private function validatePassword($pwd, $pwdRepeat)
{
if (empty($pwd)) {
$this->registrationError['noLoginPwd'] = 1;
}
if (empty($pwdRepeat)) {
$this->registrationError['noLoginPwdRepeat'] = 1;
}
if (strlen($pwd) < 6) {
$this->registrationError['pwdTooShort'] = 1;
}
if ($this->registrationError['noLoginPwd'] == 0 && $this->registrationError['noLoginPwdRepeat'] == 0) {
if ($pwd != $pwdRepeat) {
$this->registrationError['pwdNotPwdRepeat'] = 1;
}
}
if ($this->registrationError['noLoginPwd'] == 0 && $this->registrationError['noLoginPwdRepeat'] == 0 && $this->registrationError['pwdTooShort'] == 0 && $this->registrationError['pwdNotPwdRepeat'] == 0) {
$this->password = miscellaneous::hasher($pwd);
}
}
private function validatePassword($password)
{
if (empty($password)) {
$this->setAccountError('noLoginPwd');
} else {
$db = db::getInstance();
$stmt = $db->prepare('SELECT
tblUserAccount_pwd
FROM
tblUserAccount
WHERE
tblUserAccount_accId = lower(:aid)');
$stmt->bind_param('aid', $this->accountID);
$stmt->execute();
$savedPwd = $stmt->fetch_assoc();
if ($password != miscellaneous::hasher($password, $savedPwd['tblUserAccount_pwd'])) {
$this->setAccountError('loginPwdWrong');
} else {
return true;
}
}
}
$smarty->assign('content', 'account_login.tpl');
if (isset($_POST) && isset($_POST['submit'])) {
if ($account->loginUser($_POST) == false) {
$smarty->assign('accountError', $account->getAccountError());
$smarty->assign('content', 'account_login.tpl');
} else {
#die(var_dump($_POST));
$_SESSION['account']['accountID'] = serialize($account->getAccountID());
$_SESSION['account']['loginName'] = serialize($account->getLoginName());
$_SESSION['account']['group'] = serialize($account->getGroup());
$_SESSION['account']['checksum'] = serialize(\eCMS\Misc\miscellaneous::hasher(unserialize($_SESSION['account']['accountID']) . unserialize($_SESSION['account']['loginName'])));
if (isset($_POST['stayLoggedIn'])) {
setcookie('gerki[accountID]', serialize($account->getAccountID()), time() + 60 * 60 * 24 * 30);
setcookie('gerki[loginName]', serialize($account->getLoginName()), time() + 60 * 60 * 24 * 30);
setcookie('gerki[group]', serialize($account->getGroup()), time() + 60 * 60 * 24 * 30);
$checksum = \eCMS\Misc\miscellaneous::hasher(unserialize($_SESSION['account']['accountID']) . unserialize($_SESSION['account']['loginName']));
setcookie('gerki[checksum]', serialize($checksum), time() + 60 * 60 * 24 * 30);
\eCMS\Account\Account::saveChecksum($checksum, $account->getAccountID(), $account->getLoginName());
}
header("Location: ?module=news");
}
$_POST = '';
}
$smarty->assign('account', $account);
}
if (isset($_GET['action']) && $_GET['action'] == 'logout') {
$_SESSION = array();
unset($_SESSION['account']);
session_destroy();
setcookie('gerki[accountID]', '', time() - 1);
setcookie('gerki[loginName]', '', time() - 1);
/** Check SESSION and COOKIE for manipulation */
if (isset($_SESSION['account']) || isset($_COOKIE['gerki'])) {
if (isset($_SESSION['account'])) {
if (unserialize($_SESSION['account']['checksum']) != \eCMS\Misc\miscellaneous::hasher(unserialize($_SESSION['account']['accountID']) . unserialize($_SESSION['account']['loginName']), unserialize($_SESSION['account']['checksum']))) {
$_SESSION = array();
unset($_SESSION['account']);
session_destroy();
setcookie('gerki[accountID]', '', time() - 1);
setcookie('gerki[loginName]', '', time() - 1);
setcookie('gerki[group]', '', time() - 1);
setcookie('gerki[checksum]', '', time() - 1);
$_COOKIE['gerki'] = '';
unset($_COOKIE['gerki']);
}
}
if (isset($_COOKIE['gerki'])) {
if (unserialize($_COOKIE['gerki']['checksum']) != \eCMS\Misc\miscellaneous::hasher(unserialize($_COOKIE['gerki']['accountID']) . unserialize($_COOKIE['gerki']['loginName']), unserialize($_COOKIE['gerki']['checksum']))) {
$_SESSION = array();
unset($_SESSION['account']);
session_destroy();
setcookie('gerki[accountID]', '', time() - 1);
setcookie('gerki[loginName]', '', time() - 1);
setcookie('gerki[group]', '', time() - 1);
setcookie('gerki[checksum]', '', time() - 1);
$_COOKIE['gerki'] = '';
unset($_COOKIE['gerki']);
}
}
}
$country = array('Abchasien', 'Afghanistan', 'Ägypten', 'Albanien', 'Algerien', 'Andorra', 'Angola', 'Antigua und Barbuda', 'Äquatorialguinea', 'Argentinien', 'Armenien', 'Aserbaidschan', 'Äthiopien', 'Australien', 'Bahamas', 'Bahrain', 'Bangladesch', 'Barbados', 'Belarus', 'Belgien', 'Belize', 'Benin', 'Bergkarabach', 'Bhutan', 'Bolivien', 'Bosnien und Herzegowina', 'Botswana', 'Brasilien', 'Brunei', 'Bulgarien', 'Burkina Faso', 'Burundi', 'Chile', 'Volksrepublik China', 'Cookinseln', 'Costa Rica', 'Dänemark', 'Deutschland', 'Dominica', 'Dominikanische Republik', 'Dschibuti', 'Ecuador', 'El Salvador', 'Elfenbeinküste', 'Eritrea', 'Estland', 'Fidschi', 'Finnland', 'Frankreich', 'Gabun', 'Gambia', 'Georgien', 'Ghana', 'Grenada', 'Griechenland', 'Guatemala', 'Guinea', 'Guinea-Bissau', 'Guyana', 'Haiti', 'Honduras', 'Indien', 'Indonesien', 'Irak', 'Iran', 'Irland', 'Island', 'Israel', 'Italien', 'Jamaika', 'Japan', 'Jemen', 'Jordanien', 'Kambodscha', 'Kamerun', 'Kanada', 'Kap Verde', 'Kasachstan', 'Katar', 'Kenia', 'Kirgisistan', 'Kiribati', 'Kolumbien', 'Komoren', 'Kongo, Demokratische Republik', 'Kongo, Republik', 'Niederlande', 'Korea, Nord', 'Korea, Süd', 'Kosovo', 'Kroatien', 'Kuba', 'Kuwait', 'Laos', 'Lesotho', 'Lettland', 'Libanon', 'Liberia', 'Libyen', 'Liechtenstein', 'Litauen', 'Luxemburg', 'Madagaskar', 'Malawi', 'Malaysia', 'Malediven', 'Mali', 'Malta', 'Marokko', 'Marshallinseln', 'Mauretanien', 'Mauritius', 'Mazedonien', 'Mexiko', 'Mikronesien', 'Moldawien', 'Monaco', 'Mongolei', 'Montenegro', 'Mosambik', 'Myanmar', 'Namibia', 'Nauru', 'Nepal', 'Neuseeland', 'Nicaragua', 'Niger', 'Nigeria', 'Niue', 'Nordzypern', 'Norwegen', 'Oman', 'Österreich', 'Osttimor / Timor-Leste', 'Pakistan', 'Palästina', 'Palau', 'Panama', 'Papua-Neuguinea', 'Paraguay', 'Peru', 'Philippinen', 'Polen', 'Portugal', 'Ruanda', 'Rumänien', 'Russland', 'Salomonen', 'Sambia', 'Samoa', 'San Marino', 'São Tomé und Príncipe', 'Saudi-Arabien', 'Schweden', 'Schweiz', 'Senegal', 'Serbien', 'Seychellen', 'Sierra Leone', 'Simbabwe', 'Singapur', 'Slowakei', 'Slowenien', 'Somalia', 'Somaliland', 'Spanien', 'Sri Lanka', 'St. Kitts und Nevis', 'St. Lucia', 'St. Vincent und die Grenadinen', 'Südafrika', 'Sudan', 'Südossetien', 'Südsudan', 'Suriname', 'Swasiland', 'Syrien', 'Tadschikistan', 'Taiwan', 'Tansania', 'Thailand', 'Togo', 'Tonga', 'Transnistrien', 'Trinidad und Tobago', 'Tschad', 'Tschechien', 'Tunesien', 'Türkei', 'Turkmenistan', 'Tuvalu', 'Uganda', 'Ukraine', 'Ungarn', 'Uruguay', 'Usbekistan', 'Vanuatu', 'Vatikanstadt', 'Venezuela', 'Vereinigte Arabische Emirate', 'Vereinigte Staaten', 'Vereinigtes Königreich', 'Vietnam', 'Westsahara', 'Zentralafrikanische Republik', 'Zypern');
$smarty->assign('country', $country);