/** * Checking user login * @param String $email User login email id * @param String $password User login password * @return boolean User login status success/fail */ public function checkLogin($userName, $passwordInReq) { $query = "select user_name,password FROM ch_register_profile_master WHERE user_name = :username OR email_id = :emailId OR mobile_number = :mobileNo ORDER BY first_name"; // echo $query; $db = DB::getInstance(); $s = $db->prepare($query); $s->bindParam(':username', $userName, PDO::PARAM_STR); $s->bindParam(":emailId", $userName, PDO::PARAM_STR); $s->bindParam(":mobileNo", $userName, PDO::PARAM_STR); $s->execute(); // echo $s->fetchColumn(0); $num_rows = $s->rowCount(); if ($num_rows > 0) { $password_hash = $s->fetchColumn(1); //echo '1'; if (passwordHash::check_password($password_hash, $passwordInReq)) { // User password is correct //echo 'correct'; return TRUE; } else { // user password is incorrect //echo 'notcorrect'; return FALSE; } } }
if ($key != null) { $db = new DbHandler(); $email = $db->getOneRecord("select email from confirm where validation_key='{$key}'"); $uid = $db->getOneRecord("select uid from users where email='{$email}'"); $db->updateOneRecord("update users set active = '1' where uid='{$uid}'"); } require_once 'passwordHash.php'; $r = json_decode($app->request->getBody()); verifyRequiredParams(array('email', 'password'), $r->customer); $response = array(); $db = new DbHandler(); $password = $r->customer->password; $email = $r->customer->email; $user = $db->getOneRecord("select uid,name,password,email,created,role from users where email='{$email}' and active='1'"); if ($user != NULL) { if (passwordHash::check_password($user['password'], $password)) { $response['status'] = "success"; $response['message'] = 'Logged in successfully.'; $response['name'] = $user['name']; $response['uid'] = $user['uid']; $response['email'] = $user['email']; $response['createdAt'] = $user['created']; $resonpse['role'] = $user['role']; if (!isset($_SESSION)) { session_start(); } $_SESSION['uid'] = $user['uid']; $_SESSION['email'] = $email; $_SESSION['name'] = $user['name']; $_SESSION['role'] = $user['role']; } else {
}); // Actualizacion de clave $app->post('/userUpdclave', 'sessionAlive', function () use($app) { // Recupera los datos de la forma // $r = json_decode($app->request->getBody()); $user = $_SESSION['name']; $clave1 = $r->user->clave1; $r2 = array(); $response = array(); // $db = new DbHandler(); $usuario = $db->get1Record("call sp_sel_seg_usuario( '{$user}' )"); if ($usuario != NULL) { //if($clave == $usuario['clave']/*passwordHash::check_password($usuario['clave'],$clave)*/){ if (passwordHash::check_password($usuario['clave'], str_rot13($clave1))) { $column_names = array('id', 'clave2'); $r2['id'] = $usuario['id']; $r2['clave2'] = passwordHash::hash(str_rot13($r->user->clave2)); $resId = $db->updateRecord("call sp_upd_seg_usuario_clave(?,?)", $r2, $column_names, 'is'); if ($resId == 1) { $response['status'] = "info"; $response['message'] = 'Su clave ha sido actualizada'; } else { $response['status'] = "error"; $response['message'] = 'No pudo actualizarse la Clave'; } } else { $response['status'] = "error"; $response['message'] = "No se pudo validar al usuario o clave "; }
error_log($e->getMessage()); echoResponse(500, array($ir)); } }); $app->post('/Mobile/v1_0/Login', function () use($app) { try { require_once 'passwordHash.php'; $data = json_decode($app->request->getBody()); $response = array(); $username = $data->UserName; $password = $data->Password; $gate = $data->Gate; global $db; $rows = $db->select("users", "uid,username,password,fullname,email", array('username' => $username)); if ($rows["status"] === "success") { if (passwordHash::check_password($rows["data"][0]["password"], $password)) { $response['status'] = ""; $response['message'] = ""; $app->setCookie('.AspNet.ApplicationCookie', sha1('cookie')); echoResponse(200, $response); } else { $response['status'] = ""; $response['message'] = ""; echoResponse(401, $response); } } else { if ($gate) { $response['status'] = "error"; $response['message'] = 'No such user is registered.'; echoResponse(401, $response); } else {
/** * * @param string $name plain text password * * @dataProvider passwordProvider * @covers el_api_v1\passwordHash::check_password * @todo Implement testCheck_password($password). * */ public function testCheck_password($password) { $originalHash = $this->object->hash($password); $this->assertTrue($this->object->check_password($originalHash, $password)); }
$r = json_decode($app->request->getBody()); verifyRequiredParams(array('username', 'password'), $r); //cambio el nombre customer por user $clave = str_rot13($r->password); $user = $r->username; $response = array(); // // Verifica si los datos existen en la base de datos. // $db = new DbHandler(); $usuario = $db->get1Record("call sp_sel_seg_usuario( '{$user}' )"); $opciones = array(); // call sp_sel_seg_usuario( ? ) pusuario if ($usuario != NULL) { //if($clave == $usuario['clave']/*passwordHash::check_password($usuario['clave'],$clave)*/){ if (passwordHash::check_password($usuario['clave'], $clave)) { $response['status'] = "success"; $response['message'] = 'Ha ingresado al sistema.'; $response['name'] = $usuario['nombre']; $id = $response['uid'] = $usuario['id']; $response['email'] = $usuario['email']; $response['nombres'] = $usuario['nombres']; $response['apellidos'] = $usuario['apellidos']; $response['idrol'] = $usuario['idrol']; $idrol = $usuario['idrol']; $response['rol'] = $usuario['rol']; $response['idorganizacion'] = $usuario['idorganizacion']; $response['organizacion'] = $usuario['organizacion']; $response['idestado'] = $usuario['idestado']; $response['estado'] = $usuario['estado']; $response['fecha'] = $usuario['fecha'];