthorization::getRequestedURL(TRUE, Util::getReferer())); } }
$action = fRequest::get('action'); // --------------------------------- // if ('log_out' == $action) { fAuthorization::destroyUserInfo(); fSession::destroy(); fMessaging::create('success', User::makeUrl('login'), 'You were successfully logged out'); fURL::redirect(User::makeUrl('login')); // --------------------------------- // } else { if (!fAuthorization::checkLoggedIn()) { if (fRequest::isPost()) { try { $user = new User(array('username' => fRequest::get('username'))); $valid_pass = fCryptography::checkPasswordHash(fRequest::get('password'), $user->getPassword()); if (!$valid_pass) { throw new fValidationException('The login or password entered is invalid'); } fAuthorization::setUserToken($user->getEmail()); fAuthorization::setUserAuthLevel($user->getRole()); fSession::set('user_id', $user->getUserId()); fSession::set('user_name', $user->getUsername()); fURL::redirect(fAuthorization::getRequestedURL(TRUE, 'index.php')); } catch (fExpectedException $e) { fMessaging::create('error', fURL::get(), $e->getMessage()); } } include VIEW_PATH . '/log_in.php'; } else { fURL::redirect('index.php'); } }
/** * Attempt to login, and register through fAuthorization when successful. * * @throws sfNotFoundException When no user by provided username exists * @throws sfBadPasswordException When the given password fails to match * * @param string $username Username for attempted login * @param string $password Provided password to match * @return boolean True when successful */ public static function login($username, $password) { $login_attempt = sfCore::make('sfUser'); // will throw sfNotFoundException if not available $login_attempt->loadByUsername($username); if (!$login_attempt->matchPassword($password)) { throw new sfBadPasswordException(); return; } fAuthorization::setUserAuthLevel($login_attempt->getLevel()); fAuthorization::setUserToken($username); static::evaluateSession(); return true; }