function main($id, $mode)
{
global $config, $db, $user, $table_prefix, $auth, $template, $phpbb_root_path, $phpEx;
define('TABLE_PREFIX', $table_prefix);
require_once 'class_ulogin.php';
$uLogin = new uLogin($db);
if ($config['require_activation'] == USER_ACTIVATION_DISABLE) {
trigger_error('UCP_REGISTER_DISABLE');
}
if (!($user_id = $uLogin->auth())) {
$user_id = $uLogin->register();
}
if ($user_id) {
$session = $user->session_create($user_id, 0, 1);
}
if (!$session) {
page_header($user->lang['LOGIN'], false);
$template->set_filenames(array('body' => 'login_body.html'));
make_jumpbox(append_sid("{$phpbb_root_path}viewforum.{$phpEx}"));
page_footer();
exit;
}
$redirect = request_var('redirect', "{$phpbb_root_path}index.{$phpEx}");
$message = $user->lang['LOGIN_REDIRECT'];
$l_redirect = $redirect === "{$phpbb_root_path}index.{$phpEx}" || $redirect === "index.{$phpEx}" ? $user->lang['RETURN_INDEX'] : $user->lang['RETURN_PAGE'];
$redirect = reapply_sid($redirect);
if (defined('IN_CHECK_BAN') && $session['user_row']['user_type'] != USER_FOUNDER) {
return false;
}
$redirect = meta_refresh(3, $redirect);
trigger_error($message . '<br /><br />' . sprintf($l_redirect, '<a href="' . $redirect . '">', '</a>'));
}
/**
*
* @param type $uid
* @param type $username
* @param \uLogin $ulogin
*/
function appLogin($uid, $username, $ulogin){
$_SESSION['admin']['adminid'] = $uid;
$_SESSION['admin']['username'] = $username;
$_SESSION['admin']['is_logged'] = true;
$db = new \DBConnection();
$adminModel = new \App\Model\Admin($db);
$admin = $adminModel->getAdmin($uid);
$_SESSION['admin']['refnum'] = $admin['ref'];
$_SESSION['admin']['name'] = $admin['name'];
$_SESSION['admin']['email'] = $admin['email'];
$_SESSION['admin']['type'] = $admin['type'];
addLog('Back-end', 'Login', ''.$admin['name'].' ('.$admin['ref'].')',''.$admin['name'].' ('.$admin['ref'].')','Successfully logged in');
if (isset($_SESSION['appRememberMeRequested']) && ($_SESSION['appRememberMeRequested'] === true))
{
// Enable remember-me
if ( !$ulogin->SetAutologin($username, true)) {
echo "cannot enable autologin<br>";
}
unset($_SESSION['appRememberMeRequested']);
}
else
{
// Disable remember-me
if ( !$ulogin->SetAutologin($username, false)) {
echo 'cannot disable autologin<br>';
}
}
page_header_simple();
echo '<img src="../images/lploader.gif" border="0"><br /><b>System is loading, please wait...</b>';
page_footer();
exit();
}
/**
* authenticate
* @param $user
* @param $pass
*/
function login($user, $pass)
{
$ulogin = new uLogin('', '');
$ulogin->Authenticate($user, $pass);
return $ulogin->IsAuthSuccess();
}
// we don't do that here so that the autologin function remains
// easy to test.
//$ulogin->SetAutologin($_SESSION['username'], false);
unset($_SESSION['uid']);
unset($_SESSION['username']);
unset($_SESSION['loggedIn']);
}
// Store the messages in a variable to prevent interfering with headers manipulation.
$msg = '';
// This is the action requested by the user
$action = @$_POST['action'];
// This is the first uLogin-specific line in this file.
// We construct an instance and pass a function handle to our
// callback functions (we have just defined 'appLogin' and
// 'appLoginFail' a few lines above).
$ulogin = new uLogin('appLogin', 'appLoginFail');
// First we handle application logic. We make two cases,
// one for logged in users and one for anonymous users.
// We will handle presentation after our logic because what we present is
// also based on the logon state, but the application logic might change whether
// we are logged in or not.
if (isAppLoggedIn()) {
if ($action == 'delete') {
// We've been requested to delete the account
// Delete account
if (!$ulogin->DeleteUser($_SESSION['uid'])) {
$msg = 'account deletion failure';
} else {
$msg = 'account deleted ok';
}
// Logout
/**
* Регистрация на сайте и в таблице uLogin
*
* @param Array $u_user - данные о пользователе, полученные от uLogin
* @param int $in_db - при значении 1 необходимо переписать данные в таблице uLogin
*
* @return bool|int|Error
*/
public static function RegistrationUser($u_user, $in_db = 0, $arParams)
{
global $APPLICATION;
if (!isset($u_user['email'])) {
ShowMessage(array("TYPE" => "ERROR", "MESSAGE" => 'Через данную форму выполнить регистрацию невозможно. Сообщите администратору сайта о следующей ошибке:
Необходимо указать "email" в возвращаемых полях uLogin'));
die('<br/><a href="' . $_POST['backurl'] . '">Назад</a>');
}
global $USER;
global $DB;
$rsUsers = CUser::GetList($by = "id", $order = "desc", array("EMAIL" => $u_user['email']));
$arUser = $rsUsers->GetNext();
if ($in_db == 1) {
$result = $DB->Query('DELETE FROM ulogin_users WHERE identity = "' . urlencode($u_user['identity']) . '"');
}
// // $check_m_user == true -> есть пользователь с таким email
$check_m_user = $arUser['ID'] > 0 ? true : false;
$current_user = $USER->GetID();
if ($check_m_user == false) {
$u_user['first_name'] = isset($u_user['first_name']) ? $APPLICATION->ConvertCharset($u_user['first_name'], "UTF-8", SITE_CHARSET) : "";
$u_user['last_name'] = isset($u_user['last_name']) ? $APPLICATION->ConvertCharset($u_user['last_name'], "UTF-8", SITE_CHARSET) : "";
$u_user['nickname'] = isset($u_user['nickname']) ? $APPLICATION->ConvertCharset($u_user['nickname'], "UTF-8", SITE_CHARSET) : "";
$u_user['b_date'] = isset($u_user['b_date']) ? $u_user['b_date'] : "";
// регистрируем пользователя
list($d, $m, $y) = explode('.', $u_user['bdate']);
//можно просто представить в другом формате стандартной функцией php
$longLogin = uLogin::ulogin_generateNickname($u_user['first_name'], $u_user['last_name']);
$arResult['USER'] = array('EMAIL' => $u_user['email'], 'PERSONAL_GENDER' => $u_user['sex'] == 2 ? 'M' : 'F', 'PERSONAL_CITY' => isset($u_user['city']) ? $u_user['city'] : '', 'PERSONAL_BIRTHDAY' => $d . '.' . $m . '.' . $y, 'EXTERNAL_AUTH_ID' => $u_user['identity'], 'PHOTO' => $u_user['photo'], 'PHOTO_BIG' => $u_user['photo_big'], 'NETWORK' => $u_user['network']);
$GroupID = "5";
$passw = RandString();
if (is_array($arParams["GROUP_ID"])) {
$GroupID = $arParams["GROUP_ID"];
}
if (!is_array($GroupID)) {
$GroupID = array($GroupID);
}
$arIMAGE = '';
if (isset($u_user['photo'])) {
$imageContent = file_get_contents($u_user['photo']);
$ext = strtolower(substr($u_user['photo'], -3));
if (!in_array($ext, array('jpg', 'jpeg', 'png', 'gif', 'bmp'))) {
$ext = 'jpg';
}
$tmpName = $tmpName = md5(rand()) . '.' . $ext;
$tmpName = $_SERVER["DOCUMENT_ROOT"] . "/images/" . $tmpName;
file_put_contents($tmpName, $imageContent);
$arIMAGE = CFile::MakeFileArray($tmpName);
$arIMAGE["MODULE_ID"] = "main";
}
$user = new CUser();
$arFields = array("NAME" => $u_user['first_name'], "LAST_NAME" => $u_user['last_name'], "EMAIL" => $u_user['email'], "LOGIN" => $longLogin, "ACTIVE" => "Y", "GROUP_ID" => array(5), "PASSWORD" => $passw, "CONFIRM_PASSWORD" => $passw, "PERSONAL_PHOTO" => $arIMAGE);
$UserID = $user->Add($arFields);
if ($UserID > 0) {
$result = $DB->Query('INSERT INTO ulogin_users (id, userid, identity, network) VALUES (NULL,"' . $UserID . '","' . urlencode($u_user['identity']) . '","' . $u_user['network'] . '")');
} else {
ShowMessage(array("TYPE" => "ERROR", "MESSAGE" => 'Ошибка регистрации: Не удалось зарегистрировать пользователя.'));
die('<br/><a href="' . $_POST['backurl'] . '">Назад</a>');
}
if ($UserID && $arParams['SEND_EMAIL'] == 'Y') {
$arEventFields = array('USER_ID' => $UserID, 'LOGIN' => $arFields['LOGIN'], 'EMAIL' => $arFields['EMAIL'], 'NAME' => $arFields['NAME'], 'LAST_NAME' => $arFields['LAST_NAME'], 'USER_IP' => '', 'USER_HOST' => '');
$event = new CEvent();
$msg = $event->SendImmediate("NEW_USER", SITE_ID, $arEventFields);
ShowMessage($msg);
}
unlink($tmpName);
return $UserID;
} else {
if (!isset($u_user["verified_email"]) || intval($u_user["verified_email"]) != 1) {
die('<script src="//ulogin.ru/js/ulogin.js" type="text/javascript"></script><script type="text/javascript">uLogin.mergeAccounts("' . $_POST['token'] . '")</script>' . 'Электронный адрес данного аккаунта совпадает с электронным адресом существующего пользователя. Требуется подтверждение на владение указанным email.' . '<br/><a href="' . $_POST['backurl'] . '">Назад</a>');
}
if (intval($u_user["verified_email"]) == 1) {
$user_id = $arUser['ID'];
$other_u = $DB->Query('SELECT identity,network FROM ulogin_users WHERE userid = "' . $user_id . '"');
$other = array();
while ($row = $other_u->Fetch()) {
$ident = $row['identity'];
$key = $row['network'];
$other[$key] = $ident;
}
if ($other) {
if (!isset($u_user['merge_account'])) {
die('<script src="//ulogin.ru/js/ulogin.js" type="text/javascript"></script><script type="text/javascript">uLogin.mergeAccounts("' . $_POST['token'] . '","' . $other[$key] . '")</script>' . 'С данным аккаунтом уже связаны данные из другой социальной сети. Требуется привязка новой учётной записи социальной сети к этому аккаунту' . '<br/><a href="' . $_POST['backurl'] . '">Назад</a>');
}
}
}
$result = $DB->Query('INSERT INTO ulogin_users (id, userid, identity, network) VALUES (NULL,"' . $arUser['ID'] . '","' . urlencode($u_user['identity']) . '","' . $u_user['network'] . '")');
$result = $result->GetNext();
return $arUser['ID'];
}
}
<?php
ob_start();
session_start();
function __autoload($name)
{
include_once "files/" . $name . ".php";
}
$login = new uLogin();
$validate = new validation();
//echo $_SESSION['type'];
$validate->checkCookie();
if (isset($_SESSION['cafeteriaSystem'])) {
if ($_SESSION['type'] == "1") {
header("location:orders.php");
} else {
header("location:index.php");
}
}
if (isset($_GET['logout'])) {
//echo("aaaaa");
session_destroy();
unset($_COOKIE['cafeteriaSystem']);
setcookie("cafeteriaSystem", null, time() - 3600);
header("location:login.php");
}
?>
<html>
<head>
<title>Cafeteria System | Login</title>
<link rel="stylesheet" type="text/css" href="css/bootstrap.min">
<?php
//only include ulogin.php as we only need that.
//The rest of the script should include includes/main.inc,php
require_once "functions/ulogin.php";
// Start a secure session if none is running
if (!sses_running()) {
sses_start();
}
$msg = "";
$ulogin = new uLogin('appLogin', 'appLoginFail');
if (isAppLoggedIn()) {
header('Location:index.php');
} else {
if ($_POST['username'] != "" && $_POST['pwd'] != "") {
$ulogin->Authenticate($_POST['username'], $_POST['pwd']);
if ($ulogin->IsAuthSuccess()) {
// Since we have specified callback functions to uLogin,
// we don't have to do anything here.
header('Location:index.php');
} else {
$msg = 'Invalid username or password!';
}
//end if-else
}
}
if (!isAppLoggedIn()) {
?>
<html>
<head>
{
if (isAppLoggedIn()) {
$GLOBALS['uloginFactorOne']->Logout($_SESSION['uid']);
}
unset($_SESSION['factorsCompleted']);
unset($_SESSION['uid']);
unset($_SESSION['username']);
unset($_SESSION['loggedIn']);
}
$action = @$_POST['action'];
// The first uLogin instance is used to perform first-factor auth.
// The auth backend to be used is taken from the config files.
$uloginFactorOne = new uLogin('appAuthFactorOne', 'appLoginFail');
// The second uLogin instance is used to perform second-factor auth.
// We specify the backend we want to use explicitly here.
$uloginFactorTwo = new uLogin('appAuthFactorTwo', 'appLoginFail', new ulDuoSecLoginBackend());
if (isAppLoggedIn()) {
if ($action == 'logout') {
// We were requested to log out
// Logout
appLogout();
}
} else {
if ($action == 'login') {
if (!isset($_SESSION['loginPhase1Success'])) {
// are we authenticating the first factor?
// Nonce verification
if (isset($_POST['nonce']) && ulNonce::Verify('login', $_POST['nonce'])) {
$uloginFactorOne->Authenticate($_POST['user'], $_POST['pwd']);
} else {
echo 'invalid nonce<br>';
