function addGuestUserToSession() { $userManager = new UserManager(); $user = $userManager->getUserByEmail("guest"); if ($user == FALSE) { die("utilities.addGuestUserToSession: Cannot access guest account"); } $_SESSION['FFuser'] = serialize($user); return $user; }
/** * Si l'user envoie le formulaire pour recevoir un code, la fonction vérifie si son email existe et envoie * un mail contenant l'url contenant le code d'activation à cette adresse. La fonction ajoute aussi le code * à la BDD */ function envoiCode() { if (isset($_POST['email']) && !empty($_POST['email'])) { $ini = getConfigFile(); $email = $_POST['email']; $um = new UserManager(connexionDb()); $userToSend = $um->getUserByEmail($email); $inconnu = false; if ($userToSend->getId() == NULL) { $inconnu = true; } if ($inconnu) { echo "<div class='alert alert-danger' role='alert'>Cet email n'est pas répertorié chez nous, désolé !</div>"; } else { $code_aleatoire = genererCode(); $adresseAdmin = $ini['ADMINISTRATEUR']['mail']; $to = $email; $sujet = "Confirmation de la demande du mot de passe"; $entete = "From:" . $adresseAdmin . "\r\n"; $entete .= "Content-Type: text/html; charset=utf-8\r\n"; $message = "Nous confirmons que vous avez bien demandé un nouveau mot de passe : <br>\n\t\t\t\t\t\t\tVotre lien pour pouvoir le modifier est : <a href='http://www.everydayidea.be/Page/mdpOublie.page.php?code=" . $code_aleatoire . "'>www.everydayidea/mdpOublie.page.php?code=" . $code_aleatoire . "</a>"; mail($to, $sujet, $message, $entete); echo "<div class='alert alert-success' role='alert'>Un mail vous a été envoyé avec un code d'activation pour le changement de votre mot de passe !</div>"; $am = new ActivationManager(connexionDb()); $ac = new Activation(array("code" => $code_aleatoire, "id_user" => $userToSend->getId(), "libelle" => "Récupération")); /** * Si le user possède déjà un code de récupération de mdp, je le delete pour lui en mettre un nouveau */ $actDelete = $am->getActivationByLibelleAndId('Récupération', $userToSend->getId()); if ($actDelete->getCode() == NULL) { $am->deleteActivationByIdAndLibelle($actDelete->getIdUser(), 'Récupération'); } $am->addActivation($ac); } } }
public function service() { $userManager = new UserManager($this->config, $this->args); if (isset($_REQUEST['login_type'])) { $json_profile = $_REQUEST['json_profile']; $social_user_id = $this->secure($_REQUEST['social_user_id']); $first_name = $this->secure($_REQUEST['first_name']); $last_name = $this->secure($_REQUEST['last_name']); $custDto = $userManager->getUserByEmail($social_user_id); if (!isset($custDto)) { $userId = $userManager->createUser($social_user_id, uniqid(), $first_name, '', $last_name, $_REQUEST['login_type']); $userManager->setActive($userId); $userManager->setUserSocialProfile($userId, $json_profile); $custDto = $userManager->getUserByEmail($social_user_id); //bonus to inviter $invitation_code = $this->secure($_COOKIE["invc"]); $inviterId = $userManager->setSubUser($invitation_code, $userId); if ($inviterId > 0) { $invbonus = intval($this->getCmsVar("bonus_points_for_every_accepted_invitation")); $userManager->addUserPoints($inviterId, $invbonus, "{$invbonus} bonus for invitation accept from user number: {$userId}"); } } $userType = UserGroups::$USER; } else { $email = strtolower($userManager->secure($_REQUEST["user_email"])); $pass = $userManager->secure($_REQUEST["user_pass"]); $custDto = $userManager->getCustomerByEmailAndPassword($email, $pass); $userType = $userManager->getCustomerType($email, $pass); if ($userType == UserGroups::$USER && $custDto->getActive() == 0) { $jsonArr = array('status' => "err", "errText" => sprintf($this->getPhrase(380), $custDto->getEmail())); echo json_encode($jsonArr); return false; } } if ($custDto) { if ($userType !== UserGroups::$ADMIN && $custDto->getBlocked() == 1) { $jsonArr = array('status' => "err", "errText" => $this->getPhraseSpan(411) . ' ' . $this->getCmsVar("pcstore_support_phone_number")); echo json_encode($jsonArr); return false; } $user = null; if ($userType === UserGroups::$ADMIN) { $user = new AdminUser($custDto->getId()); } else { if ($userType === UserGroups::$USER) { $user = new CustomerUser($custDto->getId()); $this->setcookie('ul', $custDto->getLanguageCode()); } else { if ($userType === UserGroups::$COMPANY) { $user = new CompanyUser($custDto->getId()); $companyManager = CompanyManager::getInstance($this->config, $this->args); $companyManager->updateCompanyRating($custDto); $this->setcookie('ul', $custDto->getLanguageCode()); } else { if ($userType === UserGroups::$SERVICE_COMPANY) { $user = new ServiceCompanyUser($custDto->getId()); $companyManager = ServiceCompanyManager::getInstance($this->config, $this->args); $this->setcookie('ul', $custDto->getLanguageCode()); } } } } $user->setUniqueId($custDto->getHash()); $this->sessionManager->setUser($user, true, true); $jsonArr = array('status' => "ok"); echo json_encode($jsonArr); return true; } else { $jsonArr = array('status' => "err", "errText" => $this->getPhrase(412)); echo json_encode($jsonArr); return false; } }
require_once '../lib/db.interface.php'; require_once '../lib/db.class.php'; require_once '../models/allModels.php'; require_once 'utilities.php'; ?> <?php $ObservationMgr = new ObservationMgr(); $weather = new Weather(); $weather->RetrieveWeatherByCoordinates(40.73, -105.085); if (isset($_SESSION['FFuser'])) { $user = unserialize($_SESSION['FFuser']); } else { $userMgr = new UserManager(); $user = $userMgr->getUserByEmail("guest"); if (FALSE == $user) { die("entryTracker: Cannot access guest account"); } } $username = $user->getName(); //need for display purposes $action = isset($_GET["action"]) ? $_GET["action"] : ''; switch ($action) { case 'add_item': $item = new PlantObservation(); $arr = array(); $arr["id"] = isset($_GET["id"]) ? $_GET["id"] : ''; $arr["PlantName"] = isset($_GET["plantName"]) ? $_GET["plantName"] : 'entryTracker:undefined'; $arr["notes"] = isset($_GET["notes"]) ? $_GET["notes"] : 'entryTracker:unset'; $arr["observationDate"] = isset($_GET["observationDate"]) ? $_GET["observationDate"] : '';
<?php require_once '../config.php'; require_once BUSINESS_DIR_USER . 'User.php'; require_once BUSINESS_DIR_USER . 'UserManager.php'; //$regex ="^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})+$"; $userid = isset($_POST['userid']) ? $_POST['userid'] : ""; $useremail = isset($_POST['useremail']) ? $_POST['useremail'] : ""; //$useremail="*****@*****.**"; //$userid="lily"; if ($userid != "") { $userManager = new UserManager(); $logged = $userManager->getUserByLoginId($userid); if ($logged->getFirstName() == null) { echo "<font color='green' size='2px'>User Name Available!</font>"; } else { echo "<font color='red' size='2px'>User Name Not Available!</font>"; } } else { $userManager = new UserManager(); $logged = $userManager->getUserByEmail($useremail); if ($logged->getFirstName() == "") { echo "<font color='green' size='2px'></font>"; } else { echo "<font color='red' size='2px'>Email Already registered! Please use the forget Password link<br> to retrieve your UserId/Password!</font>"; } }
/** * Fonction permettant de vérifier si le formulaire de modification de profil est correct et si il ne contient pas d'erreurs. * @param User $user : l'utilisateur qui a fait la demande de changement de profil. * @return array : un tableau contenant tous les messages d'erreur liés au formulaire de changement de profil ou un booleen * si le formulaire est correct. */ function isValidForm(User $user) { $config = getConfigFile()['CONSTANTE']; $UserName = $_POST['userName']; $Email = $_POST['email']; $Mdp = $_POST['Mdp']; $MdpBis = $_POST['MdpBis']; $tel = $_POST['Tel']; $MdpActuel = $_POST['MdpActuel']; if ($Mdp == '') { $Mdp = NULL; $MdpBis = NULL; } $userTest = new User(array("UserName" => $UserName, "email" => $Email, "Mdp" => $Mdp, "tel" => $tel)); $tab = array("RETURN" => false, "ERROR" => array()); $nameValable = false; $emailValable = false; $mdpValable = false; $nameExistant = false; $mailExistant = false; $goodMdp = false; $boolean_name = false; $boolean_mdp = false; $mdpIdentique = false; $noMdp = false; $um = new UserManager(connexionDb()); $nameVerif = $um->getUserByUserName($userTest->getUserName()); if ($nameVerif->getUserName() != NULL && $user->getUserName() != $UserName) { $nameExistant = true; $tab['ERROR']['Name'] = "Nom déjà existant "; } if (champsEmailValable($Email)) { $emailValable = true; } else { $tab['ERROR']['EmailValable'] = "Votre email contient des caractères indésirables"; } if (champsEmailValable($UserName)) { $nameValable = true; } else { $tab['ERROR']['NameValable'] = "Votre nom d'utilisateur contient des caractères indésirables"; } $mailVerif = $um->getUserByEmail($userTest->getEmail()); if ($mailVerif->getUserName() != NULL && $user->getEmail() != $Email) { $mailExistant = true; $tab['ERROR']['Email'] = "Email déjà existant"; } if ($user->getMdp() == hash("sha256", $MdpActuel . $user->getSalt())) { $goodMdp = true; } else { $tab['ERROR']['MdpActuel'] = "Mauvais mot de passe actuel ! Annulation de la modification"; } if (isset($UserName) and strlen($UserName) >= $config['size_user_name']) { $boolean_name = true; } else { $tab['ERROR']['UserName'] = "******" . $config['size_user_name'] . ")"; } if (isset($Mdp) and isset($MdpBis) and $Mdp == $MdpBis and $Mdp != NULL) { if (strlen($Mdp) >= $config['size_user_mdp']) { $boolean_mdp = true; } else { $tab['ERROR']['Mdp'] = "Mots de passe trop court (min: " . $config['size_user_mdp'] . ")"; } if (champsMdpValable($Mdp)) { $mdpValable = true; } else { $tab['ERROR']['mdpValable'] = "Votre mot de passe contient des caractères indésirables"; } } else { $noMdp = true; } if (isset($Mdp) and isset($MdpBis) and $Mdp != $MdpBis) { $tab['ERROR']['Mdp'] = "Le mot de passe et le mot de passe de vérification sont différents"; } else { $mdpIdentique = true; } $tab['RETURN'] = ($boolean_mdp && $mdpValable || $noMdp and $boolean_name and !$nameExistant and !$mailExistant and $goodMdp && $mdpIdentique && $nameValable && $emailValable); if ($tab['RETURN']) { if (isset($UserName) and $userTest->getUserName() != $user->getUserName()) { $user->setUserName($UserName); } if (isset($Email) and $userTest->getEmail() != $user->getEmail()) { $user->setEmail($Email); } if (isset($Mdp) and strlen($Mdp) > 4 and hash("sha256", $userTest->getMdp() . $userTest->getSalt()) != $user->getMdp()) { $user->setMdp($Mdp); $user->setHashMdp(); } if (isset($tel) and $tel != $user->getTel()) { $user->setTel($tel); } $um->updateUserProfil($user); $userToReconnect = $um->getUserById($user->getId()); setSessionUser($userToReconnect); } return $tab; }