public function log() { $usermanager = new \Manager\UserManager(); $auth = new \W\Security\AuthentificationManager(); $passwordError = ""; if ($_POST) { if ($_POST['logger'] == null || $_POST['password'] == null) { $passwordError = "vide!"; } else { $logger = $_POST['logger']; $password = $_POST['password']; $pos = strpos($logger, '@'); //on test sur le champ username if ($pos === false) { $username = $logger; if ($usermanager->usernameExists($username)) { if ($auth->isValidLoginInfo($username, $password)) { $user = $usermanager->getUserByUsernameOrEmail($username); $auth->logUserIn($user); if ($_POST['remember']) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true); } $this->show('logger/log', ["passwordError" => $passwordError]); } else { $passwordError = "Wrong login/mp couple!"; } } else { $passwordError = "Login not found!"; } } else { //sinon le log contient un @ c'est un email dc verification dans la BDD sur le champ email $email = $logger; if ($usermanager->emailExists($email)) { if ($auth->isValidLoginInfo($email, $password)) { $user = $usermanager->getUserByUsernameOrEmail($email); $auth->logUserIn($user); if ($_POST['remember']) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true); } $this->show('logger/log', ["passwordError" => $passwordError]); } else { $passwordError = "Wrong email/mp couple!"; } } else { $passwordError = "Email not found"; } } } } $this->show('logger/log', ["passwordError" => $passwordError]); }
/** * Page de connexion */ public function login() { if (isset($_POST['login-submit'])) { // Si on a reçu une soumission de formulaire if (!isset($_POST['email']) || empty($_POST['email']) || !isset($_POST['password']) || empty($_POST['password'])) { // S'il manque des informations $this->redirectToRoute('login'); } $authManager = new \W\Security\AuthentificationManager(); $userId = $authManager->isValidLoginInfo($_POST['email'], $_POST['password']); if ($userId) { // Les infos sont cohérentes $usersManager = new \Manager\UserManager(); $user = $usersManager->find($userId); unset($user['password']); // Enregistrement des infos utilisateur en session $authManager->logUserIn($user); // Retour à l'accueil $this->redirectToRoute('home'); } // Si il y a une erreur dans le login ou le mot de passe $this->show('default/login', ['errorConnection' => true]); } // on va sur la page de login de base $this->show('default/login'); }
/** * Login de l'utilisateur * Affichage de la page des choriste **/ public function login() { $userLogin = new \W\Security\AuthentificationManager(); if ($this->getuser() != NULL) { $this->redirectToRoute('choristes_actus'); // si l'utilisateur est deja connecté on le renvoi vers le coin des choristes } if (isset($_POST['sent'])) { // si il n'est pas connecté il arrive sur le formulaire de connexion ou il renseigne mail et mdp $login = $_POST['login']; $password = $_POST['password']; $id = $userLogin->isValidLoginInfo($login, $password); if ($id) { $findUser = new \Manager\UsersManager(); $user = $findUser->find($id); $userLogin->logUserIn($user); $this->getUser(); $this->redirectToRoute('choristes_actus'); } } $this->show('default/login'); }
public function login() { if (isset($_POST['login-submit'])) { // Si on a reçu une soumission de formulaire if (!isset($_POST['login']) || empty($_POST['login']) || !isset($_POST['password']) || empty($_POST['password'])) { // S'il manque des informations $this->redirectToRoute('login'); } $authManager = new \W\Security\AuthentificationManager(); $userId = $authManager->isValidLoginInfo($_POST['login'], $_POST['password']); if ($userId) { // Les infos sont coherentes $usersManager = new \Manager\UsersManager(); $user = $usersManager->find($userId); unset($user['password']); // Enregistrement des infos utilisateur en session $authManager->logUserIn($user); $this->redirectToRoute('todolist_list'); } $this->show('default/login', ['errorConnection' => true]); } $this->show('default/login'); }
public function login() { function securise($string) { if (ctype_digit($string)) { $string = intval($string); } else { $string = mysql_real_escape_string($string); $string = addcslashes($string, '%_'); $string = htmlspecialchars($string); } return $string; } if (isset($_POST['login-submit'])) { // Si on a reçu une soumission de formulaire if (!isset($_POST['login']) || empty($_POST['login']) || !isset($_POST['password']) || empty($_POST['password'])) { // S'il manque des informations $this->redirectToRoute('login'); } $authManager = new \W\Security\AuthentificationManager(); $login = securise($_POST['login']); $password = securise($_POST['password']); $userId = $authManager->isValidLoginInfo($login, $password); if ($userId) { // Les infos sont coherentes $usersManager = new \Manager\UsersManager(); $user = $usersManager->find($userId); unset($user['password']); // insertion des datas initiales en db // Enregistrement des infos utilisateur en session $authManager->logUserIn($user); $this->redirectToRoute('backoffice'); } $this->show('Default/login', ['errorConnection' => true]); } $this->show('Default/login'); }
public function log() { $usermanager = new \Manager\UserManager(); $auth = new \W\Security\AuthentificationManager(); unset($_SESSION['error']); $isValid = true; if ($_POST) { if (\isIsset($_POST)) { $logger = $_POST['logger']; $password = $_POST['password']; $pos = strpos($logger, '@'); //on test sur le champ username if ($pos === false) { $username = $logger; if ($usermanager->usernameExists($username)) { if ($auth->isValidLoginInfo($username, $password)) { $user = $usermanager->getUserByUsernameOrEmail($username); $auth->logUserIn($user); if (isset($_POST['remember'])) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', 'mudeo.dev', false, true); } $return = \confirmAccount($user['token_timestamp']); $_SESSION['error']['log'] = $return[1]; } else { $isValid = false; $_SESSION['error']['log'] = "Wrong login/mp couple!"; } } else { $isValid = false; $_SESSION['error']['log'] = "Login not found!"; } } else { //sinon le log contient un @ c'est un email dc verification dans la BDD sur le champ email $email = $logger; if (filter_var($email, FILTER_VALIDATE_EMAIL)) { if ($usermanager->emailExists($email)) { if ($auth->isValidLoginInfo($email, $password)) { $user = $usermanager->getUserByUsernameOrEmail($email); $auth->logUserIn($user); if (isset($_POST['remember'])) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', 'localhost', false, true); } $return = \confirmAccount($user['token_timestamp'], $_SESSION['user']['subscription']); $isValid = $return[0]; $_SESSION['error']['log'] = $return[1]; } else { $isValid = false; $_SESSION['error']['log'] = "Mauvais couple email/mot de passe !"; } } else { $isValid = false; $_SESSION['error']['log'] = "Email pas présent dans la base ! "; } } else { $isValid = false; $_SESSION['error']['log'] = "Le format de l'email n'est pas valide !"; } } // fin si mail } else { $isValid = false; $_SESSION['error']['log'] = "Veuillez remplir tous les champs !"; } } if ($isValid) { $this->redirectToRoute('userhome'); } else { $this->redirectToRoute('home'); } }
/** * Page de connexion */ public function login() { $errorconnect = ''; // vérification de la combinaison d'email et mdp présents en bdd if (!empty($_POST)) { $email = $_POST['email']; $password = $_POST['password']; if (isset($_POST['stayLogin'])) { $stayLogin = $_POST['stayLogin']; } else { $stayLogin = false; } $authentificationManager = new \W\Security\AuthentificationManager(); $result = $authentificationManager->isValidLoginInfo($email, $password); // si identifiants OK if ($result > 0) { // on récupère l'email en base de donnée $userManager = new \Manager\UserManager(); $user = $userManager->find($result); // on le connecte $authentificationManager->logUserIn($user); // on crée un cookies si l'utilisateur veut rester connecté if ($stayLogin) { // création d'un token pour le cookie $token = \W\Security\StringUtils::randomString(32); // hask du tocken et json_encode du value du cookies $tokenHash = password_hash($token, PASSWORD_DEFAULT); $value = json_encode(["id" => $user['id'], "token" => $token]); setcookie("kikala_remember_me", $value, time() + 3660, '/'); // MAJ de la BDD avec le token du cookie $userManager->update(['tokenCookie' => $tokenHash], $user['id']); } $this->redirectToRoute("home"); } else { $errorconnect = "Email inconnu ou mot de passe incorrect"; } } // affiche la page $this->show('user/login', ['error' => $errorconnect]); }