function check_initial_login() { if (!isset($_SESSION['user'])) { if (!empty($_POST['user_name'])) { if (attempt_login($_POST['user_name'], $_POST['password'])) { header('Location:?action=admin&subaction=dashboard'); } else { header('Location:?action=admin&failed=true'); } } } }
include "includes/session.php"; include "includes/functions.php"; include "includes/validation_functions.php"; require_once "includes/db_connection.php"; ?> <?php $username = ""; if (isset($_POST['username'])) { // validation $required_fields = array("username", "password"); validate_presences($required_fields); if (empty($errors)) { $username = $_POST["username"]; $password = $_POST["password"]; $found_admin = attempt_login($username, $password); } if ($found_admin) { // Success $_SESSION["admin_id"] = $found_admin["id"]; $_SESSION["username"] = $found_admin["username"]; redirect_to("vault.php"); } else { // Failure $_SESSION["message"] = "Username/password not found."; } } else { $_SESSION["message"] = "No Post SubmitteD"; } ?> <div>
function attempt_login_failure() { global $connection; $email = "*****@*****.**"; $password = "******"; assert(!attempt_login($email, $password)); }
if (empty($_POST["password"])) { $errors["passwordErr"] = "Password is required"; } else { $password = test_input($_POST["password"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*\$/", $password)) { $passwordErr = "Only letters and white space allowed"; } } } if (isset($_POST["submit"])) { if (empty($errors)) { $username = $_POST['username_email']; $email = $_POST['username_email']; $password = $_POST['password']; $found_user = attempt_login($username, $password, $email); if ($found_user) { $user_id = $_SESSION["user_id"]; if ($_SESSION["user_type"] === "Admin" && $_SESSION["user_status"] === "Activated") { redirect("admin.php?id={$user_id}"); } else { $error_msg = "Sorry " . ucname($username) . ", your account is temporarily deactivated by the admin.<br>"; } if ($_SESSION["user_type"] === "Member" && $_SESSION["user_status"] === "Activated") { redirect("member.php?id={$user_id}"); } else { $error_msg = "Sorry " . ucname($username) . ", your account is temporarily deactivated by the admin.<br>"; } } else { if (!$found_user) { $error_msg = $_SESSION["error_msg"];
if ($result && mysqli_affected_rows($conn) == 1) { redirect_to("buzz.php"); } else { $_SESSION["message"] = "Updation failed."; } } else { $_SESSION["message"] = "Incorrect old password"; } } } elseif ($pass_check == "yes" && $propic_check == "no" && empty($_POST['branch']) && empty($_POST['club'])) { $required_fields = array("new_password", "password"); validate_presence($required_fields); if (empty($errors)) { $username = $_SESSION["username"]; $password = $_POST["password"]; $found_user = attempt_login($username, $password); if ($found_user) { $_SESSION["user_id"] = $found_user["id"]; $_SESSION["username"] = $found_user["username"]; $sname = $_POST['sname']; $email = $_POST['email']; $hashed_password = password_encrypt($_POST["new_password"]); $query = "UPDATE users SET sname = '{$sname}', email = '{$email}', hashed_password = '******' WHERE username = '******' LIMIT 1"; $result = mysqli_query($conn, $query); if ($result && mysqli_affected_rows($conn) == 1) { redirect_to("buzz.php"); } else { $_SESSION["message"] = "Updation failed."; } } else { $_SESSION["message"] = "Incorrect old password";
<div id="login-container" class="center"> <form id="login-form" action="login.php" method="POST"> <label for="username-text">Username</label> <input type="text" id="username-text" name="username" required></input> <label for="password-text">Password</label> <input type="password" id="password-text" name="password" required></input> <input type="submit" class="center" /> <div id="need-to-register">Need to <a href="register.php">Register?</a></div> </form> </div> <?php } else { // FORM WAS POSTED, YO // Only checking for those web browsers that do not support the required attribute or for users attempting to bot the form if (!isset($_POST["username"]) || !isset($_POST["password"])) { echo "Form not completely filled out. <a href=\"register.php\">Please try again<a/>"; die; } // We have all our input if (attempt_login($_POST["username"], $_POST["password"])) { echo "Successfully logged in!"; $_SESSION["username"] = $_POST["username"]; $_SESSION["loggedin"] = true; } } ?> </body> </html>
attempt_connection("nits_recruitment_admin"); function text($data) { $data = trim($data); $data = htmlspecialchars($data); $data = mysql_real_escape_string($data); return $data; } function attempt_login($username, $password) { $username = text($username); $password = md5(SHA1(text($password))); $query = "SELECT * FROM admin WHERE username='******' AND password='******' "; $result = mysql_query($query) or die(mysql_error()); if (mysql_num_rows($result)) { return 1; } else { return 0; } } if (isset($_POST['a']) && isset($_POST['e'])) { if (attempt_login($_POST['a'], $_POST['e'])) { session_start(); $_SESSION['nits_rec_admin'] = 'nits_rec_admin'; die("Login successful"); } else { die("Invalid Username and Password combination"); } } else { die("Username or Password field is empty"); }
require_once '../includes/form_processing.php'; require_once "../includes/output.php"; // Process form from signup.php: if (isset($_POST['submit'])) { //Processes form content and redirects with error feedback if needed process_first_form(); // Process form from address.php } elseif (isset($_POST['second_submit']) && isset($_SESSION['user_details'])) { process_second_form(); // Double check for success of previous form submission before prcoeeding // to send data to the database if (isset($_SESSION['user_details']) && isset($_SESSION['address_details'])) { if (create_new_user()) { //must attempt login in order to get the userId generated from the //database logic $user = attempt_login($_SESSION['email'], $_SESSION['password']); if ($user) { //login successful //restart the session clear_session(); //$_SESSION['logged_in'] = 1; $_SESSION['role'] = $user['role']; $_SESSION['userId'] = $user['userId']; $_SESSION['email'] = $user['email']; $_SESSION['firstName'] = $user['firstName']; $_SESSION['lastName'] = $user['lastName']; //add address details $_SESSION['street'] = $user['street']; $_SESSION['zip'] = $user['zip']; $_SESSION['city'] = $user['city']; $_SESSION['country'] = $user['country'];
setcookie("test", 45, time() + 60 * 60 * 24 * 7); require_once '../includes/dbconnection.php'; require_once '../includes/session.php'; require_once '../includes/form_processing.php'; //if user is logged in, log out first: if (is_buyer() || is_seller()) { clear_session(); } if (isset($_POST['submit'])) { //store form data to display back to the user: $email = $_POST['email']; // Process form from login.php process_login_form(); if ($_POST['login_details']) { $user = attempt_login($_POST['email'], $_POST['password']); if ($user) { //login successful //restart the session clear_session(); //$_SESSION['logged_in'] = 1; $_SESSION['role'] = $user['role']; $_SESSION['userId'] = $user['userId']; $_SESSION['email'] = $user['email']; $_SESSION['firstName'] = $user['firstName']; $_SESSION['lastName'] = $user['lastName']; //add address details $_SESSION['street'] = $user['street']; $_SESSION['number'] = $user['number']; $_SESSION['zip'] = $user['zip']; $_SESSION['city'] = $user['city'];
?> <?php if (isset($_POST["submit"])) { /* process the form */ $user_name = $_POST["user_name"]; $user_pass = $_POST["user_pass"]; /* validations */ $required_fields = array("user_name", "user_pass"); validate_presences($required_fields); if (!empty($errors)) { $_SESSION["errors"] = $errors; redirect_to("login.php"); } /* attempt login */ $found_user = attempt_login($user_name, $user_pass); /* test if query succeeded */ if ($found_user) { /* success, mark user as logged in */ $_SESSION["user_id"] = $found_user["id"]; $_SESSION["user_name"] = $found_user["user_name"]; $_SESSION["user_type"] = $found_user["user_type"]; $_SESSION["message"] = "{$_SESSION["user_name"]}: {$_SESSION["user_type"]} access granted."; /* direct user to proper menu */ if ($_SESSION["user_type"] == "user") { redirect_to("index_user.php"); } else { redirect_to("index_admin.php"); } } else { /* failure . . . */
// Maqui-wifi TODO: // - Display a map with spots on login/signup/about/pricing page(s) // - Make a trial account generation system (2 minutes timeout) // - "Please enter your email address and receive a free trial login code" // - # UAM Configuration $uamsecret = "wasa"; # Uncomment the following line if you want to use ordinary user-password # for radius authentication. Must be used together with $uamsecret. #$userpassword=1; ## Controller # 0: Login attempt (if all mandatory authentication parameters are set) $login_mandatory_params = array('chal', 'uamip', 'uamport', 'username', 'password'); $login_params = array_intersect(array_keys($_GET), $login_mandatory_params); if (!array_diff($login_mandatory_params, $login_params)) { attempt_login(); } # 1: Not logged in yet if ($_GET['res'] == 'notyet') { display_notyet(); } # 2: Login failed if ($_GET['res'] == 'failed') { display_failed(); } # 1: Login successful if ($_GET['res'] == 'success') { display_success(); } # 3: Logged out (TODO: Display a timeout message, and options) if ($_GET['res'] == 'logoff') {
require_once "../include/db_connection.php"; require_once "../include/functions.php"; include "../include/repeats/header.php"; ?> <?php $email = ""; if (isset($_POST['submit'])) { $required_fields = array("Email", "Password"); validate_presences($required_fields); if (empty($errors)) { // Attempt Login $email = $_POST["Email"]; $user = $_POST["Email"]; $password = $_POST["Password"]; $found_user = attempt_login($email, $password); $found_employee = attempt_employee_login($user, $password); if ($found_user) { // Success // Mark user as logged in $_SESSION["user_id"] = $found_user["CustomerID"]; $_SESSION["firstname"] = $found_user["Firstname"]; $_SESSION["email"] = $found_user["Email"]; redirect_to("user.php"); } elseif ($found_employee) { $_SESSION["employee_id"] = $found_employee["EmployeeID"]; $_SESSION["firstname"] = $found_employee["Firstname"]; $_SESSION["user"] = $found_employee["User"]; redirect_to("employee.php"); } else { $_SESSION["message"] = "Onjuist gebruikersnaam en/of wachtwoord.";
$stmt = $db->prepare('SELECT COUNT(1) AS cnt FROM login_log WHERE user_id = :user_id AND :id < id'); $stmt->bindValue(':user_id', $row['user_id']); $stmt->bindValue(':id', $row['last_login_id']); $stmt->execute(); $count = $stmt->fetch(PDO::FETCH_ASSOC)['cnt']; if ($threshold <= $count) { array_push($user_ids, $row['login']); } } return $user_ids; } dispatch_get('/', function () { return html('index.html.php'); }); dispatch_post('/login', function () { $result = attempt_login($_POST['login'], $_POST['password']); if (!empty($result['user'])) { session_regenerate_id(true); $_SESSION['user_id'] = $result['user']['id']; return redirect_to('/mypage'); } else { switch ($result['error']) { case 'locked': flash('notice', 'This account is locked.'); break; case 'banned': flash('notice', "You're banned."); break; default: flash('notice', 'Wrong username or password'); break;