コード例 #1
0
spl_autoload_register("my_autoloader");
session_start();
$db = new DbObject();
if (!isset($_SERVER["HTTPS"]) || !$_SERVER["HTTPS"]) {
    //redirect to secure
    header("HTTP/1.1 301 Moved Permanently");
    header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
    exit;
}
//if they are already logged in, redirect to home page
if (isset($_SESSION["loggedIn"]) && $_SESSION["loggedIn"]) {
    header("Location: home.php");
}
//check for a valid username and password if submitted
if (isset($_POST["submitLogin"])) {
    $passwordCheck = new PasswordChecker();
    // check the posted username and password
    if (!empty($_POST["username"])) {
        $_POST["submitLogin"] = $passwordCheck->isValid($_POST["username"], $_POST["password"]);
        //  regenerate the session id
        session_regenerate_id(true);
        //if the login is valid redirect to home page
        if ($_POST["submitLogin"]) {
            $_SESSION["loggedIn"] = true;
            $_SESSION["username"] = $_POST["username"];
            header("Location: home.php");
        } else {
            echo "<div>Invalid username or password</div>";
        }
    }
}
コード例 #2
0
function checkCurrentPassword()
{
    $passwordCheck = new PasswordChecker();
    return $passwordCheck->isValid($_SESSION["username"], $_POST["currentPassword"]);
}
コード例 #3
0
                echo "</div>";
            }
        }
    }
    $form->renderSubmitEnd("subRegisterSubmit", "Register");
}
//check to see if the form was submitted
if (isset($_POST["subRegisterSubmit"])) {
    //if the passwords do not match - or password is left blank - load the form again
    //with an error message. Send false indicating that the password check failed.
    if (!checkUsernameRegex() || !checkChallengeQuestions() || !checkEmailRegex() || !checkForEmptyFields() || !checkPasswordMatch()) {
        loadForm(false);
    } else {
        //load the form again
        loadForm(true);
        $passwordChecker = new PasswordChecker();
        $user = strip_tags($_POST["txtUsername"]);
        $email = strip_tags($_POST["txtEmail"]);
        $pwd = strip_tags($_POST["txtPassword"]);
        $qst1 = strip_tags($_POST["txtQst1"]);
        $qst1Answer = strip_tags($_POST["txtQst1Answer"]);
        $qst2 = strip_tags($_POST["txtQst2"]);
        $qst2Answer = strip_tags($_POST["txtQst2Answer"]);
        $success = $passwordChecker->addUser($user, $pwd, $email, $qst1, $qst1Answer, $qst2, $qst2Answer);
        if ($success) {
            $_SESSION["loggedIn"] = true;
            $_SESSION["username"] = $user;
        } else {
            echo "<p>Failed to add {$user} to the website</p>";
            echo "<p>The username {$user} already exists!</p>";
            echo "<p>Please enter a new username</p>";
コード例 #4
0
ファイル: Password.php プロジェクト: juniorgrossi/passkit
 /**
  * Wrapper for PasswordChecker::check method
  * 
  * @param $password string
  * @return int
  */
 public static function check($password)
 {
     return PasswordChecker::check($password);
 }