function main($id, $mode) { global $config, $db, $user, $table_prefix, $auth, $template, $phpbb_root_path, $phpEx; define('TABLE_PREFIX', $table_prefix); require_once 'class_ulogin.php'; $uLogin = new uLogin($db); if ($config['require_activation'] == USER_ACTIVATION_DISABLE) { trigger_error('UCP_REGISTER_DISABLE'); } if (!($user_id = $uLogin->auth())) { $user_id = $uLogin->register(); } if ($user_id) { $session = $user->session_create($user_id, 0, 1); } if (!$session) { page_header($user->lang['LOGIN'], false); $template->set_filenames(array('body' => 'login_body.html')); make_jumpbox(append_sid("{$phpbb_root_path}viewforum.{$phpEx}")); page_footer(); exit; } $redirect = request_var('redirect', "{$phpbb_root_path}index.{$phpEx}"); $message = $user->lang['LOGIN_REDIRECT']; $l_redirect = $redirect === "{$phpbb_root_path}index.{$phpEx}" || $redirect === "index.{$phpEx}" ? $user->lang['RETURN_INDEX'] : $user->lang['RETURN_PAGE']; $redirect = reapply_sid($redirect); if (defined('IN_CHECK_BAN') && $session['user_row']['user_type'] != USER_FOUNDER) { return false; } $redirect = meta_refresh(3, $redirect); trigger_error($message . '<br /><br />' . sprintf($l_redirect, '<a href="' . $redirect . '">', '</a>')); }
/** * * @param type $uid * @param type $username * @param \uLogin $ulogin */ function appLogin($uid, $username, $ulogin){ $_SESSION['admin']['adminid'] = $uid; $_SESSION['admin']['username'] = $username; $_SESSION['admin']['is_logged'] = true; $db = new \DBConnection(); $adminModel = new \App\Model\Admin($db); $admin = $adminModel->getAdmin($uid); $_SESSION['admin']['refnum'] = $admin['ref']; $_SESSION['admin']['name'] = $admin['name']; $_SESSION['admin']['email'] = $admin['email']; $_SESSION['admin']['type'] = $admin['type']; addLog('Back-end', 'Login', ''.$admin['name'].' ('.$admin['ref'].')',''.$admin['name'].' ('.$admin['ref'].')','Successfully logged in'); if (isset($_SESSION['appRememberMeRequested']) && ($_SESSION['appRememberMeRequested'] === true)) { // Enable remember-me if ( !$ulogin->SetAutologin($username, true)) { echo "cannot enable autologin<br>"; } unset($_SESSION['appRememberMeRequested']); } else { // Disable remember-me if ( !$ulogin->SetAutologin($username, false)) { echo 'cannot disable autologin<br>'; } } page_header_simple(); echo '<img src="../images/lploader.gif" border="0"><br /><b>System is loading, please wait...</b>'; page_footer(); exit(); }
/** * authenticate * @param $user * @param $pass */ function login($user, $pass) { $ulogin = new uLogin('', ''); $ulogin->Authenticate($user, $pass); return $ulogin->IsAuthSuccess(); }
// we don't do that here so that the autologin function remains // easy to test. //$ulogin->SetAutologin($_SESSION['username'], false); unset($_SESSION['uid']); unset($_SESSION['username']); unset($_SESSION['loggedIn']); } // Store the messages in a variable to prevent interfering with headers manipulation. $msg = ''; // This is the action requested by the user $action = @$_POST['action']; // This is the first uLogin-specific line in this file. // We construct an instance and pass a function handle to our // callback functions (we have just defined 'appLogin' and // 'appLoginFail' a few lines above). $ulogin = new uLogin('appLogin', 'appLoginFail'); // First we handle application logic. We make two cases, // one for logged in users and one for anonymous users. // We will handle presentation after our logic because what we present is // also based on the logon state, but the application logic might change whether // we are logged in or not. if (isAppLoggedIn()) { if ($action == 'delete') { // We've been requested to delete the account // Delete account if (!$ulogin->DeleteUser($_SESSION['uid'])) { $msg = 'account deletion failure'; } else { $msg = 'account deleted ok'; } // Logout
/** * Регистрация на сайте и в таблице uLogin * * @param Array $u_user - данные о пользователе, полученные от uLogin * @param int $in_db - при значении 1 необходимо переписать данные в таблице uLogin * * @return bool|int|Error */ public static function RegistrationUser($u_user, $in_db = 0, $arParams) { global $APPLICATION; if (!isset($u_user['email'])) { ShowMessage(array("TYPE" => "ERROR", "MESSAGE" => 'Через данную форму выполнить регистрацию невозможно. Сообщите администратору сайта о следующей ошибке: Необходимо указать "email" в возвращаемых полях uLogin')); die('<br/><a href="' . $_POST['backurl'] . '">Назад</a>'); } global $USER; global $DB; $rsUsers = CUser::GetList($by = "id", $order = "desc", array("EMAIL" => $u_user['email'])); $arUser = $rsUsers->GetNext(); if ($in_db == 1) { $result = $DB->Query('DELETE FROM ulogin_users WHERE identity = "' . urlencode($u_user['identity']) . '"'); } // // $check_m_user == true -> есть пользователь с таким email $check_m_user = $arUser['ID'] > 0 ? true : false; $current_user = $USER->GetID(); if ($check_m_user == false) { $u_user['first_name'] = isset($u_user['first_name']) ? $APPLICATION->ConvertCharset($u_user['first_name'], "UTF-8", SITE_CHARSET) : ""; $u_user['last_name'] = isset($u_user['last_name']) ? $APPLICATION->ConvertCharset($u_user['last_name'], "UTF-8", SITE_CHARSET) : ""; $u_user['nickname'] = isset($u_user['nickname']) ? $APPLICATION->ConvertCharset($u_user['nickname'], "UTF-8", SITE_CHARSET) : ""; $u_user['b_date'] = isset($u_user['b_date']) ? $u_user['b_date'] : ""; // регистрируем пользователя list($d, $m, $y) = explode('.', $u_user['bdate']); //можно просто представить в другом формате стандартной функцией php $longLogin = uLogin::ulogin_generateNickname($u_user['first_name'], $u_user['last_name']); $arResult['USER'] = array('EMAIL' => $u_user['email'], 'PERSONAL_GENDER' => $u_user['sex'] == 2 ? 'M' : 'F', 'PERSONAL_CITY' => isset($u_user['city']) ? $u_user['city'] : '', 'PERSONAL_BIRTHDAY' => $d . '.' . $m . '.' . $y, 'EXTERNAL_AUTH_ID' => $u_user['identity'], 'PHOTO' => $u_user['photo'], 'PHOTO_BIG' => $u_user['photo_big'], 'NETWORK' => $u_user['network']); $GroupID = "5"; $passw = RandString(); if (is_array($arParams["GROUP_ID"])) { $GroupID = $arParams["GROUP_ID"]; } if (!is_array($GroupID)) { $GroupID = array($GroupID); } $arIMAGE = ''; if (isset($u_user['photo'])) { $imageContent = file_get_contents($u_user['photo']); $ext = strtolower(substr($u_user['photo'], -3)); if (!in_array($ext, array('jpg', 'jpeg', 'png', 'gif', 'bmp'))) { $ext = 'jpg'; } $tmpName = $tmpName = md5(rand()) . '.' . $ext; $tmpName = $_SERVER["DOCUMENT_ROOT"] . "/images/" . $tmpName; file_put_contents($tmpName, $imageContent); $arIMAGE = CFile::MakeFileArray($tmpName); $arIMAGE["MODULE_ID"] = "main"; } $user = new CUser(); $arFields = array("NAME" => $u_user['first_name'], "LAST_NAME" => $u_user['last_name'], "EMAIL" => $u_user['email'], "LOGIN" => $longLogin, "ACTIVE" => "Y", "GROUP_ID" => array(5), "PASSWORD" => $passw, "CONFIRM_PASSWORD" => $passw, "PERSONAL_PHOTO" => $arIMAGE); $UserID = $user->Add($arFields); if ($UserID > 0) { $result = $DB->Query('INSERT INTO ulogin_users (id, userid, identity, network) VALUES (NULL,"' . $UserID . '","' . urlencode($u_user['identity']) . '","' . $u_user['network'] . '")'); } else { ShowMessage(array("TYPE" => "ERROR", "MESSAGE" => 'Ошибка регистрации: Не удалось зарегистрировать пользователя.')); die('<br/><a href="' . $_POST['backurl'] . '">Назад</a>'); } if ($UserID && $arParams['SEND_EMAIL'] == 'Y') { $arEventFields = array('USER_ID' => $UserID, 'LOGIN' => $arFields['LOGIN'], 'EMAIL' => $arFields['EMAIL'], 'NAME' => $arFields['NAME'], 'LAST_NAME' => $arFields['LAST_NAME'], 'USER_IP' => '', 'USER_HOST' => ''); $event = new CEvent(); $msg = $event->SendImmediate("NEW_USER", SITE_ID, $arEventFields); ShowMessage($msg); } unlink($tmpName); return $UserID; } else { if (!isset($u_user["verified_email"]) || intval($u_user["verified_email"]) != 1) { die('<script src="//ulogin.ru/js/ulogin.js" type="text/javascript"></script><script type="text/javascript">uLogin.mergeAccounts("' . $_POST['token'] . '")</script>' . 'Электронный адрес данного аккаунта совпадает с электронным адресом существующего пользователя. Требуется подтверждение на владение указанным email.' . '<br/><a href="' . $_POST['backurl'] . '">Назад</a>'); } if (intval($u_user["verified_email"]) == 1) { $user_id = $arUser['ID']; $other_u = $DB->Query('SELECT identity,network FROM ulogin_users WHERE userid = "' . $user_id . '"'); $other = array(); while ($row = $other_u->Fetch()) { $ident = $row['identity']; $key = $row['network']; $other[$key] = $ident; } if ($other) { if (!isset($u_user['merge_account'])) { die('<script src="//ulogin.ru/js/ulogin.js" type="text/javascript"></script><script type="text/javascript">uLogin.mergeAccounts("' . $_POST['token'] . '","' . $other[$key] . '")</script>' . 'С данным аккаунтом уже связаны данные из другой социальной сети. Требуется привязка новой учётной записи социальной сети к этому аккаунту' . '<br/><a href="' . $_POST['backurl'] . '">Назад</a>'); } } } $result = $DB->Query('INSERT INTO ulogin_users (id, userid, identity, network) VALUES (NULL,"' . $arUser['ID'] . '","' . urlencode($u_user['identity']) . '","' . $u_user['network'] . '")'); $result = $result->GetNext(); return $arUser['ID']; } }
<?php ob_start(); session_start(); function __autoload($name) { include_once "files/" . $name . ".php"; } $login = new uLogin(); $validate = new validation(); //echo $_SESSION['type']; $validate->checkCookie(); if (isset($_SESSION['cafeteriaSystem'])) { if ($_SESSION['type'] == "1") { header("location:orders.php"); } else { header("location:index.php"); } } if (isset($_GET['logout'])) { //echo("aaaaa"); session_destroy(); unset($_COOKIE['cafeteriaSystem']); setcookie("cafeteriaSystem", null, time() - 3600); header("location:login.php"); } ?> <html> <head> <title>Cafeteria System | Login</title> <link rel="stylesheet" type="text/css" href="css/bootstrap.min">
<?php //only include ulogin.php as we only need that. //The rest of the script should include includes/main.inc,php require_once "functions/ulogin.php"; // Start a secure session if none is running if (!sses_running()) { sses_start(); } $msg = ""; $ulogin = new uLogin('appLogin', 'appLoginFail'); if (isAppLoggedIn()) { header('Location:index.php'); } else { if ($_POST['username'] != "" && $_POST['pwd'] != "") { $ulogin->Authenticate($_POST['username'], $_POST['pwd']); if ($ulogin->IsAuthSuccess()) { // Since we have specified callback functions to uLogin, // we don't have to do anything here. header('Location:index.php'); } else { $msg = 'Invalid username or password!'; } //end if-else } } if (!isAppLoggedIn()) { ?> <html> <head>
{ if (isAppLoggedIn()) { $GLOBALS['uloginFactorOne']->Logout($_SESSION['uid']); } unset($_SESSION['factorsCompleted']); unset($_SESSION['uid']); unset($_SESSION['username']); unset($_SESSION['loggedIn']); } $action = @$_POST['action']; // The first uLogin instance is used to perform first-factor auth. // The auth backend to be used is taken from the config files. $uloginFactorOne = new uLogin('appAuthFactorOne', 'appLoginFail'); // The second uLogin instance is used to perform second-factor auth. // We specify the backend we want to use explicitly here. $uloginFactorTwo = new uLogin('appAuthFactorTwo', 'appLoginFail', new ulDuoSecLoginBackend()); if (isAppLoggedIn()) { if ($action == 'logout') { // We were requested to log out // Logout appLogout(); } } else { if ($action == 'login') { if (!isset($_SESSION['loginPhase1Success'])) { // are we authenticating the first factor? // Nonce verification if (isset($_POST['nonce']) && ulNonce::Verify('login', $_POST['nonce'])) { $uloginFactorOne->Authenticate($_POST['user'], $_POST['pwd']); } else { echo 'invalid nonce<br>';