public function validarUsuario() { $obj = new LoginHelper(); $login = $_POST['login']; $senha = $_POST['senha']; $dados = array('login' => $login, 'senha' => $senha); $obj->open(); $this->view('Painel/validarUsuario', false); if ($obj->login($login, $senha)) { $this->block("BLOCK_LOGIN_MSG"); } $obj->close(); $this->show(); }
function registreerNieuweUser($login, $pasw) { $_SESSION["msg"] = "Registratie niet gelukt. Probeer later opnieuw."; //default message //controleren of de login reeds gebruikt is.... $connection = new W_DatabaseHelper("cms"); $querystring = "SELECT * \n\t\t\t\t\t\t FROM users \n\t\t\t\t\t\t WHERE naam LIKE :login \n\t\t\t\t\t\t"; $bindValues = [":login" => $login]; $resultset = $connection->query($querystring, $bindValues); //$resultset = $connection->query($querystring); //var_dump($resultset); if (sizeof($resultset) > 0) { $_SESSION["msg"] = "Deze naam is reeds in gebruik. Gelieve een andere login te kiezen."; } else { $querystring = "INSERT INTO users(naam, paswoord, salt) \n\t\t\t\t\t\t\tVALUES (:login, :pasw, :newsalt) \n\t\t\t\t\t\t\t"; ///// SECURITY voor paswoord... //salt aanmaken $newsalt = generateSalt(); //parameter 5 in onderstaande lijn betekent dat we kiezen voor algoritme SHA256... $pasw = hash("sha256", $pasw . $newsalt); //var_dump($pasw); $bindValues = [":login" => $login, ":pasw" => $pasw, ":newsalt" => $newsalt]; $resultset = $connection->query($querystring, $bindValues); $validatedUser = LoginHelper::checklogin($login, $pasw); $_SESSION["msg"] = "Proficiat met uw registratie. U bent meteen ook ingelogd met uw nieuwe login en paswoord."; /// get the new user's userid... $querystring = "SELECT userid FROM users\n\t\t\t\t\t\t\tWHERE naam LIKE :login \n\t\t\t\t\t\t\tAND paswoord LIKE :pasw \n\t\t\t\t\t\t\tAND salt LIKE :newsalt\n\t\t\t\t\t\t\t"; $bindValues = [":login" => $login, ":pasw" => $pasw, ":newsalt" => $newsalt]; $resultset = $connection->query($querystring, $bindValues); //var_dump($resultset); $_SESSION["user"] = $resultset[0]["userid"]; $_SESSION["username"] = $login; } //return $resultmessage; }
/** * Constructor * Checks if we have a valid session and then calls the super constructor. */ function __construct($request) { // Check if session is valid if (LoginHelper::checkSession() == true) { parent::__construct($request); } else { // Session is not valid $genericResult = new GenericResult(ERROR_SESSION_INVALID); $view = new SimpleView($genericResult); $view->render(); session_destroy(); die; } }
/** * Redirect to Special:Userlogin if the specified message is compatible. Otherwise, * show an error page as usual. */ public function report() { // If an unsupported message is used, don't try redirecting to Special:Userlogin, // since the message may not be compatible. if (!in_array($this->msg, LoginHelper::getValidErrorMessages())) { parent::report(); } // Message is valid. Redirec to Special:Userlogin $context = RequestContext::getMain(); $output = $context->getOutput(); $query = $context->getRequest()->getValues(); // Title will be overridden by returnto unset($query['title']); // Redirect to Special:Userlogin $output->redirect(SpecialPage::getTitleFor('Userlogin')->getFullURL(['returnto' => $context->getTitle()->getFullText(), 'returntoquery' => wfArrayToCgi($query), 'warning' => $this->msg])); $output->output(); }
/** * Handles the Logins and renders the view. */ protected function login($request) { $pass = $request->getValue(CONTROLLER_LOGIN_PASS); // We encode the entered Password in md5. Make sure the password in the configuration is also md5 encoded $pass = md5($pass); if ($pass == USER_PASS && LoginHelper::isLocked() == false) { // Cookie (valid for session) $token = LoginHelper::getToken(); $_SESSION[SESSION_TOKEN] = $token; $genericResult = new GenericResult(STATUS_OK); // Reset the login counter LoginHelper::updateLoginInfo($request, true); } else { $genericResult = new GenericResult(ERROR_LOGIN_INVALID); LoginHelper::updateLoginInfo($request, false); session_destroy(); } $view = new SimpleView($genericResult); $view->render(); }
/* This page receives the sign up information (Sign up using Treasherlocked i.e Oauth_Default) via an AJAX request. The page validates and completes the Oauth registration. */ require $_SERVER['DOCUMENT_ROOT'] . '/ts2/config/consts.php'; session_start(); if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['spoof_proof']) && $_POST['spoof_proof'] == $_SESSION['spoof_proof']) { require_once DOCUMENT_ROOT . 'classes/LoginHelper.php'; require_once DOCUMENT_ROOT . 'classes/Registrar.php'; require_once DOCUMENT_ROOT . 'config/db.php'; $name = $db->escape($_POST['username']); $password = sha1($_POST['password']); $remember = isset($_POST['remember']) ? true : false; $result = $db->rawQuery("SELECT id\n\t\t\t\t\t\t\tFROM users \n\t\t\t\t\t\t\tWHERE \n\t\t\t\t\t\t\t\t( email = ? OR username = ? ) \n\t\t\t\t\t\t\t\tAND oauth_type = ? \n\t\t\t\t\t\t\t\tAND password = ?\n\t\t\t\t\t\t\t\tAND verified = ?\n\t\t\t\t\t\t\t", array($name, $name, OAUTH_DEFAULT, $password, 1)); if ($db->count > 0) { $user = $result[0]; // Valid credentials $loginHelper = new LoginHelper($db); $redirect_uri = $loginHelper->Login($user['id'], OAUTH_DEFAULT, null, $remember); $result = array('success' => true, 'redirect_uri' => $redirect_uri); } else { // invalid credentails $result = array('success' => false); } header('Content-Type: application/json'); echo json_encode($result); exit; } else { header('HTTP/1.1 404 Not Found'); }
<?php require $_SERVER['DOCUMENT_ROOT'] . '/ts2/config/consts.php'; require DOCUMENT_ROOT . 'classes/LoginHelper.php'; session_start(); $loginHelper = new LoginHelper(); if ($loginHelper->IsLoggedIn()) { header('Location: ' . SITE_URL); exit; } $loginHelper->suppressRegistration(OAUTH_GOOGLE); require 'config/client.php'; require 'config/login.php'; require 'Google/Google.php'; $google = new Google(APP_NAME, CLIENT_ID, CLIENT_SECRET, unserialize(SCOPES), REDIRECT_URI); header("Location: " . $google->getLoginURL()); exit;
protected function isLogged() { parent::setUrl(); parent::setExplode(); parent::setController(); $module = parent::getModule(); if ($module == "admin") { $obj = new LoginHelper(); if ($obj->isLogged()) { if ($this->tp->exists('S_USERNAME')) { $this->tp->S_USERNAME = $_SESSION['usuario_nome']; } if ($this->tp->exists('S_EMAIL')) { $this->tp->S_EMAIL = $_SESSION['usuario_email']; } if ($this->tp->exists('S_LOGIN')) { $this->tp->S_LOGIN = $_SESSION['usuario_login']; } } else { throw new Exception_Login(); } } }
require_once 'Google/Service/Oauth2.php'; require 'Google/Google.php'; $google = new Google(APP_NAME, CLIENT_ID, CLIENT_SECRET, unserialize(SCOPES), REDIRECT_URI); if (isset($_GET['code'])) { // Exchange the code for access token $google->authenticate($_GET['code']); $_SESSION['access_token'] = $google->getAccessToken(); $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL)); exit; } if ($google->IsAuthenticated()) { // Google User is authenticated and authorized // Login/Registration can be proceeded $gUser = $google->getUserProfile(); $loginHelper = new LoginHelper($db); $user_id = $loginHelper->IsRegistered(OAUTH_GOOGLE, $gUser['id']); if ($user_id) { // User is already registered - Log in the user $redicrect_uri = $loginHelper->Login($user_id, OAUTH_GOOGLE, $gUser['id']); header("Location: {$redirect_uri}"); exit; } else { // User is not registerd // Email may be registered already $rUser = $loginHelper->IsEmailRegistered($gUser['email']); if ($rUser) { // Email is already registered - Login the user $redirect_uri = $loginHelper->Login($rUser['id'], $rUser['oauth_type'], $rUser['oauth_id']); header("Location: {$redirect_uri}"); exit;
account (trial to create multiple accounts) */ $db->where('email', $user['email'])->where('verified', '1'); $db->getOne('users'); if ($db->count > 0) { // Email is already associated to another account $verified = false; // Record is no more usable. User will be asked to register using different email $db->where('id', $user_id); $db->delete('users'); } else { $db->where('id', $user_id); if ($db->update('users', array('verified' => '1', 'auth_code' => ''))) { $verified = true; /* Login the user */ require DOCUMENT_ROOT . 'classes/LoginHelper.php'; $loginHelper = new LoginHelper($db); $loginHelper->Login($user_id); } } } else { /* Spoof request */ $invalid_request = true; } } else { /* Spoof Request */ $invalid_request = true; } ?> <!DOCTYPE html> <html> <head>
unset($_REQUEST["signin"]); } // signout if (isset($_REQUEST["signout"])) { LoginHelper::logout(true); } else { if (isset($_REQUEST["signin"]) && !opt("httpAuthLogin")) { LoginHelper::logout(false); } } // signin if (opt("httpAuthLogin")) { LoginHelper::check_http_auth(); } else { if (isset($_REQUEST["signin"])) { LoginHelper::check_login(); } else { if ((isset($_REQUEST["signin"]) || isset($_REQUEST["signout"])) && isset($_REQUEST["post"])) { redirectSelf(); } } } // set interesting user $User = null; if (isset($_REQUEST["u"]) && !($User = ContactView::prepare_user($_REQUEST["u"]))) { redirectSelf(array("u" => null)); } if (!$Me->isPC || !$User) { $User = $Me; } // check problem set openness
<?php include_once 'phpcode/config.php'; include_once 'phpcode/helperclasses/loginHelper.php'; include_once 'phpcode/secureSession.php'; sec_session_start(); $user = R::dispense('user'); $user = R::load('user', 1); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (!empty($_POST['email']) && !empty($_POST['password'])) { if (LoginHelper::login($user, $_POST['email'], $_POST['password'])) { //then save user to the session and redirect to admin page $_SESSION['username'] = $user->userName; $_SESSION['userEmail'] = $user->email; redirect('admin.php'); } } } include "header.php"; ?> <div class="section" id="loginForm"> <div class="container" > <div class="row"> <div class="col-md-12"> <h1 class="headerfont text-center">LOGIN HERE</h1> <form role="form" id="LoginForm" action="login.php" method="post" class="albDesc"> <div class="form-group"> <label class="control-label" for="exampleInputEmail1">Email address</label> <input class="form-control" id="exampleInputEmail1" placeholder="Enter email" type="email" name="email">
exit; } // If user doesn't grant the access, redirect to the login page if (isset($_GET['denied'])) { header("Location: " . SITE_URL . "login/?access_denied"); exit; } require 'config/consumer.php'; require 'config/login.php'; require 'Twitter/Twitter.php'; $twitter = new Twitter(CONSUMER_KEY, CONSUMER_SECRET, REDIRECT_URI); if ($twitter->IsAuthenticated()) { // Twitter user is authenticated and authorized // Login/Registration can be proceeded $twitter_user = $twitter->getUserProfile(); $loginHelper = new LoginHelper($db); $user_id = $loginHelper->IsRegistered(OAUTH_TWITTER, $twitter_user->id); if ($user_id) { // User is registered // TWITTER user needs to have their email verfieid if ($loginHelper->IsVerified($user_id)) { $redirect_uri = $loginHelper->Login($user_id, OAUTH_TWITTER, $twitter_user->id); header("Location: {$redirect_uri}"); } else { $not_verified = true; /* Keeping `access token` alive generates login URL with invalid Oauth token if user goes to `oauth\twitter\index.php` */ // TBD: clearTwitterCredentials if (isset($_SESSION['access_token'])) { unset($_SESSION['access_token']);
$user['username'] = $username; $user['institute'] = $institute; if (isset($location)) { $user['location'] = $location; } // Add user's record to the database $registrar = new Registrar($db); $id = $registrar->registerUser($user); if ($id) { // Delete tempUser record $db->where('id', $_SESSION['temp_user_id']); $db->delete('users_temp'); unset($_SESSION['registration_pending']); unset($_SESSION['temp_user_id']); // Now that the registration is complete, log in the user $loginHelper = new LoginHelper(); $loginHelper->Login($id, $user['oauth_type'], $user['oauth_id']); exit; // END OF SCRIPT // } } else { $registrar = new Registrar($db); echo $registrar->getHTML($error); // Get error HTML var_dump($error); exit; } } /* No any data POSTed but registration is pending - show Additional Information page */ if (isset($_SESSION['registration_pending'])) { require_once DOCUMENT_ROOT . 'classes/Registrar.php';
} } for ($i = 0; $i <= 1; ++$i) { if (!$kiosk_keys[$i]) { $key = hotcrp_random_password(); $kiosks[$key] = (object) array("update_at" => $Now, "show_papers" => !!$i); $kiosk_keys[$i] = $kchange = $key; } } // save kiosks if ($kchange) { $Conf->save_setting("__tracker_kiosk", 1, $kiosks); } } if ($Me->privChair && isset($_POST["signout_to_kiosk"]) && check_post()) { LoginHelper::logout(false); $Me->change_capability("tracker_kiosk", $kiosk_keys[@$_POST["buzzer_showpapers"] ? 1 : 0]); redirectSelf(); } function kiosk_lookup($key) { global $Conf, $Now; $kiosks = (array) ($Conf->setting_json("__tracker_kiosk") ?: array()); if (@$kiosks[$key] && $kiosks[$key]->update_at >= $Now - 604800) { return $kiosks[$key]; } return null; } $kiosk = null; if (!$Me->has_email() && !$Me->capability("tracker_kiosk") && ($key = Navigation::path_component(0)) && ($kiosk = kiosk_lookup($key))) { $Me->change_capability("tracker_kiosk", $key);
/** * Run any hooks registered for logins, then HTTP redirect to * $this->mReturnTo (or Main Page if that's undefined). Formerly we had a * nice message here, but that's really not as useful as just being sent to * wherever you logged in from. It should be clear that the action was * successful, given the lack of error messages plus the appearance of your * name in the upper right. * @param bool $direct True if the action was successful just now; false if that happened * pre-redirection (so this handler was called already) * @param StatusValue|null $extraMessages */ protected function successfulAction($direct = false, $extraMessages = null) { global $wgSecureLogin; $user = $this->targetUser ?: $this->getUser(); $session = $this->getRequest()->getSession(); if ($direct) { $user->touch(); $this->clearToken(); if ($user->requiresHTTPS()) { $this->mStickHTTPS = true; } $session->setForceHTTPS($wgSecureLogin && $this->mStickHTTPS); // If the user does not have a session cookie at this point, they probably need to // do something to their browser. if (!$this->hasSessionCookie()) { $this->mainLoginForm([], $session->getProvider()->whyNoSession()); // TODO something more specific? This used to use nocookieslogin return; } } # Run any hooks; display injected HTML if any, else redirect $injected_html = ''; Hooks::run('UserLoginComplete', [&$user, &$injected_html]); if ($injected_html !== '' || $extraMessages) { $this->showSuccessPage('success', $this->msg('loginsuccesstitle'), 'loginsuccess', $injected_html, $extraMessages); } else { $helper = new LoginHelper($this->getContext()); $helper->showReturnToPage('successredirect', $this->mReturnTo, $this->mReturnToQuery, $this->mStickHTTPS); } }
<?php require $_SERVER['DOCUMENT_ROOT'] . '/ts2/config/consts.php'; require DOCUMENT_ROOT . 'classes/LoginHelper.php'; session_start(); $loginHelper = new LoginHelper(); if ($loginHelper->IsLoggedIn()) { header('Location: ' . SITE_URL); exit; } $loginHelper->suppressRegistration(OAUTH_FACEBOOK); require 'config/app.php'; require 'config/login.php'; require 'Facebook/Facebook.php'; $facebook = new Facebook(APP_ID, APP_SECRET, REDIRECT_URI); $facebook->setScopes(unserialize(SCOPES)); $loginURL = $facebook->getLoginURL(); header("Location: {$loginURL}"); exit;
// LOACTION <<<< // >>>> EMAIL if (!preg_match('/^([\\w-\\.]+@([\\w-]+\\.)+[\\w-]{2,4})?$/', $email)) { $error['email'] = '<span>Email</span> must be in the form <em>someone@somewhere.tld</em>.'; } else { $loginHelper = new LoginHelper($db); if ($loginHelper->IsEmailRegistered($email)) { $error['email'] = '<span>Email</span> address is already registered.'; } } // EMAIL <<<< // >>>> USERNAME if (!preg_match('/^[a-z0-9_!@#$%^&*]{3,25}$/i', $username)) { $error['username'] = '******'; } else { $loginHelper = new LoginHelper($db); if (!$loginHelper->IsUsernameAvailable($username)) { $error['username'] = '******'; } } // USERNAME <<<< // >>>> PASSWORD if (strlen($password) < 6) { $error['password'] = '******'; } else { if ($password != $password2) { $error['password'] = '******'t match.'; } } // PASSWORD <<<< /* ----- VALIDATION */
<?php require 'config/consts.php'; $page = HOW_TO_PLAY; session_start(); require_once DOCUMENT_ROOT . 'classes/LoginHelper.php'; require_once DOCUMENT_ROOT . 'config/db.php'; /* Check if the user is logged in/Login the user if presence cookie is present */ $loginHelper = new LoginHelper($db); $loggedIn = $loginHelper->IsLoggedIn(); ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /> <link rel="shortcut icon" href="favicon.png" type="image/png"> <link rel="icon" href="<?php echo SSTATIC; ?> favicon.png" type="image/png"> <title>How to play Treasherlocked? - Treasherlocked 2.0</title> <meta name="description" content="Tutorial on how to play Treasherlocked." /> <meta name="keywords" content="how to play treasherlocked, how to play treasure hunt, treasherlocked tutorial" /> <link href="<?php echo SSTATIC; ?>
<?php require $_SERVER['DOCUMENT_ROOT'] . '/ts2/config/consts.php'; require DOCUMENT_ROOT . 'classes/LoginHelper.php'; session_start(); $loginHelper = new LoginHelper(); if ($loginHelper->IsLoggedIn()) { header('Location: ' . SITE_URL); exit; } $loginHelper->suppressRegistration(OAUTH_TWITTER); require 'config/consumer.php'; require 'config/login.php'; require 'Twitter/Twitter.php'; $twitter = new Twitter(CONSUMER_KEY, CONSUMER_SECRET, REDIRECT_URI); header("Location: " . $twitter->getLoginURL()); exit; /* $temp_credentials = $connection->getRequestToken( REDIRECT_URI ); $_SESSION['oauth_token'] = $token = $temp_credentials['oauth_token']; $_SESSION['oauth_token_secret'] = $temp_credentials['oauth_token_secret']; header( "Location: " . $connection->getAuthorizeURL($token) ); exit; */
/** * @deprecated since 1.27 - call LoginHelper::getValidErrorMessages instead. */ public static function getValidErrorMessages() { return LoginHelper::getValidErrorMessages(); }
require 'Facebook/Facebook.php'; require 'config/app.php'; require 'config/login.php'; $facebook = new Facebook(APP_ID, APP_SECRET, REDIRECT_URI); if ($facebook->IsAuthenticated()) { /* Verify that all of the required scopes have been granted */ if (!$facebook->verifyScopes(unserialize(SCOPES))) { //var_dump($facebook); exit; header("Location: " . $facebook->getLoginURL($facebook->denied_scopes, REREQUEST)); exit; } // All scopes have been granted // Login/Registration can be proceeded $fb_user = $facebook->getUserProfile(); // Check if the facebook user is already registered $loginHelper = new LoginHelper($db); $user_id = $loginHelper->IsRegistered(OAUTH_FACEBOOK, $fb_user['id']); if ($user_id) { // Facebook user is already registered - Login the user $redirect_uri = $loginHelper->Login($user_id, OAUTH_FACEBOOK, $fb_user['id']); header("Location: {$redirect_uri}"); exit; } else { // User is not registered - Register the user // Check if the email is already registered if (isset($fb_user['email'])) { $registeredUser = $loginHelper->IsEmailRegistered($fb_user['email']); if ($registeredUser) { // Email is already registered $redirect_uri = $loginHelper->Login($registeredUser['id'], $registeredUser['oauth_type'], $registeredUser['oauth_id']); header("Location: {$redirect_uri}");
<?php require 'config/consts.php'; $page = NON_NAV; session_start(); require_once DOCUMENT_ROOT . 'classes/LoginHelper.php'; require_once DOCUMENT_ROOT . 'config/db.php'; $loginHelper = new LoginHelper($db); if ($loginHelper->IsLoggedIn()) { header('Location: ' . SITE_URL); exit; } /* Prevent form spoofing */ $spoof_proof = sha1(time() . chr(mt_rand(97, 122))); $_SESSION['spoof_proof'] = $spoof_proof; ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /> <link rel="shortcut icon" href="<?php echo SSTATIC; ?> favicon.png" type="image/png"> <link rel="icon" href="<?php echo SSTATIC; ?> favicon.png" type="image/png">
$db->where('id', $_SESSION['temp_user_id']); $db->delete('users_temp'); unset($_SESSION['registration_pending']); unset($_SESSION['temp_user_id']); unset($_SESSION['spoof_proof']); /* If email has been manually provided, it needs to be verified. */ if (isset($email)) { $registrar->sendVerificationEmail($id, $user['email']); // Show verification page link $result = array('success' => true, 'verify' => true); header('Content-Type: application/json'); echo json_encode($result); exit; } // Now that the registration is complete, login the user $loginHelper = new LoginHelper(); $redirect_uri = $loginHelper->Login($id, $user['oauth_type'], $user['oauth_id']); // Return the success information $result = array('success' => true, 'redirect_uri' => $redirect_uri); header('Content-Type: application/json'); echo json_encode($result); exit; } else { $result = array('success' => false, 'error' => 'Unexpected error!'); header('Content-Type: application/json'); echo json_encode($result); exit; } } else { $result = array('success' => false, 'error' => implode("<br/>", $error)); header('Content-Type: application/json');