function createNew() { $this->load->library('form_validation'); $this->form_validation->set_rules('username', 'Username', 'required|is_unique[user.login]'); $this->form_validation->set_rules('password', 'Password', 'required'); $this->form_validation->set_rules('first', 'First', "required"); $this->form_validation->set_rules('last', 'last', "required"); $this->form_validation->set_rules('email', 'Email', "required|is_unique[user.email]"); if ($this->form_validation->run() == FALSE) { $this->load->view('account/newForm'); } else { include_once $_SERVER['DOCUMENT_ROOT'] . '/securimage/securimage.php'; $securimage = new Securimage(); if ($securimage->check($_POST['captcha_code']) == false) { echo "The security code entered was incorrect.<br /><br />"; echo "Please go <a href='javascript:history.go(-1)'>back</a> and try again."; exit; } $user = new User(); $user->login = $this->input->post('username'); $user->first = $this->input->post('first'); $user->last = $this->input->post('last'); $clearPassword = $this->input->post('password'); $user->encryptPassword($clearPassword); $user->email = $this->input->post('email'); $this->load->model('user_model'); $error = $this->user_model->insert($user); $this->load->view('account/loginForm'); } }
public function actionRegister() { $formModel = new Registration(); //$this->performAjaxValidation($formModel); if (isset($_POST['Registration'])) { $formModel->email = $_POST['Registration']['email']; $formModel->username = $_POST['Registration']['username']; $formModel->password = $_POST['Registration']['password']; $formModel->password_repeat = $_POST['Registration']['password_repeat']; $formModel->verification_code = $_POST['Registration']['verification_code']; if ($formModel->validate()) { $model = new User(); if ($model->insert(CassandraUtil::uuid1(), array('email' => $_POST['Registration']['email'], 'username' => $_POST['Registration']['username'], 'password' => User::encryptPassword($_POST['Registration']['password']), 'active' => false, 'blocked' => false)) === true) { echo 'Model email ' . $formModel->email . ' && username ' . $formModel->username; if (!User::sendRegisterVerification($formModel->email, $formModel->username)) { echo 'failed'; } else { echo 'done'; } die; //$this->redirect(array('user/profile')); } } } $this->render('register', array('model' => $formModel)); }
/** * @param User $model */ public function beforeSave(&$model) { if ($model->varPassword) { $model->varPassword = $model->encryptPassword($model->varPassword); } else { unset($model->varPassword); } }
protected function resolvePasswordParameter(&$params) { // We have to encrypt password if (isset($params['data']['password']) && $params['data']['password'] != '') { $params['data']['hash'] = User::encryptPassword($params['data']['password']); } unset($params['data']['password']); }
function loginMail() { $errMsg = ''; if (!isset($_GET['email'])) { $errMsg .= 'email'; } if (!isset($_GET['password'])) { if (strlen($errMsg) > 0) { $errMsg .= ', '; } $errMsg .= 'password'; } if (strlen($errMsg) > 0) { // At least one of the fields is not set, so return an error sendMessage(ERR, 'The following required parameters are not set: [' . $errMsg . ']'); return; } $email = $_GET['email']; $password = $_GET['password']; // Check if user exists $db = acquireDatabase(); $loader = new User($db); try { $res = $loader->loadWhere('email=?', [$email]); if (sizeof($res) > 0) { $user = $res[0]; // Check if password is correct $validPassword = $user->getPassword(); $password = User::encryptPassword($password); if ($validPassword == $password) { // Login successful -> return session id session_start(); $_SESSION['uid'] = $user->getId(); $_SESSION['email'] = $user->getEmail(); if ($user->getState() == 'FILL_DATA') { sendMessage(WARN, 'Login successful. Please complete your registration.'); } else { $_SESSION['name'] = $user->getName(); sendMessage(OK, 'Login successful.'); } } else { sendMessage(ERR, 'Password invalid.'); } } else { // User doesn't exist sendMessage(ERR, 'User invalid.'); } } catch (DbException $e) { sendMessage(ERR, $e->getMessage()); } $db->close(); }
/** * Authenticates a user. * @return boolean whether authentication succeeds. */ public function authenticate() { $user = Customer::model()->findByAttributes(array('email' => $this->username, 'status' => 1)); if (is_null($user)) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if ($user->password != User::encryptPassword($this->password, $user->salt)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->errorCode = self::ERROR_NONE; } } return !$this->errorCode; }
/** * Authenticates a user. * @return boolean whether authentication succeeds. */ public function authenticate() { $user = User::model()->findByAttributes(array('username' => $this->username)); if ($user === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if ($user->password !== User::encryptPassword($this->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $user->id; $this->errorCode = self::ERROR_NONE; } } return !$this->errorCode; }
/** * 创建新账号 */ public function signup() { $user = new User(); $user->email = $this->email; $user->name = $this->username; $user->password = $this->password; $user->state = param('user_required_admin_verfiy') || param('用户注册是否需要管理员审核') ? USER_STATE_UNVERIFY : USER_STATE_ENABLED; $user->encryptPassword(); $result = $user->save(); if ($result) { $this->afterSignup($user); return true; } else { return false; } }
/** * Creates a new model. * If creation is successful, the browser will be redirected to the 'view' page. */ public function actionCreate() { Yii::app()->theme = ''; $model = new User('admin'); // Uncomment the following line if AJAX validation is needed // $this->performAjaxValidation($model); if (isset($_POST['User'])) { $model->attributes = $_POST['User']; $model->encryptPassword($model->password); $model->rePassword = $model->password; if ($model->save()) { $this->redirect(array('view', 'id' => $model->id)); } } $model->password = ''; $model->rePassword = ''; $this->render('create', array('model' => $model)); }
/** * @param mixed $value * @param string $columnName * @param array $columnMappingData * @param ImportSanitizeResultsUtil $importSanitizeResultsUtil * @return array|void */ public function resolveValueForImport($value, $columnName, $columnMappingData, ImportSanitizeResultsUtil $importSanitizeResultsUtil) { $attributeNames = $this->getRealModelAttributeNames(); assert('count($attributeNames) == 1'); assert('$attributeNames[0] == "hash"'); assert('is_string($columnName)'); assert('is_array($columnMappingData)'); $modelClassName = $this->getModelClassName(); $value = ImportSanitizerUtil::sanitizeValueBySanitizerTypes(static::getSanitizerUtilTypesInProcessingOrder(), $modelClassName, 'hash', $value, $columnName, $columnMappingData, $importSanitizeResultsUtil); if ($value == null) { $mappingRuleFormClassName = 'PasswordDefaultValueModelAttributeMappingRuleForm'; $mappingRuleData = $columnMappingData['mappingRulesData'][$mappingRuleFormClassName]; assert('$mappingRuleData != null'); if (isset($mappingRuleData['defaultValue'])) { $value = $mappingRuleData['defaultValue']; } } return array('hash' => User::encryptPassword($value)); }
/** * Creates a new model. * If creation is successful, the browser will be redirected to the 'view' page. */ public function actionCreate() { //create is name of scenario $model = new User('scenarioCreate'); // Uncomment the following line if AJAX validation is needed // $this->performAjaxValidation($model); if (isset($_POST['User'])) { $model->attributes = $_POST['User']; $model->encryptPassword(); $transaction = Yii::app()->db->beginTransaction(); try { if ($model->save()) { $successful = true; if ($model->assignRolesToUser($model->id) == $successful) { $transaction->commit(); /*if (!empty($_POST['yt1'])) { Yii::app()->user->setFlash('activityGuarantee-created', "¡La actividad <b><i>"$model->description"</i></b> fue creada exitosamente!"); $model=new ActivityGuarantee; } else*/ $this->redirect(array('view', 'id' => $model->id)); } else { $transaction->rollBack(); } } } catch (Exception $e) { $transaction->rollBack(); } } if (Role::model()->count('active = 1') > 0) { $this->render('create', array('model' => $model)); } else { if (Role::model()->count('active = 0') > 0) { throw new CHttpException('', 'Primero debes ' . CHtml::link('crear rol', array('role/create')) . ' o ' . CHtml::link('activar ', array('role/admin')) . 'algún rol' . '.'); } else { throw new CHttpException('', 'Primero debes ' . CHtml::link('crear rol', array('role/create')) . '.'); } } }
public function configure() { try { $val = Loader::helper('validation/form'); $val->setData($this->post()); $val->addRequired("SITE", t("Please specify your site's name")); $val->addRequiredEmail("uEmail", t('Please specify a valid email address')); $val->addRequired("DB_DATABASE", t('You must specify a valid database name')); $val->addRequired("DB_SERVER", t('You must specify a valid database server')); $e = Loader::helper('/validation/error'); if (is_object($this->fileWriteErrors)) { $e = $this->fileWriteErrors; } if (!function_exists('mysql_connect')) { $e->add($this->getDBErrorMsg()); } else { // attempt to connect to the database $db = Loader::db($_POST['DB_SERVER'], $_POST['DB_USERNAME'], $_POST['DB_PASSWORD'], $_POST['DB_DATABASE'], true); if ($_POST['DB_SERVER'] && $_POST['DB_DATABASE']) { if (!$db) { $e->add(t('Unable to connect to database.')); } else { $num = $db->GetCol("show tables"); if (count($num) > 0) { $e->add(t('There are already %s tables in this database. Concrete must be installed in an empty database.', count($num))); } } } } if ($val->test() && !$e->has()) { if (!is_dir($this->installData['DIR_FILES_UPLOADED_THUMBNAILS'])) { mkdir($this->installData['DIR_FILES_UPLOADED_THUMBNAILS']); } if (!is_dir($this->installData['DIR_FILES_INCOMING'])) { mkdir($this->installData['DIR_FILES_INCOMING']); } if (!is_dir($this->installData['DIR_FILES_TRASH'])) { mkdir($this->installData['DIR_FILES_TRASH']); } if (!is_dir($this->installData['DIR_FILES_CACHE'])) { mkdir($this->installData['DIR_FILES_CACHE']); } if (!is_dir($this->installData['DIR_FILES_CACHE_DB'])) { mkdir($this->installData['DIR_FILES_CACHE_DB']); } if (!is_dir($this->installData['DIR_FILES_AVATARS'])) { mkdir($this->installData['DIR_FILES_AVATARS']); } if (isset($_POST['uPasswordForce'])) { $this->installData['uPassword'] = $_POST['uPasswordForce']; } if (isset($_POST['packages'])) { $this->installData['packages'] = $_POST['packages']; } $this->installDB(); $vh = Loader::helper('validation/identifier'); // copy the files $fh = Loader::helper('file'); if ($_POST['INSTALL_SAMPLE_CONTENT']) { $fh->copyAll($this->installData['DIR_BASE_CORE'] . '/config/install/files', DIR_FILES_UPLOADED); } // insert admin user into the user table $salt = defined('MANUAL_PASSWORD_SALT') ? MANUAL_PASSWORD_SALT : $vh->getString(64); if (!isset($this->installData['uPassword'])) { $uPassword = rand(100000, 999999); } else { $uPassword = $this->installData['uPassword']; } $uEmail = $_POST['uEmail']; $uPasswordEncrypted = User::encryptPassword($uPassword, $salt); UserInfo::addSuperUser($uPasswordEncrypted, $uEmail); if (defined('PERMISSIONS_MODEL') && PERMISSIONS_MODEL != 'simple') { $setPermissionsModel = PERMISSIONS_MODEL; } if (file_exists($this->installData['DIR_CONFIG_SITE'])) { $this->fp = @fopen($this->installData['DIR_CONFIG_SITE'] . '/site.php', 'w+'); if ($this->fp) { Cache::flush(); if (is_array($this->installData['packages'])) { foreach ($this->installData['packages'] as $pkgHandle) { $p = Loader::package($pkgHandle); $p->install(); } } // write the config file $configuration = "<?php\n"; $configuration .= "define('DB_SERVER', '" . addslashes($_POST['DB_SERVER']) . "');\n"; $configuration .= "define('DB_USERNAME', '" . addslashes($_POST['DB_USERNAME']) . "');\n"; $configuration .= "define('DB_PASSWORD', '" . addslashes($_POST['DB_PASSWORD']) . "');\n"; $configuration .= "define('DB_DATABASE', '" . addslashes($_POST['DB_DATABASE']) . "');\n"; $configuration .= "define('BASE_URL', '" . $this->installData['BASE_URL'] . "');\n"; $configuration .= "define('DIR_REL', '" . $this->installData['DIR_REL'] . "');\n"; if (isset($setPermissionsModel)) { $configuration .= "define('PERMISSIONS_MODEL', '" . addslashes($setPermissionsModel) . "');\n"; } $configuration .= "define('PASSWORD_SALT', '{$salt}');\n"; if (is_array($_POST['SITE_CONFIG'])) { foreach ($_POST['SITE_CONFIG'] as $key => $value) { $configuration .= "define('" . $key . "', '" . $value . "');\n"; } } $res = fwrite($this->fp, $configuration); fclose($this->fp); chmod($this->installData['DIR_CONFIG_SITE'] . '/site.php', 0777); // save some options into the database Config::save('SITE', $_POST['SITE']); // add the current app version as our site's app version Config::save('SITE_APP_VERSION', $this->installData['APP_VERSION']); Config::save('SITE_DEBUG_LEVEL', $this->installData['DEBUG_DISPLAY_ERRORS']); Config::save('ENABLE_LOG_EMAILS', 1); Config::save('ENABLE_LOG_ERRORS', 1); Config::save('FULL_PAGE_CACHE_GLOBAL', 0); // login define('PASSWORD_SALT', $salt); $u = new User($this->installData['USER_SUPER'], $uPassword); $this->set('message', t('Congratulations. concrete5 has been installed. You have been logged in as <b>%s</b> with the password <b>%s</b>.<br/><br/>If you wish to change this password, you may do so from the users area of the dashboard.', $this->installData['USER_SUPER'], $uPassword)); } else { throw new Exception(t('Unable to open config/site.php for writing.')); } } else { throw new Exception(t('Unable to locate config directory.')); } } else { if ($e->has()) { $this->set('error', $e); } else { $this->set('error', $val->getError()); } } } catch (Exception $e) { // remove site.php so that we can try again ? if (is_resource($this->fp)) { fclose($this->fp); } if (file_exists($this->installData['DIR_CONFIG_SITE'] . '/site.php')) { unlink($this->installData['DIR_CONFIG_SITE'] . '/site.php'); } $this->set('error', $e); } }
public function __construct() { $args = func_get_args(); if (isset($args[1])) { // first, we check to see if the username and password match the admin username and password // $username = uName normally, but if not it's email address $username = $args[0]; $password = $args[1]; if (!$args[2]) { $_SESSION['uGroups'] = false; } $password = User::encryptPassword($password, PASSWORD_SALT); $v = array($username, $password); if (defined('USER_REGISTRATION_WITH_EMAIL_ADDRESS') && USER_REGISTRATION_WITH_EMAIL_ADDRESS == true) { $q = "select uID, uName, uIsActive, uIsValidated, uTimezone, uDefaultLanguage from Users where uEmail = ? and uPassword = ?"; } else { $q = "select uID, uName, uIsActive, uIsValidated, uTimezone, uDefaultLanguage from Users where uName = ? and uPassword = ?"; } $db = Loader::db(); $r = $db->query($q, $v); if ($r) { $row = $r->fetchRow(); if ($row['uID'] && $row['uIsValidated'] === '0' && defined('USER_VALIDATE_EMAIL_REQUIRED') && USER_VALIDATE_EMAIL_REQUIRED == TRUE) { $this->loadError(USER_NON_VALIDATED); } else { if ($row['uID'] && $row['uIsActive']) { $this->uID = $row['uID']; $this->uName = $row['uName']; $this->uIsActive = $row['uIsActive']; $this->uTimezone = $row['uTimezone']; $this->uDefaultLanguage = $row['uDefaultLanguage']; $this->uGroups = $this->_getUserGroups($args[2]); if ($row['uID'] == USER_SUPER_ID) { $this->superUser = true; } else { $this->superUser = false; } $this->recordLogin(); if (!$args[2]) { $_SESSION['uID'] = $row['uID']; $_SESSION['uName'] = $row['uName']; $_SESSION['superUser'] = $this->superUser; $_SESSION['uBlockTypesSet'] = false; $_SESSION['uGroups'] = $this->uGroups; $_SESSION['uTimezone'] = $this->uTimezone; $_SESSION['uDefaultLanguage'] = $this->uDefaultLanguage; } } else { if ($row['uID'] && !$row['uIsActive']) { $this->loadError(USER_INACTIVE); } else { $this->loadError(USER_INVALID); } } } $r->free(); } else { $this->loadError(USER_INVALID); } } else { // then we just get session info if (isset($_SESSION['uID'])) { $this->uID = $_SESSION['uID']; $this->uName = $_SESSION['uName']; $this->uTimezone = $_SESSION['uTimezone']; $this->uDefaultLanguage = $_SESSION['uDefaultLanguage']; $this->superUser = $_SESSION['uID'] == USER_SUPER_ID ? true : false; } else { $this->uID = null; $this->uName = null; $this->superUser = false; $this->uDefaultLanguage = null; $this->uTimezone = null; } $this->uGroups = $this->_getUserGroups(); if (!isset($args[2])) { $_SESSION['uGroups'] = $this->uGroups; } } return $this; }
function resetUserPassword() { // resets user's password, and returns the value of the reset password $db = Loader::db(); if ($this->uID > 0) { $newPassword = ''; $salt = "abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789"; for ($i = 0; $i < 7; $i++) { $newPassword .= substr($salt, rand() %strlen($salt), 1); } $v = array(User::encryptPassword($newPassword), $this->uID); $q = "update Users set uPassword = ? where uID = ?"; $r = $db->query($q, $v); if ($r) { return $newPassword; } } }
} if (strlen($password) < 5) { $error = true; $oUser->addStatusMessage(_('password is too short'), 'warning'); } elseif ($password != $confirmation) { $error = true; $oUser->addStatusMessage(_('password confirmation does not match'), 'warning'); } $allreadyExists = \Ease\Shared::db()->queryToValue('SELECT id FROM user WHERE login=\'' . $oPage->EaseAddSlashes($login) . '\''); if ($allreadyExists) { $error = true; $oUser->addStatusMessage(sprintf(_('Given Username %s already exists'), $login), 'warning'); } if ($error == false) { $newOUser = new User(); $customerData = ['firstname' => $firstname, 'lastname' => $lastname, 'email' => $email_address, 'password' => $newOUser->encryptPassword($password), 'login' => $login]; $customerID = $newOUser->insertToSQL($customerData); if ($customerID) { $newOUser->setMyKey($customerID); $oUser->addStatusMessage(_('Account Was Created'), 'success'); $newOUser->loginSuccess(); $email = $oPage->addItem(new \Ease\Mail($newOUser->getDataValue('email'), _('New LinkQuick account'))); $email->setMailHeaders(['From' => EMAIL_FROM]); $email->addItem(new \Ease\Html\Div(_("Welcome to LinkQuick") . "\n")); $email->addItem(new \Ease\Html\Div(_('Login') . ': ' . $newOUser->getUserLogin() . "\n")); $email->addItem(new \Ease\Html\Div(_('Password') . ': ' . $password . "\n")); $email->send(); \Ease\Shared::user($newOUser); //Assign newly created user as default $oPage->redirect('index.php'); exit;
public function processAffiliateUser($auth) { $provider = $auth['provider']; $uid = $auth['uid']; $info = $auth['info']; $email = $provider . ":" . $uid; $username = $provider . ":" . $uid; if (isset($info['first_name']) and isset($info['last_name'])) { $first_name = $info['first_name']; $last_name = $info['last_name']; } else { if (isset($info['name'])) { $name = explode(" ", $info['name']); $last_name = array_pop($name); $first_name = implode(" ", $name); } else { $first_name = $provider . ":" . $uid; $last_name = " "; } } #check if exist user $user = User::findAffiliateUser($provider, $uid); if (!$user) { $user = new User(); $user->email = $email; $user->username = $username; $user->first_name = $first_name; $user->last_name = $last_name; $user->role = 'user'; $user->affiliation = $provider; if ($provider == "Facebook") { $user->facebook_id = $uid; } else { if ($provider == "Twitter") { $user->twitter_id = $uid; } else { if ($provider == "LinkedIn") { $user->linkedin_id = $uid; } else { if ($provider == "Google") { $user->google_id = $uid; } else { if ($provider == "Orcid") { $user->orcid_id = $uid; } } } } } #generate some credential data $user->password = self::generatePassword(32); $user->encryptPassword(); } # if login with fb, activate the user $user->is_activated = true; if ($user->save(false)) { return $user; } }
public function getByAuth($email, $password) { $user = null; $password = User::encryptPassword(trim($password)); if (strpos($email, '@') !== false) { $user_sql = User::Q()->getByEmail($email)->where(array('password = %s', $password)); //$user = User::Q()->where(array('this.email = %s', $email)); } return $user_sql; }
public function add_users() { // insert the default groups // create the groups our site users // have to add these in the right order so their IDs get set // starting at 1 w/autoincrement $g1 = Group::add(t("Guest"), t("The guest group represents unregistered visitors to your site.")); $g2 = Group::add(t("Registered Users"), t("The registered users group represents all user accounts.")); $g3 = Group::add(t("Administrators"), ""); // insert admin user into the user table if (defined('INSTALL_USER_PASSWORD')) { $uPassword = INSTALL_USER_PASSWORD; $uPasswordEncrypted = User::encryptPassword($uPassword, PASSWORD_SALT); } else { $uPasswordEncrypted = INSTALL_USER_PASSWORD_HASH; } $uEmail = INSTALL_USER_EMAIL; UserInfo::addSuperUser($uPasswordEncrypted, $uEmail); $u = User::getByUserID(USER_SUPER_ID, true, false); Loader::library('mail/importer'); MailImporter::add(array('miHandle' => 'private_message')); }
/** * Get the user record entry by username and password. * * @return mixed Array on success, otherwise FALSE */ public function getUserByEmailAndPassword($email = null, $password = null) { if ($email == '' || $password == '') { return false; } $res = $this->db->one($sql = "SELECT * FROM `{$this->mySqlTablePrefix}user` WHERE `id`=:email", array(':email' => $email)); if ($res) { if (password_verify($password, $res['password'])) { return $this->normalizeUser($res); } else { // Backwards compatibility: rehash old password $userObj = new User(); if ($res['password'] == $userObj->encryptPasswordDeprecated($password)) { $res['password'] = $userObj->encryptPassword($password); $this->postUser($res); return $this->normalizeUser($res); } } } return false; }
$oUser->addStatusMessage(_('Password is short'), 'warning'); } elseif ($password != $confirmation) { $error = true; $oUser->addStatusMessage(_('Password control not match'), 'warning'); } $testuser = new \Ease\User(); $testuser->setmyKeyColumn('login'); $testuser->loadFromSQL($oPage->EaseAddSlashes($login)); $testuser->resetObjectIdentity(); if ($testuser->getMyKey()) { $error = true; $oUser->addStatusMessage(sprintf(_('Username %s is already taken. Please use another.'), $login), 'warning'); } if ($error == false) { $newOUser = new User(); $newOUser->setData(['email' => $emailAddress, 'login' => $login, $newOUser->passwordColumn => $newOUser->encryptPassword($password), 'firstname' => $firstname, 'lastname' => $lastname]); $userID = $newOUser->insertToSQL(); if (!is_null($userID)) { $newOUser->setMyKey($userID); if ($userID == 1) { $newOUser->setSettingValue('admin', TRUE); $oUser->addStatusMessage(_('Administrator\'s account created'), 'success'); $newOUser->saveToSQL(); } else { $oUser->addStatusMessage(_('User account created'), 'success'); } $newOUser->loginSuccess(); $email = $oPage->addItem(new \Ease\Mailer($newOUser->getDataValue('email'), _('New account confirmation'))); $email->setMailHeaders(['From' => EMAIL_FROM]); $email->addItem(new \Ease\Html\Div("Account created:\n")); $email->addItem(new \Ease\Html\Div(' Login: ' . $newOUser->GetUserLogin() . "\n"));
public function join() { if (!empty($_POST)) { $valid = true; if (empty($_POST['username'])) { $this->message->put(Language::gettext('login-empty-required-field', 'login-form-username')); $valid = false; } if (empty($_POST['password'])) { $this->message->put(Language::gettext('login-empty-required-field', 'login-form-password')); $valid = false; } if (empty($_POST['repassword']) || $_POST['password'] != $_POST['repassword']) { $this->message->put(Language::gettext('login-empty-required-field', 'login-form-password-confirm')); $valid = false; } else { if ($valid) { if ($_POST['password'] != $_POST['repassword']) { $this->message->put(Language::gettext('login-required-password-confirm')); $valid = false; } } } if (empty($_POST['full_name'])) { $this->message->put(Language::gettext('login-empty-required-field', 'login-form-username')); $valid = false; } if (empty($_POST['gender'])) { $this->message->put(Language::gettext('login-empty-required-field', 'login-form-gender')); $valid = false; } if (empty($_POST['dob'])) { $this->message->put(Language::gettext('login-empty-required-field', 'login-form-dob')); $valid = false; } if (empty($_POST['sin'])) { $this->message->put(Language::gettext('login-empty-required-field', 'login-form-sin')); $valid = false; } if (empty($_POST['email']) || !Validator::email($_POST['email'])) { $this->message->put(Language::gettext('login-empty-required-field', 'login-form-email')); $valid = false; } if (empty($_POST['phone_home']) && empty($_POST['phone_cell']) && empty($_POST['phone_work'])) { $this->message->put(Language::gettext('login-required-contact-info')); $valid = false; } if ($valid) { $session_user = Session::get(Session::USER); $user = new User($_POST); $user->created = $session_user->created; $user->last = time(); $user->access = User::MEMBER; $user->password = User::encryptPassword($_POST['password'], $_POST['username']); $user->update(); } if (!empty($user->user_id)) { Session::set(Session::USER, $user); } } if (!empty($user->user_id) && Session::isLoggedIn()) { $this->followup(); } else { unset($_POST['username']); unset($_POST['password']); $this->login(); } }
function createNew() { include_once $_SERVER['DOCUMENT_ROOT'] . '/tanks/securimage/securimage.php'; $securimage = new Securimage(); if ($securimage->check($_POST['captcha_code']) == false) { // the code was incorrect // you should handle the error so that the form processor doesn't continue // or you can use the following code if there is no validation echo "The security code entered was incorrect.<br /><br />"; echo "Please go <a href='javascript:history.go(-1)'>back</a> and try again."; exit; } $this->load->library('form_validation'); $this->form_validation->set_rules('username', 'Username', 'required|is_unique[user.login]'); $this->form_validation->set_rules('password', 'Password', 'required'); $this->form_validation->set_rules('first', 'First', "required"); $this->form_validation->set_rules('last', 'last', "required"); $this->form_validation->set_rules('email', 'Email', "required|is_unique[user.email]"); if ($this->form_validation->run() == FALSE) { $this->load->view('account/newForm'); } else { //FIXME: notify user on success $user = new User(); $user->login = $this->input->post('username'); $user->first = $this->input->post('first'); $user->last = $this->input->post('last'); $clearPassword = $this->input->post('password'); $user->encryptPassword($clearPassword); $user->email = $this->input->post('email'); $this->load->model('user_model'); $this->user_model->insert($user); $this->load->view('account/loginForm'); } }
function createNew() { $this->load->library('form_validation'); $this->form_validation->set_rules('username', 'Username', 'required|is_unique[user.login]'); $this->form_validation->set_rules('password', 'Password', 'required'); $this->form_validation->set_rules('first', 'First Name', "required"); $this->form_validation->set_rules('last', 'Last Name', "required"); $this->form_validation->set_rules('email', 'Email', "required|is_unique[user.email]"); // captcha code securimage $this->form_validation->set_rules('captcha_code', 'Captcha', "required|callback_verifyCaptcha"); if ($this->form_validation->run() == FALSE) { $this->load->view('account/newForm'); } else { $user = new User(); $user->login = $this->input->post('username'); $user->first = $this->input->post('first'); $user->last = $this->input->post('last'); $clearPassword = $this->input->post('password'); $user->encryptPassword($clearPassword); $user->email = $this->input->post('email'); $this->load->model('user_model'); $error = $this->user_model->insert($user); $this->load->view('account/loginForm'); } }
include "includes/protection.php"; if ($actpass != null) { remhtml($actpass); } if ($newpass != null) { remhtml($newpass); } if ($renewpass != null) { remhtml($renewpass); } if (!$partOf) { echo "<p class=\"error\">" . T_("You must be the manager of this group") . ".</p>"; } else { if ($actpass != null && $newpass != null && $renewpass != null && valid($actpass, 20) && valid($newpass, 20) && valid($renewpass, 20)) { //Change the password $passencrypt = $user->encryptPassword($actpass); $Query = "select manager from " . TABLE_PREFIX . "groups where group_id=" . $group_id . " and password='******'"; $dbResult = $dblink->query($Query); $count = 0; while ($row =& $dbResult->fetchRow(DB_FETCHMODE_ASSOC)) { $count++; } if ($count == 0) { echo "<p class=\"error\">" . T_("The actual password is incorrect") . ".</p>"; } else { if ($newpass != $renewpass) { echo "<p class=\"error\">" . T_("The new password does not match in both fields") . ".</p>"; } else { $newpassencrypt = sha1($newpass); $Query = "update " . TABLE_PREFIX . "groups set password='******' where group_id='" . $group_id . "'"; $AffectedRows = $dblink->exec($Query);
/** * @depends testCreateUser */ public function testUpdateUser() { $super = User::getByUsername('super'); Yii::app()->user->userModel = $super; $authenticationData = $this->login(); $headers = array('Accept: application/json', 'ZURMO_SESSION_ID: ' . $authenticationData['sessionId'], 'ZURMO_TOKEN: ' . $authenticationData['token'], 'ZURMO_API_REQUEST_TYPE: REST'); $user = User::getByUsername('diggy011'); $redBeanModelToApiDataUtil = new RedBeanModelToApiDataUtil($user); $compareData = $redBeanModelToApiDataUtil->getData(); $user->forget(); $data['firstName'] = "John"; $data['password'] = "******"; $response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/users/user/api/update/' . $compareData['id'], 'PUT', $headers, array('data' => $data)); $response = json_decode($response, true); $this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']); // We need to unset some empty values from response and dates. unset($response['data']['modifiedDateTime']); unset($compareData['modifiedDateTime']); unset($response['data']['lastLoginDateTime']); unset($compareData['lastLoginDateTime']); $compareData['firstName'] = "John"; ksort($compareData); ksort($response['data']); $this->assertEquals($compareData, $response['data']); // Check if password is updated RedBeanModel::forgetAll(); $updatedUser = User::getByUsername('diggy011'); $this->assertEquals(User::encryptPassword($data['password']), $updatedUser->hash); $response = ApiRestTestHelper::createApiCall($this->serverUrl . '/test.php/users/user/api/read/' . $user->id, 'GET', $headers); $response = json_decode($response, true); $this->assertEquals(ApiResponse::STATUS_SUCCESS, $response['status']); unset($response['data']['modifiedDateTime']); unset($response['data']['lastLoginDateTime']); ksort($response['data']); $this->assertEquals($compareData, $response['data']); }
?> <h2><?php echo T_("Forgot password"); ?> </h2> <?php $user = new User(); // Get the user s input from the form $aname = $_POST['aname']; $email = $_POST['email']; if ($aname != null && $email != null) { include 'conn.php'; //Generate a new pass with a random hash $newpass = uniqid(rand()); $domain = $_SERVER['REMOTE_ADDR']; $passencrypt = $user->encryptPassword($newpass); $Query = "update " . TABLE_PREFIX . "session set pass='******' where name='{$aname}'"; $AffectedRows = $dblink->exec($Query); if ($AffectedRows == 1) { $mailheaders = "From: " . WEBSITE_NAME . " Support <> \r\n"; // Please change to your email (for support, abuse or anything else) $mailheaders .= "Reply-To: support@getboo.com\r\n"; $emailmsg = sprintf(T_("There has been a password change request.\n\nYour account information is:\n\n--------\nUsername: %s\nPassword: %s\n--------\n\nPlease keep this information.\nOnce you log in with the new password, you can change it in your settings.\n\nIf you didn't ask for a new password, please forward this message to: abuse@getboo.com\nIP address of the user requesting a new password: {$domain}\n\nSincerely,\n" . WEBSITE_NAME), $aname, $newpass); //Message in case the php mail function doesn't work $dieMessage = str_replace("\n", "<br>", $emailmsg); @mail($email, sprintf(T_("New password for your %s account"), WEBSITE_NAME), $emailmsg, $mailheaders) or die("<p class=\"notice\">" . T_("Could not send the email: Here is a copy of the email") . ":</p><p>{$dieMessage}</p>"); echo "<p class=\"success\">" . T_("New password generated") . "!</p><p>" . T_("Please check your email and log in with the new password") . ".<br>\n" . T_("The email is already sent, but with some free email providers, it might take a few hours") . ".</p>"; } else { echo "<p class=\"error\">" . T_("Could not store the new password") . ".</p>\n"; } } else {
die('Contraseña vacía'); } if ($id == '') { die('Ha ocurrido un error con su invitación. Por favor intentelo de nuevo.'); } //Comprobar que el e-mail es unico $sqlEmail = "select count(idUser) from `User` where emailAddress='{$e}'"; $result = mysqli_query($con, $sqlEmail); $row = mysqli_fetch_array($result); if ($row[0] > 0) { die('Error: E-mail ya registrado'); } //Comprobar que el e-mail es unico $sqlEmail = "SELECT (idGroup) FROM `Invitation` WHERE email='{$e}' AND idInvitation = {$id} AND expireDate > NOW()"; $result = mysqli_query($con, $sqlEmail); $count = mysqli_num_rows($result); $row = mysqli_fetch_array($result); if ($count == 0) { die('No se encuentra su invitación o ha caducado, por favor solicite otra o puede registrarse.'); } $idGroup = $row[0]; mysqli_close($con); //Crea objeto usuario y llama a la funcion insertar $user = new User(array('userName' => $u, 'emailAddress' => $e, 'plaintextPassword' => $p)); $user->encryptPassword(); $user->insert(); $user->createLoginSession(); $grupo = new Group(); $grupo->id = $idGroup; $grupo->insertUser($e); echo 'success';
public function configure() { try { $val = Loader::helper('validation/form'); $val->setData($this->post()); $val->addRequired("SITE", t("Please specify your site's name")); $val->addRequiredEmail("uEmail", t('Please specify a valid email address')); $val->addRequired("DB_DATABASE", t('You must specify a valid database name')); $val->addRequired("DB_SERVER", t('You must specify a valid database server')); $password = $_POST['uPassword']; $passwordConfirm = $_POST['uPasswordConfirm']; $e = Loader::helper('validation/error'); $uh = Loader::helper('concrete/user'); $uh->validNewPassword($password, $e); if ($password) { if ($password != $passwordConfirm) { $e->add(t('The two passwords provided do not match.')); } } if(is_object($this->fileWriteErrors)) { $e = $this->fileWriteErrors; } $e = $this->validateDatabase($e); $e = $this->validateSampleContent($e); if ($val->test() && (!$e->has())) { // write the config file $vh = Loader::helper('validation/identifier'); $salt = ( defined('MANUAL_PASSWORD_SALT') ) ? MANUAL_PASSWORD_SALT : $vh->getString(64); $this->fp = @fopen(DIR_CONFIG_SITE . '/site_install.php', 'w+'); $this->fpu = @fopen(DIR_CONFIG_SITE . '/site_install_user.php', 'w+'); if ($this->fp) { $configuration = "<?php ?> <?php\n"; $configuration .= "define('DB_SERVER', '" . addslashes($_POST['DB_SERVER']) . "');\n"; $configuration .= "define('DB_USERNAME', '" . addslashes($_POST['DB_USERNAME']) . "');\n"; $configuration .= "define('DB_PASSWORD', '" . addslashes($_POST['DB_PASSWORD']) . "');\n"; $configuration .= "define('DB_DATABASE', '" . addslashes($_POST['DB_DATABASE']) . "');\n"; if (isset($setPermissionsModel)) { $configuration .= "define('PERMISSIONS_MODEL', '" . addslashes($setPermissionsModel) . "');\n"; } $configuration .= "define('PASSWORD_SALT', '{$salt}');\n"; if (is_array($_POST['SITE_CONFIG'])) { foreach($_POST['SITE_CONFIG'] as $key => $value) { $configuration .= "define('" . $key . "', '" . $value . "');\n"; } } $res = fwrite($this->fp, $configuration); fclose($this->fp); chmod(DIR_CONFIG_SITE . '/site_install.php', 0700); } else { throw new Exception(t('Unable to open config/site.php for writing.')); } if ($this->fpu) { $configuration = "<?php ?> <?php\n"; $configuration .= "define('INSTALL_USER_EMAIL', '" . $_POST['uEmail'] . "');\n"; $configuration .= "define('INSTALL_USER_PASSWORD_HASH', '" . User::encryptPassword($_POST['uPassword'], $salt) . "');\n"; $configuration .= "define('INSTALL_STARTING_POINT', '" . $this->post('SAMPLE_CONTENT') . "');\n"; $configuration .= "define('SITE', '" . addslashes($_POST['SITE']) . "');\n"; if (defined('ACTIVE_LOCALE') && ACTIVE_LOCALE != '' && ACTIVE_LOCALE != 'en_US') { $configuration .= "define('ACTIVE_LOCALE', '" . ACTIVE_LOCALE . "');\n"; } $res = fwrite($this->fpu, $configuration); fclose($this->fpu); chmod(DIR_CONFIG_SITE . '/site_install_user.php', 0700); if (PHP_SAPI != 'cli') { $this->redirect('/'); } } else { throw new Exception(t('Unable to open config/site_user.php for writing.')); } } else { if ($e->has()) { $this->set('error', $e); } else { $this->set('error', $val->getError()); } } } catch (Exception $e) { $this->reset(); $this->set('error', $e); } }
$cachedir = dirname(__FILE__) . '/cache/'; $cachedir = str_replace('\\', '/', $cachedir); $cachedir = str_replace('/install', '', $cachedir); $website_dir = dirname(__FILE__); $website_dir = str_replace('\\', '/', $website_dir); $website_dir = str_replace('/install', '', $website_dir); $configVars = array("WEBSITE_NAME" => $website_name, "WEBSITE_LOCALE" => $website_locale, "WEBSITE_ROOT" => $website_root, "WEBSITE_DIR" => $website_dir, "USECACHE" => $usecache, "USE_DEMO" => $use_demo, "CURL_AVAILABLE" => $curl_available, "ANTI_SPAM" => $anti_spam, "CACHE_DIR" => $cachedir, "VERSION" => VERSION_NUMBER); foreach ($configVars as $key => $configVar) { $result = Configuration::SetConfig($key, $configVar, "../"); if (!$result) { $errors[] = "Error when assigning the config variables"; break; } } // Create admin account $passencrypt = $user->encryptPassword($admin_password); $Query = "insert into " . TABLE_PREFIX . "session (Name, Pass, Email, LastLog, DateJoin, Status, Style) " . "values('{$admin_username}','{$passencrypt}','{$admin_email}', now(), now(), 'admin', 'Auto')"; //echo($Query . "<br>\n"); $AffectedRows = $dblink->exec($Query); $Query = "INSERT INTO " . TABLE_PREFIX . "activation values ('{$admin_username}', '0', 'Y', NULL, '{$admin_email}')"; $dbResult = $dblink->exec($Query); $AffectedRows += $dbResult; if ($AffectedRows != 2) { $errors[] = "Error when creating the admin user"; } // Create demo account if true if ($use_demo) { $passencryptDemo = $user->encryptPassword("demo"); $Query = "insert into " . TABLE_PREFIX . "session (Name, Pass, Email, LastLog, DateJoin, Status, Style) " . "values('demo','{$passencryptDemo}','*****@*****.**', now(), now(), 'normal', 'Auto')"; //echo($Query . "<br>\n"); $AffectedRows = $dblink->exec($Query);