/** * DEPRECATED This should only be called once, to load into $app['currentUser']. So $USER_CURRENT & $USER_CURRENT_LOADED shouldn't be needed. * At some point in future, remove this function and put the logic into code that just writes to $app['currentUser'] only. * * @return UserAccountModel|null */ function userGetCurrent() { global $USER_CURRENT, $USER_CURRENT_LOADED, $WEBSESSION; if (!$USER_CURRENT_LOADED) { if ($WEBSESSION->has('userID') && $WEBSESSION->get('userID') > 0) { $uar = new UserAccountRepository(); $USER_CURRENT = $uar->loadByID($WEBSESSION->get('userID')); if ($USER_CURRENT && $USER_CURRENT->getIsClosedBySysAdmin()) { $USER_CURRENT = null; } } else { if (isset($_COOKIE['userID']) && isset($_COOKIE['userKey'])) { $uarmr = new UserAccountRememberMeRepository(); $uarm = $uarmr->loadByUserAccountIDAndAccessKey($_COOKIE['userID'], $_COOKIE['userKey']); if ($uarm) { $uar = new UserAccountRepository(); $USER_CURRENT = $uar->loadByID($uarm->getUserAccountId()); if ($USER_CURRENT && $USER_CURRENT->getIsClosedBySysAdmin()) { $USER_CURRENT = null; } if ($USER_CURRENT) { userLogIn($USER_CURRENT); } } } } $USER_CURRENT_LOADED = true; } return $USER_CURRENT; }
<?php // resume or start a new session session_start(); //Check for login form data if (isset($_POST['username'])) { include 'functions/log_in_function.php'; userLogIn(); } $page_title = "Log In"; include 'header.php'; if (isset($_POST['new_username'])) { $errors = array(); if (empty($_POST['new_username'])) { $errors[] = "You did not enter a username!"; } else { $new_username = $_POST['new_username']; } if ($_POST['new_password'] != $_POST['confirm_password']) { $errors[] = "Your passwords do not match!"; } else { if (empty($_POST['new_password'])) { $errors[] = "You did not enter a password!"; } else { $new_password = md5($_POST['new_password']); } } if (empty($_POST['first_name'])) { $errors[] = "You did not enter a first name!"; } else { $first_name = $_POST['first_name'];
<div class="mainNav"> <div class="navImage"> <a href="index.php"><img id="logo" class="headerImage" src="Images/LogoBlack5.png"/></a> </div> <div class="navLinks"> <?php //Sets the links for all of the nav bar. Accounts is not included because accounts is added later. $PageListName = array("HOME", "PRODUCTS", "TUTORIALS", "ABOUT US"); $PageURL = array("index.php", "products.php?filter=none", "tutorial.php", "aboutUs.php"); //Displays all of the links in the Nav bar except the account and shopping cart. for ($i = 0; $i < count($PageListName); $i++) { echo "<a href='" . $PageURL[$i] . "'>" . $PageListName[$i] . "</a>"; } if (isDatabaseConnected()) { if (isset($_POST['accountLogIn'])) { userLogIn($link); //Tries to log the user in. Location: PHPScipts/formSubmits.php } else { if (isset($_POST['accountRegister'])) { //Checks to see if the user is registering. userRegister($link); //Tries to register the user. Location: PHPScripts/formSubmits.php } } } if (isLoggedIn()) { //Checks to see if the user is currently logged in. Location: PHPScripts/helperFunctions.php //Displays the Account button so the user can go to their account. echo "<a href='userAccount.php'>ACCOUNT</a>"; } else { //If there is no user signed in. Display the Sign In button so they can sign in.
$user = userGetLoggedIn(); $params = array(); if (isset($_POST["pass1"]) && isset($_POST["pass2"]) && isset($_POST["password"]) && $_POST["pass1"] == $_POST["pass2"] && md5(stringEncode($_POST["password"])) == $user["password"]) { $params["password"] = $_POST["pass1"]; } if (isset($_POST["nickname"]) && $_POST["nickname"] != stringDecode($user["nickname"])) { $params["nickname"] = $_POST["nickname"]; } if (isset($_POST["email"]) && $_POST["email"] != stringDecode($user["email"])) { $params["email"] = $_POST["email"]; } userSetParams($user["id"], $params); header("location: index.php?profile"); } if (isset($_GET["login"])) { $res = userLogIn($_POST["login"], $_POST["password"], isset($_POST["remember"])); handleErrors($res); header("location: index.php"); } if (isset($_GET["logout"])) { userLogOut(); header("location: index.php"); } if (isset($_GET["cap"])) { $x1 = rand(2, 50); $x2 = rand(1, $x1 - 1); $rnd = rand(0, 3); if ($rnd == 0) { $operation = " - "; } elseif ($rnd == 1) { $operation = " * ";
function login(Request $request, Application $app) { $form = $app['form.factory']->create(new LogInUserForm()); $this->processThingsToDoAfterGetUser($request, $app); if ('POST' == $request->getMethod()) { $form->bind($request); if ($form->isValid()) { $data = $form->getData(); $userRepository = new UserAccountRepository(); $user = null; // We are deliberately very forgiving about people putting the wrong thing in the wrong field. if ($data['email']) { $user = $userRepository->loadByUserNameOrEmail($data['email']); } if (!$user && $data['username']) { $user = $userRepository->loadByUserNameOrEmail($data['username']); } if ($user) { if ($user->checkPassword($data['password'])) { if ($user->getIsClosedBySysAdmin()) { $form->addError(new FormError('There was a problem with this account and it has been closed: ' . $user->getClosedBySysAdminReason())); $app['monolog']->addError("Login attempt - account " . $user->getId() . ' - closed.'); } else { userLogIn($user); $this->actionThingsToDoAfterGetUser($app, $user); if ($data['rememberme']) { $uarmr = new UserAccountRememberMeRepository(); $uarm = $uarmr->create($user); $uarm->sendCookies(); } return $app->redirect("/"); } } else { $app['monolog']->addError("Login attempt - account " . $user->getId() . ' - password wrong.'); $form->addError(new FormError('User and password not recognised')); } } else { $app['monolog']->addError("Login attempt - unknown account"); $form->addError(new FormError('User and password not recognised')); } } } $this->parameters['form'] = $form->createView(); return $app['twig']->render('index/user/login.html.twig', $this->parameters); }