PHP checkCredentialsの例

コード例 #1

ファイル: login.php プロジェクト: jmprathab/Know-Well-Server-Scripts

function normalLogin($connect, $email, $password)
{
    $id = checkCredentials($connect, $email, $password);
    if ($id > 0) {
        updateLastLogin($connect, $id);
        $response = array();
        $response['status'] = 1;
        $response['message'] = "Successfully logged in";
        $response['user_id'] = $id;
        echo json_encode($response);
    } else {
        showJson(2, "Cannot login\nCheck your Credentials");
    }
}

コード例 #2

ファイル: app_dev.php プロジェクト: xavier-dubreuil/LightCMS

// This check prevents access to debug front controllers that are deployed by accident to production servers.
// Feel free to remove this, extend it, or make something more sophisticated.
// Add Credentials to access to development part
function checkCredentials()
{
    $users = array('development' => 'd72749aa617e56fe4dae35f083852653');
    if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
        return false;
    }
    foreach ($users as $user => $password) {
        if ($user == $_SERVER['PHP_AUTH_USER'] && $password == md5($_SERVER['PHP_AUTH_PW'])) {
            return true;
        }
    }
    return false;
}
if (isset($_SERVER['HTTP_CLIENT_IP']) || isset($_SERVER['HTTP_X_FORWARDED_FOR']) || !(preg_match('/^(192\\.168\\..*|127\\.0\\.0\\.1|fe80::1|::1)/i', @$_SERVER['REMOTE_ADDR']) || php_sapi_name() === 'cli-server')) {
    if (!checkCredentials()) {
        header('WWW-Authenticate: Basic realm="Secured Area"');
        exit;
    }
}
$loader = (require_once __DIR__ . '/../app/bootstrap.php.cache');
Debug::enable();
require_once __DIR__ . '/../app/AppKernel.php';
$kernel = new AppKernel('dev', true);
$kernel->loadClassCache();
$request = Request::createFromGlobals();
$response = $kernel->handle($request);
$response->send();
$kernel->terminate($request, $response);

コード例 #3

ファイル: natas18_test.php プロジェクト: haykuro/overthewire

    $res = mysql_query($query, $link);
    if(mysql_affected_rows() > 0){
        return True;
    }
    return False;
}


if(array_key_exists("username", $_REQUEST) and array_key_exists("password", $_REQUEST)) {
    $link = mysql_connect('localhost', 'natas27', '<censored>');
    mysql_select_db('natas27', $link);


    if(validUser($link,$_REQUEST["username"])) {
        //user exists, check creds
        if(checkCredentials($link,$_REQUEST["username"],$_REQUEST["password"])){
            echo "Welcome " . htmlentities($_REQUEST["username"]) . "!<br>";
            echo "Here is your data:<br>";
            $data=dumpData($link,$_REQUEST["username"]);
            print htmlentities($data);
        }
        else{
            echo "Wrong password for user: "******"username"]) . "<br>";
        }
    }
    else {
        //user doesn't exist
        if(createUser($link,$_REQUEST["username"],$_REQUEST["password"])){
            echo "User " . htmlentities($_REQUEST["username"]) . " was created!";
        }
    }

コード例 #4

ファイル: login.php プロジェクト: HomerGaidarski/Gunter-Hans-Transaction-Reports

</head>
<body>	
    <h1 class="text-centered">Please Login...</h1>
	<div class="container">
		<form class="form-signin" action="login.php" method="post">
			<label for="inputUser" class="sr-only">Username</label>
			<input type="text" name="username" id="inputUser" class="form-control" size="10" placeholder="Username" required autofocus>
			<label for="inputPassword" class="sr-only">Password</label>
			<input type="password" name="password" id="inputPassword" class="form-control" size="10" placeholder="Password" required>
			<button class="btn btn-lg btn-primary btn-clock" type="submit">Login</button>
		</form>
<?php 
//If the user tried to login....
if (isset($_POST['username']) && isset($_POST['password'])) {
    $username = htmlspecialchars($_POST['username']);
    $password = htmlspecialchars($_POST['password']);
    if (checkCredentials($username, $password)) {
        $_SESSION['loggedin'] = $username;
        if (isset($_SESSION['monthlyReportURL'])) {
            redirect(basename($_SESSION['monthlyReportURL']));
        } else {
            redirect("index.php");
        }
    } else {
        echo '<p>Username or password is invalid.</p>';
    }
}
?>
	</div>
</body>
</html>

コード例 #5

ファイル: SOAP.php プロジェクト: hugcoday/wiki

function linkSearch($linktype, $search, $pages = "*", $relation = "*", $credentials = false)
{
    global $server;
    checkCredentials($server, $credentials, 'view', _("HomePage"));
    $dbi = WikiDB::open($GLOBALS['DBParams']);
    require_once "lib/TextSearchQuery.php";
    $pagequery = new TextSearchQuery($pages);
    $linkquery = new TextSearchQuery($search);
    if ($linktype == 'relation') {
        $relquery = new TextSearchQuery($relation);
        $links = $dbi->_backend->link_search($pagequery, $linkquery, $linktype, $relquery);
    } elseif ($linktype == 'attribute') {
        // only numeric search withh attributes!
        $relquery = new TextSearchQuery($relation);
        require_once "lib/SemanticWeb.php";
        // search: "population > 1 million and area < 200 km^2" relation="*" pages="*"
        $linkquery = new SemanticAttributeSearchQuery($search, $relation);
        $links = $dbi->_backend->link_search($pagequery, $linkquery, $linktype, $relquery);
    } else {
        // we already do have forward and backlinks as SOAP
        $links = $dbi->_backend->link_search($pagequery, $linkquery, $linktype);
    }
    return $links->asArray();
}

コード例 #6

ファイル: verify.php プロジェクト: HomerGaidarski/Gunter-Hans-Transaction-Reports

        return false;
    } else {
        return true;
    }
}
if (myIsset($_POST['newPass']) && myIsset($_POST['verifyPass']) && $_POST['changePassSubmit'] != 'true') {
    if ($_POST['newPass'] == $_POST['verifyPass']) {
        echo '';
    } else {
        echo "Passwords don't match.";
    }
} else {
    if (myIsset($_POST['currentPass']) && myIsset($_POST['newPass']) && $_POST['changePassSubmit'] == 'true') {
        $pass = htmlspecialchars($_POST['currentPass']);
        $user = $_SESSION['loggedin'];
        if (checkCredentials($user, $pass)) {
            $newPass = htmlspecialchars($_POST['newPass']);
            if ($newPass == $pass) {
                echo 'Your new password must be different from your current password.';
                exit;
            }
            $link = retrieve_mysqli();
            $queryString = 'UPDATE user SET salt = ?, hashed_password = ? WHERE username = ?';
            // get salt and hash password
            mt_srand();
            $salt = mt_rand();
            $hashPass = generateHash($salt . $newPass);
            // query the database
            if ($stmt = mysqli_prepare($link, $queryString)) {
                //Get the stored salt and hash as $dbSalt and $dbHash
                mysqli_stmt_bind_param($stmt, "sss", $salt, $hashPass, $user);

コード例 #7

ファイル: index.php プロジェクト: jemaf/RESTAuthenticationExample

<?php

require 'Authorization.php';
require 'Slim/Slim.php';
\Slim\Slim::registerAutoloader();
$app = new \Slim\Slim();
/*
 * Rota para tratar requisições de login
 */
$app->post('/login', function () {
    // recupera o body com os dados do login
    $user = json_decode(\Slim\Slim::getInstance()->request->getBody());
    // verifica se usuário existe no banco de dados
    if (checkCredentials($user)) {
        //cria e define a chave de autorização se existir
        $authorizationKey = generateAuthorizationKey($user->login, $user->password);
        \Slim\Slim::getInstance()->response->headers->set('Authorization', $authorizationKey);
        echo '{ "message": "success" }';
    } else {
        // retorna mensagem de erro caso usuário não exista
        \Slim\Slim::getInstance()->response->setStatus(401);
        echo '{ "message": "invalid credentials", "login": "******", "password": "******" }';
    }
});
/*
 * Rota que exige autenticação do usuário para acessar
 */
$app->post('/main', function () {
    // recupera a chave de autorização
    $authorization = \Slim\Slim::getInstance()->request->headers->get("Authorization");
    // verifica se a chave é valida

コード例 #8

ファイル: login.php プロジェクト: gertiksxx/PalMA

if (isset($_REQUEST['pin'])) {
    $posted_pin = $_REQUEST['pin'];
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    session_start();
    $username = escapeshellcmd($_POST['username']);
    $password = '';
    if (CONFIG_PASSWORD) {
        // The password must not be escaped.
        $password = $_POST['userpassword'];
    }
    if (CONFIG_PIN) {
        $posted_pin = escapeshellcmd($_POST['pin']);
        $pin = $dbcon->querySingle("SELECT value FROM setting WHERE key = 'pin'");
    }
    if (CONFIG_PASSWORD && !checkCredentials($username, $password)) {
        // Invalid username or password.
    } else {
        if (CONFIG_PIN && $pin != $posted_pin) {
            trace("access denied for user '{$username}', wrong pin {$posted_pin}");
            $errtext = _('Invalid PIN.');
        } else {
            // Successfully checked username, password and PIN.
            trace("access granted for user '{$username}'");
            $_SESSION['username'] = $username;
            $_SESSION['address'] = $dbcon->ipAddress();
            $_SESSION['pin'] = $pin;
            $_SESSION['starturl'] = CONFIG_START_URL;
            $_SESSION['monitor'] = CONFIG_STATIONNAME;
            $dbcon->addUser($username, $dbcon->ipAddress(), getDevice());
            // Weiterleitung zur geschützten Startseite

コード例 #9

ファイル: login.php プロジェクト: Alvarts/ssp

<?php

$view = new stdClass();
$view->pageTitle = 'Login';
require_once 'Views/login.phtml';
if (isset($_POST['submit'])) {
    $login = new Login();
    $validator = $login > checkCredentials($_POST);
    if ($validator !== true) {
        $view->error = $validator;
    }
}
require_once 'Views/login.phtml';

コード例 #10

ファイル: SOAP.php プロジェクト: pombredanne/tuleap

function doFullTextSearch($s, $credentials = false)
{
    global $server;
    checkCredentials($server, $credentials, 'view', _("FullTextSearch"));
    $dbi = WikiDB::open($GLOBALS['DBParams']);
    $query = new TextSearchQuery($s);
    $page_iter = $dbi->fullSearch($query);
    $pages = array();
    while ($page = $page_iter->next()) {
        $pages[] = array('pagename' => $page->getName());
    }
    return $pages;
}

コード例 #11

ファイル: admin.php プロジェクト: HiTechRabbit/personnal_website

<?php

/**
 * login.php
 * @author HiTechRabbit <*****@*****.**>
 * @date 15.02.2016
 */
require_once 'inc/utils.php';
$errors = [];
if (isset($_POST['login']) && isset($_POST['password'])) {
    $login = trim(strip_tags($_POST['login']));
    $password = trim(strip_tags($_POST['password']));
    if (strlen($login) < 5 || strlen($password) < 5) {
        $errors[] = "Username and password should be at least 5 characters long";
    } else {
        $id = checkCredentials($login, $password);
        if ($id) {
            //Stocke le login dans la session
            $_SESSION['id_user'] = $id;
            header('Location: index.php');
            exit;
        } else {
            $errors[] = 'Invalid username or password';
        }
    }
}
// Si déjà connecté, déconnecte et redirige vers la page d'accueil
if (isset($_SESSION['id_user'])) {
    //On supprime les variables de session en vidant la superglobale $_SESSION
    $_SESSION = array();
    session_destroy();

コード例 #12

ファイル: action_login.php プロジェクト: quartz55/LTW_classes

<?php

include_once 'database/users.php';
session_start();
$referer;
if (isset($_COOKIE['redirect'])) {
    $referer = $_COOKIE['redirect'];
} else {
    $referer = './index.php';
}
if (isset($_POST['login_btn'])) {
    if (checkCredentials($_POST['username'], $_POST['password'])) {
        $_SESSION['username'] = $_POST['username'];
        echo "<script>alert('Login successful')</script>";
    } else {
        if (isRegistered($_POST['username'])) {
            echo "<script>alert('Wrong password!')</script>";
        } else {
            echo "<script>alert('User is not registered!')</script>";
        }
    }
    header('Location: ' . $referer);
} else {
    if (isset($_POST['cancel_btn'])) {
        header('Location: ' . $referer);
    } else {
        echo "<h1>You shouldn't be here</h1>";
    }
}