public function runUninstall() { $userList = new \fpcm\model\users\userList(); $userId = $userList->getUserIdByUsername('support'); if (!$userId) { return true; } $user = new \fpcm\model\users\author($userId); if ($user->exists()) { return $user->delete(); } return true; }
/** * Prüft ob Kombination Benutzer und Passwort existiert * @param string $username * @param string $password * @return bool Ja, wenn Benutzer + Passwort vorhanden ist */ public function checkUser($username, $password) { $userList = new \fpcm\model\users\userList(); $userid = $userList->getUserIdByUsername($username); if (!$userid) { trigger_error('Login failed for username ' . $username . '! User not found. Request was made by ' . \fpcm\classes\http::getIp()); return false; } $user = new \fpcm\model\users\author($userid); if ($user->getDisabled()) { trigger_error('Login failed for username ' . $username . '! User is disabled. Request was made by ' . \fpcm\classes\http::getIp()); return \fpcm\model\users\author::AUTHOR_ERROR_DISABLED; } if (\fpcm\classes\security::createPasswordHash($password, $user->getPasswd()) == $user->getPasswd()) { $timer = time(); $this->login = $timer; $this->lastaction = $timer; $this->logout = 0; $this->userid = $userid; $this->sessionid = \fpcm\classes\security::createSessionId(); $this->ip = \fpcm\classes\http::getIp(); $this->sessionExists = true; return true; } trigger_error('Login failed for username ' . $username . '! Wrong username or password. Request was made by ' . \fpcm\classes\http::getIp()); return false; }
/** * Request-Handler * @return boolean */ public function request() { if ($this->session->exists()) { $this->redirect('system/dashboard'); } if (!$this->maintenanceMode(false)) { return false; } $this->pageTokenOk = $this->checkPageToken(); session_start(); $this->loginLocked(); if ($this->buttonClicked('login') && !is_null($this->getRequestVar('login')) && !$this->loginLocked && $this->pageTokenOk) { $data = $this->getRequestVar('login'); $data = $this->events->runEvent('loginBefore', $data); $session = new \fpcm\model\system\session(); $loginRes = $session->checkUser($data['username'], $data['password']); if ($loginRes === \fpcm\model\users\author::AUTHOR_ERROR_DISABLED) { $this->currentAttempts = $this->config->system_loginfailed_locked; $this->view->addErrorMessage('LOGIN_FAILED_DISABLED'); if ($this->currentAttempts == $this->config->system_loginfailed_locked) { $this->loginLocked(); } } elseif ($loginRes === true && $session->save() && $session->setCookie()) { session_destroy(); $this->redirect('system/dashboard'); } else { $this->currentAttempts++; \fpcm\classes\http::setSessionVar('loginAttempts', $this->currentAttempts); $this->view->addErrorMessage('LOGIN_FAILED'); if ($this->currentAttempts == $this->config->system_loginfailed_locked) { $this->loginLocked(); } } } if ($this->buttonClicked('reset') && !is_null($this->getRequestVar('username')) && !is_null($this->getRequestVar('email')) && !$this->loginLocked && $this->pageTokenOk) { $userList = new \fpcm\model\users\userList(); $id = $userList->getUserIdByUsername($this->getRequestVar('username')); if (!$id) { $this->redirect(); } $user = new \fpcm\model\users\author($id); if ($user->getEmail() == $this->getRequestVar('email') && $user->resetPassword()) { $this->view->addNoticeMessage('LOGIN_PASSWORD_RESET'); } else { \fpcm\classes\logs::syslogWrite("Passwort reset for user id {$user->getUsername()} failed."); $this->view->addErrorMessage('LOGIN_PASSWORD_RESET_FAILED'); } } if (!is_null($this->getRequestVar('nologin'))) { $this->view->addErrorMessage('LOGIN_REQUIRED'); } $reset = !is_null($this->getRequestVar('reset')) ? true : false; $this->view->assign('resetPasswort', $reset); $this->view->assign('noFullWrapper', true); return true; }