public function postProcess() { parent::postProcess(); // Déconnexion if (Tools::getIsset('logout')) { Auth::disconnect(); Flash::add('Vous êtes bien déconnécté'); Tools::redirect($this->context->link->getPageLink('auth')); } elseif (Tools::isSubmit('submitLogin')) { $user = (new User())->getByEmail(Tools::getValue('username'), Tools::getValue('password')); if (!Validate::isLoadedObject($user)) { $this->errors[] = 'Identifiant ou mot de passe incorrect'; } else { Auth::setUser($user); Tools::redirect($this->context->link->getPageLink('comments')); } } elseif (Tools::isSubmit('submitSubscribe')) { /** * - Vérification des champs * - Verification non-existant * - Inscription * - Login */ if (!Validate::isEmail($email = Tools::getValue('username'))) { return $this->errors[] = 'Veuillez saisir une adresse e-mail correcte'; } if (!Validate::isPasswd($password = Tools::getValue('password'))) { /// @todo être plus spécifique sur les règles de mot de passes valides return $this->errors[] = 'Veuillez saisir un mot de passe correct'; } $user = new User(); if (Validate::isLoadedObject($user->getByEmail($email))) { $this->errors[] = 'Un compte avec cet identifiant existe déjà'; } else { $user->login = $email; $user->password = Tools::encrypt($password); if (!$user->save()) { $this->errors[] = 'Impossible de vous enregistrer, veuillez réessayer ultérieurement (' . Db::getInstance()->getMsgError() . ')'; } else { Auth::setUser($user); Flash::success('Bienvenue! Votre compte a bien été créé'); Tools::redirect($this->context->link->getPageLink('comments')); } } } elseif (Auth::getUser()) { Tools::redirect($this->context->link->getPageLink('comments')); } }
public function displayMain() { global $smarty, $link, $cookie; if ($cookie->logged) { Tools::redirect($link->getPage('MyaccountView')); } if (Tools::isSubmit('loginSubmit')) { if (Tools::getRequest('email') && Tools::getRequest('passwd')) { $user = new User(); if ($user->getByEmail(Tools::getRequest('email'), Tools::getRequest('passwd'))) { $user->logined(); if (Tools::G("step") == 2) { Tools::redirect($link->getPage('CheckoutView')); } else { Tools::redirect($link->getPage('MyaccountView')); } } else { $smarty->assign('errors', $user->_errors); } } else { $smarty->assign('errors', 'invalid email password combination'); } } return $smarty->fetch('login.tpl'); }
public function displayMain() { global $smarty, $link; $errors = array(); $step = 1; $isExp = false; if (Tools::getRequest('reset') == 'passwd') { $step = 2; } if ($step == 1 && Tools::isSubmit('ResetPassword')) { $user = new User(); $user->getByEmail(Tools::getRequest('email')); if (Validate::isLoadedObject($user)) { $md5_key = md5(_COOKIE_KEY_ . $user->email . $user->passwd . $user->upd_date); $subject = 'Reset your password in' . Configuration::get('TM_SHOP_DOMAIN'); $vars = array('{name}' => $user->first_name . ' ' . $user->last_name, '{subject}' => $subject, '{link}' => $link->getPage('PasswordView') . '?reset=passwd&id_user='******'&key=' . $md5_key); if (Mail::Send('passwd', $subject, $vars, $user->email)) { $step = 4; } else { $errors[] = 'Send mail fail! Pless try agen!'; } } else { $errors[] = 'The email don\'t exists!'; } } elseif ($step == 2) { $sign = Tools::getRequest('key'); $id_user = Tools::getRequest('id_user'); $user = new User($id_user); if (Validate::isLoadedObject($user)) { $md5_key = md5(_COOKIE_KEY_ . $user->email . $user->passwd . $user->upd_date); if ($md5_key == $sign) { if (Tools::isSubmit('confrimPassword')) { $user->copyFromPost(); if (Validate::isPasswd(Tools::getRequest('passwd')) && $user->update()) { $step = 3; } else { $errors[] = 'This passwd is incorrect'; } } } else { $isExp = true; $errors[] = 'This link has expired!'; } } else { $isExp = true; $errors[] = 'The customer don\'t exists!'; } } $smarty->assign(array('step' => $step, 'isExp' => $isExp, 'errors' => $errors)); return $smarty->fetch('password.tpl'); }
public function executeForgot($request) { $this->form = new ForgotForm(); if ($this->getRequest()->getMethod() == sfRequest::POST) { $this->form->bind($request->getParameter('user')); if ($this->form->isValid()) { $values = $this->form->getValues(); $user = User::getByEmail($values['name'], $values['email']); if ($user) { $user->sendForgotPasswordEmail(); } } $this->redirect('/user/login'); } }
<?php session_start(); include_once 'definition.php'; $User = new User(); $us = $User->getByEmail($_POST['email']); if (count($us) > 0) { $user_id = $us[0][0]; $username = $us[0][1]; $chain = $user_id . $username . rand(1, 9999999) . date('Y-m-d'); $sha_user_id = sha1($user_id); $token = sha1($chain); $res = $User->addToReset($sha_user_id, $token); if ($res) { $link = $_SERVER["SERVER_NAME"] . '/recoverpassword.php?id=' . $sha_user_id . '&tk=' . $token; //echo 'true'; echo $link; } } else { echo 'false'; }
$u = User::CheckUser($_REQUEST['email'], $_REQUEST['password']); $fp->log($u); if ($u) { MyAuth::setLoginAuthenticate($u['uid']); header("Location: {$appAfterLoginUrl}"); die; } else { echo '<span class="error_message">Login not valid!</span>'; } } else { //signup $fp->log("Signup!"); if (!User::RegisterUser($_REQUEST['first_name'], $_REQUEST['last_name'], $_REQUEST['email'], $_REQUEST['password'], $_REQUEST['gender'])) { echo '<span class="error_message">Probaly the email has been already used! Plase try wih a different one</span>'; } else { $u = User::getByEmail($_REQUEST['email']); MyAuth::setLoginAuthenticate($u['uid']); header("Location: {$appAfterLoginUrl}"); die; } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <meta http-equiv="Content-Style-Type" content="text/css"> <meta http-equiv="Content-Script-Type" content="text/javascript"> <link rel="stylesheet" type="text/css" href="static/css/main.css<?php
} else { system\Helper::arcAddMessage("danger", "Password and retyped password do not match"); return; } } $user->firstname = ucwords(strtolower($_POST["firstname"])); if (empty($_POST["firstname"])) { system\Helper::arcAddMessage("danger", "Firstname cannot be empty"); return; } $user->lastname = ucwords(strtolower($_POST["lastname"])); if (empty($_POST["lastname"])) { system\Helper::arcAddMessage("danger", "Lastname cannot be empty"); return; } $test = User::getByEmail($_POST["email"]); if ($user->id == 0 && $test->id != 0) { system\Helper::arcAddMessage("danger", "User already exists with this email address"); return; } if ($user->id == 0 && empty($_POST["password"])) { system\Helper::arcAddMessage("danger", "New users must have a password"); return; } if (!empty($_POST["company"])) { $comp = Company::getByName(ucwords($_POST["company"])); if ($comp->id == 0) { $comp = new Company(); $comp->name = ucwords($_POST["company"]); $comp->update(); }
echo "<p>Group created</p>"; // go through all the members and see if they match existing users if so add them to the group // show results back to user so they know who has/hasn't already got an account $memberArr = split(',', trim($members)); if (trim($members) != "" && sizeof($memberArr) > 0) { echo "<ul>"; foreach ($memberArr as $member) { $member = trim($member); //check valid email address if (!validEmail($member)) { echo "<li>" . $member . " is not a valid email address</li>"; } else { //find out if existing user $u = new User(); $u->setEmail($member); $user = $u->getByEmail(); if ($user instanceof User) { //user already exists in db addGroupMember($group->groupid, $user->userid); echo "<li>" . $member . " " . $LNG->GROUP_FORM_IS_MEMBER . "</li>"; } else { //user doesn't exist so create user and send them an invite code $newU = new User(); $names = split('@', $member); $newU->add($member, $names[0], "", "", 'N', $CFG->AUTH_TYPE_EVHUB, "", "", ""); $newU->setInvitationCode(); addGroupMember($group->groupid, $newU->userid); echo "<li>" . $member . " " . $LNG->GROUP_FORM_NOT_MEMBER . "</li>"; } } }
$user->update(); Log::createLog("warning", "ldap", "LDAP user created: " . $_POST["email"]); $ad = new SystemSetting(); $ad->key = "ARC_USER_AD"; $ad->value = true; $ad->userid = $user->id; $ad->update(); doLogin($user); return; } } else { Log::createLog("danger", "ldap", "LDAP lookup failed."); } } // end ldap $user = \User::getByEmail($_POST["email"]); if ($user->verifyPassword($_POST["password"])) { if ($user->enabled) { doLogin($user); return; } else { system\Helper::arcAddMessage("danger", "Account disabled"); Log::createLog("danger", "user", "Attempt to access disabled account: " . $_POST["email"]); return; } } system\Helper::arcAddMessage("danger", "Invalid username and/or password"); Log::createLog("warning", "user", "Incorrect password: "******"email"]); } else { return system\Helper::arcAddFooter("js", system\Helper::arcGetModulePath() . "js/login.js"); }
function login() { // login.. checks if session already set.. $results = array(); $results['pageTitle'] = "Home | Dating website"; if (!isset($_SESSION['email'])) { if (isset($_POST['email'])) { $email = $_POST['email']; $password = $_POST['password']; $passwordHash = Password::hash($password); //echo $passwordHash; if ($user = User::getByEmail($email)) { if ($passwordHash == $user->password) { if ($user->verification == "verified") { $_SESSION['email'] = $email; $_SESSION['userId'] = $user->id; header("Location: ../search.php"); // if its a verified account goes to home } elseif ($user->verification == "notVerified") { $results['errorMessage'] = "Account not activated please wait"; $_SESSION['email'] = $email; $_SESSION['userId'] = $user->id; header("Location: ../search.php"); // if account not verif goes to login form } else { $results['errorMessage'] = "Information provided is not valid"; header("Location: ../index.php"); } } else { $results['errorMessage'] = "Username and password do not match."; header("Location: ../index.php"); } } else { $results['errorMessage'] = "Username not found, please register first."; require TEMPLATE_PATH . "/index.php"; } } else { header("Location: ../index.php"); } } else { $user = User::getByEmail($_SESSION['email']); header("Location: ../search.php"); //temporary until logout is created .. login form musn't be accessible.. looks unproffes... login form is hidden when session is on. } }
} } else { $message = 'Please provide your email address.'; } } else { $message = 'Please provide your email address.'; } } else { if (REQMETHOD == 'GET') { if (isset($_GET['email']) || isset($_GET['key'])) { $email = trim(urldecode($_GET['email'])); $key = trim(urldecode($_GET['key'])); if (strlen($email) > 0 && strlen($key) > 0) { try { $email = strtolower($email); $user = User::getByEmail($email); if (!$user->isVerified()) { $user->verifyUserEmail($key); } $verifyiserror = false; } catch (Exception $e) { trigger_error($e->getMessage(), E_USER_WARNING); $message = 'Cannot verify email.'; } } else { $message = 'Cannot verify email.'; } } } else { header("Location: index"); exit;
<?php $id = Url::getParam('id'); if (!empty($id)) { $objUser = new User(); $user = $objUser->getUser($id); if (!empty($user)) { $objForm = new Form(); $objValid = new Validation($objForm); if ($objForm->isPost('first_name')) { $objValid->_expected = array('first_name', 'last_name', 'address_1', 'address_2', 'town', 'county', 'post_code', 'country', 'email'); $objValid->_required = array('first_name', 'last_name', 'address_1', 'town', 'county', 'post_code', 'country', 'email'); $objValid->_special = array('email' => 'email'); $email = $objForm->getPost('email'); $duplicate = $objUser->getByEmail($email); if (!empty($duplicate) && $duplicate['id'] != $user['id']) { $objValid->add2Errors('email_duplicate'); } if ($objValid->isValid()) { if ($objUser->updateUser($objValid->_post, $user['id'])) { Helper::redirect('/admin' . Url::getCurrentUrl(array('action', 'id')) . '&action=edited'); } else { Helper::redirect('/admin' . Url::getCurrentUrl(array('action', 'id')) . '&action=edited-failed'); } } } require_once 'template/_header.php'; ?> <h1>Clients :: Edit</h1>
/** * resend confirmation email * @param string $email * @return int */ public function resend($email) { if (empty($email)) { return array(false, self::ERROR_INVALID_EMAIL_OR_PSWD); } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { return array(false, self::ERROR_INVALID_EMAIL_OR_PSWD); } $user = new User($this->db, $this->logger); if (!$user->getByEmail($email)) { return array(false, self::ERROR_DOES_NOT_EXIST); } if ($user->status != User::STATUS_UNVERIFIED) { return self::ERROR_ALREADY_VERIFIED; } $vcode = new VerificationCode($this->db, $this->logger); if (!$vcode->getByUserId($user->id)) { return array(false, self::ERROR_DOES_NOT_EXIST); } // update the code and send it $vcode->code = bin2hex(openssl_random_pseudo_bytes(32)); if ($vcode->save()) { return array(false, self::ERROR_INTERNAL_ERROR); } $this->sendVerificationEmail($user->id, $email, $vcode->code, $email); return array(true, $vcode->code); }
<?php fSession::open(); $id_role = fRequest::get('id_role', 'integer'); $email = fRequest::encode('email', 'string'); if (empty($email)) { exit; } $arr = array(); if (fAuthorization::checkAuthLevel('super')) { if (empty($id_role)) { $users = User::getByEmailSup($email); } else { $users = User::getByRoleAndEmailSup($id_role, $email); } } else { if (empty($id_role)) { $users = User::getByEmail($email, fSession::get('regs')); } else { $users = User::getByRoleAndEmail($id_role, $email, fSession::get('regs')); } } if (!empty($users)) { foreach ($users as $user) { $arr[] = array('id_user' => $user->getIdUser(), 'email' => $user->getEmail()); } } echo json_encode($arr);
} // registration form if ($objForm->isPost('first_name')) { $objValid->_expected = array('first_name', 'last_name', 'address_1', 'address_2', 'town', 'county', 'post_code', 'country', 'email', 'password', 'confirm_password'); $objValid->_required = array('first_name', 'last_name', 'address_1', 'town', 'county', 'post_code', 'country', 'email', 'password', 'confirm_password'); $objValid->_special = array('email' => 'email'); $objValid->_post_remove = array('confirm_password'); $objValid->_post_format = array('password' => 'password'); // validate password $pass_1 = $objForm->getPost('password'); $pass_2 = $objForm->getPost('confirm_password'); if (!empty($pass_1) && !empty($pass_2) && $pass_1 != $pass_2) { $objValid->add2Errors('password_mismatch'); } $email = $objForm->getPost('email'); $user = $objUser->getByEmail($email); if (!empty($user)) { $objValid->add2Errors('email_duplicate'); } if ($objValid->isValid()) { // add hash for activating account $objValid->_post['hash'] = mt_rand() . date('YmdHis') . mt_rand(); // add registration date $objValid->_post['date'] = Helper::setDate(); if ($objUser->addUser($objValid->_post, $objForm->getPost('password'))) { $_SESSION['link'] = $_POST['link']; Helper::redirect('/start/?page=registered'); } else { Helper::redirect('/start/?page=registered-failed'); } }
'forgotpass-email' => FILTER_VALIDATE_EMAIL, 'forgotpass-submit' => FILTER_VALIDATE_STRING, ); $filtered = filter_input_array(INPUT_POST, $filters); try { if ($filtered['forgotpass-submit']) { $email = $filtered['forgotpass-email']; $password = getPassword(); if (!$email or !verifyEmail($email)) { throw new Exception('Invalid Email address'); } $user = new User(); $user->getByEmail($email); if ($user->id and $user->active != 4) { // good, they exist. $user->password = md5($password); $user->active = 3; $user->save(); if (!doEmail($user->username, $password, $user->email)) { throw new Exception('Could not send the activation email. Please contact an admin on the forum, or by email'); } header('Location: index.php?e=6'); exit; } else {
<?php if (system\Helper::arcIsAjaxRequest()) { $user = User::getByEmail($_POST["emailf"]); // valid user if ($user->id > 0) { $password = md5(uniqid($user->email, true)); $user->setPassword($password); $user->update(); $messageS = SystemSetting::getByKey("ARC_PASSWORD_RESET_MESSAGE"); $message = html_entity_decode($messageS->value); $message = str_replace("{password}", $password, $message); $mail = new Mail(); $mail->Send($user->email, "Password Reset Request", $message, true); system\Helper::arcAddMessage("success", "Password reset, please check your email."); Log::createLog("warning", "user", "Password reset request '" . $_POST["emailf"] . "'."); } else { system\Helper::arcAddMessage("danger", "Email address is not registered"); Log::createLog("danger", "user", "Request to reset unknown email address '" . $_POST["emailf"] . "'."); } }
/** * Display and treat the form to reset the user's password */ public function resetPassword() { $form = new Form(array('id' => 'reset-password-form', 'fieldsets' => array('form' => array(new TextInput(array('name' => 'code', 'required' => true, 'label' => Lang::get($this->_plugin . '.reset-pwd-form-code-label'))), new PasswordInput(array('name' => 'password', 'required' => true, 'label' => Lang::get($this->_plugin . '.reset-pwd-form-password-label'), 'encrypt' => array('\\Hawk\\Crypto', 'saltHash'))), new PasswordInput(array('name' => 'confirmation', 'required' => true, 'compare' => 'password', 'label' => Lang::get($this->_plugin . '.reset-pwd-form-confirmation-label')))), 'submits' => array(new SubmitInput(array('name' => 'valid', 'label' => Lang::get($this->_plugin . '.valid-button'))), new ButtonInput(array('name' => 'cancel', 'label' => Lang::get($this->_plugin . '.cancel-button'), 'href' => App::router()->getUri('login'), 'target' => 'dialog')))), 'onsuccess' => 'app.dialog(app.getUri("login"));')); if (!$form->submitted()) { return Dialogbox::make(array('title' => Lang::get($this->_plugin . '.reset-pwd-form-title'), 'icon' => 'lock-alt', 'page' => $form)); } else { if ($form->check()) { // Check the verficiation code if ($form->getData('code') !== Crypto::aes256Decode(App::session()->getData('forgottenPassword.code'))) { $form->error('code', Lang::get($this->_plugin . '.reset-pwd-form-bad-verification-code')); return $form->response(Form::STATUS_CHECK_ERROR); } try { $user = User::getByEmail(App::session()->getData('forgottenPassword.email')); if ($user) { $user->set('password', $form->inputs['password']->dbvalue()); $user->save(); } else { return $form->response(Form::STATUS_ERROR, App::session()->getData('forgottenPassword.email')); } return $form->response(Form::STATUS_SUCCESS, Lang::get($this->_plugin . '.reset-pwd-form-success')); } catch (\Exception $e) { return $form->response(Form::STATUS_ERROR, Lang::get($this->_plugin . '.reset-pwd-form-error')); } } } }