public function LoginParticulier()
{
$this->mLayout = "empty";
$this->mTheme = 'login-page';
$this->mViewFile = 'loginparticulier';
if (validate_form()) {
$username = $this->input->post('username');
$password = $this->input->post('password');
$this->load->model('User_model', 'user_model');
$user = $this->user_model->get_by('email', $username);
// only admin and staff can login
/*if ( verify_role(['admin', 'staff'], $user) )
{*/
// password correct
if (verify_pw($password, $user['password'])) {
// limited fields to store in session
$fields = array('id', 'role', 'email', 'first_name', 'last_name', 'created_at');
$user_data = elements($fields, $user);
login_user($user);
// success
set_alert('success', 'Connexion réussie');
redirect('home');
exit;
}
//}
// failed
set_alert('danger', 'Nom d\'utilisateur ou Mot de passe incorrect');
redirect('/login/Loginparticulier');
}
}
/**
* Permet de connecter un utilisateur
* @global type $tpl
* @global type $pdo
*/
function index_login()
{
global $tpl;
$tpl->assign('msg', false);
//Tentative de connexion
if (isset($_POST['login'])) {
if (isset($_POST['otp_code'])) {
$result = login_user($_POST['login'], $_POST['password'], $_POST['otp_code']);
} else {
$result = login_user($_POST['login'], $_POST['password']);
}
if ($result === true) {
$url = explode('/', $_REQUEST['redirect'], 3);
$opt = array();
if (isset($url[2])) {
parse_str($url[2], $opt);
}
redirect($url[0], $url[1], $opt);
}
if ($result === -1) {
//Erreur µ-1 = OTP requis
if (isset($_POST['otp_code'])) {
$tpl->assign('msg', 'Code erroné.');
}
$tpl->display('index_login_otp.tpl');
quit();
}
// Et oui, pas de redirection = erreur de login ...
$tpl->assign('msg', 'Utilisateur ou mot de passe erroné.');
}
$_SESSION['random'] = md5(uniqid());
$tpl->assign('random', $_SESSION['random']);
$tpl->display('index_login.tpl');
quit();
}
public function login()
{
$this->mTitle = "Login";
$this->mViewFile = 'account/login';
if (validate_form()) {
$email = $this->input->post('email');
$password = $this->input->post('password');
$user = $this->users->get_by(['email' => $email, 'active' => 1]);
if (!empty($user)) {
// "remember me"
if ($this->input->post('remember')) {
$this->session->sess_expire_on_close = FALSE;
$this->session->sess_update();
}
// check password
if (verify_pw($password, $user['password'])) {
// limited fields to store in session
$fields = array('id', 'role', 'first_name', 'last_name', 'email', 'created_at');
$user_data = elements($fields, $user);
login_user($user_data);
// success
set_alert('success', 'Login success.');
redirect('home');
exit;
}
}
// failed
$this->session->set_flashdata('form_fields', ['email' => $email]);
set_alert('danger', 'Invalid Login.');
redirect('account/login');
}
}
public function index()
{
$this->mLayout = "empty";
$this->mTheme = 'login-page';
$this->mViewFile = 'login';
if (validate_form()) {
$username = $this->input->post('username');
$password = $this->input->post('password');
$this->load->model('Backend_user_model', 'backend_users');
$user = $this->backend_users->get_by('username', $username);
// only admin and staff can login
if (verify_role(['admin', 'staff-1', 'staff-2', 'staff-3'], $user)) {
// password correct
if (verify_pw($password, $user['password'])) {
// limited fields to store in session
$fields = array('id', 'role', 'username', 'full_name', 'created_at');
$user_data = elements($fields, $user);
login_user($user);
// success
set_alert('success', 'Login success');
redirect('home');
exit;
}
}
// failed
set_alert('danger', 'Invalid Login');
redirect('login');
}
}
function main()
{
// создаем сессию
session_start();
if (is_current_user()) {
// если пользователь уже залогинен, то отправляем его на глапную
redirect('./');
}
if (is_postback()) {
// обрабатываем отправленную форму
$dbh = db_connect();
$post_result = login_user($dbh, $user, $errors);
db_close($dbh);
if ($post_result) {
// перенаправляем на главную
redirect('./');
} else {
// информация о пользователе заполнена неправильно, выведем страницу с ошибками
render('login_form', array('form' => $_POST, 'errors' => $errors));
}
} else {
// отправляем пользователю чистую форму для входа
render('login_form', array('form' => array(), 'errors' => array()));
}
}
function login()
{
global $vars, $day, $month, $year, $phpc_script;
$html = tag('div');
//Check password and username
if (isset($vars['username'])) {
$user = $vars['username'];
$password = $vars['password'];
if (login_user($user, $password)) {
$string = "{$phpc_script}?";
$arguments = array();
if (!empty($vars['lastaction'])) {
$arguments[] = "action={$vars['lastaction']}";
}
if (!empty($vars['year'])) {
$arguments[] = "year={$year}";
}
if (!empty($vars['month'])) {
$arguments[] = "month={$month}";
}
if (!empty($vars['day'])) {
$arguments[] = "day={$day}";
}
redirect($string . implode('&', $arguments));
return tag('h2', _('Logged in.'));
}
$html->add(tag('h2', _('Sorry, Invalid Login')));
}
$html->add(login_form());
return $html;
}
function validate_user_login()
{
$errors = [];
$min = 3;
$max = 20;
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['email']) && isset($_POST['password'])) {
$email = clean($_POST['email']);
$password = clean($_POST['password']);
if (empty($email)) {
$errors[] = "Email field cannot be empty";
}
if (empty($password)) {
$errors[] = "Password cannot be empty";
}
}
if (!empty($errors)) {
foreach ($errors as $error) {
echo validation_errors($error);
}
} else {
if (login_user($email, $password)) {
redirect("admin.php");
} else {
echo validation_errors("Your credentials are not correct");
}
}
}
}
function login()
{
global $vars, $phpc_script;
$html = tag('div');
//Check password and username
if (isset($vars['username'])) {
$user = $vars['username'];
if (!isset($vars['password'])) {
message(__("No password specified."));
} else {
$password = $vars['password'];
if (login_user($user, $password)) {
$url = $phpc_script;
if (!empty($vars['lasturl'])) {
$url .= '?' . urldecode($vars['lasturl']);
}
redirect($url);
return tag('h2', __('Logged in.'));
}
$html->add(tag('h2', __('Sorry, Invalid Login')));
}
}
$html->add(login_form());
return $html;
}
public function edit_avatar()
{
$this->theme->setBreadcrumb("切换头像");
$this->theme->setTitle("切换头像");
$this->__view("User/header.php");
$user = login_user();
$this->__view("User/edit_avatar.php", ['type' => $user->getAvatarSql(), 'avatar' => $user->getAvatar()]);
$this->__view("User/footer.php");
}
function do_login()
{
$status = "";
if (!empty($_POST['openid_identifier'])) {
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false, 'fullname' => false), null, 1.1);
$consumer = new Zend_OpenId_Consumer();
if (!$consumer->login($_POST['openid_identifier'], '', null, $sreg)) {
$status = "FAILED";
}
} else {
if (isset($_GET['openid_mode'])) {
if ($_GET['openid_mode'] == "id_res") {
$consumer = new Zend_OpenId_Consumer();
$sreg = new Zend_OpenId_Extension_Sreg(array('nickname' => false, 'email' => false, 'fullname' => false), null, 1.1);
if ($consumer->verify($_GET, $id, $sreg)) {
$_SESSION['logged_in_user'] = true;
$status = true;
$open_id_addr = $_GET['openid_identity'];
if (strpos($open_id_addr, 'https') === 1) {
$open_id_addr = str_replace('https', 'http', $open_id_addr);
}
//$_SESSION['user_info'] = array();
//$_SESSION['user_info']['open_id'] = $_GET['openid_identity'];
/*
$data = $sreg->getProperties();
if (isset($data['nickname'])) {
$status .= "<br>nickname: " . htmlspecialchars($data['nickname']) . "<br>\n";
$_SESSION['user_info']['nickname'] = htmlspecialchars($data['nickname']);
}
if (isset($data['email'])) {
$status .= "email: " . htmlspecialchars($data['email']) . "<br>\n";
$_SESSION['user_info']['email'] = htmlspecialchars($data['email']);
}
if (isset($data['fullname'])) {
$status .= "fullname: " . htmlspecialchars($data['fullname']) . "<br>\n";
$_SESSION['user_info']['fullname'] = htmlspecialchars($data['fullname']);
}
*/
login_user($open_id_addr);
} else {
$status = "INVALID " . htmlspecialchars($id);
}
} else {
if ($_GET['openid_mode'] == "cancel") {
$status = "CANCELED";
}
}
}
}
return $status;
}
public function __construct()
{
parent::__construct();
if (!is_login()) {
redirect(array("Home", "login"));
} else {
if (!login_user()->Permission("Control")) {
redirect(array('Home', 'permission'));
}
}
header("Content-Type: text/html; charset: utf-8");
}
public static function handleLogin()
{
//login user or display loginForm with errors
$username = $_POST["username"];
$password = $_POST["password"];
if (!login_user($username, $password)) {
self::displayLoginForm(array("error" => "Wrong username/password combination please try again!"));
} else {
//redirect to homepage on success
header("Location: /");
}
}
public function doAdminLoginAction()
{
$username = $this->request->getParam("username");
$pwd = $this->request->getParam("password");
$login_result = login_user($username, $pwd);
if (!$login_result["ok"]) {
$this->flash->setError("Invalid username/password");
$this->render(null, "admin_login");
} else {
$this->redirect_to(admin_index_path());
}
}
function portal_login($portal_auth, $user_name, $application_name)
{
$error = new SoapError();
$contact = new Contact();
$result = login_user($portal_auth);
if ($result == 'fail' || $result == 'sessions_exceeded') {
if ($result == 'sessions_exceeded') {
$error->set_error('sessions_exceeded');
} else {
$error->set_error('no_portal');
}
return array('id' => -1, 'error' => $error->get_soap_array());
}
global $current_user;
if ($user_name == 'lead') {
session_start();
$_SESSION['is_valid_session'] = true;
$_SESSION['ip_address'] = query_client_ip();
$_SESSION['portal_id'] = $current_user->id;
$_SESSION['type'] = 'lead';
login_success();
return array('id' => session_id(), 'error' => $error->get_soap_array());
} else {
if ($user_name == 'portal') {
session_start();
$_SESSION['is_valid_session'] = true;
$_SESSION['ip_address'] = query_client_ip();
$_SESSION['portal_id'] = $current_user->id;
$_SESSION['type'] = 'portal';
$GLOBALS['log']->debug("Saving new session");
login_success();
return array('id' => session_id(), 'error' => $error->get_soap_array());
} else {
$contact = $contact->retrieve_by_string_fields(array('portal_name' => $user_name, 'portal_active' => '1', 'deleted' => 0));
if ($contact != null) {
session_start();
$_SESSION['is_valid_session'] = true;
$_SESSION['ip_address'] = query_client_ip();
$_SESSION['user_id'] = $contact->id;
$_SESSION['portal_id'] = $current_user->id;
$_SESSION['type'] = 'contact';
$_SESSION['assigned_user_id'] = $contact->assigned_user_id;
login_success();
build_relationship_tree($contact);
return array('id' => session_id(), 'error' => $error->get_soap_array());
}
}
}
$error->set_error('invalid_login');
return array('id' => -1, 'error' => $error->get_soap_array());
}
/**
* Before the framework run.
*
* @return void
*/
function hook_bootstrap()
{
global $rublon, $config;
// Create the Rublon object:
require_once './extended/MyRublon.php';
require_once './extended/MyCallback.php';
$rublon = new MyRublon($config['rublon']['systemToken'], $config['rublon']['secretKey']);
if (!empty($_GET['rublon']) and $_GET['rublon'] == 'callback') {
// Rublon Callback URL
try {
$confirmResult = null;
// Create instance of MyCallback which is the extended Rublon2FactorCallback class.
$callback = new MyCallback($rublon);
$callback->call(function ($userId, Rublon2FactorCallback $callback) use(&$confirmResult) {
// <--- needed if this is a transaction confirmation.
login_user($userId);
$confirmResult = $callback->getCredentials()->getConfirmResult();
// Save deviceId for remote logout:
$response = $callback->getCredentials()->getResponse();
// var_dump($response);exit;
if (isset($response['result']['deviceId'])) {
$_SESSION['rublonDeviceId'] = $response['result']['deviceId'];
}
}, function (Rublon2FactorCallback $callback) {
if (!empty($_GET['custom']) and $_GET['custom'] == 'confirm') {
die('canceled');
} else {
redirect('./?rublon=cancel');
}
});
if (!is_null($confirmResult)) {
transaction_confirm_result($confirmResult == RublonAPICredentials::CONFIRM_RESULT_YES, $withRublon = true);
exit;
} else {
redirect($config['websiteUrl'] . '?rublonLogin=success');
}
} catch (Exception $e) {
// Remember to utilize your own error handler.
if (!empty($_GET['error']) and $_GET['error'] == 'timeout') {
die('timeout error');
}
var_dump(get_class($e));
echo $e->getMessage();
var_dump($e->getPrevious());
exit;
}
}
}
/**
* 发送状态头
*/
public function __construct()
{
parent::__construct();
header('Content-type: application/json; Charset=utf-8');
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
if (!is_login()) {
$this->rt_msg['msg'] = '用户未登陆';
exit;
} else {
if (!login_user()->Permission("Control")) {
$this->rt_msg['msg'] = '权限不足';
exit;
}
}
}
/**
* @param $user_id
*/
public function delete($user_id)
{
$user_id = intval($user_id);
if ($user_id < 1) {
if (!login_user()->Permission('Control')) {
$this->throwMsg(-4);
}
}
if (!$this->existsCheck($this->post_id, $user_id)) {
$this->throwMsg(-5);
}
$rt = $this->db->delete("posts", ['id' => $this->post_id]);
if ($rt < 1) {
Log::write(_("delete post error."), Log::SQL);
$this->throwMsg(-6);
}
}
static function authenticate($permission_id, $user_id = NULL, $db = NULL)
{
if ($db === NULL) {
global $_DB;
$db = $_DB;
}
if ($user_id === NULL) {
if (!isset($_SESSION['user_id'])) {
if (!$this . login_user($db)) {
$user_id = 0;
}
}
$user_id = $_SESSION['user_id'];
}
$query = " \n SELECT \n `permissions`.`default_access_granted`,\n FROM `permissions`\n WHERE `permissions`.`permission_id` = '" . $permission_id . "'\n ";
$results = mysqli_query($_DB, $query);
if ($results === false) {
echo "DB Error: " . mysqli_error();
exit;
}
$data = mysqli_fetch_array($results);
if ($data['default_access_granted'] == 1) {
return;
} else {
if ($user_id == 0) {
$this . disallow_access();
}
}
unset($results);
$query = " \n SELECT \n `group_access`.`access_granted`\n FROM `group_access`\n WHERE `group_access`.`permission_id` = '" . $permission_id . "'\n AND `group_access`.`group_id` IN\n (SELECT `group_id`\n FROM `group_user`\n WHERE `user_id` = '" . $user_id . "'\n )\n AND `access_granted` = 1\n ";
$results = mysqli_query($_DB, $query);
if ($results === false) {
echo "DB Error: " . mysqli_error();
exit;
}
$data = mysqli_fetch_array($results);
if (isset($data['access_granted'])) {
return;
} else {
$this . disallow_access();
}
}
public function view()
{
$this->__lib('Message');
$mg = new \ULib\Message();
$req = req()->_plain();
$data = ['content' => '', 'error' => ''];
try {
$data['content'] = $mg->read($req->req('id'), login_user()->getId());
$this->theme->header_add($this->theme->css(get_bootstrap_plugin_url("markdown/markdown.min.css")));
$this->theme->header_add($this->theme->js(['src' => get_bootstrap_plugin_url("markdown/markdown.js")]));
$this->theme->header_add($this->theme->js(['src' => get_style("message_action.js")]));
} catch (\Exception $ex) {
$data['error'] = $ex->getMessage();
}
$this->theme->setBreadcrumb("查看消息");
$this->theme->setTitle("查看消息");
$this->__view("User/header.php");
$this->__view("Message/view.php", $data);
$this->__view("User/footer.php");
}
/**
* Perform all the login functionality for the login page as requested.
*/
public static function perform_login_if_requested($username_requested, $pass)
{
Request::setTrustedProxies(Constants::$trusted_proxies);
$request = Request::createFromGlobals();
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : null;
$login_attempt_info = ['username' => $username_requested, 'user_agent' => $user_agent, 'ip' => $request->getClientIp(), 'successful' => 0, 'additional_info' => $_SERVER];
$logged_in = login_user($username_requested, $pass);
$is_logged_in = $logged_in['success'];
if (!$is_logged_in) {
// Login was attempted, but failed, so display an error.
self::store_auth_attempt($login_attempt_info);
$login_error_message = $logged_in['login_error'];
return $login_error_message;
} else {
// log a successful login attempt
$login_attempt_info['successful'] = 1;
self::store_auth_attempt($login_attempt_info);
return '';
}
}
public function edit()
{
l_h('html_tag.php');
$this->theme->setBreadcrumb("编辑文章");
$this->theme->setTitle("编辑文章");
$id = intval(req()->get('id'));
$this->__lib('Post');
$post = new Post($id);
$info = $post->getInfo(login_user()->getId());
$this->theme->header_add($this->theme->css(get_bootstrap_plugin_url("markdown/markdown.min.css")));
$this->theme->header_add($this->theme->js(['src' => get_bootstrap_plugin_url("markdown/markdown.js")]));
if (!isset($info['post_id']) || $info['post_id'] != $id) {
$this->__view("User/header.php");
$this->__view("Posts/not_found.php");
} else {
$this->__view("User/header.php");
$this->__view("Posts/edit.php", ['info' => $info, 'post' => $post]);
}
$this->__view("User/footer.php");
}
//$adapter = $hybridauth->authenticate( "Xuite" );
// "https://yahoo.com/"))
// return Hybrid_User_Profile object intance
$user_profile = $adapter->getUserProfile($config['providers']['Xuite']);
require_once "../../config.inc.php";
if (isset($user_profile->email) && isset($user_profile->displayName)) {
$mylogin['email'] = $user_profile->email;
$mylogin['type'] = $_REQUEST['provider'];
$mylogin['nick'] = $user_profile->displayName;
} else {
$adapter->logout();
out_err("沒有 email 資訊, 登入失敗");
}
$_SESSION['loggedin'] = 1;
$_SESSION['mylogin'] = $mylogin;
$row = login_user($mylogin);
$_SESSION['uid'] = $row['uid'];
//
//// after login hook
$maps = map_get($row['uid']);
foreach ($maps as $map) {
map_migrate($out_root, $row['uid'], $map['mid']);
}
if (isset($_SESSION['redirto']) && !empty($_SESSION['redirto'])) {
out_ok("redir", $_SESSION['redirto']);
unset($_SESSION['redirto']);
} else {
out_ok("ok", "../../main.php");
}
exit;
function out_err($str = "")
session_start();
// include section
include 'includes/connect.php';
// for database connection
//user details
$fullname = $_POST['first_name'] . ' ' . $_POST['last_name'];
$email = $_POST['email'];
$fbid = $_POST['fbid'];
//Check user id in our database
$result = mysqli_query($conn, "SELECT fbid FROM fbtable WHERE fbid='{$fbid}'");
if (!$result) {
die('Invalid query: ' . mysql_error());
}
$UserCount = mysqli_num_rows($result);
if ($UserCount) {
//User is now connected, log him in
login_user(true, $_POST['first_name'] . ' ' . $_POST['last_name']);
} else {
//User is new, Show connected message and store info in our Database
mysqli_query($conn, "INSERT INTO fbtable (fbid, fullname, email) VALUES ('{$_POST['fbid']}', '{$fullname}','{$email}')");
}
mysqli_close($conn);
function login_user($loggedin, $user_name)
{
/*
function stores some session variables to imitate user login.
We will use these session variables to keep user logged in, until s/he clicks log-out link.
*/
$_SESSION['logged_in'] = $loggedin;
$_SESSION['login_user'] = $user_name;
}
<?php
$titles[] = 'Register';
if ($s['user']) {
add_flash('warning', "You can't create new users during the session");
go_home();
}
if ($p) {
$error_messages = validate('register', $p);
if ($error_messages) {
foreach ($error_messages as $msg) {
add_flash('danger', $msg);
}
} else {
$model['user']['create']($p);
login_user($p['name'], $p['password']);
}
}
include get_tpl('register');
<div class="panel panel-warning">
<div class="panel-heading">
<h3 class="panel-title">修改用户密码</h3>
</div>
<div class="panel-body">
<?php
$user = login_user();
?>
<form id="User_edit_password_form" class="form-horizontal" method="post" action="<?php
echo get_url("UserApi", "edit_password");
?>
">
<div class="form-group">
<label for="inputOldPassword" class="col-sm-2 control-label">原始密码</label>
<div class="col-sm-10">
<input type="password" name="old_password" class="form-control" value="" id="inputOldPassword" placeholder="之前的密码">
</div>
</div>
<div class="form-group">
<label for="inputNewPassword" class="col-sm-2 control-label">新密码</label>
<div class="col-sm-10">
<input type="password" name="new_password" class="form-control" value="" id="inputNewPassword" placeholder="新的密码">
</div>
</div>
<div class="form-group">
<label for="inputNewPasswordConfirm" class="col-sm-2 control-label">确认新密码</label>
<div class="col-sm-10">
<input type="password" name="confirm_password" class="form-control" value="" id="inputNewPasswordConfirm" placeholder="再输入一次新的密码">
$curl = curl_init();
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, 'https://rpxnow.com/api/v2/auth_info');
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $post_data);
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$raw_json = curl_exec($curl);
curl_close($curl);
// parse the json response into an associative array
$auth_info = json_decode($raw_json, true);
// process the auth_info response
if ($auth_info['stat'] == 'ok') {
$profile = $auth_info['profile'];
$identifier = $profile['identifier'];
login_user($identifier);
$_SESSION['logged_in_user'] = true;
$_SESSION['flash_message'] = "You are now logged in. REMEMBER: Click the save icon to save your open panels.";
} else {
//failed
$_SESSION['flash_message'] = "There was an error logging you in.";
}
header("Location: " . $_SESSION['client_url']);
function login_user($openid)
{
require_once '../bin/db/db_functions.php';
$_SESSION['user_openid'] = $openid;
$data = retrieve_user_data($openid);
if ($data != '') {
$data = unserialize($data['state']);
$_SESSION['panels'] = $data['panels'];
/* connect to mysql using mysqli */
//$mysqli = new mysqli($hostname, $db_username, $db_password,$db_name);
//if ($mysqli->connect_error) {
//die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error);
//}
//Check user id in our database
//$UserCount = $mysqli->query("SELECT COUNT(id) as usercount FROM usertable WHERE fbid=$uid")->fetch_object()->usercount;
if ($UserCount) {
//User exist, Show welcome back message
echo 'Ajax Response :<br /><strong>Welcome back ' . $me['first_name'] . ' ' . $me['last_name'] . '!</strong> ( Facebook ID : ' . $uid . ') [<a href="' . $return_url . '?logout=1">Log Out</a>]';
//print user facebook data
//echo '<pre>';
//print_r($me);
//echo '</pre>';
//User is now connected, log him in
login_user(true, $me['first_name'] . ' ' . $me['last_name']);
} else {
//User is new, Show connected message and store info in our Database
/*echo 'Ajax Response :<br />Hi '. $me['first_name'] . ' '. $me['last_name'].' ('.$uid.')! <br /> Now that you are logged in to Facebook using jQuery Ajax [<a href="'.$return_url.'?logout=1">Log Out</a>].
<br />the information can be stored in database <br />';*/
//print user facebook data
//echo '<pre>';
//print_r($me);
//echo '</pre>';
// Insert user into Database.
//$mysqli->query("INSERT INTO usertable (fbid, fullname, email) VALUES ($uid, '$fullname','$email')");
}
//$mysqli->close();
//}
function login_user($loggedin, $user_name)
{
<?php
session_start();
require_once 'wall_db.php';
//--------------handles registration----------------//
if (isset($_POST['action']) && $_POST['action'] == 'register') {
register_user($_POST);
} else {
if (isset($_POST['action']) && $_POST['action'] == 'login') {
login_user($_POST);
} else {
session_destroy();
header('location: login.php');
exit;
}
}
//--------------validation functions----------------//
function register_user($post)
{
$_SESSION['errors'] = array();
if (empty($post['first_name'])) {
$_SESSION['errors']['first_name'] = "First name cant be blank";
}
if (empty($post['last_name'])) {
$_SESSION['errors']['last_name'] = "Last name cant be blank";
}
if (empty($post['email'])) {
$_SESSION['errors']['email'] = "Email cannot be blank";
}
if (!filter_var($post['email'], FILTER_VALIDATE_EMAIL) === true) {
$_SESSION['errors']['email'] = "Email is not valid";
<?php
header("Content-type: application/json");
include "modele/param.inc.php";
include "modele/user/login_user.php";
$user = login_user($_POST["login"], md5($_POST["password"]));
//var_dump($user);
// if (!$user) {
// $retour["display_name"]="Inconnu";
// echo json_encode(array("answer"=>$retour));
/* }
else {
*/
echo json_encode(array("answer" => $user));
// }
$username = "";
$error = False;
if (isset($_POST['username']) && isset($_POST['pass'])) {
if ($_POST['username'] == "") {
$error = "You must enter a username";
}
if ($_POST['pass'] == "") {
$error = "You must enter a password";
}
} else {
$error = "Hmm... Did you come from the login page?";
}
if (!$error) {
$username = strtolower($_POST['username']);
$password = $_POST['pass'];
$login = login_user($conn, $username, $password);
if ($login) {
if (gettype($login) == "string") {
$error = $login;
} else {
session_start();
$_SESSION['id'] = $login['id'];
header('Location: /');
die;
}
} else {
$error = "Invalid username or password";
}
}
if ($error) {
header('Location: /login.php?error=' . urlencode($error));
