/** @return user id */ static function byUsername($name) { $user = User::getByName($name); if ($user && $user->id) { return $user->id; } return false; }
/** * 登录 * @param string $username 用户名 * @param string $password 密码 */ public static function Login($username, $password) { $user = new User(); $ret = $user->getByName($username); if (!$ret) { return '用户名不存在!'; } if ($ret['password'] != md5($password)) { return '密码错误!'; } $user->update(array('last_login' => time()), $ret); return self::WriteCookie($ret['id'], $ret['username'], $ret['type']); }
public function loginAction() { $userInactive = false; try { $user = User::getByName($this->_getParam("username")); if ($user instanceof User) { if ($user->isActive()) { $authenticated = false; if ($user->getPassword() == Pimcore_Tool_Authentication::getPasswordHash($this->_getParam("username"), $this->_getParam("password"))) { $authenticated = true; } else { if ($this->_getParam("token") and Pimcore_Tool_Authentication::tokenAuthentication($this->_getParam("username"), $this->_getParam("token"), MCRYPT_TRIPLEDES, MCRYPT_MODE_ECB, false)) { $authenticated = true; // save the information to session when the user want's to reset the password // this is because otherwise the old password is required => see also PIMCORE-1468 if ($this->_getParam("reset")) { $adminSession = Pimcore_Tool_Authentication::getSession(); $adminSession->password_reset = true; } } else { throw new Exception("User and Password doesn't match"); } } if ($authenticated) { $adminSession = Pimcore_Tool_Authentication::getSession(); $adminSession->user = $user; Zend_Session::regenerateId(); } } else { $userInactive = true; throw new Exception("User is inactive"); } } else { throw new Exception("User doesn't exist"); } } catch (Exception $e) { //see if module or plugin authenticates user $user = Pimcore_API_Plugin_Broker::getInstance()->authenticateUser($this->_getParam("username"), $this->_getParam("password")); if ($user instanceof User) { $adminSession = Pimcore_Tool_Authentication::getSession(); $adminSession->user = $user; $this->_redirect("/admin/?_dc=" . time()); } else { $this->writeLogFile($this->_getParam("username"), $e->getMessage()); Logger::info("Login Exception" . $e); $this->_redirect("/admin/login/?auth_failed=true&inactive=" . $userInactive); exit; } } $this->_redirect("/admin/?_dc=" . time()); }
public function loginAction() { $userInactive = false; try { $user = User::getByName($this->_getParam("username")); if ($user instanceof User) { if ($user->isActive()) { $authenticated = false; if ($user->getPassword() == Pimcore_Tool_Authentication::getPasswordHash($this->_getParam("username"), $this->_getParam("password"))) { $authenticated = true; } else { if ($this->_getParam("token") and Pimcore_Tool_Authentication::tokenAuthentication($this->_getParam("username"), $this->_getParam("token"), MCRYPT_TRIPLEDES, MCRYPT_MODE_ECB, false)) { $authenticated = true; } else { throw new Exception("User and Password doesn't match"); } } if ($authenticated) { $adminSession = new Zend_Session_Namespace("pimcore_admin"); $adminSession->user = $user; $adminSession->frozenuser = $user->getAsFrozen(); } } else { $userInactive = true; throw new Exception("User is inactive"); } } else { throw new Exception("User doesn't exist"); } } catch (Exception $e) { //see if module ore plugin authenticates user $user = Pimcore_API_Plugin_Broker::getInstance()->authenticateUser($this->_getParam("username"), $this->_getParam("password")); if ($user instanceof User) { $adminSession = new Zend_Session_Namespace("pimcore_admin"); $adminSession->user = $user; $adminSession->frozenuser = $user->getAsFrozen(); $this->_redirect("/admin/?_dc=" . time()); } else { $this->writeLogFile($this->_getParam("username"), $e->getMessage()); Logger::info("Login Exception" . $e); $this->_redirect("/admin/login/?auth_failed=true&inactive=" . $userInactive); $this->getResponse()->sendResponse(); exit; } } $this->_redirect("/admin/?_dc=" . time()); }
public static function create($username, $password, $type = SESSION_REGULAR, $algo = 'sha512') { $username = trim($username); if (User::getByName($username)) { return false; } $o = new User(); $o->name = $username; $o->type = $type; $o->time_created = sql_datetime(now()); $o->id = $o->store(); if (!$o->id) { return false; } $session = SessionHandler::getInstance(); $o->password = Password::encrypt($o->id, $session->getEncryptKey(), $password, $algo); $o->store(); // write again with password encoded using the user id dp($session->getUsername() . ' created user ' . $username . ' (' . $o->id . ') of type ' . $type); return $o->id; }
/** * @return void */ public function save() { if (!$this->getUser() instanceof User) { if ($this->getUserId()) { $this->user = User::getById(intval($this->getUserId())); } else { if ($this->getUsername()) { $this->user = User::getByName($this->getUsername()); } } } $this->setUserId($this->getUser()->getId()); $this->getResource()->save(); }
public function executeList() { $rss = $this->getRequestParameter('rss'); $object = $this->getRequestParameter('object'); $output = ''; $title = Tools::get('name'); $link = Tools::get('url'); $description = Tools::get('rss_desc'); $offset = $this->getRequestParameter('offset'); $limit = $this->getRequestParameter('limit'); if ($object == 'application') { $title .= ' - Applications'; $user_id = $this->getRequestParameter('user_id'); if ($this->getRequestParameter('user_name')) { $user_id = User::getByName($this->getRequestParameter('user_name'))->getId(); } $q = new Doctrine_Query(); $q = $q->select('a.*')->from('Application a'); if ($user_id) { $q = $q->addWhere('user_id = ?', array($user_id)); } $q = $q->addWhere('approved = ?', array(true)); $q = $q->orderby('updated_at desc'); if ($limit) { $q->limit($limit); } if ($offset) { $q->offset($offset); } $applications = $q->execute(); if (!$rss) { $output .= '<applications count="' . $applications->count() . '">'; } foreach ($applications as $application) { $output .= $application->getXML($rss); } if (!$rss) { $output .= '</applications>'; } } elseif ($object == 'comment') { $title .= ' - Comments'; $user_id = $this->getRequestParameter('user_id'); if ($this->getRequestParameter('user_name')) { $user_id = User::getByName($this->getRequestParameter('user_name'))->getId(); } $application_id = $this->getRequestParameter('application_id'); $module_id = $this->getRequestParameter('module_id'); $theme_id = $this->getRequestParameter('theme_id'); $q = new Doctrine_Query(); $q = $q->select('c.*')->from('Comment c'); if ($user_id) { $q = $q->addWhere('user_id = ?', array($user_id)); } if ($application_id) { $q = $q->addWhere('application_id = ?', array($application_id)); } if ($module_id) { $q = $q->addWhere('madule_id = ?', array($module_id)); } if ($theme_id) { $q = $q->addWhere('theme_id = ?', array($theme_id)); } $q = $q->orderby('updated_at desc'); if ($limit) { $q->limit($limit); } if ($offset) { $q->offset($offset); } $comments = $q->execute(); if (!$rss) { $output .= '<comments count="' . $comments->count() . '">'; } foreach ($comments as $comment) { $output .= $comment->getXML($rss); } if (!$rss) { $output .= '</comments>'; } } elseif ($object == 'module') { $title .= ' - Modules'; $application_id = $this->getRequestParameter('application_id'); $user_id = $this->getRequestParameter('user_id'); if ($this->getRequestParameter('user_name')) { $user_id = User::getByName($this->getRequestParameter('user_name'))->getId(); } $q = new Doctrine_Query(); $q = $q->select('m.*')->from('Madule m'); if ($application_id) { $q = $q->addWhere('application_id = ?', array($application_id)); } if ($user_id) { $q = $q->addWhere('user_id = ?', array($user_id)); } $q = $q->addWhere('approved = ?', array(true)); $q = $q->orderby('updated_at desc'); if ($limit) { $q->limit($limit); } if ($offset) { $q->offset($offset); } $modules = $q->execute(); if (!$rss) { $output .= '<modules count="' . $modules->count() . '">'; } foreach ($modules as $module) { $output .= $module->getXML($rss); } if (!$rss) { $output .= '</modules>'; } } elseif ($object == 'theme') { $title .= ' - Themes'; $user_id = $this->getRequestParameter('user_id'); if ($this->getRequestParameter('user_name')) { $user_id = User::getByName($this->getRequestParameter('user_name'))->getId(); } $theme_group_id = $this->getRequestParameter('theme_group_id'); if ($this->getRequestParameter('theme_group_title')) { $theme_group_id = ThemeGroup::getByTitle($this->getRequestParameter('theme_group_title'))->getId(); } if ($this->getRequestParameter('theme_group_name')) { $theme_group_id = ThemeGroup::getByName($this->getRequestParameter('theme_group_name'))->getId(); } $application_id = $this->getRequestParameter('application_id'); $module_id = $this->getRequestParameter('module_id'); $q = new Doctrine_Query(); $q = $q->select('t.*')->from('Theme t'); if ($application_id) { $q = $q->addWhere('t.id IN (SELECT ttg.theme_id from ThemeThemeGroup ttg where ttg.theme_group_id IN ' . '(SELECT ag.theme_group_id FROM ApplicationThemeGroup ag where ag.application_id = ?))', array($application_id)); } elseif ($module_id) { $q = $q->addWhere('t.id IN (SELECT ttg.theme_id from ThemeThemeGroup ttg where ttg.theme_group_id IN ' . '(SELECT mg.theme_group_id FROM MaduleThemeGroup mg where mg.madule_id = ?))', array($module_id)); } elseif ($theme_group_id) { $q = $q->innerJoin('t.ThemeThemeGroups ttg')->addWhere('ttg.theme_group_id = ?', array($theme_group_id)); } if ($user_id) { $q = $q->addWhere('user_id = ?', array($user_id)); } $q = $q->addWhere('approved = ?', array(true)); $q = $q->orderby('updated_at desc'); if ($limit) { $q->limit($limit); } if ($offset) { $q->offset($offset); } $themes = $q->execute(); if (!$rss) { $output .= '<themes count="' . $themes->count() . '">'; } foreach ($themes as $theme) { $output .= $theme->getXML($rss); } if (!$rss) { $output .= '</themes>'; } } elseif ($object == 'theme_group') { $title .= ' - Theme Groups'; $theme_id = $this->getRequestParameter('theme_id'); $q = new Doctrine_Query(); $q = $q->select('t.*')->from('ThemeGroup t'); if ($theme_id) { $q = $q->innerJoin('t.ThemeThemeGroups ttg')->addWhere('ttg.theme_id = ? and t.known = ?', array($theme_id, true)); } $q = $q->orderby('updated_at desc'); if ($limit) { $q->limit($limit); } if ($offset) { $q->offset($offset); } $themeGroups = $q->execute(); if (!$rss) { $output .= '<theme_groups count="' . $themeGroups->count() . '">'; } foreach ($themeGroups as $themeGroup) { $output .= $themeGroup->getXML($rss); } if (!$rss) { $output .= '</theme_groups>'; } } elseif ($object == 'user') { $title .= ' - Users'; $q = new Doctrine_Query(); $q = $q->select('u.*')->from('User u')->orderby('updated_at desc'); if ($limit) { $q->limit($limit); } if ($offset) { $q->offset($offset); } $users = $q->execute(); if (!$rss) { $output .= '<users count="' . $users->count() . '">'; } foreach ($users as $user) { $output .= $user->getXML($rss); } if (!$rss) { $output .= '</users>'; } } if ($rss) { $this->output = '<rss version="2.0">' . '<channel>' . '<title>' . $title . '</title>' . '<link>' . $link . '</link>' . '<description>' . $description . '</description>' . '<generator>' . $title . '</generator>' . $output . '</channel>' . '</rss>'; } else { $this->output = '<rsp stat="ok">' . $output . '</rsp>'; } $this->setTemplate('index'); }
public function testDeleteUser() { $user = User::create(array("parentId" => 0, "username" => "dummy", "password" => md5(time()), "hasCredentials" => true, "active" => true)); unset($user); $user = User::getByName("dummy"); $user->delete(); unset($user); $user = User::getByName("dummy"); $this->assertFalse($user); }
/** * @static * @throws Exception * @param string $username * @param string $token * @param bool $adminRequired * @return User */ public static function tokenAuthentication($username, $token, $algorithm, $mode, $adminRequired = false) { $user = User::getByName($username); if (!$user instanceof User) { throw new Exception("invalid username"); } else { if (!$user->isActive()) { throw new Exception("user inactive"); } else { if ($adminRequired and !$user->isAdmin()) { throw new Exception("no permission"); } } } $passwordHash = $user->getPassword(); $decrypted = Pimcore_Tool_Authentication::decrypt($passwordHash, $token, $algorithm, $mode); $timestamp = $decrypted[0]; $timeZone = date_default_timezone_get(); date_default_timezone_set("UTC"); if ($timestamp > time() or $timestamp < time() - 60 * 30) { throw new Exception("invalid timestamp"); } date_default_timezone_set($timeZone); return $user; }
$user->getAll(); }); $app->get('/users/:id', function ($id) use($user) { $user->getById($id); }); $app->get('/users/:id/friends', function ($id) use($user) { $user->getFriends($id); }); $app->get('/users/:id/score', function ($id) use($user) { $user->getScore($id); }); $app->get('/users/:id/rewards', function ($id) use($user) { $user->getRewards($id); }); $app->get('/users/search/:name', function ($name) use($user) { $user->getByName($name); }); $app->delete('/users/:id', function ($id) use($user) { $user->delete($id); }); $app->post('/users', function () use($user, $app) { $request = $app->request(); $body = $request->getBody(); $vo = json_decode($body); $user->insert($vo); }); $app->put('/users/:id', function ($id) use($user, $app) { $request = $app->request(); $body = $request->getBody(); $vo = json_decode($body); $vo->facebook_user_id = $id;
<?php include 'configs/configs.php'; session_start(); $name = $_SESSION["name"]; //echo $name; $detailAccount = User::getByName($name); //print_r($detailAccount); $smarty->assign('detailAcc', $detailAccount); $smarty->display('account.tpl');
$user->logout(); } redirect(); } // if user is already logged in, // to index since we didn't provide such a link if ($has_login) { redirect(); // to index } $username = _post('username'); $password = _post('password'); $msg = ''; if ($by_post) { if (User::check($username, $password)) { $user = User::getByName($username); $user->login(); $type = strtolower($user->type); ${$type} = $user->instance(); $back_url = _get('back_url') ?: DEFAULT_LOGIN_REDIRECT_URL; switch ($user->type) { case 'SuperAdmin': $back_url = 'user'; break; case 'Admin': case 'Customer': break; default: throw new Exception("unkonwn user type: {$user}->{$type}"); break; }
<?php include 'configs/configs.php'; //---Thuc hien cap nhat, goi ham cap nhat va gan cac gia tri if (isset($_POST['Name'])) { echo $pass = $_POST['Pass']; echo $ID = $_POST['ID']; echo $email = $_POST['eMail']; echo $isAdmin = $_POST['isAdmin']; echo $name = $_POST['Name']; $newUser = new User(); $newUser->ID = $ID; $newUser->userName = $name; $newUser->passWord = $pass; $newUser->eMail = $email; $newUser->isAdmin = $isAdmin; $newUser->Update(); header('location: manageuser.php'); } else { //--Nếu tồn tại giá trị của user thì hiện ra bảng sửa thông tin người dùng, $name = $_POST['search']; $newUser = User::getByName($name); //print_r($newUser); //$a=$newUser[0]->userName; //echo $a; $smarty->assign('newUser', $newUser); $smarty->display('edituser.tpl'); }
function login() { //$user = new Album($this->db); $post = json_decode($this->f3->get('BODY'), true); //$album->AlbumName = $this->f3->get('POST.AlbumName'); $username = $post['UserName']; $password = $post['UserPassword']; $user = new User($this->db); $user->getByName($username); if ($user->dry()) { echo $this->utils->errorResponse('Username or Password Incorrect'); } if (password_verify($password, $user->UserPassword)) { $token = $this->getToken($user->UserID, $user->UserName, $user->UserRole); } else { echo $this->utils->errorResponse('Username or Password Incorrect'); } return $token; }
function handleEditUsername($p) { $p['new_user'] = trim($p['new_user']); $error = ErrorHandler::getInstance(); $session = SessionHandler::getInstance(); // dont put empty names or current username on request queue if (!$p['new_user'] || $p['new_user'] == $session->username) { $error->add('Useless request'); return false; } if (User::getByName($p['new_user'])) { $error->add('Username taken'); return false; } if (ReservedWord::isReservedUsername($p['new_user'])) { $error->add('Username is reserved'); return false; } // put request on queue for admins ModerationObject::add(MODERATE_CHANGE_USERNAME, $p['new_user']); echo '<div class="good">Your request for username change have been submitted and will be handled soon!</div>'; }
/** * Handles logins * * @param $username * @param $pwd * @return true on success */ function login($username, $pwd, $type = SESSION_REGULAR) { $error = ErrorHandler::getInstance(); if (!$this->allow_logins) { $error->add('Logins currently not allowed.'); return false; } $username = trim($username); $pwd = trim($pwd); switch ($type) { case SESSION_REGULAR: $user = User::getByName($username); break; case SESSION_FACEBOOK: $user = new FacebookUser($username); break; default: throw new \Exception('hmm ' . $type); } if (!$user || !$user->id) { $error->add('Login failed - user not found1'); return false; } $x = User::getExact($type, $user->id, $username, $pwd); if (!$x) { dp('Failed login attempt: username ' . $username); $error->add('Login failed - user not found2'); return false; } $this->id = $user->id; $this->ip = client_ip(); $this->username = $username; $this->type = $type; $this->usermode = UserGroupHandler::getUserLevel($user->id); if ($this->usermode >= USERLEVEL_WEBMASTER) { $this->isWebmaster = true; } if ($this->usermode >= USERLEVEL_ADMIN) { $this->isAdmin = true; } if ($this->usermode >= USERLEVEL_SUPERADMIN) { $this->isSuperAdmin = true; } $q = 'UPDATE tblUsers SET time_last_login = NOW(), time_last_active = NOW(), last_ip = ?' . ' WHERE id = ?'; Sql::pUpdate($q, 'si', client_ip(), $this->id); LoginEntry::add($this->id, client_ip(), $_SERVER['HTTP_USER_AGENT']); $_SESSION['id'] = $this->id; $_SESSION['username'] = $this->username; $_SESSION['usermode'] = $this->usermode; $_SESSION['isWebmaster'] = $this->isWebmaster; $_SESSION['isAdmin'] = $this->isAdmin; $_SESSION['isSuperAdmin'] = $this->isSuperAdmin; $_SESSION['referer'] = $this->referer; $_SESSION['ip'] = $this->ip; $_SESSION['type'] = $this->type; $_SESSION['last_active'] = time(); session_write_close(); dp($this->username . ' logged in from ' . $this->ip); $error->reset(); // remove previous errors return true; }
<?php /** * 注册页面 * @author 潘洪学 panliu888@gmail.com * @create_date 2011-10 */ include_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'init.php'; if (Passport::IsLogin()) { redirect('index.php'); } if (Request::IsPost()) { $fields = $_POST['f']; if (validate($fields)) { $user = new User(); $ret = $user->getByName($fields['username']); $TEMPLATE['error'] = array(); if ($ret) { $TEMPLATE['error']['username'] = '******'; } else { $tableInfo = array('username' => $fields['username'], 'password' => md5($fields['password']), 'type' => $user->totals() == 0 ? 1 : 0, 'reg_date' => time(), 'last_login' => time()); $newid = $user->insertIgnore($tableInfo); if ($newid) { $ret = Passport::WriteCookie($newid, $tableInfo['username'], $tableInfo['type']); $return_url = get_returnurl('index.php'); $wt_open = new WTOpen(); $cbs = $wt_open->getCallbackList(); $scripts = ''; if (count($cbs) > 0) { $token = http_build_query($ret); foreach ($cbs as $value) {
//管理员 } } exit; } if (isset($_POST['login'])) { require_once dirname(dirname(__FILE__)) . '/lib/cls_captcha.php'; /* $validator = new captcha(); if (!$validator->check_word($_POST['captcha'])) { echo "<script>alert('captcha error!');history.back();</script>"; exit; }*/ // $bRet = User::checkLogin($_POST['userId'], $_POST['pwd']); $rank = User::getByName($_POST['userId']); if ($bRet == true) { if ($rank['F_RANK'] == 1 || $rank['F_RANK'] == 3) { $arrayList = array(date('Y-m-d H:i:s', time()), date('Y-m-d H:i:s', time()), $_SERVER['REMOTE_ADDR'], $_POST['userId']); $bRet = User::updataStatus($arrayList); if ($bRet == true) { //获取待处理的箱门 $waitDeal = DataDetails::getNeedData(); //获取处理完成的箱门 $dealed = DataDetails::getDealed(); //获取处理的历时记录 $hisDeal = DataDetails::getHistoryDeal(); $_SESSION['userId'] = $_POST['userId']; $smarty->assign("waitDeal", $waitDeal); $smarty->assign("dealed", $dealed); $smarty->assign("hisDeal", array_slice($hisDeal, 0, 25));
test(1, 1, 'test for 1 === 1'); begin_test(); $username = '******'; $password = '******'; $realname = '小池'; $phone = '13711231212'; $email = '*****@*****.**'; $info = compact('username', 'password', 'realname', 'phone', 'email'); $customer = Customer::create($info); test(1, 1, array('name' => 'register Customer, db')); begin_test(); test(User::check($username, $password), true, array('name' => 'User::check($username, $password)')); begin_test(); $username = '******'; $password = '******'; $user = User::getByName('root'); $superadmin = $user->instance(); $admin = $superadmin->createAdmin(compact('username', 'password')); $ideal_arr = array('name' => $username, 'password' => md5($password), 'type' => 'Admin'); $id = Pdb::lastInsertId(); $real_arr = Pdb::fetchRow('name, password, type', User::$table, array('id=?' => $id)); test($real_arr, $ideal_arr, array('name' => 'Super Admin create Admin, db')); begin_test(); $prd_types = Product::types(); $info = array('name' => '唯爱心形群镶女戒_test', 'type' => reset(array_keys($prd_types)), 'material' => json_encode(array('PT950', '白18K金', '黄18K金', '红18K金')), 'rabbet_start' => '0.30', 'rabbet_end' => '0.60', 'weight' => 9, 'small_stone' => 3, 'st_weight' => 2.1, 'images' => array('400' => array('/test/static/img/i400-1.jpg', '/test/static/img/i400-2.jpg', '/test/static/img/i400-3.jpg'), 'thumb' => array('/test/static/img/i80-1.jpg', '/test/static/img/i80-2.jpg', '/test/static/img/i80-3.jpg'))); $product = Product::create($info); test(1, 1, array('name' => 'Admin post Product, db')); begin_test(); $address = $customer->defaultAddress(); $address->edit(array('name' => '小池', 'phone' => '14722320989', 'detail' => '深圳罗湖区田贝')); test(1, 1, array('name' => 'edit Address'));