public function login() { if (Session::get('loggedin')) { Url::redirect('admin'); } $model = new \Models\Admin\Auth(); $data['title'] = 'Login'; if (isset($_POST['submit'])) { $username = $_POST['member_username']; $password = $_POST['member_password']; if (Password::verify($_POST['member_password'], $model->getHash($_POST['member_username'])) == 0) { $error[] = 'Wrong username of password'; } else { $data['user_infos'] = $model->get_user_infos($_POST['member_username']); Session::set('member_id', $data['user_infos'][0]->member_id); Session::set('member_username', $username); Session::set('member_password', '' . $password . ''); Session::set('loggedin', true); Url::redirect('admin'); } } View::renderadmintemplate('loginheader', $data); View::render('admin/login', $data, $error); View::renderadmintemplate('footer', $data); }
public function change_password() { //Sanitize Data using Gump helper $_POST = Gump::sanitize($_POST); if (isset($_POST['password'])) { //Validate data using Gump $is_valid = Gump::is_valid($_POST, array('current_password' => 'required', 'password' => 'required', 'password-again' => 'required')); if ($is_valid === true) { $user = $this->userSQL->find(Session::get('id')); if (Password::verify($_POST['current_password'], $user->password) === true) { if ($_POST['password'] != $_POST['password-again']) { $error[] = 'Les deux mots de passe ne sont pas identiques'; } } else { $error[] = 'mot de passe courant incorrect'; } } else { // $is_valid holds an array for the errors. $error = $is_valid; } if (!$error) { $user->password = Password::make($_POST['password']); $this->entityManager->save($user); Session::set('message', 'Votre mot de passe a bien été mis à jour'); Url::redirect(); } } $data['title'] = 'Change Password'; View::rendertemplate('header', $data); View::render('user/modification', $data, $error); View::rendertemplate('footer', $data); }
public function connexion() { $user = $this->userSQL->prepareFindByLogin($_POST['login']); if ($user == false || Password::verify($_POST['password'], $user->motdepasse) == false) { // changer le render pour un url::redirect mais ajouter un message dans la session de mauvaise donnée $data['erreurCo'] = "Mauvaise données"; $data['title'] = "Connexion"; View::renderTemplate('header', $data); View::render('connexion/connexion', $data); View::renderTemplate('footer', $data); exit; } else { // $is_valid holds an array for the errors. $error = false; } if (!$error) { Session::set('loggedin', true); Session::set('id', $user->getId()); Session::set('mail', $user->email); Session::set('login', $user->pseudo); Session::set('level', $user->currentLvl); $user->cookie = rand(0, 64); setcookie("remember", $user->cookie, time() + 3600 * 31 * 24, DIR); Session::set('message', "Bienvenue {$user->pseudo}"); Session::set('message_type', 'alert-success'); } Url::redirect(); }
public function login() { Hooks::addHook('js', 'Controllers\\auth@js'); Hooks::addHook('css', 'Controllers\\auth@css'); $error = 'hi'; $success = 'hi'; if (Session::get('loggedin')) { Url::redirect(); } if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; //validation if (Password::verify($password, $this->_model->getHash($username)) == false) { $error[] = 'Wrong username or password'; } //if validation has passed carry on if (!$error) { Session::set('loggedin', true); Session::set('username', $username); Session::set('memberID', $this->_model->getID($username)); $data = array('lastLogin' => date('Y-m-d G:i:s')); $where = array('memberID' => $this->_model->getID($username)); $this->_model->update($data, $where); $error = 'hi'; Url::redirect(); } } $data['title'] = 'Login'; View::rendertemplate('header', $data); View::render('auth/login', $data, $error, $success); View::rendertemplate('footer', $data); }
public function login() { if (Session::get('loggedin')) { Url::redirect('admin-panel'); } $data['title'] = 'Login'; if (isset($_POST['submit'])) { $correo = $_POST['correo']; $password = $_POST['password']; if ($correo == '' || !isset($correo)) { $data['error'][0] = 'Correo es un campo obligatorio'; } if ($password == '' || !isset($password)) { $data['error'][1] = 'Password es un campo obligatorio'; } if (Password::verify($password, $this->_model->getHash($correo)) == false) { $data['error'][2] = 'Correo o password incorrectos'; } if (!$data['error']) { $data['usuario'] = $this->_model->getUsuario($correo); Session::set('loggedin', true); Session::set('idUsuario', $data[usuario][0]->idUsuario); Session::set('nombre', $data[usuario][0]->nombre); Session::set('apellidoPaterno', $data[usuario][0]->apellidoPaterno); $dataUsuario = array('fechaConexion' => date("Y-m-d H:i:s")); $where = array('correo' => $correo); $this->_model->updateUsuario($dataUsuario, $where); Url::redirect('admin-panel'); } } View::renderTemplate('header', $data); View::render('Auth/Login', $data); View::renderTemplate('footer', $data); }
/** * Define login page title and load template files */ public function login() { if (Session::get('loggedin')) { Url::redirect(''); } $data['title'] = 'Přihlášení'; $model = new \Models\Users(); if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; // verify password using helper class Password if (Password::verify($password, $model->getPass($username))) { Session::set('loggedin', true); Session::set('username', $username); Session::set('role', $model->getRole($username)); Session::set('userID', $model->getID($username)); if (Session::get('role') == "admin") { Url::redirect('admin'); } else { if (Session::get('role') == "recenzent") { Url::redirect('ratings'); } else { Url::redirect('tales'); } } } else { $error[] = 'Špatné jméno nebo heslo'; } } View::renderTemplate('header', $data); View::render('auth\\login', $data, $error); View::renderTemplate('footer', $data); }
protected function checkCookie() { if (isset($_COOKIE['rf_user_cookie']) && isset($_COOKIE['rf_user_id_cookie']) && isset($_COOKIE['rf_user_pass_cookie'])) { $result = $this->_user->checkUserCookie($_COOKIE['rf_user_cookie']); if (\Helpers\Password::verify($_COOKIE['rf_user_pass_cookie'], $result[0]['password'])) { \Helpers\Session::set('user', $_COOKIE['rf_user_cookie']); \Helpers\Session::set('user_id', $_COOKIE['rf_user_id_cookie']); } } }
/** * Handle account logins, password hashing, and view rendering */ public function login() { // If the user is already logged in, redirect if (\Helpers\Session::get('loggedin')) { \Helpers\Url::redirect('Courses'); } // If the login form is submitted if (isset($_POST['submit'])) { $validator = new GUMP(); // Sanitize the submission $_POST = $validator->sanitize($_POST); // Set the data $input_data = array('student_id' => $_POST['student_id'], 'student_password' => $_POST['student_password']); // Define custom validation rules $rules = array('student_id' => 'required|numeric', 'student_password' => 'required'); // Validate the data $validated = $validator->validate($_POST, $rules); // If login inputs are valid if ($validated === true) { // Retrieve user hash from database $currentUser = $this->account->getStudentHash($_POST['student_id']); // If user exists if ($currentUser) { // Compare hash against the provided password if (\Helpers\Password::verify($_POST['student_password'], $currentUser[0]->Password)) { // Passwords match, create a session with user info \Helpers\Session::set('StudentId', $currentUser[0]->StudentId); \Helpers\Session::set('Name', $currentUser[0]->Name); \Helpers\Session::set('loggedin', true); // Redirect to course selection page \Helpers\Url::redirect('Courses'); } else { $error['invalid'] = 'Incorrect Student ID / Password'; } } else { $error['not_found'] = "No account was found with your user ID"; } } else { // Set errors $error = $validator->get_errors_array(); } } // Set the page title $data['title'] = 'Login'; // Render the view and pass in controller data View::renderTemplate('header', $data, 'account'); View::render('account/login', $data, $error); View::renderTemplate('footer', $data, 'account'); }
public function login() { $data['title'] = 'התחברות'; if (Session::get('logged')) { Url::redirect(); } if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; if (Password::verify($password, $this->_model->get_user_hash($username)) != 0) { $this->login_user($username); } else { $error[] = "Wrong username or password"; } } View::renderTemplate('header', $data); View::render('login', $data, $error); View::renderTemplate('footer', $data); }
public function login() { if (Session::get('loggedin')) { Url::redirect(); } $data['title'] = 'Login'; if (isset($_POST['submit'])) { $user = $_POST['user']; $password = $_POST['password']; if (Password::verify($password, $this->_model->getHash($user)) == false) { $error[] = 'Wrong username or password'; } if (!$error) { Session::set('loggedin', true); Session::set('userId', $this->_model->getId($user)); Url::redirect(); } } View::renderTemplate('header', $data); View::render('auth/login', $data, $error); View::renderTemplate('footer', $data); }
/** * Attempts login * */ public function login() { $data["title"] = "Login"; if (!isset($_POST["login_button"])) { $error[] = "You need to log in to continue."; View::renderTemplate("header", $data); View::render("auth/login", $data, $error); View::renderTemplate("footer", $data); } if (isset($_POST["login_button"])) { //The login variables $email = $_POST["login_email"]; $password = $_POST["login_password"]; $remember_me = $_POST["remember_me"]; //Validtation if ($email == "") { $error[] = "You need to enter your email."; } else { if ($this->_model->exists($email) && !$this->_model->isActive($email)) { $error[] = "This account has not been activeted yet."; } else { if (!Password::verify($password, $this->_model->getHash($email))) { $error[] = "Email or password is incorrect."; } } } View::renderTemplate("header", $data); View::render("auth/login", $data, $error); View::renderTemplate("footer", $data); //If validation has passed then log in if (!$error) { Session::set("loggedin", true); Session::set("user_id", $this->_model->getID($email)); Url::redirect("http://something.sellerstam.mebokund.com/", true); //For some reason it doesn't work if the url is blank... } } }
public function runLogin($post) { $data = $this->getMemberHash($post['login_username']); if (Password::verify($post['login_password'], $data[0]->parola)) { Session::set('id', $data[0]->idAutori); Session::set('username', $data[0]->nume_login); Session::set('loggedin', true); Session::set('level', 'teacher'); if ($post['login_remember_me']) { $tokenString = hash('sha256', mt_rand()); $updateData = array('rememberme_token' => $tokenString); $where = array('idAutori' => $data[0]->idAutori); $this->db->update('autori', $updateData, $where); $cookieStringFirstPart = $data[0]->idAutori . ':' . $tokenString; $cookieStringHash = hash('sha256', $cookieStringFirstPart); $cookieString = $cookieStringFirstPart . ':' . $cookieStringHash; setcookie("rememberme", $cookieString, time() + COOKIE_RUNTIME); //, "/", COOKIE_DOMAIN); } } else { $error[] = 'Wrong username or password.'; } return $error; }
/** * Deletes a user's account. Requires user's password * @param string $username * @param string $password * @return boolean */ function deleteAccount($username, $password) { if (strlen($username) == 0) { $this->errormsg[] = $this->lang['deleteaccount_username_empty']; } elseif (strlen($username) > MAX_USERNAME_LENGTH) { $this->errormsg[] = $this->lang['deleteaccount_username_long']; } elseif (strlen($username) < MIN_USERNAME_LENGTH) { $this->errormsg[] = $this->lang['deleteaccount_username_short']; } if (strlen($password) == 0) { $this->errormsg[] = $this->lang['deleteaccount_password_empty']; } elseif (strlen($password) > MAX_PASSWORD_LENGTH) { $this->errormsg[] = $this->lang['deleteaccount_password_long']; } elseif (strlen($password) < MIN_PASSWORD_LENGTH) { $this->errormsg[] = $this->lang['deleteaccount_password_short']; } if (count($this->errormsg) == 0) { $query = $this->db->select("SELECT password FROM " . PREFIX . "users WHERE username=:username", array(":username" => $username)); $count = count($query); if ($count == 0) { $this->logActivity("UNKNOWN", "AUTH_DELETEACCOUNT_FAIL", "Username Incorrect ({$username})"); $this->errormsg[] = $this->lang['deleteaccount_username_incorrect']; return false; } else { $db_password = $query[0]->password; $verify_password = \Helpers\Password::verify($password, $db_password); if ($verify_password) { $this->db->delete(PREFIX . "users", array("username" => $username)); $this->db->delete(PREFIX . "sessions", array("username" => $username)); $this->logActivity($username, "AUTH_DELETEACCOUNT_SUCCESS", "Account deleted - Sessions deleted"); $this->successmsg[] = $this->lang['deleteaccount_success']; return true; } else { $this->logActivity($username, "AUTH_DELETEACCOUNT_FAIL", "Password incorrect ( DB : {$db_password} / Given : {$password} )"); $this->errormsg[] = $this->lang['deleteaccount_password_incorrect']; return false; } } } else { return false; } }
public function checkUser() { $userName = $_POST['userlogin']; $userPass = $_POST['userpassword']; if ($_POST['token'] != $_COOKIE['token']) { echo 'Проверьте введенные данные.'; die; } $result = $this->_user->getUserPassword($userName); if (empty($result)) { echo 'Логин и/или пароль введены неверно.'; die; } if (\Helpers\Password::verify($userPass, $result[0]['password'])) { \Helpers\Session::set('user', $userName); \Helpers\Session::set('user_id', $result[0]['id']); if (isset($_POST['checkbox']) && $_POST['checkbox'] == 'on') { setcookie("rf_user_cookie", $userName, time() + 60 * 60 * 24 * 7, "", "", false, true); setcookie("rf_user_id_cookie", $result[0]['id'], time() + 60 * 60 * 24 * 7, "", "", false, true); setcookie("rf_user_pass_cookie", $userPass, time() + 60 * 60 * 24 * 7, "", "", false, true); } } else { echo 'Логин и/или пароль введены неверно.'; die; } }
/** * Password Recovery */ public function recovery() { $data['title'] = $this->language->get('title_recovery'); if (isset($_POST['submit'])) { $email = $_POST['email']; //validation if (Password::verify($password, $this->model->getHash($username)) == false) { $error[] = $this->language->get('error_recovery'); } //if validation has passed carry on if (!$error) { $userDb = $this->model->getUser($username); $user = $userDb[0]; Session::set('loggedin', true); Session::set('id', $user->id); Session::set('first_name', $user->first_name); Session::set('last_name', $user->last_name); Session::set('timezone', $user->timezone); Session::set('dateformat', $user->dateformat); Session::set('timeformat', $user->timeformat); Session::set('dateformat_moment', Date::convertPHPToMomentFormat($user->dateformat)); Session::set('timeformat_moment', Date::convertPHPToMomentFormat($user->timeformat)); Session::set('language_id', 1); Session::set('language_code', 'en'); if (!Cookie::exists('navigation')) { Cookie::set('navigation', ''); } Log::info('logged_in'); //$data = array('lastLogin' => date('Y-m-d H:i:s')); //$where = array('id' => $this->_model->getId($username)); //$this->_model->update($data,$where); Url::redirect(); } else { $data['username'] = $username; } } View::renderTemplate('header', $data, 'auth'); View::render('auth/recovery', $data, $error); View::renderTemplate('footer', $data, 'auth'); }