Esempio n. 1
0
 function execute()
 {
     global $login_customer_id, $messageStack, $oscTemplate;
     $OSCOM_Db = Registry::get('Db');
     $error = false;
     if (isset($_GET['action']) && $_GET['action'] == 'process' && isset($_POST['formid']) && $_POST['formid'] == $_SESSION['sessiontoken']) {
         $email_address = HTML::sanitize($_POST['email_address']);
         $password = HTML::sanitize($_POST['password']);
         // Check if email exists
         $Qcustomer = $OSCOM_Db->get('customers', ['customers_id', 'customers_password'], ['customers_email_address' => $email_address], null, 1);
         if ($Qcustomer->fetch() === false) {
             $error = true;
         } else {
             // Check that password is good
             if (!Hash::verify($password, $Qcustomer->value('customers_password'))) {
                 $error = true;
             } else {
                 // set $login_customer_id globally and perform post login code in catalog/login.php
                 $login_customer_id = $Qcustomer->valueInt('customers_id');
                 // migrate old hashed password to new php password_hash
                 if (Hash::needsRehash($Qcustomer->value('customers_password'))) {
                     $OSCOM_Db->save('customers', ['customers_password' => Hash::encrypt($password)], ['customers_id' => $login_customer_id]);
                 }
             }
         }
     }
     if ($error == true) {
         $messageStack->add('login', OSCOM::getDef('module_content_login_text_login_error'));
     }
     ob_start();
     include 'includes/modules/content/' . $this->group . '/templates/login_form.php';
     $template = ob_get_clean();
     $oscTemplate->addContent($template, $this->group);
 }
Esempio n. 2
0
}
if ($error == true) {
    OSCOM::redirect('password_forgotten.php');
}
if (isset($_GET['action']) && $_GET['action'] == 'process' && isset($_POST['formid']) && $_POST['formid'] == $_SESSION['sessiontoken']) {
    $password_new = HTML::sanitize($_POST['password']);
    $password_confirmation = HTML::sanitize($_POST['confirmation']);
    if (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
        $error = true;
        $messageStack->add('password_reset', OSCOM::getDef('entry_password_new_error', ['min_length' => ENTRY_PASSWORD_MIN_LENGTH]));
    } elseif ($password_new != $password_confirmation) {
        $error = true;
        $messageStack->add('password_reset', OSCOM::getDef('entry_password_new_error_not_matching'));
    }
    if ($error == false) {
        $OSCOM_Db->save('customers', ['customers_password' => Hash::encrypt($password_new)], ['customers_id' => $Qcheck->valueInt('customers_id')]);
        $OSCOM_Db->save('customers_info', ['customers_info_date_account_last_modified' => 'now()', 'password_reset_key' => 'null', 'password_reset_date' => 'null'], ['customers_info_id' => $Qcheck->valueInt('customers_id')]);
        $messageStack->add_session('login', OSCOM::getDef('success_password_reset'), 'success');
        OSCOM::redirect('login.php');
    }
}
$breadcrumb->add(OSCOM::getDef('navbar_title_1'), OSCOM::link('login.php'));
$breadcrumb->add(OSCOM::getDef('navbar_title_2'));
require $oscTemplate->getFile('template_top.php');
?>

<div class="page-header">
  <h1><?php 
echo OSCOM::getDef('heading_title');
?>
</h1>
Esempio n. 3
0
$OSCOM_Db->save('configuration', ['configuration_value' => $_POST['CFG_STORE_NAME']], ['configuration_key' => 'STORE_NAME']);
$OSCOM_Db->save('configuration', ['configuration_value' => $_POST['CFG_STORE_OWNER_NAME']], ['configuration_key' => 'STORE_OWNER']);
$OSCOM_Db->save('configuration', ['configuration_value' => $_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']], ['configuration_key' => 'STORE_OWNER_EMAIL_ADDRESS']);
if (!empty($_POST['CFG_STORE_OWNER_NAME']) && !empty($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS'])) {
    $OSCOM_Db->save('configuration', ['configuration_value' => '"' . trim($_POST['CFG_STORE_OWNER_NAME']) . '" <' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '>'], ['configuration_key' => 'EMAIL_FROM']);
} else {
    $OSCOM_Db->save('configuration', ['configuration_value' => $_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']], ['configuration_key' => 'EMAIL_FROM']);
}
if (!empty($_POST['CFG_ADMINISTRATOR_USERNAME'])) {
    $Qcheck = $OSCOM_Db->prepare('select user_name from :table_administrators where user_name = :user_name');
    $Qcheck->bindValue(':user_name', $_POST['CFG_ADMINISTRATOR_USERNAME']);
    $Qcheck->execute();
    if ($Qcheck->fetch() !== false) {
        $OSCOM_Db->save('administrators', ['user_password' => Hash::encrypt(trim($_POST['CFG_ADMINISTRATOR_PASSWORD']))], ['user_name' => $_POST['CFG_ADMINISTRATOR_USERNAME']]);
    } else {
        $OSCOM_Db->save('administrators', ['user_name' => $_POST['CFG_ADMINISTRATOR_USERNAME'], 'user_password' => Hash::encrypt(trim($_POST['CFG_ADMINISTRATOR_PASSWORD']))]);
    }
}
if (FileSystem::isWritable(OSCOM::BASE_DIR . 'Work')) {
    if (!is_dir(Cache::getPath())) {
        mkdir(Cache::getPath(), 0777);
    }
    if (!is_dir(OSCOM::BASE_DIR . 'Work/Session')) {
        mkdir(OSCOM::BASE_DIR . 'Work/Session', 0777);
    }
}
foreach (glob(Cache::getPath() . '*.cache') as $c) {
    unlink($c);
}
$dir_fs_document_root = $_POST['DIR_FS_DOCUMENT_ROOT'];
if (substr($dir_fs_document_root, -1) != '\\' && substr($dir_fs_document_root, -1) != '/') {
Esempio n. 4
0
    $password_new = HTML::sanitize($_POST['password_new']);
    $password_confirmation = HTML::sanitize($_POST['password_confirmation']);
    $error = false;
    if (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
        $error = true;
        $messageStack->add('account_password', OSCOM::getDef('entry_password_new_error', ['min_length' => ENTRY_PASSWORD_MIN_LENGTH]));
    } elseif ($password_new != $password_confirmation) {
        $error = true;
        $messageStack->add('account_password', OSCOM::getDef('entry_password_new_error_not_matching'));
    }
    if ($error == false) {
        $Qcheck = $OSCOM_Db->prepare('select customers_password from :table_customers where customers_id = :customers_id');
        $Qcheck->bindInt(':customers_id', $_SESSION['customer_id']);
        $Qcheck->execute();
        if (Hash::verify($password_current, $Qcheck->value('customers_password'))) {
            $OSCOM_Db->save('customers', ['customers_password' => Hash::encrypt($password_new)], ['customers_id' => (int) $_SESSION['customer_id']]);
            $OSCOM_Db->save('customers_info', ['customers_info_date_account_last_modified' => 'now()'], ['customers_info_id' => (int) $_SESSION['customer_id']]);
            $messageStack->add_session('account', OSCOM::getDef('success_password_updated'), 'success');
            OSCOM::redirect('account.php');
        } else {
            $error = true;
            $messageStack->add('account_password', OSCOM::getDef('error_current_password_not_matching'));
        }
    }
}
$breadcrumb->add(OSCOM::getDef('navbar_title_1'), OSCOM::link('account.php'));
$breadcrumb->add(OSCOM::getDef('navbar_title_2'), OSCOM::link('account_password.php'));
require $oscTemplate->getFile('template_top.php');
?>

<div class="page-header">
Esempio n. 5
0
            } else {
                $OSCOM_MessageStack->add(OSCOM::getDef('error_administrator_exists'), 'error');
            }
            OSCOM::redirect(FILENAME_ADMINISTRATORS);
            break;
        case 'save':
            $username = HTML::sanitize($_POST['username']);
            $password = HTML::sanitize($_POST['password']);
            $Qcheck = $OSCOM_Db->get('administrators', ['id', 'user_name'], ['id' => (int) $_GET['aID']]);
            // update username in current session if changed
            if ($Qcheck->valueInt('id') === $_SESSION['admin']['id'] && $username !== $_SESSION['admin']['username']) {
                $_SESSION['admin']['username'] = $username;
            }
            $OSCOM_Db->save('administrators', ['user_name' => $username], ['id' => (int) $_GET['aID']]);
            if (tep_not_null($password)) {
                $OSCOM_Db->save('administrators', ['user_password' => Hash::encrypt($password)], ['id' => (int) $_GET['aID']]);
            }
            OSCOM::redirect(FILENAME_ADMINISTRATORS, 'aID=' . (int) $_GET['aID']);
            break;
        case 'deleteconfirm':
            $id = (int) $_GET['aID'];
            $Qcheck = $OSCOM_Db->get('administrators', ['id', 'user_name'], ['id' => $id]);
            if ($_SESSION['admin']['id'] === $Qcheck->valueInt('id')) {
                unset($_SESSION['admin']);
            }
            $OSCOM_Db->delete('administrators', ['id' => $id]);
            OSCOM::redirect(FILENAME_ADMINISTRATORS);
            break;
    }
}
$show_listing = true;
Esempio n. 6
0
        case 'logoff':
            $OSCOM_Hooks->call('Account', 'LogoutBefore');
            unset($_SESSION['admin']);
            if (isset($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && !empty($_SERVER['PHP_AUTH_PW'])) {
                $_SESSION['auth_ignore'] = true;
            }
            $OSCOM_Hooks->call('Account', 'LogoutAfter');
            OSCOM::redirect(FILENAME_DEFAULT);
            break;
        case 'create':
            $Qcheck = $OSCOM_Db->get('administrators', 'id', null, null, 1);
            if (!$Qcheck->check()) {
                $username = HTML::sanitize($_POST['username']);
                $password = HTML::sanitize($_POST['password']);
                if (!empty($username)) {
                    $OSCOM_Db->save('administrators', ['user_name' => $username, 'user_password' => Hash::encrypt($password)]);
                }
            }
            OSCOM::redirect(FILENAME_LOGIN);
            break;
    }
}
$Qcheck = $OSCOM_Db->get('administrators', 'id', null, null, 1);
if (!$Qcheck->check()) {
    $OSCOM_MessageStack->add(OSCOM::getDef('text_create_first_administrator'), 'warning');
}
require $oscTemplate->getFile('template_top.php');
?>

<h2><i class="fa fa-home"></i> <a href="<?php 
echo OSCOM::link('login.php');
Esempio n. 7
0
         }
     }
 }
 if (strlen($telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
     $error = true;
     $messageStack->add('create_account', OSCOM::getDef('entry_telephone_number_error', ['min_length' => ENTRY_TELEPHONE_MIN_LENGTH]));
 }
 if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
     $error = true;
     $messageStack->add('create_account', OSCOM::getDef('entry_password_error', ['min_length' => ENTRY_PASSWORD_MIN_LENGTH]));
 } elseif ($password != $confirmation) {
     $error = true;
     $messageStack->add('create_account', OSCOM::getDef('entry_password_error_not_matching'));
 }
 if ($error == false) {
     $sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => $newsletter, 'customers_password' => Hash::encrypt($password));
     if (ACCOUNT_GENDER == 'true') {
         $sql_data_array['customers_gender'] = $gender;
     }
     if (ACCOUNT_DOB == 'true') {
         $sql_data_array['customers_dob'] = $dobDateTime->getRaw(false);
     }
     $OSCOM_Db->save('customers', $sql_data_array);
     $_SESSION['customer_id'] = $OSCOM_Db->lastInsertId();
     $sql_data_array = array('customers_id' => $_SESSION['customer_id'], 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country);
     if (ACCOUNT_GENDER == 'true') {
         $sql_data_array['entry_gender'] = $gender;
     }
     if (ACCOUNT_COMPANY == 'true') {
         $sql_data_array['entry_company'] = $company;
     }