function change_password() { if (isset($_POST['reset'])) { $reset = $_POST['reset']; $id = $this->nativesession->get('member_id'); $user = $this->profile_model->get_profile_details_password($id); if ($user) { $this->load->library('PBKDF2'); $pbkdf2 = new PBKDF2(); if ($pbkdf2->validatePassword($reset['current_password'], $user['password'])) { $password = $reset['password']; $password = $pbkdf2->createHash($password); $data = array('password' => $password); if ($this->profile_model->update_profile($id, $data)) { $this->nativesession->set_flashdata('_profile', '<div class="alert alert-success">Successfully Updated Password.</div>'); $this->send_email($user); } else { $this->nativesession->set_flashdata('_profile', '<div class="alert alert-danger">Cannot Update Password, Please try again later.</div>'); } } else { $this->nativesession->set_flashdata('_profile', '<div class="alert alert-danger">Cannot Update Password, Password does not match with the current password.</div>'); } } else { $this->nativesession->set_flashdata('_profile', '<div class="alert alert-danger">Cannot Update Password, Please try again later.</div>'); } } redirect(base_url($this->nativesession->get('gan_admin_login_map') . '/profile')); }
function login_admin() { $login_success = null; if (isset($_POST['login'])) { $login = $_POST['login']; $this->form_validation->set_rules('login[member_code]', 'Email / Member ID', 'required'); $this->form_validation->set_rules('login[password]', 'required'); if ($this->form_validation->run() == FALSE) { $login_success = false; $this->nativesession->set_flashdata('login_status', '<div class="alert alert-danger">' . validation_errors() . '</div>'); $this->index(); } else { // $data = array('member_code' => $login[ 'member_code' ]); $potential_user = $this->admin_login_model->get_user_existing_data($login['member_code']); if ($potential_user) { $this->load->library('PBKDF2'); $admin = $potential_user; $pbkdf2 = new PBKDF2(); if ($pbkdf2->validatePassword($login['password'], $admin['password'])) { if ($admin['status'] == 'active') { $login_success = true; if (isset($login['remember_me'])) { // @TODO remember me mechanism } $this->nativesession->set(array('is_logged_in' => true, 'is_gan_admin_logged_in' => true, 'member_id' => $admin['id'], 'member_code' => $admin['member_code'], 'account_type' => $admin['account_type'])); // $country_code = function_exists( 'geoip_country_code_by_name' ) ? geoip_country_code_by_name( $_SERVER[ 'REMOTE_ADDR' ] ) : ''; $member_id = (string) $admin['id']; $member_data = array('last_login_date' => date('Y-m-d H:i:s'), 'last_login_ip' => $_SERVER['REMOTE_ADDR'], 'last_login_country' => function_exists('geoip_country_code_by_name') ? geoip_country_code_by_name($_SERVER['REMOTE_ADDR']) : ''); $this->admin_login_model->update_member($member_id, $member_data); redirect(base_url('admin/home')); } else { if ($member['status'] == 'inactive') { $this->nativesession->set_flashdata('login_status', '<div class="alert alert-danger">It seems that your account is inactive. please contact your administrator.</div>'); $login_success = false; redirect(base_url('login')); } else { $this->nativesession->set_flashdata('login_status', '<div class="alert alert-danger">Your account is suspended, please contact administrator.</div>'); $login_success = false; redirect(base_url('admin/login')); } } } else { $this->nativesession->set_flashdata('login_status', '<div class="alert alert-danger">Incorrect Email/member id or password ' . $potential_user . '.</div>'); $login_success = false; redirect(base_url('admin/login')); } } else { $this->nativesession->set_flashdata('login_status', '<div class="alert alert-danger">Incorrect Member ID or Password : Acces Denied.</div>'); $login_success = false; redirect(base_url('admin/login')); } } } }
public function login() { $this->load->helper(array('form', 'url')); $this->load->library(array('form_validation')); $this->load->model('login_model'); $res = array(); if (isset($_POST['data'])) { $login = $_POST['data']; $this->form_validation->set_rules('data[username]', 'username', 'required'); $this->form_validation->set_rules('data[password]', 'required'); if ($this->form_validation->run() == FALSE) { $login_success = false; $res = ['errors' => false, 'message' => validation_errors()]; } else { $potential_user = $this->login_model->get_user_existing_data($login['username']); if ($potential_user) { $this->load->library('PBKDF2'); $admin = $potential_user; $pbkdf2 = new PBKDF2(); if ($pbkdf2->validatePassword($login['password'], $admin['password'])) { $login_success = true; if (isset($login['remember_me'])) { // @TODO remember me mechanism } $this->nativesession->set(array('user_id' => $admin['id'], 'username' => $admin['username'], 'firstname' => $admin['firstname'], 'lastname' => $admin['lastname'], 'account_type' => $admin['account_type'])); // $country_code = function_exists( 'geoip_country_code_by_name' ) ? geoip_country_code_by_name( $_SERVER[ 'REMOTE_ADDR' ] ) : ''; /* $member_data = array( 'last_login_date' => date( 'Y-m-d H:i:s' ), 'last_login_ip' => $_SERVER[ 'REMOTE_ADDR' ], 'last_login_country' => function_exists( 'geoip_country_code_by_name' ) ? geoip_country_code_by_name( $_SERVER[ 'REMOTE_ADDR' ] ) : '' ); $this->admin_login_model->update_member($member_id, $member_data); */ $res = ['errors' => true, 'message' => 'success', 'url' => base_url('/dashboard')]; } else { $res = ['errors' => false, 'message' => 'Invalid password!']; } } else { $res = ['errors' => false, 'message' => 'Login failed!']; } } } echo json_encode($res); }
function login_member() { $login_success = null; if (isset($_POST['login'])) { $login = $_POST['login']; $data = array('member_code' => $login['member_code']); $potential_user = $this->member_login_model->get_user_existing_data($data); if ($potential_user) { $this->load->library('PBKDF2'); $member = $potential_user; $pbkdf2 = new PBKDF2(); if ($pbkdf2->validatePassword($login['password'], $member['password'])) { if ($member['status'] != 'deactivated' && $member['status'] != 'inactive') { $login_success = true; if (isset($login['remember_me'])) { // @TODO remember me mechanism } $this->nativesession->set(array('is_logged_in' => true, 'is_member_logged_in' => true, 'member_id' => $member['id'], 'member_code' => $member['member_code'], 'ms_status' => $member['status'])); // $country_code = function_exists( 'geoip_country_code_by_name' ) ? geoip_country_code_by_name( $_SERVER[ 'REMOTE_ADDR' ] ) : ''; $member_id = (string) $member['id']; $member_data = array('last_login_date' => date('Y-m-d H:i:s'), 'last_login_ip' => $_SERVER['REMOTE_ADDR'], 'last_login_country' => function_exists('geoip_country_code_by_name') ? geoip_country_code_by_name($_SERVER['REMOTE_ADDR']) : ''); $this->member_login_model->update_member($member_id, $member_data); redirect(base_url('members/home')); } else { if ($member['status'] == 'inactive') { $this->nativesession->set_flashdata('login_status', '<div class="alert alert-danger">It seems that your account is inactive. please contact your administrator.</div>'); $login_success = false; redirect(base_url('login')); } else { $this->nativesession->set_flashdata('login_status', '<div class="alert alert-danger">Your account is suspended, please contact administrator.</div>'); $login_success = false; redirect(base_url('login')); } } } else { $this->nativesession->set_flashdata('login_status', '<div class="alert alert-danger">Incorrect Member ID or Password.</div>'); $login_success = false; redirect(base_url('login')); } } else { $this->nativesession->set_flashdata('login_status', '<div class="alert alert-danger">Incorrect Member ID or Password.</div>'); $login_success = false; redirect(base_url('login')); } } }
/** * Checks if provided hash has been computed by most recent algorithm * returns true if otherwise * * @param string $hash * the hash to be checked * @return boolean * whether the hash should be re-computed */ public static function requiresMigration($hash) { $version = substr($hash, 0, 8); if ($version == PBKDF2::PREFIX) { // salted PBKDF2, let the responsible class decide return PBKDF2::requiresMigration($hash); } else { // everything else return true; } }
function register() { if (isset($_POST['register'])) { /* $this->form_validation->set_rules('register[email]', 'Email Address', 'required|callback_email_check'); */ $this->form_validation->set_rules('register[email]', 'Email Address', 'required'); $this->form_validation->set_rules('register[firstname]', 'firstname', 'required'); $this->form_validation->set_rules('register[lastname]', 'lastname', 'required'); // $this->form_validation->set_rules('register[middle_name]', 'middle_name', 'required'); $this->form_validation->set_rules('register[contact_no]', '', 'required'); $this->form_validation->set_rules('register[country_iso]', 'country_iso', 'required'); $this->form_validation->set_rules('register[address]', 'address', 'required'); $this->form_validation->set_rules('register[city]', 'city', 'required'); $this->form_validation->set_rules('register[province]', 'province', 'required'); $this->form_validation->set_rules('register[postal_code]', 'postal_code', 'required'); $this->form_validation->set_rules('register[password]', 'password', 'required'); /* $this->form_validation->set_rules('register[password]', 'password', 'required|callback_member_password_check'); */ $this->form_validation->set_rules('register[cpassword]', 'rpassword', 'required'); /* $this->form_validation->set_rules('register[member_code]', 'member_code', 'required|callback_member_code_check'); */ $this->form_validation->set_rules('register[member_code]', 'member_code', 'required'); $this->form_validation->set_rules('register[upline_id]', 'upline_id', 'required'); $this->form_validation->set_rules('register[sponsor_id]', 'sponsor_id', 'required'); $this->form_validation->set_rules('tnc', 'tnc', 'required'); $form_valid = !!$this->form_validation->run(); if ($form_valid) { $data = $_POST['register']; $this->load->library('PBKDF2'); $pbkdf2 = new PBKDF2(); $raw_password = $data['password']; $data['password'] = $pbkdf2->createHash($data['password']); $activation_key = hash('sha256', uniqid(true) . mt_rand() + mt_rand() / 100000000.0); // $data['date_registered'] = date("Y-m-d H:i:s"); $data['activation_key'] = $activation_key; $data['account_type'] = 'MEMBER'; $upline_id = $this->member_registration_model->get_member_id($data['upline_id']); $data['upline_id'] = $upline_id; $sponsor_id = $this->member_registration_model->get_member_id($data['sponsor_id']); $data['sponsor_id'] = $sponsor_id; $refer_bunos = $this->member_registration_model->get_referral($data['member_code']); $uni_mlm_bunos = $this->member_registration_model->get_unilevel_mlm($data['member_code']); $budget = $this->member_registration_model->get_budget_kit($data['member_code']); $data['pv'] = $budget['point_value']; if ($refer_bunos == 0) { $this->nativesession->set_flashdata('_success', '<div class="alert alert-warning"> error, please try again later. </div>'); redirect(base_url('registration')); } // count_downline_members $num_downline = $this->member_registration_model->count_downline_members($upline_id); if ($num_downline >= 8) { $this->nativesession->set_flashdata('_success', '<div class="alert alert-danger"> error, exceed member. please contact your upline. </div>'); redirect(base_url('registration')); } /* $level = $num_downline + 1; $overriding_total = 0; $over_commision_value = $this->member_registration_model->get_setup($level); $overriding_total = ($uni_mlm_bunos / 100) * $over_commision_value; */ //REFERRAL $data_refer = array('transaction_type_id' => REFERRAL_BUNOS_DEBIT, 'amount' => $refer_bunos, 'date' => date("Y-m-d H:i:s")); /* */ //OVERRIDING COMMISION /* $data_overriding = array( 'trans_type' => 'Overriding Bunos', 'amount' => $overriding_total, 'date' => date("Y-m-d H:i:s") ); */ $this->check_upline($upline_id, $uni_mlm_bunos); $data_overriding = $this->upline; unset($data['cpassword']); /* print_r($data); */ $res = $this->member_registration_model->register_member($data, $data_refer, $data_overriding, $budget); if ($res) { $this->send_email($data, $raw_password); $this->nativesession->set_flashdata('_success', "<div class='alert alert-success'>successfully registered, We've sent an email to " . $data['email'] . ". <a href='" . base_url('members') . "'> Login Now </a>.</div>"); redirect(base_url('register/thank-you')); } else { $this->nativesession->set_flashdata('_success', '<div class="alert alert-danger"> error while saving. ' . $this->member_registration_model->error_msg . '! try again.</div>'); redirect(base_url('registration')); } } else { $this->nativesession->set_flashdata('_success', '<div class="alert alert-danger"> Error ' . validation_errors() . '</div>'); redirect(base_url('registration')); } } else { echo "please submit your form"; } }
} if (isset($_POST["submit"])) { require_once 'connectioncli.php'; $uname = $_POST["dbuname"]; $pass = $_POST["dbpass"]; $goto = $_GET["goto"]; $link = mysql_connect(DBHOST, $uname, $pass); if (!$link) { echo "<script type='text/javascript'>alert('Wrong Credentials!!');window.location='auth.php?goto={$goto}'</script>"; } else { if (!mysql_select_db(DBNAME)) { echo "<script type='text/javascript'>alert('Cant Connect to Database!!');window.location='auth.php?goto={$goto}'</script>"; } } require_once 'classes.php'; $pbkdf2 = new PBKDF2(); $key = $pbkdf2->deriveKey($goto); $crypto = new Crypto($key); $c = $crypto->aesEncrypt($goto); setcookie("auth", $c); $red = $_GET["goto"] . ".php"; echo "<script type='text/javascript'>window.location='{$red}';</script>"; } function table_exists($tablename) { $x = mysql_query("show tables like '{$tablename}'"); if (mysql_num_rows($x) > 0) { return TRUE; } else { return FALSE; }
public function phase1($username, $passphrase) { $challenge = uniqid(); $x = $username . $passphrase; $pbkdf2 = new PBKDF2(); $key = $pbkdf2->deriveKey($x); $keymas = $pbkdf2->deriveKey($key . ":" . $challenge); $crypto = new Crypto($keymas); require_once "settings.php"; $url = getSHOST() . "?mode=handshake&values=" . $username . ":" . $challenge; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_REFERER, "www.google.com"); $body = curl_exec($ch); $json = json_decode($body); $emsg = utf8_decode($json->message); $token = $crypto->aesDecrypt(utf8_decode($json->token)); $plain = $crypto->aesDecrypt($emsg); $pl = $plain; if ($pl == "Standard Message#1") { setcookie("username", $username); setcookie("passphrase", $passphrase); setcookie("key", $key); setcookie("keymas", $keymas); setcookie("token", $token); echo "<script type='text/javascript'>window.location = \"phase2.php\";</script>"; } else { //redirect("?err=true"); } }