/** * ACTION - User login. * * @access public * @return View * @since 1.0.2, 2013-12-07 * @version 1.0.7-dev, 2015-05-04 */ public function actionLogin() { $this->setTitle(Core::getAppName() . ' - ' . __('Login form')); $this->addBreadCrumb(__('Login form')); $oLoggedUser = Model\User::getLoggedUser(); if ($oLoggedUser instanceof Model\User) { Route::factory('user_profile')->redirectTo(['id' => $oLoggedUser->getId()]); } $failedLogins = \User\LoginFail::getCachedData(); if ($failedLogins > 4) { return View::factory('base/alert')->set('sType', 'danger')->set('sMsg', __('to.many.incorrect.logins')); } $oLoginForm = Form::factory('login'); $oLoginForm->addField(Form\Field\Text::factory('login', $oLoginForm)); $oLoginForm->addField(Form\Field\Password::factory('password', $oLoginForm)); if ($oLoginForm->isSubmittedAndValid()) { $sUsername = $oLoginForm->get('login'); $sPassword = $oLoginForm->get('password'); $sEncryptedPassword = Helper\Encrypter::factory()->encrypt($sUsername, $sPassword); $oUser = DB::query("SELECT u FROM \\Model\\User u WHERE u.login = :login AND u.password = :pass")->param('login', $sUsername)->param('pass', $sEncryptedPassword)->single(); if ($oUser instanceof Model\User) { Session::set('username', $sUsername); Session::set('uid', (int) $oUser->getId()); $oUser->setLoginDateNOW(); DB::flush(); # Get role permissions for particular user and set them in session \UserPermissions::reset(); Route::factory(Router::getCurrentRouteName())->redirectTo(); } else { $currentUrl = Router::currentUrl(); $alert = __('You have entered wrong username or password. Try again.'); \User\LoginFail::addLoginFail(); Session::flash($currentUrl, $alert, 'danger'); } } $oLoginForm->addToSuffix(View::factory('user/frontend/login_links')->render()); return View::factory('base/form')->bind('oForm', $oLoginForm); }
/** * Encrypt users password. * * @static * @author Krzysztof Trzos * @access public * @param string $sLogin * @param string $sPassword * @return string * @since 3.4.1, 2015-01-26 * @version 3.4.1, 2015-01-26 */ public static function encryptPassword($sLogin, $sPassword) { $oEncrypter = EncrypterHelper::factory(); return $oEncrypter->encrypt($sLogin, $sPassword); }
/** * STEP - Create superuser of this application. * * @access private * @return void * @since 1.0.0-alpha * @version 1.0.0-alpha */ private function stepCreateUser() { // check if user was created earlier if ($this->checkIfAdminCreated()) { $this->parseJsonOutput('User created earlier.', 'error'); } // connect to database $oDbConn = new \PDO('mysql:host=' . $this->aCached['db_host'] . ';dbname=' . $this->aCached['db_name'], $this->aCached['db_user'], $this->aCached['db_pass']); // get data from inputs $userName = filter_input(INPUT_POST, 'user_name'); $userMail = filter_input(INPUT_POST, 'user_email'); $userPass = filter_input(INPUT_POST, 'user_pass'); $userPass2 = filter_input(INPUT_POST, 'user_pass2'); // data validation if (empty($userName)) { $this->parseJsonOutput('User login cannot be empty!', 'error'); } if (empty($userMail)) { $this->parseJsonOutput('User e-mail cannot be empty!', 'error'); } if (empty($userPass)) { $this->parseJsonOutput('User password cannot be empty!', 'error'); } if (empty($userPass2)) { $this->parseJsonOutput('Password must be confirmed!', 'error'); } if ($userPass !== $userPass2) { $this->parseJsonOutput('Passwords do not match.', 'error'); } // encrypt password require_once PATH_CORE . DS . 'Plethora' . DS . 'Helper' . DS . 'Encrypter.php'; $sEncrypted = Helper\Encrypter::factory()->encrypt($userName, $userPass); // add user to database $query = "INSERT INTO users (id, login, email, password, activation, registration_date) VALUES " . "(1, '" . $userName . "', '" . $userMail . "', '" . $sEncrypted . "', 1, NOW())"; $oDbConn->query($query); // check if database returned an error $aErrInfo = $oDbConn->errorInfo(); // if no error if ($aErrInfo[0] === '00000') { $this->setCachedSingle('step_done', 4); $this->parseJsonOutput('User created. You can go to the next step.'); } elseif ($aErrInfo[0] === '23000') { $this->parseJsonOutput('Table "users" is not empty. User with id == 1 already exists!', 'error'); } else { $this->parseJsonOutput($aErrInfo[2], 'error'); } }