Exemplo n.º 1
0
 /**
  * checks if login & password are correct and save the user in session.
  * it redirects the user to the $referer link
  * @param  string $referer the url to redirect after login
  * @todo add the return value
  * @return boolean
  */
 public function login($referer)
 {
     list($login, $password, $isauthenticated) = $this->credentials();
     if ($login === false || $password === false) {
         $this->messages->add('e', _('login failed: you have to fill all fields'));
         Tools::logm('login failed');
         Tools::redirect();
     }
     if (!empty($login) && !empty($password)) {
         $user = $this->store->login($login, Tools::encodeString($password . $login), $isauthenticated);
         if ($user != array()) {
             # Save login into Session
             $longlastingsession = isset($_POST['longlastingsession']);
             $passwordTest = $isauthenticated ? $user['password'] : Tools::encodeString($password . $login);
             Session::login($user['username'], $user['password'], $login, $passwordTest, $longlastingsession, array('poche_user' => new User($user)));
             # reload l10n
             $language = $user['config']['language'];
             @putenv('LC_ALL=' . $language);
             setlocale(LC_ALL, $language);
             bindtextdomain($language, LOCALE);
             textdomain($language);
             $this->messages->add('s', _('welcome to your wallabag'));
             Tools::logm('login successful');
             Tools::redirect($referer);
         }
         $this->messages->add('e', _('login failed: bad login or password'));
         // log login failure in web server log to allow fail2ban usage
         error_log('user ' . $login . ' authentication failure');
         Tools::logm('login failed');
         Tools::redirect();
     }
 }
Exemplo n.º 2
0
<?php

session_start();
require "required/database.class.php";
if ($_POST['action'] != "" && $_GET['action'] != "logout") {
    $db = new Database();
    $result = $db->login($_POST);
} else {
    if ($_GET['action'] == "logout") {
        $db = new Database();
        $db->logout();
    }
}
?>
<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta name="viewport" content="width=device-width, initial-scale=1">
		<title>Profil - <?php 
echo WEBSITE_NAME;
?>
</title>
		<link rel="stylesheet" type="text/css" href="css.css">
	</head>
	<body>
		<nav>
			<ul>
				<li><a href="index.php">Forside</a></li>
				<li><a href="list.php">Liste</a></li>
				<li><a href="search.php">Søk</a></li>
Exemplo n.º 3
0
	</nav>

	<div class="container text-center">
		<h1>Login Page</h1>
	</div>
	<br>

	<!-- Main -->
	<?php 
if (isset($_POST["user_id"]) && isset($_POST["password"])) {
    require_once "Database.php";
    $database = new Database();
    $user_id = $_POST["user_id"];
    $password = $_POST["password"];
    $feedback = "";
    $role = $database->login($user_id, $password, $feedback);
    if ($role != -1) {
        $_SESSION["user_id"] = $user_id;
        $_SESSION["role"] = $role;
        if ($role == 0) {
            header('Location: admin.php');
        } else {
            header('Location: index.php');
        }
        return;
    } else {
        showLoginForm($feedback);
    }
} else {
    session_unset();
    session_destroy();
Exemplo n.º 4
0
<?php

header('Access-Control-Allow-Origin: *');
header("Content-Type: text/json");
include_once "functions.php";
//session function are here
include_once "databse.php";
if (isset($_POST["username"]) && isset($_POST["password"])) {
    //put values in variables
    $username = $_POST["username"];
    $password = $_POST["password"];
    $dataBase = new Database();
    //inicialze the databse instance
    $dataBase->connect();
    //connect to database
    echo json_encode($dataBase->login($username, $password));
    $dataBase->close();
    //close the database connection
}
Exemplo n.º 5
0
    {
        $now = time();
        $u = null;
        if ($this->exists($username) === false) {
            $this->users->save(array('_id' => $username, 'password' => $password, 'name' => $name, 'gender' => $gender, 'email' => $email, 'created' => $now, 'modified' => $now));
            $u = $this->login($username, $password);
        }
        return $u;
    }
}
$db = new Database();
if (isset($_POST['action'])) {
    switch ($_POST['action']) {
        case 'login':
            if (isset($_POST['username']) && isset($_POST['password'])) {
                if ($db->login($_POST['username'], $_POST['password'])) {
                    header('HTTP/1.1 200 OK');
                    echo 'Login successful';
                } else {
                    header('HTTP/1.1 500 Bad request');
                    echo 'Bad credentials';
                }
            } else {
                header('HTTP/1.1 500 Bad request');
                echo 'Missing arguments for login';
            }
            break;
        case 'create':
            if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['name']) && isset($_POST['email']) && isset($_POST['gender'])) {
                $g = $_POST['gender'];
                if ($g === 'male' || $g === 'female') {