/**
* Template loading and setup routine.
*/
public function __construct($initSession = TRUE)
{
self::$msgNotice[0] = _('Access Denied');
self::$msgNotice[1] = _('Login First Please');
parent::__construct();
$this->autoMinifiy = Lemon::config('core.output_minify');
// checke request is ajax
$this->ajaxRequest = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest';
$this->logon = Logon::getInstance();
$this->cookieLogon();
// do init session
if ($initSession == TRUE) {
$PHPSESSIONID = $this->input->get('PHPSESSIONID');
if (!empty($PHPSESSIONID)) {
$this->sessionInstance = Session::instance($PHPSESSIONID);
} else {
$this->sessionInstance = Session::instance();
}
$getLogonInfo = $this->logon->getLogonInfo();
if ($getLogonInfo['userId'] == 0 || $this->check_mgr && $getLogonInfo['mgrRole'] == Logon::$MGR_ROLE_LABEL_GUEST) {
// 未登录用户才尝试去session里尝试获取一下用户信息。
$this->setLogonInfoBySession();
}
}
$this->userRoleLabel = $this->logon->getLogonInfoValueByKey('userRoleLabel', Logon::$USER_ROLE_LABEL_GUEST);
$this->mgrRole = $this->logon->getLogonInfoValueByKey('mgrRole', Logon::$MGR_ROLE_LABEL_GUEST);
// Load the app
$this->template = new View($this->template);
if ($this->autoRender == TRUE) {
// Render the app immediately after the controller method
Event::add('system.post_controller', array($this, '_render'));
}
}
{
$this->password = $password;
}
}
class Logon
{
private $config;
private $user_login;
private $user_password;
function __construct($user_login, $user_password)
{
$this->config = Config::getInstance();
$this->user_login = $user_login;
$this->user_password = $user_password;
}
function validate()
{
if ($this->config->login == $this->user_login && $this->config->password == $this->user_password) {
echo "User <br>";
} else {
echo "Hacker <br>";
}
}
}
$config = Config::getInstance();
$config->setLogin('root');
$config->setPassword('pass');
$user1 = new Logon('root', 'pass');
$user1->validate();
$user2 = new Logon('root', '1234');
$user2->validate();
/**
* Creates an admin user if non exists
* @param array $content - Content from previous routines
* @return bool - true on success
*/
public function adminCreate($content)
{
// check for any exisiting admin users
$adminAccess = array_filter($this->cfg->userLevels, function ($level) {
$cfg = \w34u\ssp\Configuration::getConfiguration();
if ($level >= $cfg->adminLevel) {
return true;
}
return false;
});
$sql = '
select
UserId
from
%s
where
UserAccess in (%s)
';
$sql = sprintf($sql, $this->cfg->userTable, "'" . implode("','", array_keys($adminAccess)) . "'");
$this->db->query($sql, [], "SSP Admin Creation: Finding any admin users");
if ($this->db->numRows() > 0) {
$content['admin_creation_status'] = $this->session->t('There are already admin users in the system, please delete these first if attempting to recover access to the system.');
} else {
// create admin user
$form = new sfc\Form(SSP_Path(), 'none', 'createAdminForm');
$form->tplf = 'adminCreateForm.tpl';
$form->errorAutoFormDisplay = false;
if ($this->cfg->loginType === 0) {
$form->fe('text', 'email', 'Admin email');
$form->currentElelementObject->required = true;
$form->currentElelementObject->dataType = 'email';
}
if ($this->cfg->loginType === 1) {
$form->fe('text', 'userName', 'Admin user name');
$form->currentElelementObject->required = true;
$form->currentElelementObject->dataType = 'email';
}
$form->fe('text', 'password1', 'Password');
$form->currentElelementObject->required = true;
$form->currentElelementObject->dataType = 'password';
$form->fe('text', 'password2', 'Repeat the password');
$form->currentElelementObject->required = true;
$form->currentElelementObject->dataType = 'password';
if ($form->processForm($_POST)) {
if (!$form->error) {
if (strcmp($form->getField('password1'), $form->getField('password2')) === 0) {
$userId = md5(uniqid($this->cfg->magicUser, true));
$userPassword = $this->session->cryptPassword($form->getField('password1'));
$userDate = time();
$fields = array("UserId" => $userId, "UserPassword" => $userPassword, "UserAccess" => 'admin', "UserDateCreated" => $userDate, "CreationFinished" => "1");
if ($this->cfg->loginType === 0) {
$fields['UserEmail'] = $form->getField('email');
}
if ($this->cfg->loginType === 1) {
$fields['UserName'] = $form->getField('userName');
}
$this->db->insert($this->cfg->userTable, $fields, "SSP Admin Creation: Creating admin entry");
// create empty misc info
$this->userMiscInit($userId);
$userInfo = $this->db->get($this->cfg->userTable, array("UserId" => $userId), "Getting user info for auto login of admin on creation");
$login = new Logon($this->session, "", true, false);
$login->userLoginCheck($userInfo);
$content['admin_creation_status'] = $this->session->t('Admin user created');
} else {
$form->setError('password1', 'Please check the passwords, they must be the same');
$content['form'] = $form->create(true);
}
} else {
$content['form'] = $form->create(true);
}
} else {
$content['form'] = $form->create();
}
}
$content['adminPath'] = $this->cfg->totalAdminScript;
$tpl = new Template($content, 'adminCreate.tpl');
$mainTpl = $this->tpl(['content' => $tpl->output(), 'title' => 'Site database creation and intialisation'], true);
return $mainTpl->output();
}
class Logon
{
private $config;
private $user_login;
private $user_password;
function __construct($user_login, $user_password)
{
$this->config = Config::getInstance();
//вызов singleton
$this->user_login = $user_login;
$this->user_password = $user_password;
}
function Validate()
{
if ($this->config->login === $this->user_login and $this->config->password === $this->user_password) {
print "Пользователь.<br>";
} else {
print "Мошенник!<br>";
}
}
}
// $obj = new Config(); //ошибка!
$config = Config::getInstance();
$config->setLogin('root');
$config->setPassword('1234');
$user1 = new Logon('root', '1234');
$user1->Validate();
$user2 = new Logon('admin', '1234');
$user2->Validate();
?>
public static function setLogonInfo($logonInfo)
{
self::$logonInfo = $logonInfo;
}
function autoLogin($userTable)
{
// routine used in slave site to login remote user
if (isset($_GET["remoteLoginToken"])) {
$where = array("id" => $_GET["remoteLoginToken"], "userIp" => $_SERVER['REMOTE_ADDR']);
$remoteLoginRecord = $this->db->get($this->sessionStatusTable, $where, "SSP Protect: gettting auto login record");
if ($remoteLoginRecord) {
$where = array("UserName" => $remoteLoginRecord->userName);
$userLoginInfo = $this->db->get($userTable, $where, "SSP Protect: getting user login information");
// create login record
$login = new Logon($this, "", false, true);
$login->logonCheck($userLoginInfo);
session_write_close();
SSP_Divert(SSP_Path());
}
}
}
