예제 #1
0
 /**
  * Require a user to be logged in. Redirects to /login if a session is not found.
  * @param  int $rank
  * @return int|bool
  */
 protected function _requireLogin($rank = \Model\User::RANK_CLIENT)
 {
     $f3 = \Base::instance();
     if ($id = $f3->get("user.id")) {
         if ($f3->get("user.rank") >= $rank) {
             return $id;
         } else {
             $f3->error(403);
             $f3->unload();
             return false;
         }
     } else {
         if ($f3->get("site.demo") && is_numeric($f3->get("site.demo"))) {
             $user = new \Model\User();
             $user->load($f3->get("site.demo"));
             if ($user->id) {
                 $session = new \Model\Session($user->id);
                 $session->setCurrent();
                 $f3->reroute("/");
                 return;
             } else {
                 $f3->set("error", "Auto-login failed, demo user was not found.");
             }
         }
         if (empty($_GET)) {
             $f3->reroute("/login?to=" . urlencode($f3->get("PATH")));
         } else {
             $f3->reroute("/login?to=" . urlencode($f3->get("PATH")) . urlencode("?" . http_build_query($_GET)));
         }
         $f3->unload();
         return false;
     }
 }
예제 #2
0
 public function registerpost($f3)
 {
     // Exit immediately if public registrations are disabled
     if (!$f3->get("site.public_registration")) {
         $f3->error(400);
         return;
     }
     $errors = array();
     $user = new \Model\User();
     // Check for existing users
     $user->load(array("email=?", $f3->get("POST.register-email")));
     if ($user->id) {
         $user->reset();
         $errors[] = "A user already exists with this email address.";
     }
     $user->load(array("username=?", $f3->get("POST.register-username")));
     if ($user->id) {
         $user->reset();
         $errors[] = "A user already exists with this username.";
     }
     // Validate user data
     if (!$f3->get("POST.register-name")) {
         $errors[] = "Name is required";
     }
     if (!preg_match("/^[0-9a-z]{4,}\$/i", $f3->get("POST.register-username"))) {
         $errors[] = "Usernames must be at least 4 characters and can only contain letters and numbers.";
     }
     if (!filter_var($f3->get("POST.register-email"), FILTER_VALIDATE_EMAIL)) {
         $errors[] = "A valid email address is required.";
     }
     if (strlen($f3->get("POST.register-password")) < 6) {
         $errors[] = "Password must be at least 6 characters.";
     }
     // Show errors or create new user
     if ($errors) {
         $f3->set("register.error", implode("<br>", $errors));
         $this->_render("index/login.html");
     } else {
         $user->reset();
         $user->username = trim($f3->get("POST.register-username"));
         $user->email = trim($f3->get("POST.register-email"));
         $user->name = trim($f3->get("POST.register-name"));
         $security = \Helper\Security::instance();
         extract($security->hash($f3->get("POST.register-password")));
         $user->password = $hash;
         $user->salt = $salt;
         $user->task_color = sprintf("#%02X%02X%02X", mt_rand(0, 0xff), mt_rand(0, 0xff), mt_rand(0, 0xff));
         $user->save();
         // Create a session and use it
         $session = new \Model\Session($user->id);
         $session->setCurrent();
         $f3->reroute("/");
     }
 }