/** * Template loading and setup routine. */ public function __construct($initSession = TRUE) { self::$msgNotice[0] = _('Access Denied'); self::$msgNotice[1] = _('Login First Please'); parent::__construct(); $this->autoMinifiy = Lemon::config('core.output_minify'); // checke request is ajax $this->ajaxRequest = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'; $this->logon = Logon::getInstance(); $this->cookieLogon(); // do init session if ($initSession == TRUE) { $PHPSESSIONID = $this->input->get('PHPSESSIONID'); if (!empty($PHPSESSIONID)) { $this->sessionInstance = Session::instance($PHPSESSIONID); } else { $this->sessionInstance = Session::instance(); } $getLogonInfo = $this->logon->getLogonInfo(); if ($getLogonInfo['userId'] == 0 || $this->check_mgr && $getLogonInfo['mgrRole'] == Logon::$MGR_ROLE_LABEL_GUEST) { // 未登录用户才尝试去session里尝试获取一下用户信息。 $this->setLogonInfoBySession(); } } $this->userRoleLabel = $this->logon->getLogonInfoValueByKey('userRoleLabel', Logon::$USER_ROLE_LABEL_GUEST); $this->mgrRole = $this->logon->getLogonInfoValueByKey('mgrRole', Logon::$MGR_ROLE_LABEL_GUEST); // Load the app $this->template = new View($this->template); if ($this->autoRender == TRUE) { // Render the app immediately after the controller method Event::add('system.post_controller', array($this, '_render')); } }
{ $this->password = $password; } } class Logon { private $config; private $user_login; private $user_password; function __construct($user_login, $user_password) { $this->config = Config::getInstance(); $this->user_login = $user_login; $this->user_password = $user_password; } function validate() { if ($this->config->login == $this->user_login && $this->config->password == $this->user_password) { echo "User <br>"; } else { echo "Hacker <br>"; } } } $config = Config::getInstance(); $config->setLogin('root'); $config->setPassword('pass'); $user1 = new Logon('root', 'pass'); $user1->validate(); $user2 = new Logon('root', '1234'); $user2->validate();
/** * Creates an admin user if non exists * @param array $content - Content from previous routines * @return bool - true on success */ public function adminCreate($content) { // check for any exisiting admin users $adminAccess = array_filter($this->cfg->userLevels, function ($level) { $cfg = \w34u\ssp\Configuration::getConfiguration(); if ($level >= $cfg->adminLevel) { return true; } return false; }); $sql = ' select UserId from %s where UserAccess in (%s) '; $sql = sprintf($sql, $this->cfg->userTable, "'" . implode("','", array_keys($adminAccess)) . "'"); $this->db->query($sql, [], "SSP Admin Creation: Finding any admin users"); if ($this->db->numRows() > 0) { $content['admin_creation_status'] = $this->session->t('There are already admin users in the system, please delete these first if attempting to recover access to the system.'); } else { // create admin user $form = new sfc\Form(SSP_Path(), 'none', 'createAdminForm'); $form->tplf = 'adminCreateForm.tpl'; $form->errorAutoFormDisplay = false; if ($this->cfg->loginType === 0) { $form->fe('text', 'email', 'Admin email'); $form->currentElelementObject->required = true; $form->currentElelementObject->dataType = 'email'; } if ($this->cfg->loginType === 1) { $form->fe('text', 'userName', 'Admin user name'); $form->currentElelementObject->required = true; $form->currentElelementObject->dataType = 'email'; } $form->fe('text', 'password1', 'Password'); $form->currentElelementObject->required = true; $form->currentElelementObject->dataType = 'password'; $form->fe('text', 'password2', 'Repeat the password'); $form->currentElelementObject->required = true; $form->currentElelementObject->dataType = 'password'; if ($form->processForm($_POST)) { if (!$form->error) { if (strcmp($form->getField('password1'), $form->getField('password2')) === 0) { $userId = md5(uniqid($this->cfg->magicUser, true)); $userPassword = $this->session->cryptPassword($form->getField('password1')); $userDate = time(); $fields = array("UserId" => $userId, "UserPassword" => $userPassword, "UserAccess" => 'admin', "UserDateCreated" => $userDate, "CreationFinished" => "1"); if ($this->cfg->loginType === 0) { $fields['UserEmail'] = $form->getField('email'); } if ($this->cfg->loginType === 1) { $fields['UserName'] = $form->getField('userName'); } $this->db->insert($this->cfg->userTable, $fields, "SSP Admin Creation: Creating admin entry"); // create empty misc info $this->userMiscInit($userId); $userInfo = $this->db->get($this->cfg->userTable, array("UserId" => $userId), "Getting user info for auto login of admin on creation"); $login = new Logon($this->session, "", true, false); $login->userLoginCheck($userInfo); $content['admin_creation_status'] = $this->session->t('Admin user created'); } else { $form->setError('password1', 'Please check the passwords, they must be the same'); $content['form'] = $form->create(true); } } else { $content['form'] = $form->create(true); } } else { $content['form'] = $form->create(); } } $content['adminPath'] = $this->cfg->totalAdminScript; $tpl = new Template($content, 'adminCreate.tpl'); $mainTpl = $this->tpl(['content' => $tpl->output(), 'title' => 'Site database creation and intialisation'], true); return $mainTpl->output(); }
class Logon { private $config; private $user_login; private $user_password; function __construct($user_login, $user_password) { $this->config = Config::getInstance(); //вызов singleton $this->user_login = $user_login; $this->user_password = $user_password; } function Validate() { if ($this->config->login === $this->user_login and $this->config->password === $this->user_password) { print "Пользователь.<br>"; } else { print "Мошенник!<br>"; } } } // $obj = new Config(); //ошибка! $config = Config::getInstance(); $config->setLogin('root'); $config->setPassword('1234'); $user1 = new Logon('root', '1234'); $user1->Validate(); $user2 = new Logon('admin', '1234'); $user2->Validate(); ?>
public static function setLogonInfo($logonInfo) { self::$logonInfo = $logonInfo; }
function autoLogin($userTable) { // routine used in slave site to login remote user if (isset($_GET["remoteLoginToken"])) { $where = array("id" => $_GET["remoteLoginToken"], "userIp" => $_SERVER['REMOTE_ADDR']); $remoteLoginRecord = $this->db->get($this->sessionStatusTable, $where, "SSP Protect: gettting auto login record"); if ($remoteLoginRecord) { $where = array("UserName" => $remoteLoginRecord->userName); $userLoginInfo = $this->db->get($userTable, $where, "SSP Protect: getting user login information"); // create login record $login = new Logon($this, "", false, true); $login->logonCheck($userLoginInfo); session_write_close(); SSP_Divert(SSP_Path()); } } }