function password_reset_link($account) { require_once 'AMP/Auth/Handler.inc.php'; $auth = new AMP_Authentication_Handler(AMP_dbcon(), 'content'); $secret = $auth->get_seed(); $auth_token = $auth->build_cookie_value($account->id, $account->getData('custom3'), $secret); $auth->userid = $account->id; $auth->save_session($auth_token, $secret); return AMP_SITE_URL . "reset_password.php?authtype=temp&ContentLoginCredentials={$auth_token}"; }
function execute($options = array()) { $options = array_merge($this->getOptions(), $options); require_once 'AMP/Auth/Handler.inc.php'; $AMP_Auth_Handler = new AMP_Authentication_Handler($this->udm->dbcon, 'user'); $this->notice('just created auth handler'); $this->_handler = $AMP_Auth_Handler; $this->notice('just set handler'); $AMP_Auth_Handler->userid = $options['uid']; $authenticated = $AMP_Auth_Handler->is_authenticated(); $this->notice('just checked is_authenticated'); if (!$authenticated) { $this->notice('not authenticated, doing login'); $AMP_Auth_Handler->do_login(); } $this->udm->authorized = $authenticated; $this->notice('we are authenticated'); /* $authStatus = false; $uid = $options[ 'uid' ]; $pass = $options[ 'pass' ]; $dbcon = $this->udm->dbcon; if ( $uid && $pass ) { $encrypted_pass = sha1( $pass ); $sql = "SELECT id, password from userdata WHERE". $sql .= " id=". $dbcon->qstr( $uid ); $sql .= " AND password="******"Couldn't obtain login information: " . $dbcon->ErrorMsg() ); if ( !$rs ) return $this->_failAuth( ); } elseif ( $uid ) { if ( !$this->readAuthCookie( )) return $this->_failAuth( ); } $authStatus = true; $this->udm->authorized = true; */ $this->notice('setting udm->uid to auth handlers - ' . $AMP_Auth_Handler->userid); $this->udm->uid = $AMP_Auth_Handler->userid; return $this->udm->uid; /* * $this->udm->pass = $pass; $this->_setAuthCookie( $uid, $pass ); */ }
<?php require 'AMP/Base/Config.php'; require_once 'AMP/System/User/Profile/Profile.php'; require_once 'AMP/UserData/Input.inc.php'; require_once 'AMP/Auth/Handler.inc.php'; $AMP_Authen_Handler = new AMP_Authentication_Handler(AMP_Registry::getDbcon(), 'content'); if (!$AMP_Authen_Handler->is_authenticated()) { $AMP_Authen_Handler->do_login(); } $udm = new UserDataInput(AMP_dbcon(), 20); $udm->getUser($AMP_Authen_Handler->getUserId()); // Hide fields that should be present on the signup form, but not on the edit form // Custom1 = username // Custom2 = password // remember users email field so we can use it later when we save $email = $udm->fields['Email']; // Remove non-editable fields so that they don't display on the form $non_editable_fields = array('custom1', 'custom2', 'Email'); foreach ($non_editable_fields as $field_name) { unset($udm->fields[$field_name]); } // if there is POST data, save and redirect back to self. if (isset($_POST['btnUdmSubmit'])) { // add email field back in so DIA syncing works if (empty($udm->fields['Email'])) { $udm->fields['Email'] = $email; //add the email back in the post so that the udm save function doesn't throw a validation error. $_POST['Email'] = $email['value']; } $udm->saveUser();
function AMP_Authenticate($loginType = 'content', $do_login = false) { static $auth_status = array(); if (isset($auth_status[$loginType]) && $auth_status[$loginType]) { return $auth_status[$loginType]; } require_once 'AMP/Auth/Handler.inc.php'; $AMP_Authen_Handler = new AMP_Authentication_Handler(AMP_Registry::getDbcon(), $loginType); if (!($auth_status[$loginType] = $AMP_Authen_Handler->is_authenticated())) { if ($do_login) { $AMP_Authen_Handler->do_login(); } } return $auth_status[$loginType]; }
<?php require_once 'AMP/Base/Config.php'; require_once 'AMP/Auth/Password/Reset/Form.php'; require_once 'AMP/System/User/Profile/Profile.php'; require_once 'AMP/Auth/Handler.inc.php'; #require_once( 'AMP/BaseTemplate.php' ); #require_once( 'AMP/BaseModuleIntro.php' ); // define('AMP_AUTHENTICATION_DEBUG',true); $AMP_Authen_Handler = new AMP_Authentication_Handler(AMP_Registry::getDbcon(), 'content'); if (!$AMP_Authen_Handler->is_authenticated()) { AMP_flashMessage('You need to submit another password reset request, as yours has expired'); $AMP_Authen_Handler->do_login(); } $password_reset_form = new AMP_Auth_Password_Reset_Form(); $password_reset_form->Build(); if ($_POST['new_password']) { $passwords = $password_reset_form->getValues(); $user = new AMP_System_User_Profile(AMP_dbcon(), $AMP_Authen_Handler->userid); if ($user->reset_password($passwords, 'custom2')) { global $dbcon; $dbcon->Execute('DELETE FROM users_sessions where hash=' . $dbcon->qstr($hash)); AMP_flashMessage('Password reset successful'); AMP_redirect('profile.php'); } else { AMP_flashMessage('Passwords do not match'); } } echo $password_reset_form->execute(); require_once 'AMP/BaseFooter.php';
<?php /***** * * AMP Authentication Handler * * The inclusion of this file will require authentication to succeed before * allowing access to any pages. It provides username and password information * by setting the $_SYSTEM['REMOTE_USER'] and $_SYSTEM['REMOTE_GROUP'] * *****/ //ob_start(); require_once 'AMP/Auth/Handler.inc.php'; $AMP_Authen_Handler = new AMP_Authentication_Handler($dbcon); // we have disabled old school default passwords if (isset($_POST['AMPLogin_password']) && ($_POST['AMPLogin_password'] == 'changeme' || $_POST['AMPLogin_password'] == 'chang#th1s')) { $AMP_Authen_Handler->set_message('Default Passwords are no longer available. Please contact <a style="color:#a5e2ff" href="mailto:help@radicaldesigns.org">help@radicaldesigns.org</a> for a new password.'); $AMP_Authen_Handler->do_login(); } if (!$AMP_Authen_Handler->is_authenticated()) { $AMP_Authen_Handler->do_login(); } else { define('AMP_USERMODE_ADMIN', true); } AMP_init_user(); $AMP_Authen_Handler->redirect_page(); if (!empty($_POST)) { AMP_flush_common_cache(); }