Exemplo n.º 1
0
 /**
  * Creates the user's session and log him in
  *
  * @param unknown_type $StPwd
  * @return unknown
  */
 public function getLogged($StLogin, $StPwd)
 {
     UserHandler::SQLInjectionHandle($StLogin);
     UserHandler::SQLInjectionHandle($StPwd);
     $this->StLogin = $StLogin;
     $StSQL = "\nSELECT\n  IDUser, StPassword, StName, StEmail, StHash\nFROM\n  " . DBPREFIX . "User\nWHERE\n  StEmail = '{$this->StLogin}'";
     $this->execSQL($StSQL);
     $this->commit();
     if ($this->getNumRows() != 1) {
         throw new ErrorHandler(EXC_USER_NOTREG);
     }
     $ArResult = $this->getResult('string');
     if ($ArResult[0]['StPassword'] == $this->myHash($ArResult[0]['StHash'], $StPwd)) {
         $StSQL = "\nSELECT\n  C.IDClient, S.IDSupporter\nFROM\n  " . DBPREFIX . "User U\nLEFT JOIN\n  " . DBPREFIX . "Supporter S ON (U.IDUser = S.IDUser)\nLEFT JOIN\n  " . DBPREFIX . "Client C ON (U.IDUser = C.IDUser)\nWHERE\n  U.IDUser = {$ArResult[0]['IDUser']}";
         $this->execSQL($StSQL);
         $ArResult = array_merge($ArResult, $this->getResult('string'));
         setSessionProp('StName', $ArResult[0]['StName']);
         setSessionProp('IDUser', $ArResult[0]['IDUser']);
         setSessionProp('StEmail', $ArResult[0]['StEmail']);
         setSessionProp('StHash', md5($ArResult[0]['IDUser'] . $ArResult[0]['StName']));
         if (!isset($ArResult[1]['IDClient']) && isset($ArResult[1]['IDSupporter'])) {
             setSessionProp('isSupporter', 'true');
             setSessionProp('IDSupporter', $ArResult[1]['IDSupporter']);
         } else {
             setSessionProp('isSupporter', 'false');
             setSessionProp('IDClient', $ArResult[1]['IDClient']);
         }
         return true;
     } else {
         throw new ErrorHandler(EXC_USER_WRONGPASS);
     }
 }
Exemplo n.º 2
0
 /**
  * set the first notice to be shown after
  *
  * @param string StMessage
  * @param string StClass ok|error
  *
  * @return bool
  *
  * @author Dimitri Lameri <*****@*****.**>
  */
 public static function setNotice($StID, $StMessage, $StClass = 'ok')
 {
     setSessionProp('notice' . $StID, self::_getNoticeAsHTML($StMessage, $StClass));
     return true;
 }
Exemplo n.º 3
0
 /**
  * validate users session
  *
  * @param bool $Return
  *
  * @return bool
  *
  * @author Dimitri Lameri <*****@*****.**>
  */
 public static function Session($Return = false)
 {
     $Valid = true;
     if (!(array_key_exists('StHash', $_SESSION) && array_key_exists('IDUser', $_SESSION) && array_key_exists('StName', $_SESSION))) {
         $Valid = false;
     }
     if ($Valid === true) {
         $StHash = $_SESSION['StHash'];
         $StComparison = md5($_SESSION['IDUser'] . $_SESSION['StName']);
         if ($StHash !== $StComparison) {
             $Valid = false;
         }
     }
     if ($Return == true || $Valid === true) {
         return $Valid;
     } else {
         if ($Valid === false) {
             $_SESSION = array();
             if (array_key_exists('page', $_GET)) {
                 setSessionProp('lastPage', $_GET['page']);
             }
             F1DeskUtils::showPage('login');
             die;
         }
     }
 }