function session_authentification($filename)
{
unset($loginstatus);
unset($flag);
$loginstatus = false;
$flag = false;
$authent1 = new authentification();
if (isset($_SESSION['username'])) {
$loginstatus = true;
}
if (isset($_COOKIE['rem']) && !isset($_SESSION['username'])) {
list($username, $cookie_ID_hash) = explode(":", $_COOKIE['rem']);
$usercookie = simplexml_load_file(trim($filename)) or die("Error: Cannot create object");
foreach ($usercookie->user as $user) {
if ($authent1->hash_sha256($user) == trim($username)) {
if ($authent1->hash_sha256(trim($user->cookies->rememberme)) == trim($cookie_ID_hash)) {
$loginstatus = true;
$_SESSION['username'] = $user;
break 2;
}
}
}
}
return $loginstatus;
}
public function userData($matricule)
{
$this->database = database::instance();
$this->auth = authentification::instance();
$this->matricule = $matricule;
$this->getUserData();
}
/**
* Short description of method instance
*
* @access public
* @author Jean-Francois Levesque, <*****@*****.**>
* @return void
*/
public static function instance()
{
if (!authentification::$instance) {
authentification::$instance = new authentification();
authentification::$instance->init();
}
return authentification::$instance;
}
public function __construct()
{
$a = func_get_args();
$i = func_num_args();
if (method_exists($this, $f = '__construct' . $i)) {
call_user_func_array(array($this, $f), $a);
} else {
$auth = authentification::instance();
$this->loadStatusData($auth->getUsager());
}
}
public static function hasExistingCarInDatabase($carId)
{
$objAuth = authentification::instance();
if ($objAuth->estIdentifie()) {
$database = database::instance();
$result = $database->requete("SELECT * FROM st_car WHERE id = '" . $carId . "'");
return mysql_num_rows($result) > 0;
} else {
return false;
}
}
public static function getWidget($pageToRedirect, $login_success, $errorMessage = "")
{
$objAuth = authentification::instance();
if ($objAuth->estIdentifie()) {
$widget_html = '<div class="widget">
Vous êtes présentement connecté en tant que <b>' . $objAuth->getUsager() . '</b>.</br>
[<a href="logout.php"> Déconnexion</a>]<br>
</div>';
} else {
$widget_html = '<div class="widget">
<script type="text/javascript"> if (window.isMSIE55) fixalpha(); </script>
<div class="widgettitle"> Connexion </div>';
if (!$login_success) {
$widget_html = $widget_html . '<div class="formErrorField"> Mauvais matricule ou mot de passe </div>';
}
$widget_html = $widget_html . '<div class="widgetcontent">
<form method="post" action="auth.php?redirect=' . $pageToRedirect . '" name="connexion">
<div style="display:block">
<div style="display:block">
<label style="display:inline;vertical-align:middle">Nom dutilisateur</label>
<input style="width:125px;float:right;vertical-align:middle"" type="text" name="username" size="8" maxlength="7" id="username" />
</div>
<div style="display:block;clear:both">
<label style="display:inline;vertical-align:middle">Mot de passe</label>
<input style="width:125px;float:right;vertical-align:middle" type="password" name="password" size="8" maxlength="24" id="password" />
</div>
<div style="display:block;margin-top:15px;clear:both">
<a style="vertical-align:bottom;" href="register.php" class="searchButton"> Créer un compte </a>
<input style="vertical-align:middle;margin-left:65px" type="submit" value="Acceder" class="searchButton"/>
</br>
<a style="vertical-align:bottom;" href="accessrecovery.php" class="searchButton">Mot de passe oublié</a>
</div>
</div>
</form>
</div>
</div>';
}
return $widget_html;
}
<?php
include_once 'privateplc_php.ini.php';
include "web_authentification.inc.php";
include "xmlhandler.inc.php";
error_reporting(E_ALL | E_STRICT);
// Um die Fehler auch auszugeben, aktivieren wir die Ausgabe
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
// Da man in einem Produktivsystem ?blicherweise keine Fehler ausgeben
// will sondern sie nur mitloggen will, bietet es sich an dort die
// Ausgabe der Fehler zu deaktivieren und sie stattdessen in ein Log-File
// schreiben zu lassen
session_start();
$loginflag = -1;
//-1 is false / 0 is true
$DNSservice = -1;
$authent = new authentification();
$xmlhandler = new xmlhandler();
if ($authent->session_authentification('userdata.xml')) {
$loginflag = 0;
}
if ($loginflag == 0) {
//todo:get registered devices
$services = $xmlhandler->get_services('userdata.xml');
//todo:display user data (= address, e-mail address, etc.)
//todo:get booked services
}
$arr = array('loginflag' => $loginflag, 'DNSbooked' => $services['DNSbooked'], 'DNSexpiration' => $services['DNSexpiration']);
echo json_encode($arr);
<?php
error_reporting(E_ALL);
require_once "class.authentification.php";
require_once 'class.config.php';
require_once "class.demandeListe.php";
require_once "class.demande.php";
require_once "class.log.php";
require_once "class.validation.php";
require_once "class.userData.php";
require_once "class.car.php";
define('CANCEL_DEMAND_POST', 'cancelDemand');
define('REACTIVATE_DEMAND_POST', 'reactivateDemand');
$objAuth = authentification::instance();
$objLog = log::instance();
$objvalid = validation::instance();
$objDemandeListe = new demandeListe();
$objDemande = null;
$fileFieldIndex = 0;
if ($objAuth->estIdentifie()) {
$matricule = $_SESSION['usager'];
$submissionTarget = util::getParam($_POST, 'submissionTarget');
$submissionType = util::getParam($_POST, 'submissionType');
$demande = new demande($matricule);
if ($submissionTarget == 'demande') {
if ($submissionType == CANCEL_DEMAND_POST) {
$demande->cancelDemand();
header("Location: demande.php");
} else {
if ($submissionType == REACTIVATE_DEMAND_POST) {
$demande->reactivateDemand();
// schreiben zu lassen
unset($username, $password, $rememberlogin);
$rememberlogin = 0;
$username = $_POST["username"];
$password = $_POST["password"];
$rememberlogin = $_POST["rememberlogin"];
//$username = "******";
//$password = "******";
unset($arr);
unset($errorLogin);
$Loginflag = -1;
//If password is wrong value = -1 else 0
$errorUsername = -1;
$errorpwd = -1;
$errorsetcookie = -1;
$authent = new authentification();
$xmlhandler = new xmlhandler();
$userpwdarray = $authent->getuserpwd($username, "userdata.xml");
if ($userpwdarray['userflag']) {
$errorUsername = 0;
}
if ($authent->verifypwd($password, $userpwdarray['password_hash'])) {
$errorpwd = 0;
}
if ($errorUsername == 0 && $errorpwd == 0) {
$_SESSION['username'] = $username;
$Loginflag = 0;
}
if ($rememberlogin == 1 && $errorpwd == 0 && $errorUsername == 0) {
//generate random cookie_ID to store on clients browser
$cookiearray = $authent->Cookie_remember_code();
<?php
session_start();
include 'class/authentification.php';
if (isset($_POST['OK'])) {
$authentification = new authentification($_POST['emailform'], $_POST['mdpform']);
$authentification->authentification();
}
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="css.css">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Réservation de séjour</title>
</head>
<body>
<div id="header">
<a href="index.php"><img src="img/header.jpg" alt="header" style="position:relative;"/></a>
</div>
<div id="paragraphe">
<div id="corps"><br>
<h3>Reservation</h3><br />
<fieldset><legend>Compte</legend>
<p>Admin</p>
<p>Mail : admin@admin.fr</p>
<p>Mot de passe : admin</p>
<p>Utilisateur</p>
<p>Mail : test@test.fr</
<p>Mot de passe : test</p>
/**
* Short description of method instance
*
* @access private
* @return void
*/
private function init()
{
$this->objDatabase = database::instance();
$this->objAuthentification = authentification::instance();
}
if ($authent->session_authentification('userdata.xml')) {
$loginflag = 0;
}
$errorUsername = -1;
//If username exists already value = -1
$errorPasswordRepeat = -1;
//If password and password2 are not equal value = -1
$errordeviceID = -1;
unset($arr);
unset($errordeviceID, $errorUsername, $errorPasswordRepeat);
if ($loginstatusrequestflag == 1) {
$username = $_POST["username"];
$password = $_POST["password"];
$password2 = $_POST["passwordRepeat"];
$deviceID = $_POST["deviceID"];
$authent = new authentification();
$xmlhandler = new xmlhandler();
if ($authent->deviceID_verification($deviceID, "deviceID.xml")) {
$errordeviceID = 0;
}
if (trim($password) == trim($password2)) {
$errorPasswordRepeat = 0;
}
if ($xmlhandler->searchdoubleuser(trim($username), 'userdata.xml')) {
$errorUsername = 0;
}
if ($errorPasswordRepeat == 0 && $errorUsername == 0 && $errordeviceID == 0) {
$passwordencrypt = $authent->encryptpwd($password);
$deviceID_hash = $authent->hash_sha256($deviceID);
$xmlhandler->addnewuser($username, $passwordencrypt, $deviceID_hash, 'userdata.xml');
}
<?php
/**
* Note that the salt here is randomly generated.
* Never use a static salt or one that is not randomly generated.
*
* For the VAST majority of use-cases, let password_hash generate the salt randomly for you
*/
include 'web_authentification.inc.php';
// Gibt an welche PHP-Fehler �berhaupt angezeigt werden
error_reporting(E_ALL | E_STRICT);
// Um die Fehler auch auszugeben, aktivieren wir die Ausgabe
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
// Da man in einem Produktivsystem �blicherweise keine Fehler ausgeben
// will sondern sie nur mitloggen will, bietet es sich an dort die
// Ausgabe der Fehler zu deaktivieren und sie stattdessen in ein Log-File
// schreiben zu lassen
$auth = new authentification();
$deviceIDsimu = $auth->deviceID_generation();
echo "deviceID = " . $deviceIDsimu['deviceID'] . "<br>";
echo "device ID crypt = " . $deviceIDsimu['deviceIDcrypt'] . "<br>";