public function salvar() { if (!Session::hasPermission('usuario', Session::EXCLUIR)) { Router::redirect('home'); } $cols = array(); $values = array(); $ident = Request::get('ident'); $ident = $ident == "0" ? false : $ident; $j = array(); // resposta global $db; $exists = $db->query("select * from user where email='" . Request::post('email') . "'", true); if (!$ident && count($exists) > 0) { $j['status'] = 'danger'; $j['message'] = 'O usuário já existe'; echo json_encode($j); return; } foreach ($_POST as $key => $value) { if ($key == 'active') { $value = 1; } if (preg_match("/\\=/", $value)) { $refs = explode("&", $value); $rcol = array(); $rval = array(); foreach ($refs as $ref) { $r = explode("=", $ref); array_push($rcol, $r[0]); array_push($rval, $r[1]); } $query = "delete from user_module where user_id=" . $rval[0] . " and module_id=" . $rval[1] . ";"; $db->query($query, true); $query = "insert into user_module (" . implode(",", $rcol) . ") values ('" . implode("','", $rval) . "');"; $db->query($query); continue; } array_push($cols, $key); array_push($values, $value); } if (!Request::post('active')) { array_push($cols, 'active'); array_push($values, 0); } if (!$ident) { // neurosoft array_push($cols, "password"); array_push($values, Session::password("neurosoft")); // neurosoft array_push($cols, "token"); array_push($values, Session::token(Request::post('email') . "neurosoft")); } if ($ident) { $query = "update user set "; $sets = array(); for ($i = 0; $i < count($cols); $i++) { array_push($sets, $cols[$i] . "='" . $values[$i] . "'"); } $query .= implode(",", $sets) . " where id=" . $ident; } else { $query = "insert into user (" . implode(",", $cols) . ") values ('" . implode("','", $values) . "');"; } $result = $db->query($query); if ($result) { $j['status'] = 'success'; $j['message'] = 'Usuário salvo com êxito.'; $returningId = $ident ? "" : "editar/" . $result; $j['redirect'] = "/" . APP_DIR . "usuario/" . $returningId; } else { $j['status'] = 'danger'; $j['message'] = 'O sistema não pode salvar o usuário. Contate o administrador.'; } echo json_encode($j); }
public static function auth($email, $passwd) { $ret = array(); $erros = array(); if ($email && $passwd) { if (!preg_match(FormHelper::EMAIL, $email)) { $err = array(); $err['field'] = "email"; $err['message'] = "Digite um <strong>E-mail</strong> válido."; array_push($erros, $err); } if (!preg_match(FormHelper::NOT_EMPTY, $passwd)) { $err = array(); $err['field'] = "password"; $err['message'] = "Digite uma <strong>Senha</strong> para logar."; array_push($erros, $err); } if (count($erros) == 0) { global $db; $session_id = Session::getId(); $passwd = Session::password($passwd); $query = "select id,name,email,token from user where email='{$email}' and password='******' and active=1 and deleted=0"; $user = $db->query($query, true, PDO::FETCH_CLASS); if (count($user) > 0) { $session = array('id' => $user->id, 'name' => $user->name, 'email' => $user->email, 'token' => $user->token); $_SESSION[$session_id] = $session; $query = "update user set lastlogin='******'Y-m-d H:i:s') . "' where id=" . $user->id; $db->query($query); $ret['status'] = 'success'; $ret['message'] = 'Login realizado, a página será redirecionada.'; $ret['redirect'] = "/" . APP_DIR . "home/index"; } else { Session::destroy(); $ret = array(); $ret['status'] = 'danger'; $ret['message'] = 'Login ou senha inválidos.'; } } else { $ret['status'] = 'error'; $ret['message'] = "Há erros no formulário"; $ret['details'] = $erros; } echo json_encode($ret); } }
<?php require_once "lib/base.inc.php"; $s = new Session(false); $title = $s->web->name . " Password reset tool."; if (isset($_POST["enter"]) == true) { $user = $_POST["user"]; $email = $_POST["email"]; if ($s->password($email) > 0) { $hecho = true; $s->user->role = "DDDDD"; } else { $notification = new Notification("Error", "Email not found."); } } include "parts/header.php"; //echo md5('pass'); //echo $debug; include "pages/password.php"; include "parts/footer.php";
public function salvar() { $j = array(); $id = Request::get('ident'); $email = Request::post('email'); $senha = Request::post('senha'); $novasenha = Request::post('novasenha'); $repetir = Request::post('repetir'); $erros = array(); if (!preg_match(FormHelper::EMAIL, $email)) { array_push($erros, 'email'); $j['status'] = "danger"; $j['message'] = "Digite um <strong>E-mail</strong> válido."; } if (isset($senha)) { if (strlen($novasenha) < 4) { array_push($erros, "senha"); $j['status'] = 'danger'; $j['message'] = 'A <strong>senha</strong> deve ter ao menos 4 caracteres.'; $j['focus'] = "#senha"; } else { if ($novasenha != $repetir && preg_match(FormHelper::NOT_EMPTY, $novasenha)) { array_push($erros, 'repetir'); $j['status'] = 'danger'; $j['message'] = 'Repita a senha para alterá-la.'; $j['focus'] = "#repetir"; } else { if (!isset($novasenha)) { array_push($erros, 'novasenha'); $j['status'] = 'danger'; $j['message'] = 'Caso queira alterar uma senha, você deve digitar uma nova.'; $j['focus'] = "#novasenha"; } } } } global $db; $u = $db->query("select email from user where email='{$email}'"); $c = $db->query("select email from user where id={$id} and email='{$email}'"); $s = $db->query("select email from user where email='{$email}' and password='******'"); if (isset($senha) && count($s) == 0) { array_push($erros, "senha"); $j['status'] = 'danger'; $j['message'] = 'A <strong>senha</strong> não confere.'; $j['focus'] = "#senha"; } if (count($c) == 0 && count($u) > 0) { array($erros, 'email'); $j['status'] = "danger"; $j['message'] = "<strong>E-mail</strong> já existe."; } if (count($erros) == 0) { global $db; $cols = array(); array_push($cols, "email='" . $email . "'"); if (isset($novasenha)) { array_push($cols, "password='******'"); array_push($cols, "token='" . Session::token($email . $novasenha) . "'"); } $query = "update user set " . implode($cols, ",") . " where id=" . $id; $db->query($query); $j['status'] = 'success'; $j['message'] = 'Usuário alterado com êxito.'; } else { if (!isset($j['status'])) { $j['status'] = 'success'; $j['message'] = 'Não houveram alterações.'; } } echo json_encode($j); }