public function login()
{
if (Session::get('loggedin')) {
Url::redirect('admin');
}
$model = new \Models\Admin\Auth();
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$username = $_POST['member_username'];
$password = $_POST['member_password'];
if (Password::verify($_POST['member_password'], $model->getHash($_POST['member_username'])) == 0) {
$error[] = 'Wrong username of password';
} else {
$data['user_infos'] = $model->get_user_infos($_POST['member_username']);
Session::set('member_id', $data['user_infos'][0]->member_id);
Session::set('member_username', $username);
Session::set('member_password', '' . $password . '');
Session::set('loggedin', true);
Url::redirect('admin');
}
}
View::renderadmintemplate('loginheader', $data);
View::render('admin/login', $data, $error);
View::renderadmintemplate('footer', $data);
}
public function change_password()
{
//Sanitize Data using Gump helper
$_POST = Gump::sanitize($_POST);
if (isset($_POST['password'])) {
//Validate data using Gump
$is_valid = Gump::is_valid($_POST, array('current_password' => 'required', 'password' => 'required', 'password-again' => 'required'));
if ($is_valid === true) {
$user = $this->userSQL->find(Session::get('id'));
if (Password::verify($_POST['current_password'], $user->password) === true) {
if ($_POST['password'] != $_POST['password-again']) {
$error[] = 'Les deux mots de passe ne sont pas identiques';
}
} else {
$error[] = 'mot de passe courant incorrect';
}
} else {
// $is_valid holds an array for the errors.
$error = $is_valid;
}
if (!$error) {
$user->password = Password::make($_POST['password']);
$this->entityManager->save($user);
Session::set('message', 'Votre mot de passe a bien été mis à jour');
Url::redirect();
}
}
$data['title'] = 'Change Password';
View::rendertemplate('header', $data);
View::render('user/modification', $data, $error);
View::rendertemplate('footer', $data);
}
public function connexion()
{
$user = $this->userSQL->prepareFindByLogin($_POST['login']);
if ($user == false || Password::verify($_POST['password'], $user->motdepasse) == false) {
// changer le render pour un url::redirect mais ajouter un message dans la session de mauvaise donnée
$data['erreurCo'] = "Mauvaise données";
$data['title'] = "Connexion";
View::renderTemplate('header', $data);
View::render('connexion/connexion', $data);
View::renderTemplate('footer', $data);
exit;
} else {
// $is_valid holds an array for the errors.
$error = false;
}
if (!$error) {
Session::set('loggedin', true);
Session::set('id', $user->getId());
Session::set('mail', $user->email);
Session::set('login', $user->pseudo);
Session::set('level', $user->currentLvl);
$user->cookie = rand(0, 64);
setcookie("remember", $user->cookie, time() + 3600 * 31 * 24, DIR);
Session::set('message', "Bienvenue {$user->pseudo}");
Session::set('message_type', 'alert-success');
}
Url::redirect();
}
public function login()
{
Hooks::addHook('js', 'Controllers\\auth@js');
Hooks::addHook('css', 'Controllers\\auth@css');
$error = 'hi';
$success = 'hi';
if (Session::get('loggedin')) {
Url::redirect();
}
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
//validation
if (Password::verify($password, $this->_model->getHash($username)) == false) {
$error[] = 'Wrong username or password';
}
//if validation has passed carry on
if (!$error) {
Session::set('loggedin', true);
Session::set('username', $username);
Session::set('memberID', $this->_model->getID($username));
$data = array('lastLogin' => date('Y-m-d G:i:s'));
$where = array('memberID' => $this->_model->getID($username));
$this->_model->update($data, $where);
$error = 'hi';
Url::redirect();
}
}
$data['title'] = 'Login';
View::rendertemplate('header', $data);
View::render('auth/login', $data, $error, $success);
View::rendertemplate('footer', $data);
}
public function login()
{
if (Session::get('loggedin')) {
Url::redirect('admin-panel');
}
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$correo = $_POST['correo'];
$password = $_POST['password'];
if ($correo == '' || !isset($correo)) {
$data['error'][0] = 'Correo es un campo obligatorio';
}
if ($password == '' || !isset($password)) {
$data['error'][1] = 'Password es un campo obligatorio';
}
if (Password::verify($password, $this->_model->getHash($correo)) == false) {
$data['error'][2] = 'Correo o password incorrectos';
}
if (!$data['error']) {
$data['usuario'] = $this->_model->getUsuario($correo);
Session::set('loggedin', true);
Session::set('idUsuario', $data[usuario][0]->idUsuario);
Session::set('nombre', $data[usuario][0]->nombre);
Session::set('apellidoPaterno', $data[usuario][0]->apellidoPaterno);
$dataUsuario = array('fechaConexion' => date("Y-m-d H:i:s"));
$where = array('correo' => $correo);
$this->_model->updateUsuario($dataUsuario, $where);
Url::redirect('admin-panel');
}
}
View::renderTemplate('header', $data);
View::render('Auth/Login', $data);
View::renderTemplate('footer', $data);
}
/**
* Define login page title and load template files
*/
public function login()
{
if (Session::get('loggedin')) {
Url::redirect('');
}
$data['title'] = 'Přihlášení';
$model = new \Models\Users();
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
// verify password using helper class Password
if (Password::verify($password, $model->getPass($username))) {
Session::set('loggedin', true);
Session::set('username', $username);
Session::set('role', $model->getRole($username));
Session::set('userID', $model->getID($username));
if (Session::get('role') == "admin") {
Url::redirect('admin');
} else {
if (Session::get('role') == "recenzent") {
Url::redirect('ratings');
} else {
Url::redirect('tales');
}
}
} else {
$error[] = 'Špatné jméno nebo heslo';
}
}
View::renderTemplate('header', $data);
View::render('auth\\login', $data, $error);
View::renderTemplate('footer', $data);
}
protected function checkCookie()
{
if (isset($_COOKIE['rf_user_cookie']) && isset($_COOKIE['rf_user_id_cookie']) && isset($_COOKIE['rf_user_pass_cookie'])) {
$result = $this->_user->checkUserCookie($_COOKIE['rf_user_cookie']);
if (\Helpers\Password::verify($_COOKIE['rf_user_pass_cookie'], $result[0]['password'])) {
\Helpers\Session::set('user', $_COOKIE['rf_user_cookie']);
\Helpers\Session::set('user_id', $_COOKIE['rf_user_id_cookie']);
}
}
}
/**
* Handle account logins, password hashing, and view rendering
*/
public function login()
{
// If the user is already logged in, redirect
if (\Helpers\Session::get('loggedin')) {
\Helpers\Url::redirect('Courses');
}
// If the login form is submitted
if (isset($_POST['submit'])) {
$validator = new GUMP();
// Sanitize the submission
$_POST = $validator->sanitize($_POST);
// Set the data
$input_data = array('student_id' => $_POST['student_id'], 'student_password' => $_POST['student_password']);
// Define custom validation rules
$rules = array('student_id' => 'required|numeric', 'student_password' => 'required');
// Validate the data
$validated = $validator->validate($_POST, $rules);
// If login inputs are valid
if ($validated === true) {
// Retrieve user hash from database
$currentUser = $this->account->getStudentHash($_POST['student_id']);
// If user exists
if ($currentUser) {
// Compare hash against the provided password
if (\Helpers\Password::verify($_POST['student_password'], $currentUser[0]->Password)) {
// Passwords match, create a session with user info
\Helpers\Session::set('StudentId', $currentUser[0]->StudentId);
\Helpers\Session::set('Name', $currentUser[0]->Name);
\Helpers\Session::set('loggedin', true);
// Redirect to course selection page
\Helpers\Url::redirect('Courses');
} else {
$error['invalid'] = 'Incorrect Student ID / Password';
}
} else {
$error['not_found'] = "No account was found with your user ID";
}
} else {
// Set errors
$error = $validator->get_errors_array();
}
}
// Set the page title
$data['title'] = 'Login';
// Render the view and pass in controller data
View::renderTemplate('header', $data, 'account');
View::render('account/login', $data, $error);
View::renderTemplate('footer', $data, 'account');
}
public function login()
{
$data['title'] = 'התחברות';
if (Session::get('logged')) {
Url::redirect();
}
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
if (Password::verify($password, $this->_model->get_user_hash($username)) != 0) {
$this->login_user($username);
} else {
$error[] = "Wrong username or password";
}
}
View::renderTemplate('header', $data);
View::render('login', $data, $error);
View::renderTemplate('footer', $data);
}
public function login()
{
if (Session::get('loggedin')) {
Url::redirect();
}
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$user = $_POST['user'];
$password = $_POST['password'];
if (Password::verify($password, $this->_model->getHash($user)) == false) {
$error[] = 'Wrong username or password';
}
if (!$error) {
Session::set('loggedin', true);
Session::set('userId', $this->_model->getId($user));
Url::redirect();
}
}
View::renderTemplate('header', $data);
View::render('auth/login', $data, $error);
View::renderTemplate('footer', $data);
}
/**
* Attempts login
*
*/
public function login()
{
$data["title"] = "Login";
if (!isset($_POST["login_button"])) {
$error[] = "You need to log in to continue.";
View::renderTemplate("header", $data);
View::render("auth/login", $data, $error);
View::renderTemplate("footer", $data);
}
if (isset($_POST["login_button"])) {
//The login variables
$email = $_POST["login_email"];
$password = $_POST["login_password"];
$remember_me = $_POST["remember_me"];
//Validtation
if ($email == "") {
$error[] = "You need to enter your email.";
} else {
if ($this->_model->exists($email) && !$this->_model->isActive($email)) {
$error[] = "This account has not been activeted yet.";
} else {
if (!Password::verify($password, $this->_model->getHash($email))) {
$error[] = "Email or password is incorrect.";
}
}
}
View::renderTemplate("header", $data);
View::render("auth/login", $data, $error);
View::renderTemplate("footer", $data);
//If validation has passed then log in
if (!$error) {
Session::set("loggedin", true);
Session::set("user_id", $this->_model->getID($email));
Url::redirect("http://something.sellerstam.mebokund.com/", true);
//For some reason it doesn't work if the url is blank...
}
}
}
public function runLogin($post)
{
$data = $this->getMemberHash($post['login_username']);
if (Password::verify($post['login_password'], $data[0]->parola)) {
Session::set('id', $data[0]->idAutori);
Session::set('username', $data[0]->nume_login);
Session::set('loggedin', true);
Session::set('level', 'teacher');
if ($post['login_remember_me']) {
$tokenString = hash('sha256', mt_rand());
$updateData = array('rememberme_token' => $tokenString);
$where = array('idAutori' => $data[0]->idAutori);
$this->db->update('autori', $updateData, $where);
$cookieStringFirstPart = $data[0]->idAutori . ':' . $tokenString;
$cookieStringHash = hash('sha256', $cookieStringFirstPart);
$cookieString = $cookieStringFirstPart . ':' . $cookieStringHash;
setcookie("rememberme", $cookieString, time() + COOKIE_RUNTIME);
//, "/", COOKIE_DOMAIN);
}
} else {
$error[] = 'Wrong username or password.';
}
return $error;
}
/**
* Deletes a user's account. Requires user's password
* @param string $username
* @param string $password
* @return boolean
*/
function deleteAccount($username, $password)
{
if (strlen($username) == 0) {
$this->errormsg[] = $this->lang['deleteaccount_username_empty'];
} elseif (strlen($username) > MAX_USERNAME_LENGTH) {
$this->errormsg[] = $this->lang['deleteaccount_username_long'];
} elseif (strlen($username) < MIN_USERNAME_LENGTH) {
$this->errormsg[] = $this->lang['deleteaccount_username_short'];
}
if (strlen($password) == 0) {
$this->errormsg[] = $this->lang['deleteaccount_password_empty'];
} elseif (strlen($password) > MAX_PASSWORD_LENGTH) {
$this->errormsg[] = $this->lang['deleteaccount_password_long'];
} elseif (strlen($password) < MIN_PASSWORD_LENGTH) {
$this->errormsg[] = $this->lang['deleteaccount_password_short'];
}
if (count($this->errormsg) == 0) {
$query = $this->db->select("SELECT password FROM " . PREFIX . "users WHERE username=:username", array(":username" => $username));
$count = count($query);
if ($count == 0) {
$this->logActivity("UNKNOWN", "AUTH_DELETEACCOUNT_FAIL", "Username Incorrect ({$username})");
$this->errormsg[] = $this->lang['deleteaccount_username_incorrect'];
return false;
} else {
$db_password = $query[0]->password;
$verify_password = \Helpers\Password::verify($password, $db_password);
if ($verify_password) {
$this->db->delete(PREFIX . "users", array("username" => $username));
$this->db->delete(PREFIX . "sessions", array("username" => $username));
$this->logActivity($username, "AUTH_DELETEACCOUNT_SUCCESS", "Account deleted - Sessions deleted");
$this->successmsg[] = $this->lang['deleteaccount_success'];
return true;
} else {
$this->logActivity($username, "AUTH_DELETEACCOUNT_FAIL", "Password incorrect ( DB : {$db_password} / Given : {$password} )");
$this->errormsg[] = $this->lang['deleteaccount_password_incorrect'];
return false;
}
}
} else {
return false;
}
}
public function checkUser()
{
$userName = $_POST['userlogin'];
$userPass = $_POST['userpassword'];
if ($_POST['token'] != $_COOKIE['token']) {
echo 'Проверьте введенные данные.';
die;
}
$result = $this->_user->getUserPassword($userName);
if (empty($result)) {
echo 'Логин и/или пароль введены неверно.';
die;
}
if (\Helpers\Password::verify($userPass, $result[0]['password'])) {
\Helpers\Session::set('user', $userName);
\Helpers\Session::set('user_id', $result[0]['id']);
if (isset($_POST['checkbox']) && $_POST['checkbox'] == 'on') {
setcookie("rf_user_cookie", $userName, time() + 60 * 60 * 24 * 7, "", "", false, true);
setcookie("rf_user_id_cookie", $result[0]['id'], time() + 60 * 60 * 24 * 7, "", "", false, true);
setcookie("rf_user_pass_cookie", $userPass, time() + 60 * 60 * 24 * 7, "", "", false, true);
}
} else {
echo 'Логин и/или пароль введены неверно.';
die;
}
}
/**
* Password Recovery
*/
public function recovery()
{
$data['title'] = $this->language->get('title_recovery');
if (isset($_POST['submit'])) {
$email = $_POST['email'];
//validation
if (Password::verify($password, $this->model->getHash($username)) == false) {
$error[] = $this->language->get('error_recovery');
}
//if validation has passed carry on
if (!$error) {
$userDb = $this->model->getUser($username);
$user = $userDb[0];
Session::set('loggedin', true);
Session::set('id', $user->id);
Session::set('first_name', $user->first_name);
Session::set('last_name', $user->last_name);
Session::set('timezone', $user->timezone);
Session::set('dateformat', $user->dateformat);
Session::set('timeformat', $user->timeformat);
Session::set('dateformat_moment', Date::convertPHPToMomentFormat($user->dateformat));
Session::set('timeformat_moment', Date::convertPHPToMomentFormat($user->timeformat));
Session::set('language_id', 1);
Session::set('language_code', 'en');
if (!Cookie::exists('navigation')) {
Cookie::set('navigation', '');
}
Log::info('logged_in');
//$data = array('lastLogin' => date('Y-m-d H:i:s'));
//$where = array('id' => $this->_model->getId($username));
//$this->_model->update($data,$where);
Url::redirect();
} else {
$data['username'] = $username;
}
}
View::renderTemplate('header', $data, 'auth');
View::render('auth/recovery', $data, $error);
View::renderTemplate('footer', $data, 'auth');
}
