// verify the post request
        if (!empty($_POST['password']) && !empty($_POST['repeat_password']) && \SecureFuncs\SecureFuncs::getFormToken('forgot_password', $_POST['form_token']) !== false) {
            // verify the password update request
            if ($login->changeForgotPassword($_POST['password'], $_POST['repeat_password'], $show_password_form['forgotpassword_code'])) {
                //success, return to index
                header('Location: index.php');
            }
        }
    }
}
if (!empty($_POST['email'])) {
    if (\SecureFuncs\SecureFuncs::getFormToken('forgot_password', $_POST['form_token'])) {
        $login->sendForgotPasswordCode($_POST['email']);
    }
}
$formToken = \SecureFuncs\SecureFuncs::setFormtoken('forgot_password');
?>
<!DOCTYPE html>
<html>
<head>
    <title>LoginScript - Forgot password</title>
</head>
<body>
<div class="header">
    <pre>
<?php 
print_r($_SESSION[ADVANCEDLOGINSCRIPT_MESSAGE_KEY]);
unset($_SESSION[ADVANCEDLOGINSCRIPT_MESSAGE_KEY]);
?>
    </pre>
</div>
Esempio n. 2
0
 public function testCompareStrings()
 {
     $random_string = \SecureFuncs\SecureFuncs::randomString(12);
     $this->assertTrue(\SecureFuncs\SecureFuncs::compareStrings($random_string, $random_string));
 }
Esempio n. 3
0
    // use a template engine or do some action to generate the template (twig for example)
    $template = file_get_contents(__DIR__ . '/email_templates/activation.html');
    return str_replace("{url}", $url, $template);
};
// test your function like this: first parameter will be the activation url
//echo call_user_func($login->ActivationFunc, 'http://some_url');exit;
if (Crecket\AdvancedLogin\Core::$loggedIn !== false) {
    // check if use is logged in
    header('Location: index.php');
}
if (!empty($_POST['username']) && \SecureFuncs\SecureFuncs::getFormToken('register', $_POST['form_token']) !== false) {
    if ($login->register($_POST['username'], $_POST['email'], $_POST['password'], $_POST['repeat_password'])) {
        header('Location: index.php');
    }
}
$formToken = \SecureFuncs\SecureFuncs::setFormtoken('register');
?>
<!DOCTYPE html>
<html>
<head>
    <title>LoginScript - Register</title>
</head>
<body>
<div class="header">
    <pre>
<?php 
print_r($_SESSION[ADVANCEDLOGINSCRIPT_MESSAGE_KEY]);
unset($_SESSION[ADVANCEDLOGINSCRIPT_MESSAGE_KEY]);
?>
    </pre>
</div>
Esempio n. 4
0
 /**
  * Leave param2 empty if you want to generate the qrcode yourself using the returned data
  * @param bool $returnimage
  * @return array
  * @throws \Endroid\QrCode\Exceptions\ImageFunctionUnknownException
  */
 public function createQrCode($returnimage = false)
 {
     // delete old qr codes
     $this->newBuilder()->delete('qr_activation')->where('ip = :ip')->setParameter('ip', filter_input(INPUT_SERVER, 'REMOTE_ADDR'))->execute();
     // Random code
     $new_code = \SecureFuncs\SecureFuncs::randomString(64);
     // insert qr code into the database
     $this->newBuilder()->insert('qr_activation')->values(array('ip' => ':ip', 'qr_code' => ':qr', 'expires' => ':expires'))->setParameter(':qr', $new_code)->setParameter(':ip', filter_input(INPUT_SERVER, 'REMOTE_ADDR'))->setParameter(':expires', date('Y-m-d H:i:s', strtotime('+30seconds')))->execute();
     if ($returnimage === true && !headers_sent()) {
         header('Content-type: image/png');
         $link = ADVANCEDLOGINSCRIPT_QR_PAGE;
         $link = str_replace('{code}', $new_code, $link);
         $qr_image = new \Endroid\QrCode\QrCode();
         $qr_image->setText($link)->setSize(300)->setPadding(20)->setErrorCorrection('high')->setForegroundColor(array('r' => 0, 'g' => 0, 'b' => 0, 'a' => 0))->setBackgroundColor(array('r' => 255, 'g' => 255, 'b' => 255, 'a' => 0))->setLabel('Valid for 30 seconds')->setLabelFontSize(16)->render();
     } else {
         $qr_image = false;
     }
     $_SESSION[ADVANCEDLOGINSCRIPT_QR_COOKIEKEY]['qr'] = $new_code;
     $this->destroyOldQrCodes();
     return array('qr' => $new_code, 'qr_image' => $qr_image);
 }
Esempio n. 5
0
require_once $_SERVER['DOCUMENT_ROOT'] . '/vendor/autoload.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/src/configfiles/config.php';
use Crecket\AdvancedLogin\Login;
use Crecket\AdvancedLogin\Core;
use SecureFuncs\SecureFuncs;
$login = new Login();
if (Core::$loggedIn !== false) {
    header('Location: index.php');
}
if (!empty($_POST['username']) && SecureFuncs::getFormToken('login', $_POST['form_token']) !== false) {
    if ($login->login($_POST['username'], $_POST['password'], @$_POST['rememberme']) === true) {
        header('Location: index.php');
    }
}
$loginAttempts = $login->checkFailedLogins();
$formToken = SecureFuncs::setFormtoken('login');
?>
<!DOCTYPE html>
<html>
<head>
    <title>LoginScript - Login</title>
</head>
<body>
<div class="header">
    <pre>
<?php 
print_r($_SESSION[ADVANCEDLOGINSCRIPT_MESSAGE_KEY]);
unset($_SESSION[ADVANCEDLOGINSCRIPT_MESSAGE_KEY]);
?>
    </pre>
</div>