public function post() { if (!($userID = User::login($this->post['username'], $this->post['password']))) { $this->status = 403; $this->message = "Invalid username or password"; } else { Session::login($userID); $this->response = array($this->slug => array('auth_id' => $userID, 'auth_token' => APIController::authToken($userID))); } }
public function testLogin() { $this->assertFalse($this->object->login('', '')); $this->assertFalse($this->object->login('a', 'b')); $this->assertFalse($this->object->isLogged()); //Criando um novo usuario $user = createRandomUser(); $grupo = createRandomGroup(); $dao = Factory::DAO('usuario'); /* @var $dao UsuarioDAO */ $this->assertEquals(1, $dao->UsuarioGrupo()->novo($user['id'], $grupo['id'])); $this->assertFalse($this->object->login($user['email'], $user['email'])); $this->assertTrue($this->object->login($user['email'], hashit($user['email']))); $this->assertTrue($this->object->isLogged()); //Conferindo os dados $this->assertEquals($user['id'], $this->object->getUserId()); $this->assertEquals($user['nome'], $this->object->getUserName()); $this->assertEquals($user['email'], $this->object->getData('email')); $this->assertEquals(array($grupo['id'] => $grupo['nome']), $this->object->getGroups()); $this->assertTrue($this->object->isMemberOf($grupo['nome'])); $this->assertFalse($this->object->isAdmin()); $this->object->logout(); $this->assertFalse($this->object->isLogged()); //Excluindo o usuário $dao->delete($user['id']); $this->assertFalse($this->object->login($user['email'], hashit($user['email']))); $this->assertFalse($this->object->isLogged()); }
public function login($login, $pass, Session $session, $options) { $oauth = $this->getOAuthProvider(); $result = $oauth->auth($options, $userArray); if ($result == AUTH_OK) { if ($user = $this->getUserFromArray($userArray)) { $oauth->saveTokenForUser($user); $session->login($user); } else { $result = AUTH_FAILED; } } return $result; }
/** * @param <type> $username * @param <type> $password * @return boolean */ public function login($username, $password) { $user = new User(null, $username, $password); $user = $this->userDao->get($user); if ($user != null) { Session::login($user); setcookie('Bureau_PosicaoApps', '', time() - 3600); //setcookie('Bureau_PosicaoApps', "publicacoes|noticias|videoteca", time() + 3600); setcookie('Bureau_PosicaoApps', $user->getPositions(), time() + 3600); setcookie('Bureau_AppsMinimizados', "0", Config::get('tempo_vida_cookie')); setcookie('logged', '1', time() + 10); return true; } return false; }
public function login($username, $password) { $results = DB::fetch(array('user' => ['user_id', 'password']), array('username' => $username)); $results = $results[0]; if (count($results) === 1) { if (Hash::verify($password, $results->password)) { Session::login($results->user_id); DB::updateIf('user', array('last_login' => time()), array('user_id' => Session::get('user_id'))); Redirect::ref(); return TRUE; } else { return FALSE; } } else { return FALSE; } }
public function dispatchAction($action, $params) { if ($action === 'logout') { Session::terminate(); return new ControllerActionRedirect(Router::toBase()); } if (!Session::isLoggedIn()) { list($num, $pwd) = Arr::initList($_REQUEST, ['num' => TYPE_KEY, 'pwd' => TYPE_STRING]); if (!$num || !$pwd || !Session::login($num, $pwd)) { return ControllerDispatcher::renderModuleView(self::MODULE_NAME, 'login', ['formVal' => ['num' => $num]]); } } if (!Session::getLogin()) { Session::terminate(); return new ControllerActionRedirect(Router::toBase()); } return parent::dispatchAction($action, $params); }
public function post() { if (!isset($this->post['username'], $this->post['password'])) { $this->message = "Missing one or more required parameters"; $this->status = 400; return; } if (User::idByUsername($this->post['username'])) { $this->message = "User already exists"; $this->status = 400; return; } $user = new User(); $user->username = $this->post['username']; $user->setPassword($this->post['password']); $user->save(); Session::login($user->id); $this->message = "User created"; $this->status = 201; $this->response[$this->slug][] = $user->apiData(); }
$smarty->assign("donotcommit", "no"); $smarty->assign('sec', $conf->IsDNSSec ? "yes" : "no"); $smarty->assign('popuperror', NULL); $cap_rsp = NULL; if (isset($_POST["recaptcha_response_field"])) { if ($_POST["recaptcha_response_field"] != '') { $rsp = recaptcha_check_answer($conf->RC_PrivKey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$rsp->is_valid) { $cap_rsp = $rsp->error; } } else { $cap_rsp = 'incorrect-captcha-sol'; } } if (isset($_POST['username']) && isset($_POST['password']) && $cap_rsp == NULL) { $session->login($_POST['username'], $_POST['password']); } $user = new User(); $smarty->assign("loggedinuser", preg_replace('/\\s/', ' ', $user->getFullName())); if ($user->getId() == 0) { login_page($smarty); } if (isset($_SERVER['PHP_SELF']) && basename($_SERVER['PHP_SELF']) != 'index.php') { $smarty->assign("menu_current", $src . basename($_SERVER['PHP_SELF'])); } else { $smarty->assign("menu_current", $base); } if ($user->isAdmin()) { $smarty->assign("admin", "yes"); $smarty->assign("version", $conf->version); } else {
public function login($login, $pass, Session $session, $options) { $startOver = isset($_REQUEST['startOver']) ? $_REQUEST['startOver'] : false; //see if we already have a request token if ($startOver || !$this->token || !$this->tokenSecret) { if (!$this->getRequestToken($options)) { error_log("Error getting request token"); return AUTH_FAILED; } } //if oauth_verifier is set then we are in the callback if (isset($_GET[$this->verifierKey])) { //get an access token if ($response = $this->getAccessToken($_GET[$this->verifierKey])) { //we should now have the current user if ($user = $this->getUserFromArray($response)) { $session->login($user); return AUTH_OK; } else { error_log("Unable to find user for $response"); return AUTH_FAILED; } } else { error_log("Error getting Access token"); return AUTH_FAILED; } } else { //redirect to auth page $url = $this->getAuthURL($options); header("Location: " . $url); exit(); } }
/** * Login a user based on supplied credentials * @param string $login * @param string $password * @param Module $module * @see AuthenticationAuthority::reset() * */ public function login($login, $password, Session $session, $options) { $result = $this->auth($login, $password, $user); if ($result == AUTH_OK) { if ($this->saveCredentials) { $user->setCredentials($password, $this); } $session->login($user); } return $result; }
public static function login($userID = null, $token = null) { if ($userID && $token == self::authToken($userID)) { return Session::login($userID); } return false; }
$dep->retrive(); if ($dep->count > 0) { $par = new WpList(1); $par->where('id=' . $dep->id_1[0]); $par->retrive(); for ($i = 0; $i < $par->count; $i++) { if (canApprove($par->id[$i], $u)) { return true; } } } $acl[] = array($ou, $u, false); return false; } // Create acl $u = $ses->login(); $adu = new User5($ses->login()); $t = $adu->employeeid; $p = new WpPerson(); $p->where("SAPR_VIEW_people.note6='{$t}'"); $p->retrive(); if ($p->count > 0 && in_array($p->prior_dolg[0], array(10, 16, 25, 26, 35, 36))) { $acl[] = array(trim($p->note1[0]), $u, true); } $userBehalf = new WPBehalf(); $userBehalf->where('tabio="' . $p->note6[0] . '" and typeio=1'); $userBehalf->retrive(); if ($userBehalf->count > 0) { for ($i = 0; $i < $userBehalf->count; $i++) { $buser = new User5($userBehalf->tab[$i], OUSER_TAB); $p1 = new WpPerson();
/* landing page */ $app->get('/', function ($request, $response, $args) use($session) { return $this->view->render($response, 'index.html', $args); }); /* GitHub OAuth login */ $app->get('/login', function ($request, $response) use($session) { $credentials = new \OAuth\Common\Consumer\Credentials(Config::get('github.oauth.key'), Config::get('github.oauth.secret'), Config::get('github.oauth.redirecturl')); $serviceFactory = new \OAuth\ServiceFactory(); $gitHub = $serviceFactory->createService('GitHub', $credentials, new \OAuth\Common\Storage\Session(), array('user:email', 'public_repo', 'repo:status', 'admin:repo_hook')); $queryParams = $request->getQueryParams(); if (isset($queryParams['code'])) { try { $token = $gitHub->requestAccessToken($queryParams['code']); $result = json_decode($gitHub->request('user'), true); /* TODO: register new user at master if it does not exist yet */ $session->login($result['login']); $_SESSION['name'] = $result['name']; $_SESSION['profile_url'] = $result['html_url']; $_SESSION['token'] = $token->getAccessToken(); return $response->withRedirect('/repositories'); } catch (\OAuth\Common\Http\Exception\TokenResponseException $e) { return $response->withStatus(500)->write($e->getMessage()); } } else { return $response->withRedirect($gitHub->getAuthorizationUri()); } }); /* GitHub list repositories */ $app->get('/repositories', function ($request, $response) use($session) { if (!$session->getUsername()) { return $response->withStatus(403)->write('Not authenticated');
/** * Login a user based on supplied credentials * @param string $login * @param string $password * @param Module $module * @see AuthenticationAuthority::reset() * */ public function login($login, $password, Session $session, $options) { $result = $this->auth($login, $password, $user); if ($result == AUTH_OK) { $session->login($user); } return $result; }
<?php include_once 'class.session.inc.php'; Session::init(); include_once 'class.pdoperi.inc.php'; if (isset($_REQUEST['uc'])) { $uc = "?uc=" . $_REQUEST['uc']; } $instancePdoPeri = PdoPeri::getPdoPeri(); $visiteur = $instancePdoPeri->getInfosVisiteur($_REQUEST['login']); //echo $visiteur["pseudo"]." - ".$visiteur["mdp"]; if (isset($_REQUEST['login']) && isset($_REQUEST['reponse']) && Session::login($_REQUEST['login'], $_REQUEST['reponse'], $visiteur["pseudo"], $visiteur["mdp"])) { $instancePdoPeri->setTSConnexion($visiteur["pseudo"]); header('Location: index.php' . $uc); } include 'v_entete.php'; ?> <script language="javascript" src="js/md5.js"></script> <script language="javascript"> <!-- function doChallengeResponse() { str = "*355"+document.identification.mot_de_passe.value; document.identification.reponse.value = MD5(str); document.identification.mot_de_passe.value = ""; } // --> </script> <?php include 'v_titre.php'; ?>
<?php require_once "lib/base.inc.php"; $s = new Session(false); $filName = basename(__FILE__, '.php'); /*SEO*/ $title = 'Login - Access to private area'; if (isset($_POST["user"]) == true) { $user = parseField("user"); $password = parseField("password"); if ($s->login($user, $password, true, true) > 0) { $s->goToDefaultUrl('/login.php'); } else { $notification = new Notification("Error", 'Usuario y contraseña dont match.'); } } include "parts/header.php"; include "pages/login.php"; $doDebug = parseGet("debug"); if ($doDebug > 0) { echo isset($debug) ? $debug : ''; printR($_POST); printR($s); } include "parts/footer.php";
$db->close(); $default_user = AV_DEFAULT_ADMIN; } // LOGIN $cnd_1 = !empty($user) && is_string($user); $cnd_2 = !empty($pass) && is_string($pass); if ($cnd_1 && $cnd_2) { $session = new Session($user, $pass, ''); $config = new Config(); //Disable first_login if ($accepted == 'yes') { $config->update('first_login', 'no'); } $is_disabled = $session->is_user_disabled(); if ($is_disabled == FALSE) { $login_return = $session->login(); $first_user_login = $session->get_first_login(); $last_pass_change = $session->last_pass_change(); $login_exists = $session->is_logged_user_in_db(); $lockout_duration = intval($conf->get_conf('unlock_user_interval')) * 60; if ($login_return != TRUE) { $_SESSION['_user'] = ''; $infolog = array($user); Log_action::log(94, $infolog); $failed = TRUE; $bad_pass = TRUE; $failed_retries = $conf->get_conf('failed_retries'); if ($login_exists && !$is_disabled && $lockout_duration > 0) { $_SESSION['bad_pass'][$user]++; if ($_SESSION['bad_pass'][$user] >= $failed_retries && $user != AV_DEFAULT_ADMIN) { // Auto-disable user
$pb->assign('shaarli', htmlspecialchars($kfc->shaarli)); $pb->assign('autoreadItem', $kfc->autoreadItem); $pb->assign('autoreadPage', $kfc->autoreadPage); $pb->assign('autohide', $kfc->autohide); $pb->assign('autofocus', $kfc->autofocus); $pb->assign('autoupdate', $kfc->autoUpdate); $pb->assign('addFavicon', $kfc->addFavicon); $pb->assign('preload', $kfc->preload); $pb->assign('blank', $kfc->blank); $pb->assign('kf', $kf); $pb->assign('isLogged', $kfc->isLogged()); $pb->assign('pagetitle', strip_tags($kfc->title)); if (isset($_GET['login'])) { // Login if (!empty($_POST['login']) && !empty($_POST['password'])) { if (Session::login($kfc->login, $kfc->hash, $_POST['login'], sha1($_POST['password'] . $_POST['login'] . $kfc->salt))) { if (!empty($_POST['longlastingsession'])) { // (31536000 seconds = 1 year) $_SESSION['longlastingsession'] = 31536000; $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; Session::setCookie($_SESSION['longlastingsession']); } else { // when browser closes Session::setCookie(0); } session_regenerate_id(true); MyTool::redirect(); } if (Session::banCanLogin()) { $pb->assign('message', Intl::msg('Login failed!')); } else {
if (!isset($session)) { $session = new Session(); $session->message(); } if ($session->isLoggedIn()) { redirect_to("app/index.php"); } if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; if (empty($username) || empty($password)) { $err = "Username or password cannot be empty"; } else { $found = User::authenticate($username, $password); if ($found) { $session->login($found, $ac); $session->message("Welcome {$username}"); $session->sessionVar("user", "You are logged in as {$username}"); redirect_to("app/index.php"); } else { $err = "Username and/or password is incorrect. Please try again"; } } } else { // Form not submitted $msg = ""; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head>
<?php require '../clases/AutoCarga.php'; $sesion = new Session(); $bd = new DataBase(); $gestor = new ManageUser($bd); $email = Request::post("email"); $clave = Request::post("clave"); $user = $gestor->login($email, $clave); $bd->closeConnection(); if ($user == false) { $sesion->destroy(); header("Location:index.php?error=Login incorrecto o usuario inactivo"); } else { $sesion->login($user); }
/** * User registration page */ private function register() { Base::requireNotLogged(); if (!isset($_POST['register'])) { View::show('user/register'); } $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $email = $_POST['email']; // Password errors if (!Validate::len($password, 4, 128)) { $error = 'Password must have more than 4 characters'; } elseif ($password != $password2) { $error = 'Passwords don\'t match'; } elseif (!Validate::captcha($_POST['captcha'])) { $error = 'Invalid captcha'; } elseif (!Validate::len($username)) { $error = 'Username character count must be between 4 and 64'; } elseif (!Validate::username($username)) { $error = 'Please only use letters, digits, dots and underscores in username'; } elseif (method_exists($this, $username)) { $error = 'You cannot use that username'; } elseif (User::where('username', $username)->findOne()) { $error = 'You cannot use that username'; } elseif (!Validate::len($email)) { $error = 'Email character count must be between 4 and 64'; } elseif (!Validate::email($email)) { $error = 'Please enter a valid email'; } elseif (User::where('email', $email)->findOne()) { $error = 'You cannot use that email address'; } if ($error) { View::set('error', $error); View::show('user/register'); } $user = User::create(); $user->username = $username; $user->password = Base::hashPassword($password); $user->email = $email; $user->reg_date = time(); $user->avatar = Base::createIdenticon($username, 200); $user->admin = 0; $user->save(); // Logs user in Session::login($user->id()); Base::redirect('', "Welcome, {$user->username}! We're glad to know you"); }
<?php if (Session::login($_POST['username'], $_POST['password'])) { exit("success"); } else { exit("Incorrect username or password"); }
public function login($login, $pass, Session $session, $options) { //if the code is present, then this is the callback that the user authorized the application if (isset($_GET['code'])) { // if a redirect_uri isn't set than we can't get an access token if (!isset($_SESSION['redirect_uri'])) { return AUTH_FAILED; } $this->redirect_uri = $_SESSION['redirect_uri']; unset($_SESSION['redirect_uri']); //get access token $url = "https://graph.facebook.com/oauth/access_token?" . http_build_query(array('client_id' => $this->api_key, 'redirect_uri' => $this->redirect_uri, 'client_secret' => $this->api_secret, 'code' => $_GET['code'])); if ($result = @file_get_contents($url)) { parse_str($result, $vars); foreach ($vars as $arg => $value) { switch ($arg) { case 'access_token': case 'expires': $this->{$arg} = $_SESSION['fb_' . $arg] = $value; break; } } // get the current user via API if ($user = $this->getUser('me')) { $session->login($user); return AUTH_OK; } else { return AUTH_FAILED; // something is amiss } } else { return AUTH_FAILED; //something is amiss } } elseif (isset($_GET['error'])) { //most likely the user denied return AUTH_FAILED; } else { //find out which "display" to use based on the device $deviceClassifier = Kurogo::deviceClassifier(); $display = 'page'; switch ($deviceClassifier->getPagetype()) { case 'compliant': $display = $deviceClassifier->isComputer() ? 'page' : 'touch'; break; case 'basic': $display = 'wap'; break; } // facebook does not like empty options foreach ($options as $option => $value) { if (strlen($value) == 0) { unset($options[$option]); } } //save the redirect_uri so we can use it later $this->redirect_uri = $_SESSION['redirect_uri'] = FULL_URL_BASE . 'login/login?' . http_build_query(array_merge($options, array('authority' => $this->getAuthorityIndex()))); //show the authorization/login screen $url = "https://graph.facebook.com/oauth/authorize?" . http_build_query(array('client_id' => $this->api_key, 'redirect_uri' => $this->redirect_uri, 'scope' => implode(',', $this->perms), 'display' => $display)); header("Location: {$url}"); exit; } }
if (is_array($validation_errors) && !empty($validation_errors)) { //Formatted message $error_msg = _('The following errors occurred') . ":\n" . implode("\n", $validation_errors); $error_msg = strip_tags($error_msg); die($error_msg); } try { //Autologin in UI and AlienVault API //Database connection list($db, $conn) = Ossim_db::get_conn_db(); $db = new Ossim_db(); $conn = $db->connect(); $user_obj = Session::get_user_info($conn, $user, TRUE, FALSE); $pass = $user_obj->get_pass(); $session = new Session($user, $pass, ''); $session->login(TRUE); $db->close(); $is_disabled = $session->is_user_disabled(); if ($is_disabled == TRUE) { $e_msg = _('Error! Scan cannot be completed: Scan owner is disabled'); Av_exception::throw_error(Av_exception::USER_ERROR, $e_msg); } $client = new Alienvault_client($user); $client->auth()->login($user, $pass); //Launching scan $autodetect = $autodetect == 1 ? 'true' : 'false'; $rdns = $rdns == 1 ? 'true' : 'false'; $timing_template = empty($timing_template) ? 'T3' : $timing_template; $scan_options = array('scan_type' => $scan_type, 'scan_timing' => $timing_template, 'autodetect_os' => $autodetect, 'reverse_dns' => $rdns, 'scan_ports' => $custom_ports, 'idm' => 'false'); $av_scan = new Av_scan($targets_p, $sensor, $scan_options); $av_scan->run();
private function login() { Module::dependencies(isset($_POST['user'], $_POST['password'])); $session = new Session($this->plugins, $this->settings); echo $session->login($_POST['user'], $_POST['password']); }
private static function processLogIn() { if (isset($_POST['ACTION']) && $_POST['ACTION'] == 'LOGIN') { Session::login($_POST['user'], $_POST['pass']); } }
<?php // FUNCTIONS BEGIN require_once dirname(__FILE__) . '/inc/includes.php'; /* TODO: penser a ajouter la gestion des utilisateurs et des fichiers sauvegarder via XML: http://php.net/manual/en/function.simplexml-load-string.php */ if (isset($_GET['logout'])) { Session::logout(); header('Location: index.php'); die; } else { if (isset($_POST['login']) && isset($_POST['password'])) { $user = User::getUser('./conf/', $_POST['login']); if ($user && $user->getPassword() != null && Session::login($_POST['login'], User::getHashPassword($_POST['password']), $user->getLogin(), $user->getPassword())) { if (Session::isLogged() && $_SESSION['username'] != null && !is_dir('./' . SAVED_PATH . '/' . $_SESSION['username'])) { mkdir('./' . SAVED_PATH . '/' . $_SESSION['username'], 0705); } header('Location: index.php'); die; } } } raintpl::$tpl_dir = './tpl/'; // template directory raintpl::$cache_dir = "./cache/"; // cache directory raintpl::$base_url = url(); // base URL of blog raintpl::configure('path_replace', false);
<?php include 'inc/class.Session.php'; Session::init(); include 'inc/class.PDOForum.php'; include 'vues/v_entete.php'; if (isset($_POST['login']) && isset($_POST['password'])) { $pdo = PDOForum::getPdoForum(); $login = $_POST['login']; $mdp = $_POST['password']; if ($rep = $pdo->getInfoUtil($login)) { // si j'ai une réponse du modèle if (Session::login($login, $mdp, $rep['pseudo'], $rep['mdp'])) { $_SESSION['nom'] = $rep['nom']; $_SESSION['prenom'] = $rep['prenom']; $_SESSION['tsDerniereCx'] = $rep['tsDerniereCx']; $_SESSION['numUtil'] = $rep['num']; $pdo->setDerniereCx($rep['num']); header('Location: index.php'); } } } ?> <form method="post" action="login.php"> Pour se connecter : <br> Votre pseudo : <input type="text" name="login"> <br> Mot de passe : <input type="password" name="password"> <input type="submit" value="Login"> </form> <a href ="inscrire.php">Vous pouvez vous inscrire ici.</a> <?php
} // don't bother doing any of this if the user is already logged in if (Session::getUser()) { redirectAndExit("index"); } if (!isset($_POST["token"])) { redirectAndExit("index"); } $token = $_POST["token"]; $usernameFieldName = FormFieldRandomizer::getUsernameFieldNameForToken($token); $passwordFieldName = FormFieldRandomizer::getPasswordFieldNameForToken($token); if (!isset($_POST[$usernameFieldName], $_POST[$passwordFieldName])) { redirectAndExit("index"); } $username = $_POST[$usernameFieldName]; $password = $_POST[$passwordFieldName]; $user = Session::login($username, $password); if (!$user) { setcookie("LoginError", "1"); setcookie("Username", $username); redirectAndExit("index"); } if ($user->premade) { $token = PasswordChangeToken::generate($user); $user->passwordChangeToken = $token; $user->save(); setcookie("User", $user->id); setcookie("PasswordChangeToken", $token); redirectAndExit("premade"); } redirectAndExit("index");
$ini = parse_ini_file("./config.ini"); //----------------------------------------------------------------------------- require_once './app/autoload.php'; //----------------------------------------------------------------------------- Render::init(); $tmplData = Template::init(); $initedOK = Route::init(); if ($initedOK == false) { Render::antiTampering($tmplData); } //----------------------------------------------------------------------------- if ($_GET['logoff']) { //echo "Logoff."; Session::logoff(); Render::login($tmplData); } elseif ($_POST['login'] && Session::login($tmplData) == false) { //echo "Login Failed."; Render::login($tmplData); } if (Session::isLoggedIn() === false) { //echo "Not logged in."; Render::login($tmplData); } else { //echo "showlist."; Route::main($tmplData); } //----------------------------------------------------------------------------- //----------------------------------------------------------------------------- ?>