PHP SimpleAuth::securityCheck Exemples

Langage de programmation: PHP

Class/Type: SimpleAuth

Méthode/Fonction: securityCheck

Exemples au hotexamples.com: 3

PHP SimpleAuth::securityCheck - 3 exemples trouvés. Ce sont les exemples réels les mieux notés de SimpleAuth::securityCheck extraits de projets open source. Vous pouvez noter les exemples pour nous aider à en améliorer la qualité.

Méthodes fréquemment utilisées

Afficher Cacher

securityCheck(3)

getDataFolder(2)

isPlayerAuthenticated(2)

checkLogin(1)

checkPassword(1)

getDescription(1)

getResource(1)

getUser(1)

hashPassword(1)

loginForm(1)

loginNow(1)

logout(1)

Méthodes fréquemment utilisées

securityCheck (3)

getDataFolder (2)

isPlayerAuthenticated (2)

checkLogin (1)

checkPassword (1)

getDescription (1)

getResource (1)

getUser (1)

hashPassword (1)

loginForm (1)

Méthodes fréquemment utilisées

loginNow (1)

logout (1)

Exemple #1

0

Afficher le fichier

Fichier : user.php Projet : avirtualmedia/wquiz

// action = 'pwchange' to change password // at end we display confirmation and provide click back to home page if (isset($_POST['action']) && $_POST['action'] == 'pwchange') { /**** IMPORTANT - these are all elseif options - only if we reach the else at the end do we change the password - if we match any of the if / elseif then we don't change the password *****/ // check existing password is entered if (!isset($_POST['oldpassword'])) { print "You need to enter the existing password\n"; } elseif (!$auth->checkPassword($_POST['oldpassword'])) { print "Existing password is incorrect\n"; } elseif (!isset($_POST['newpassword'])) { print "New password cannot be left blank\n"; } elseif (strlen($_POST['newpassword']) < $min_password_chars) { print "New password is too short Must be at least {$min_password_chars} characters long\n"; } elseif (!$auth->securityCheck('password', $_POST['newpassword'])) { print "New password contains inavlid characters\n"; } elseif (!isset($_POST['newpassword2']) || $_POST['newpassword'] != $_POST['newpassword2']) { print "New password is not the same as the repeated password\n"; } else { // get md5 version of password $hash_password = $auth->hashPassword($_POST['newpassword2']); // save it in the settings $settings->setSetting('admin_login_password', $hash_password); // if we changed password then we confirm back to the user with link back to main page print "Password change successful\n<a href=\"" . ADMIN_FILE . "\">Admin home page</a>\n"; $templates->includeTemplate('footer', 'admin'); // exit if we succesfully change // otherwise we show password change form exit(0); }

Exemple #2

0

Afficher le fichier

Fichier : install.php Projet : avirtualmedia/wquiz

if ($settings->getSetting('admin_login_password') != '') { displayComplete($status_msg); exit(0); } // If not then are we saving existing post if (isset($_POST['action']) && $_POST['action'] == 'savesettings') { // do passwords match if ($_POST['password'] != $_POST['passwordrepeat']) { displaySettingsForm("Passwords don't match"); exit(0); } // we use the SimpleAuth class, but note we are creating with dummy username & password require_once $app_dir . "/includes/SimpleAuth.php"; $auth = new SimpleAuth('', '', 3600); // run username & password through security / valid char checks if ($auth->securityCheck('username', $_POST['username']) && $auth->securityCheck('password', $_POST['username'])) { // add details // add login / password to the settings array $quiz_settings['admin_login_username'] = $_POST['username']; $quiz_settings['admin_login_password'] = md5($_POST['password']); foreach ($quiz_settings as $key => $value) { if (!$qdb->insertSetting($key, $value)) { displayDbError("Error adding setting {$key}"); exit(0); } } $status_msg .= "\nSettings added to database \n\n"; } else { displaySettingsForm("Invalid characters used in the username or password"); exit(0); }

Exemple #3

0

Afficher le fichier

Fichier : login.php Projet : avirtualmedia/wquiz

$message = ''; require_once "adminsetup.php"; // Authentication class required for admin functions require_once $include_dir . "SimpleAuth.php"; // Array of valid goto / location entries // prefixed with a in case we want to use authentication in main quiz in future // uses the #define entries - so put after setup $locations = array('aindex' => ADMIN_FILE, 'aquestions' => ADMIN_Q_FILE, 'aupgrade' => ADMIN_UPGRADE_FILE); // create authentication object // this needs to be before we output anything as it uses sessions (cookies) $auth = new SimpleAuth($settings->getSetting('admin_login_username'), $settings->getSetting('admin_login_password'), $settings->getSetting('admin_login_expirytime')); /*** Authentication - Is this a login attempt (ie. with username & password) ***/ // note we only exit if we successfully login - otherwise we continue with showing login form if (isset($_POST['username']) && isset($_POST['password'])) { // check that they are only using valid characters if ($auth->securityCheck('username', $_POST['username']) && $auth->securityCheck('password', $_POST['password'])) { //check login is correct if ($auth->loginNow($_POST['username'], $_POST['password'])) { // do we have a valid return location - if so go there, otherwise back to admin index page if (isset($_POST['location']) && $auth->securityCheck('location', $_POST['location'], $locations)) { $goto = $_POST['location']; // goto new location header("Location: " . $locations[$goto]); exit(0); // need to stop script after redirected } else { header("Location: " . ADMIN_FILE); } exit(0); // need to stop script after redirected } else {