public function post_issue_upload_attachment() { $user_id = Crypter::decrypt(str_replace(' ', '+', Input::get('session'))); Auth::login($user_id); if (!Auth::user()->project_permission(Input::get('project_id'))) { return Response::error('404'); } Project\Issue\Attachment::upload(Input::all()); return true; }
/** * Attempt to login a user based on a long-lived "remember me" cookie. * * @param string $recaller * @return mixed */ protected static function recall($recaller) { $recaller = explode('|', Crypter::decrypt($recaller)); // We'll pass the ID that was stored in the cookie into the same user // Closure that is used by the "user" method. If the method returns // a user, we will log them into the application. $user = call_user_func(Config::get('auth.user'), $recaller[0]); if (!is_null($user)) { static::login($user); return $user; } }
/** * Авторизация */ public function auth() { $cookie = Cookie::get('zzz'); if (is_null($cookie)) { return false; } $SeSData = @unserialize(Crypter::decrypt($cookie)); if (!is_array($SeSData)) { return false; } if (!isset($SeSData['user_id'])) { return false; } if (!isset($SeSData['user_key'])) { return false; } if (!isset($SeSData['user_token'])) { return false; } $user = false; // заглушка // Тут нужна реализованная модель пользователя //$user = Model::get('user')->getUserByID($SeSData['user_id']); try { if ($user === false) { throw new Exception(); } if ($user['user_status'] != 'active') { throw new Exception(); } if ($SeSData['user_key'] != $user['user_key']) { throw new Exception(); } if ($SeSData['user_token'] != $user['user_token']) { throw new Exception(); } } catch (Exception $e) { $this->logout(); return false; } $this->add('user', (object) $user); $this->add('vars', new stdObject()); $this->is_login = true; return true; }
protected function decodeValue($value) { $value = str_replace(array('_', '-'), array('/', '+'), $value); return \Crypter::decrypt($value); }
<?php // Create a Form macro which generates the fake honeypot field // as well as the time check field Form::macro('honeypot', function ($honey_name, $honey_time) { return View::make("honeypot::fields", get_defined_vars()); }); // We add a custom validator to validate the honeypot text and time check fields Validator::register('honeypot', function ($attribute, $value, $parameters) { // We want the value to be empty, empty means it wasn't a spammer return $value == ''; }); Validator::register('honeytime', function ($attribute, $value, $parameters) { // The timestamp is encrypted so let's decrypt it $value = Crypter::decrypt($value); // The current time should be greater than the time the form was built + the speed option return is_numeric($value) && time() > $value + $parameters[0]; });
/** * Attempt to login a user based on a long-lived "remember me" cookie. * * @param string $recaller * @return mixed */ protected static function recall($recaller) { // When the "remember me" cookie is stored, it is encrypted and contains the // user's ID and a long, random string. The ID and string are separated by // a pipe character. Since we exploded the decrypted string, we can just // pass the first item in the array to the user Closure. $recaller = explode('|', Crypter::decrypt($recaller)); if (!is_null($user = call_user_func(Config::get('auth.user'), $recaller[0]))) { static::login($user); return $user; } }
} } } } $crypter = new Crypter(MODE_ECB, 'blowfish', 'key52345346_change_it'); if (isset($_REQUEST['logon'])) { if (isset($_POST['login']) && isset($_POST['pass'])) { $_SESSION['login'] = $_POST['login']; $_SESSION['pass'] = $_POST['pass']; if (isset($_POST['remember'])) { setcookie("login", base64_encode($crypter->encrypt($_POST['login'])), time() + 1209600); setcookie("pass", base64_encode($crypter->encrypt($_POST['pass'])), time() + 1209600); } } } $login = isset($_SESSION['login']) ? $_SESSION['login'] : (isset($_COOKIE['login']) ? trim($crypter->decrypt(base64_decode($_COOKIE['login']))) : ""); $pass = isset($_SESSION['pass']) ? $_SESSION['pass'] : (isset($_COOKIE['pass']) ? trim($crypter->decrypt(base64_decode($_COOKIE['pass']))) : ""); $_SESSION['login'] = $login; $_SESSION['pass'] = $pass; $user = GetUserID($login, $pass); $exit = isset($_GET['exit']) ? $_GET['exit'] : 0; if (!$exit && !$user && !$login && !$pass && !isset($_REQUEST['register'])) { $login = "******"; $pass = "******"; $user = GetUserID($login, $pass); if ($user) { $_SESSION['login'] = $login; $_SESSION['pass'] = $pass; } } if (!$user) {
/** * Attempt to find a "remember me" cookie for the user. * * @return string|null */ protected function recall() { $cookie = Cookie::get($this->recaller()); // By default, "remember me" cookies are encrypted and contain the user // token as well as a random string. If it exists, we'll decrypt it // and return the first segment, which is the user's ID token. if (!is_null($cookie)) { return head(explode('|', Crypter::decrypt($cookie))); } }
/** * Pasa de la clave cifrada a una clave de texto plano * */ public function limpiarClave($clave = '') { $crypt = new Crypter(sfConfig::get('app_general_cifrado_usuario')); if ($clave != "") { $otra_clave = $crypt->decrypt($clave); } else { $otra_clave = $crypt->decrypt($this->getClave()); $this->setClavelimpia($otra_clave); } return $otra_clave; }