public function run($static = false) { $form = new Form(); $form->post('login')->val('blank')->post('password')->val('blank'); if (!$form->submit()) { // Error $this->_error($static); return false; } $data = $form->fetch(); $login = $data['login']; $password = Hash::create('sha256', $data['password'], PASS_HASH_KEY); $query = "SELECT userid, login, role FROM user WHERE login = :login AND password = :password"; if (!($result = $this->db->select($query, array(':login' => $login, ':password' => $password)))) { $this->_error($static); return false; } Session::init(); Session::set('userid', $result[0]['userid']); Session::set('login', $result[0]['login']); Session::set('role', $result[0]['role']); Session::set('loggedIn', true); if ($static) { header('location:' . URL . 'dashboard'); } echo json_encode('success'); }
public function auth() { $user = new User(); $username = $_POST['username']; $password = Hash::create('md5', $_POST['password'], HASH_SALT_KEY); $data = $user->getUser($username, $password); foreach ($data as $value) { $this->user = $value->get('nama_user'); $this->nama = $value->get('namaPegawai'); $this->role = $value->get('role'); $this->bagian = $value->get('bagian'); } $int = count($data); $this->view->error = array(); if ($int > 0) { @Session::createSession(); Session::set('loggedin', true); Session::set('user', $this->user); Session::set('nama', $this->nama); Session::set('role', $this->role); Session::set('bagian', $this->bagian); $log = new Log(); $log->addLog(Session::get('user'), 'LOGIN', ''); unset($log); // header('location:../home'); echo json_encode(array('status' => 'success')); } else { // $this->view->error['invalid'] = 'Akun tidak ditemukan'; //header('location:../login'); // $this->view->render('login/index'); // echo 'Akun tidak ditemukan'; echo json_encode(array('status' => 'error', 'message' => 'Akun tidak ditemukan')); } }
public function run() { /* * md5 is a 32 bit hash */ $statement = $this->db->prepare("SELECT id, role FROM users WHERE login = :user AND password = :pass"); $statement->execute(array(':user' => $_POST['user'], ':pass' => Hash::create('sha256', $_POST['pass'], HASH_KEY))); /* * The Obj returned by $statement was 'Array of Arrays' */ $result = $statement->fetchAll(); //$statement returns an Array of objects //print_r($result); //echo '</br>'; $data = $result['0']; //print_r($data); //echo '</br>role='.$data['role']; $count = $statement->rowCount(); if ($count > 0) { //log in the user Session::init(); Session::set('userid', $data['id']); Session::set('role', $data['role']); Session::set('loggedIn', true); header('location: ../dashboard'); } else { //show an error header('location: ../login'); } }
public function run() { $login = $_POST['login']; $password = $_POST['password']; /* PDO */ $res = $this->db->prepare("SELECT userid, role FROM users WHERE\n login = :login AND password = :password"); $res->execute(array(':login' => $login, ':password' => Hash::create(HASH_METHOD, $password, HASH_PASSWORD_KEY))); // $data = $res->fetchAll(); $count = $res->rowCount(); /* mysqli */ /*$res = $this->db->prepare("select id from users where login = ? and password = MD5(?)"); $res->bind_param("ss",$login,$password); $res->execute(); $res->bind_result($ret); $res->fetch();*/ $data = $res->fetch(); if ($count > 0) { //login Session::init(); Session::set('role', $data['role']); Session::set('loggedIn', true); Session::set('userid', $data['userid']); header('Location:../dashboard'); exit; } else { //show an Error header('Location:../login'); exit; } // return $ret; }
public function editSave($data) { $myTable = 'users'; $postData = array('login' => $data['login'], 'password' => Hash::create('sha256', $data['password'], HASH_PASSWORD_KEY), 'role' => $data['role']); $where = "`id` = {$data['id']}"; $this->db->update($myTable, $postData, $where); }
function changePass() { Auth::handleClientLogin(); $data['client_id'] = Session::get('client_id'); $client_pass = $this->model->getPass(); $client_old_pass = Hash::create('md5', $_POST['client_old_pass'], HASH_PASSWORD_KEY); if ($client_pass[0]['client_pass'] != $client_old_pass) { echo -2; exit; } if ($_POST['client_old_pass'] == '' || $_POST['client_pass_1'] == '' || $_POST['client_pass_2'] == "") { echo -1; exit; } if (strlen($_POST['client_pass_1']) < 6 || strlen($_POST['client_pass_2']) < 6) { echo 0; exit; } if ($_POST['client_pass_1'] != $_POST['client_pass_2']) { echo 1; exit; } $data['client_pass'] = Hash::create('md5', $_POST['client_pass_2'], HASH_PASSWORD_KEY); $this->model->changePass($data); }
/** * @covers ::__construct * @covers ::create * @covers ::set * @covers ::has * @covers ::get * @covers ::_filterName */ public function testCreate() { $this->assertInstanceOf(__NAMESPACE__ . '\\Hash', $hash = Hash::create(Hash::NO_CASE_SENSITIVE, ['a' => 'b'], ['c' => 'd'], ['hoge' => 'XYZ'], ['hOgE' => 'ABC'])); $this->assertTrue($hash->has('HoGe')); $this->assertEquals('ABC', $hash->get('HoGe')); $this->assertEquals('not_exists', $hash->get('NotExists', 'not_exists')); return $hash; }
public function validateUser($userName, $password, AuthenticationManager $authenticationManager) { ResultHelper::whenEqual($password, null, AppLabelUtil::$ERROR_USER_NOT_FOUND, HttpStatusCode::badRequest()); $user = $this->userService->validateUser($userName, $password); ResultHelper::whenEmpty($user, AppLabelUtil::$ERROR_USER_NOT_FOUND, HttpStatusCode::unauthorized()); $token = Hash::create("sha256", mcrypt_create_iv(64, MCRYPT_DEV_URANDOM), HASH_USER_TOKEN_KEY); $authenticationManager->createValidationToken($user->getId(), $user->getRole()->getName(), $token); return $this->userMapper->mapUserToDto($user, $token); }
public function editSave($data) { $postData = array('login' => $data['login'], 'password' => Hash::create(HASH_METHOD, $data['password'], HASH_PASSWORD_KEY), 'role' => $data['role'], 'userid' => $data['userid']); $this->db->update('users', $postData, "`userid`= {$data['userid']}"); $res = $this->db->prepare('UPDATE users SET `login`=:login, `password`=:password, `role`=:role WHERE userid=:userid '); $res->execute(array(':login' => $data['login'], ':password' => Hash::create(HASH_METHOD, $data['password'], HASH_PASSWORD_KEY), ':role' => $data['role'], ':userid' => $data['userid'])); }
public function createResetToken(User $user) { ResultHelper::whenEmpty($user->getEmail(), AppLabelUtil::$ERROR_USER_NO_EMAIL, HttpStatusCode::internalServerError()); $tokenHash = Hash::create("sha256", mcrypt_create_iv(64, MCRYPT_DEV_URANDOM), HASH_GENERAL_KEY); $this->mailService->setMailHeading(array($user->getEmail() => $user->getFirstName() . " " . $user->getLastName())); $this->mailService->setBody("Instellen van uw wachtwoord", "Beste gebruiker, gelieve de volgende link te gebruiken om uw wachtwoord in te stellen: " . URL . "#/reset/token/" . $tokenHash); $this->mailService->sendMail(); $resetToken = $this->resetTokenFactory->createResetToken($user->getId(), $tokenHash); $this->resetTokenDao->create($resetToken); }
public function editSave($data) { $password = Hash::create('sha256', $data['password'], HASH_PASSWORD_KEY); $user = new User(); $existingUser = $user->findById($data['id']); $existingUser->setId($data['id']); $existingUser->setLogin($data['login']); $existingUser->setPassword($password); $existingUser->setRole($data['role']); $existingUser->update(true); }
public function editSave($id) { //Form is posted from the Edit page, Do the Error check $data = array(); $data['id'] = $id; $data['login'] = $_POST['login']; $data['password'] = Hash::create('sha256', $_POST['password'], HASH_KEY); $data['role'] = $_POST['role']; //Do the Error checking $this->model->RunEditSave($data); header('location: ' . URL . 'users'); }
/** * update * @param String $table A name of table to insert into * @param String $data An associative array * @param String $where the WHERE query part */ public function update($table, $data, $where) { ksort($data); $data['password'] = Hash::create('md5', $data['password'], HASH_KEY); $arrTemp = array(); foreach ($data as $key => $value) { $arrTemp[$key] = $key . "=" . "'{$value}'"; } $fieldValues = implode(",", array_values($arrTemp)); $pquery = $this->prepare("UPDATE {$table} SET {$fieldValues} WHERE {$where}"); $pquery->execute(); }
function clientLogin($data) { $sql = "SELECT client_id,client_username FROM client WHERE client_email = :client_email AND client_pass = :client_pass AND client_is_active = 1"; $client = array(':client_email' => $data['email_login'], ':client_pass' => Hash::create('md5', $data['pass_login'], HASH_PASSWORD_KEY)); $result = $this->db->select($sql, $client); if (isset($result[0]['client_id'])) { Session::init(); Session::set('client_id', $result[0]['client_id']); Session::set('client_username', $result[0]['client_username']); } echo json_encode($result); }
public function save() { $password = $this->model->generate_password(); $this->model->mail($_POST['email'], $_POST['name'], $password); $data = array("name" => $_POST['name'], "email" => $_POST['email'], "password" => Hash::create($password)); if ($_POST['type'] == 'create') { $this->model->create($data); } if ($_POST['type'] == 'edit') { $this->model->edit($data, $_POST['id']); } header("Location: " . URL . "user"); }
public static function create($data) { global $REG; /* Create a part of token using secretKey and other stuff */ $tokenGeneric = $REG->secret_key . $_SERVER["SERVER_NAME"]; $salt = 'salt'; if (isset($REG)) { $salt = $REG->hash_gen_key; } /* Encoding token */ $token = Hash::create('sha256', $tokenGeneric . $data, $salt); return $token; }
/** * Run */ public function run() { $data = array(":name" => $_POST["login_username"], ":password" => Hash::create($_POST["login_password"])); $user = $this->db->select("SELECT id FROM Users WHERE name = :name AND password = :password", $data); if (count($user) > 0) { Session::init(); Session::set('logged_on', true); Session::set('user_id', $user[0]['id']); header("Location: " . URL . "index"); } else { header("Location: " . URL . "login"); } }
public function run() { $sth = $this->db->prepare("SELECT UserId FROM user WHERE \n\t\t\t\tUserName = :username AND Password = :password"); $sth->execute(array(':username' => $_POST['username'], ':password' => Hash::create('md5', $_POST['password'], HASH_PASSWORD_KEY))); $data = $sth->fetch(); $count = $sth->rowCount(); if ($count > 0) { // login Session::init(); Session::set('id', $data['UserId']); echo $data['UserId']; } }
public static function isRequestAuthenticated($hash_key = NULL) { if (is_null($hash_key)) { return false; die; } else { $api_key = Hash::create("sha256", API_KEY_WORD, HASH_PASSWORD_KEY); if ($api_key == $hash_key) { return true; } else { return false; } } }
public function run() { $query = $this->db->prepare("SELECT userid FROM users WHERE \n\t\t\t\tlogin = :login AND password = :password"); $query->execute(array(':login' => $_POST['login'], ':password' => Hash::create('sha256', $_POST['password'], HASH_PASSWORD_KEY))); $data = $query->fetch(); $count = $query->rowCount(); if ($count > 0) { // login Session::init(); Session::set('loggedIn', true); Session::set('userid', $data['userid']); header('location: ../index'); } else { header('location: ../login'); } }
public function run() { $sth = $this->db->prepare("SELECT id, role FROM users WHERE \n\t\t\t\tlogin = :login AND password = :password"); $sth->execute(array(':login' => $_POST['login'], ':password' => Hash::create('md5', $_POST['password'], HASH_PASSWORD_KEY))); $data = $sth->fetch(); $count = $sth->rowCount(); if ($count > 0) { // login Session::init(); Session::set('role', $data['role']); Session::set('loggedIn', true); header('location: ../dashboard'); } else { header('location: ../login'); } }
public function editSave($data) { $postData = array('username' => $data['username'], 'password' => Hash::create('md5', $data['password'], MY_HASH_PASSWORD_KEY), 'role' => $data['role']); //$this->db->update('users', $postData , "'id' = {$data['id']}"); $this->db->update('user', $postData, " 'userid' = {$data['userid']} "); // $sth = $this->db->prepare('UPDATE users // SET `username` = :username, `password` = :password, `role` = :role // WHERE id = :id // '); // $sth->execute(array( // ':id' => $data['id'], // ':username' => $data['username'], // ':password' => Hash::create('md5', $_POST['password'], MY_HASH_PASSWORD_KEY), // ':role' => $data['role'] // )); }
public function run() { $sth = $this->db->prepare("SELECT user_id, role, login FROM users WHERE \n login = :login AND password = :password"); $sth->execute(array(':login' => $_POST['login'], ':password' => Hash::create('sha256', $_POST['password'], HASH_PASSWORD_KEY))); $data = $sth->fetch(); var_dump($data); $count = $sth->rowCount(); if ($count > 0) { Session::init(); Session::set('login', $data['login']); Session::set('role', $data['role']); Session::set('loggedIn', true); Session::set('userid', $data['user_id']); } else { header('location: ../login'); } }
public function run() { $l_oSth = $this->db->prepare("SELECT user_id, role_id FROM user WHERE user_name = :name AND user_pwd = :password"); $l_oSth->execute(array(':name' => $_POST['login'], ':password' => Hash::create('sha256', $_POST['password'], HASH_PASSWORD_KEY))); $data = $l_oSth->fetch(); $count = $l_oSth->rowCount(); if ($count > 0) { Session::init(); Session::set('role_id', $data['role_id']); Session::set('loggedIn', true); Session::set('user_id', $data['user_id']); Session::set('user_name', $_POST['login']); header('location: ' . URL . 'admin_artist'); } else { header('location: ' . URL . 'login'); } }
public function run() { $sth = $this->db->prepare("\n\t\t\tSELECT userid,role FROM user\n\t\t\tWHERE username = :username AND password = :password"); $sth->execute(array(':username' => $_POST['username'], ':password' => Hash::create('md5', $_POST['password'], MY_HASH_PASSWORD_KEY))); $data = $sth->fetch(); $count = $sth->rowCount(); if ($count > 0) { //login Session::init(); Session::set('role', $data['role']); Session::set('loggedIn', true); Session::set('userid', $data['userid']); header('location: ../dashboard'); } else { //show error header('location: ../login'); } }
public function login() { if (isset($_POST['user'])) { $user = $_POST['user']; $pass = $_POST['pass']; $pwd = Hash::create('sha1', $pass, HASH_SALT_KEY); $cuser = new User($this->registry); $res = $cuser->login($user, $pwd); switch ($res[1]) { case 1: $role = 'admin'; break; case 2: $role = 'koordinator'; break; case 3: $role = 'inputer'; break; default: $role = 'guest'; } if ((int) $res[0] == 1) { $pegawai = new Pegawai($this->registry); $data = $pegawai->get($res[3]); Session::createSession(); Session::set('loggedin', TRUE); Session::set('nama', $data[0]['nama']); Session::set('user', $res[2]); Session::set('role', $role); Session::set('id_user', $res[4]); header('location:' . URL); } else { if ((int) $res[0] == 0) { $this->view->add_error('error', "user tidak ditemukan!"); $this->view->load('admin/login'); } else { $this->view->add_error('error', "database tidak valid!"); $this->view->load('admin/login'); } } } else { $this->view->load('admin/login'); } }
public function sendRequestPassword() { if (isset($_POST['email_address'])) { if ($_POST['email_address'] != "") { $data['new_pass'] = bin2hex(openssl_random_pseudo_bytes(3)); $data['client_email'] = $_POST['email_address']; //Nội dung email $body = '<h1>WAHANDA Thông Báo</h1>'; $body .= '<p>Bạn đã yêu cầu đổi password trên http:' . URL . '</p>'; $body .= '<p>Mật khẩu đăng nhập mới trên WAHANDA của bạn là: <h3><strong><i>' . $data['new_pass'] . '</i></strong></h3></p>'; $body .= '<p>Hãy đăng nhập lại và đổi password của bạn nhé ( ^.^!) </p>'; $body .= '<p>Chúc một bạn ngày mới tốt lành</p>'; $body .= '<div align="right"><small><i><b>Ban quản trị Wahanda</b></i></small></div>'; //Gửi mail local $mail = new PHPMailer(TRUE); $mail->CharSet = "UTF-8"; // create a new object $mail->IsSMTP(); // enable SMTP $mail->SMTPDebug = 1; // debugging: 1 = errors and messages, 2 = messages only $mail->SMTPAuth = true; // authentication enabled $mail->SMTPSecure = 'ssl'; // secure transfer enabled REQUIRED for GMail $mail->Host = "smtp.gmail.com"; $mail->Port = 465; // or 587 $mail->IsHTML(true); $mail->Username = "******"; $mail->Password = "******"; $mail->SetFrom("*****@*****.**"); $mail->Subject = "Xác nhận yêu cầu đổi password từ Wahanda!"; $mail->Body = $body; $mail->AddAddress($data['client_email']); if (!$mail->Send()) { echo "Mailer Error: " . $mail->ErrorInfo; } else { $data['new_pass'] = Hash::create('md5', $data['new_pass'], HASH_PASSWORD_KEY); $this->model->sendRequestPassword($data); } } } }
public function entrar() { $consulta = $this->db->prepare("SELECT id, rol,nombre from usuarios WHERE login = :login AND password = :password"); $consulta->execute(array(':login' => $_POST['nick'], ':password' => Hash::create('md5', $_POST['clave']))); //Hash::create('md5', $_POST['clave']) $data = $consulta->fetch(); $contar = $consulta->rowCount(); if ($contar > 0) { Session::init(); Session::set('rol', $data['rol']); Session::set('logeado', true); Session::set('usuario', $data['nombre']); Session::set('id_usuario', $data['id']); header('location: ' . URL . 'index'); //logear } else { header('location: ../login'); } }
public function login($return_url = '') { global $REG; $this->_setting = $REG; try { //print_r($_SERVER); die(); $form = new Form(); $form->post('email')->val('minlength', 3)->post('password')->val('minlength', 6)->post('remember'); $form->submit(); print 'Form passed'; $postf = $form->fetch(); $password = Hash::create('md5', $postf['password'], $this->_setting->hash_pass_key); // print "<pre>"; // print_r($postf); // print $password; // print "</pre>"; $sth = $this->db->prepare("SELECT a.id, a.username, a.email, a.password, c.role FROM users a INNER JOIN user_roles b ON b.user_id = a.id INNER JOIN roles c ON b.user_role = c.id WHERE a.username =:username AND a.password =:password"); $sth->bindValue(':username', $postf['email']); $sth->bindValue(':password', $password); $sth->execute(); //$sth->execute(array(':username' => $postf['email'], ':password' => $password)); $data = $sth->fetch(); $count = $sth->rowCount(); if ($count > 0) { // login Session::set('user', $data); Session::set('loggedIn', true); Auth::rememberLogin($postf['remember']); $return_url == '' ? header('location: ../index.php') : header('location: ' . $this->_setting->url . $return_url); // if ($return_url == '') { // header('location: ../index.php'); // } else { // header('location: '. $this->_setting->url . $return_url); // } exit; } else { return 'Login could not be processed'; } } catch (Exception $e) { return $e->getMessage(); } }
public function run() { $email = $_POST['email']; $password = $_POST['password']; if (isset($email) || isset($password)) { $sth = $this->db->prepare('SELECT id FROM ' . DB_SUFIX . 'users WHERE email=:email AND password=:password'); $sth->execute(array(':email' => $_POST['email'], ':password' => Hash::create('md5', $_POST['password'], HASH_KEY))); $data = $sth->fetchAll(); $count = $sth->rowCount(); if ($count > 0) { Session::init(); Session::set(SESSION_KEY, true); header('location: ../' . REWRITE_CNT); } else { header('location: ../' . REWRITE_CNT_ERROR); } } else { header('location: ../' . REWRITE_CNT_ERROR); } }