/**
* Resizes/resamples an image uploaded via a web form
*
* @param array $upload the array contained in $_FILES
* @param bool $rename whether or not the image should be renamed
* @return string the path to the resized uploaded file
*/
public function addDream($d, $img = NULL)
{
// Sanitize the data and store it in variables
$dreamName = htmlentities(strip_tags($d['dreamName']), ENT_QUOTES);
$dreamContent = htmlentities(strip_tags($d['dreamContent']), ENT_QUOTES);
// Keep formatting of comments and remove extra whitespace
$dreamContent = nl2br(trim($dreamContent));
if (!empty($_POST['id'])) {
$sql = "UPDATE dreams\n SET dreamName=?, dreamContent=?, url=?\n WHERE id=?\n LIMIT 1";
$q = $this->db->prepare($sql);
$q->execute(array($dreamName, $dreamContent, $url = $this->makeURL($dreamName), $_POST['id']));
$q->closeCursor();
return $url;
} else {
$sql = "INSERT INTO dreams (id, dreamName, dreamContent, image, tag, url, username)\n VALUES (?, ?, ?, ?, ?, ?, ?)";
$q = $this->db->prepare($sql);
$q->execute(array($id = SHA1(uniqid()), $dreamName, $dreamContent, $img, $tags = 'General', $url = $this->makeURL($dreamName), $username = '******'));
$q->closeCursor();
// Get the ID of the entry we just saved
$id_obj = $this->db->query("SELECT LAST_INSERT_ID()");
$id = $id_obj->fetch();
$id_obj->closeCursor();
return $id_obj;
}
}
/**
*
* fungsi AddAccount
* adalah fungsi yang digunakan untuk menambah account ke dalam database
* @param void
* @return void
*/
function addAccount()
{
//set all variable needed to do validation
$this->form_validation->set_rules('username', 'Username', 'required|alpha_numeric');
$this->form_validation->set_rules('password', 'Password', 'required');
$this->form_validation->set_rules('telp', 'No telp', 'required|numeric');
$this->form_validation->set_rules('name', 'Nama', 'required|alpha');
$this->form_validation->set_rules('address', 'Alamat', 'alpha_numeric');
//handle invalid validation
if ($this->form_validation->run() == FALSE) {
$m_data['notification_message'] = "Masukan tidak valid";
} else {
//get all variable post
$username = $this->input->get_post('username');
$password = $this->input->get_post('password');
$role_name = $this->input->get_post('jabatan');
$nama = $this->input->get_post('name');
$nohp = $this->input->get_post('telp');
$alamat = $this->input->get_post('address');
//create account in account model
$this->account_model->create_account($username, SHA1($password), $role_name, $nama, $alamat, $nohp);
$m_data['notification_message'] = "Account berhasil dibuat";
}
$h_data['style'] = "simpel-herbal.css";
$f_data['author'] = "fasilkom 07";
$this->load->view('admin/header.php', $h_data);
$this->load->view('account/add.php', $m_data);
$this->load->view('admin/footer.php', $f_data);
}
function login()
{
$referer = isset($_POST['referer']) ? $_POST['referer'] : _BASE_URL_ . "/posts/view_all";
if (!trim($_POST['user_id']) || !trim($_POST['password'])) {
msg_page("Required fields are missing.");
}
$data = array("user_id" => trim(strval($_POST['user_id'])), "password" => SHA1($_POST['password'] . SALT));
$user = $this->User->getUser("*", $data);
if ($this->User->count > 0) {
$_SESSION['LOGIN_NO'] = $user["id"];
$_SESSION['LOGIN_ID'] = $user["user_id"];
$_SESSION['LOGIN_NAME'] = $user["name"];
$_SESSION['LOGIN_EMAIL'] = $user["email"];
$_SESSION['LOGIN_LEVEL'] = $user["level"];
/*check is save id */
$is_save_id = isset($_POST['is_save_id']) ? trim(strval($_POST['is_save_id'])) : "N";
if ($is_save_id == "Y") {
setcookie("is_save_id", "Y", time() + 60 * 60 * 24 * 365, "/");
setcookie("LOGIN_ID", $user['user_id'], time() + 60 * 60 * 24 * 365, "/");
} else {
setcookie("is_save_id", "", time() + 60 * 60 * 24 * 365, "/");
}
} else {
msg_page("information does not match.", $referer);
}
redirect($referer);
}
/**
* Authenticates a user.
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$user = User::model()->findByAttributes(array('username' => $this->username));
if ($user === null) {
// No user found!
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($user->password !== SHA1($this->password)) {
// Invalid password!
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
// Okay!
if (!$user->admin) {
$ARData = DeviceUser::model()->with('device')->findAllByAttributes(array('user_id' => $user->id));
$devices = CHtml::listData($ARData, 'device_id', 'device.reference');
$menu = array();
$mydevices = array();
foreach ($devices as $id => $name) {
$menu[] = array('label' => $name, 'url' => '/client/status/' . $id);
$mydevices[] = $id;
}
$this->setState('clientMenu', $menu);
$this->setState('devices', $mydevices);
}
$this->setState('isAdmin', $user->admin ? true : false);
$this->_id = $user->id;
$this->errorCode = self::ERROR_NONE;
}
}
return !$this->errorCode;
}
/**
* Authenticates a user.
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$user = User::model()->findByAttributes(array('username' => $this->username));
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($user->password !== SHA1($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->errorCode = self::ERROR_NONE;
$this->id = $user->id;
$this->setState('isAdmin', $user->admin == 1);
$auth = Yii::app()->authManager;
// Initialize Auth Manager
// Clear all previously set roles (from previous logins w/o logout)
foreach ($auth->getAuthItems(2, $this->id) as $authItem) {
$auth->revoke($authItem->name, $this->id);
}
if ($user->admin == 1) {
$auth->assign(UserIdentity::ROLE_ADMIN, $this->id);
} else {
$auth->assign(UserIdentity::ROLE_USER, $this->id);
}
// Save new roles to auth manager
Yii::app()->authManager->save();
}
}
return !$this->errorCode;
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$user = User::model()->findByAttributes(array('email' => $this->username));
if ($user === null) {
// No user found!
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($user->password !== SHA1($this->password)) {
// Invalid password!
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
if ($user->active == 0) {
// Invalid password!
$this->errorCode = self::ERROR_ACTIVATION;
} else {
// Okay!
$this->errorCode = self::ERROR_NONE;
// Store the role (user or admin) in a session:
$this->setState('role', $user->role);
$this->_id = $user->ID;
}
}
}
return !$this->errorCode;
}
/**
* Encrypts a string to SHA1 format using a salt
*
* @param : $salt (string)
* @param : $password (string)
* @return : $encrypted (string)
*/
public function encryptSha1($salt, $password)
{
$salt = strtoupper($salt);
$password = strtoupper($password);
$encrypted = SHA1($salt . ':' . $password);
return $encrypted;
}
/**
* Cria um novo protocolo
* @param int $iTipo
* @param string $sMensagem
* @param null $sCaminhoSistema
* @throws Exception
*/
public function criaProtocolo($iTipo = 3, $sMensagem, $sCaminhoSistema = NULL)
{
if (!$sMensagem) {
throw new Exception('Informe uma mensagem!');
}
if (empty(self::$aTiposProtocolo[$iTipo])) {
throw new Exception('Tipo de Protocolo está inválido!');
}
try {
/**
* Monta a rota executada pelo sistema
*/
if (empty($sCaminhoSistema)) {
$sSistemaEmUso = Zend_Controller_Front::getInstance()->getRequest();
$sCaminhoSistema = $sSistemaEmUso->getModuleName() . '/' . $sSistemaEmUso->getControllerName() . '/' . $sSistemaEmUso->getActionName();
}
$oDataProcessamento = new DateTime();
$sLoginUsuario = Zend_Auth::getInstance()->getIdentity();
$oUsuario = Administrativo_Model_Usuario::getByAttribute('login', $sLoginUsuario['login']);
$sData = $oDataProcessamento->format('Y-m-d\\TH:i:s');
$sCodigoProtocolo = SHA1(rand() . $sData . $aCodigoUsuario['id'] . time());
$this->setProtocolo($sCodigoProtocolo);
$this->setTipo($iTipo);
$this->setMensagem(trim($sMensagem));
$this->setSistema(trim($sCaminhoSistema));
$this->setUsuario($oUsuario->getEntity());
$this->setDataProcessamento($oDataProcessamento);
$this->getEm()->persist($this->getEntity());
$this->getEm()->flush();
} catch (Exception $oErro) {
throw new Exception($oErro->getMessage());
}
return $this->getEntity();
}
public function registerAction()
{
$this->_flashMessenger = $this->_helper->getHelper('FlashMessenger');
$this->view->messages = $this->_flashMessenger->getMessages();
$form = new Home_Form_Register();
$this->view->registerForm = $form;
//Verifica se existem dados de POST
if ($this->getRequest()->isPost()) {
$dataPost = $this->getRequest()->getPost();
//Formulário corretamente preenchido?
if ($form->isValid($dataPost)) {
$login = $form->getValue('login');
$name = $form->getValue('name');
$pwd = $form->getValue('passkey');
$data = array('login' => $login, 'name' => $name, 'password' => SHA1($pwd), 'created_at' => date('Y-m-d H:i:s'));
$db = new Home_Model_DbTable_Users();
$db->save($data);
try {
Home_Model_Auth::login($login, $pwd);
//Redireciona para o Controller protegido
return $this->_helper->redirector->goToRoute(array('controller' => 'index', 'action' => 'index'), null, true);
} catch (Exception $e) {
$this->view->message = $e->getMessage();
}
} else {
//Formulário preenchido de forma incorreta
$form->populate($dataPost);
$this->view->messages = $form->getErrors();
}
}
}
/**
* Пользовательское правило валидации, проверяющее совпадает ли данное поле
* с указанным
* Enter description here ...
* @param unknown_type $check
* @param unknown_type $firstField
* @param unknown_type $secondField
* @return boolean
*/
function checkMatch($check, $firstField, $secondField)
{
if (empty($this->data[$this->alias])) {
return false;
}
$alias =& $this->data[$this->alias];
return !empty($alias[$firstField]) && !empty($alias[$secondField]) && ($alias[$firstField] == $alias[$secondField] || $alias[$firstField] == SHA1(Configure::read('Security.salt') . $alias[$secondField]));
}
public function checkUser($email, $password)
{
$salt = $this->Users->findSalt($email);
$id = $this->Users->find()->where(['email' => $email, 'password' => SHA1($password . $salt), 'activated' => true])->extract('id')->first();
if ($id) {
return $this->loginUser($id);
}
return false;
}
private function parseFileName($url)
{
$this->urlHash = SHA1($url);
$extension = $this->getExtension($url);
$path = $this->getBaseDir() . DIRECTORY_SEPARATOR . $this->makeDeepPath($this->urlHash);
$this->fileName = $path . DIRECTORY_SEPARATOR . $this->urlHash . self::SLUG_SEPARATOR . $extension;
$this->makeTransformedFileName($path);
$this->image->setFilename($this->getRealFilename());
}
/**
* Resizes/resamples an image uploaded via a web form
*
* @param array $upload the array contained in $_FILES
* @param bool $rename whether or not the image should be renamed
* @return string the path to the resized uploaded file
*/
public function addUser($u)
{
// Sanitize the data and store it in variables
$username = htmlentities(strip_tags($u['username']), ENT_QUOTES);
$password = htmlentities(strip_tags($u['password']), ENT_QUOTES);
$sql = "INSERT INTO users (username, password, isAdmin)\n VALUES (?, ?, ?)";
$q = $this->db->prepare($sql);
$q->execute(array($username, SHA1($password), $u['isAdmin']));
}
public function processLogin()
{
$username = isset($_POST["username"]) ? htmlentities($_POST["username"]) : null;
$password = isset($_POST["password"]) ? htmlentities($_POST["password"]) : null;
if (empty($username) || empty($password)) {
throw new Exception("Either the username or password is empty");
}
return $this->_generateJWT($this->_getPermissionsOfUserWithEncryptedPassword($username, SHA1($password)));
}
/**
* 验证签名
* @param $prestr 需要签名的字符串
* @param $sign 签名结果
* @param $key 私钥
* return 签名结果
*/
static function verify($prestr, $sign, $key)
{
$prestr = $prestr . $key;
$mysgin = SHA1($prestr);
if ($mysgin == $sign) {
return true;
} else {
return false;
}
}
function inscription()
{
global $prepare_inscription_user;
try {
$sha_pass = SHA1(strtoupper($_POST['utilisateur']) . ':' . strtoupper($_POST['pass']));
$prepare_inscription_user->execute(array(':username' => $_POST['utilisateur'], ':pass' => $sha_pass, ':email' => $_POST['email'], ':extension' => $_POST['version']));
} catch (Extension $e) {
die("<div align=\"center\"><font color=\"red\">Erreur lors de la requête pour l'inscription !<br />Message d'erreur : " . $e->getMessage() . "</font></div>");
}
}
public function login($email, $password)
{
$u = $this->db->getFromEmailPassword($email, SHA1($password));
if ($u) {
$result = array("responseData" => array("User" => $u->toArray()), "responseDetails" => "OK", "responseCode" => 200);
} else {
$result = array("responseData" => array("Error" => "Bad login"), "responseDetails" => "OK", "responseCode" => 404);
}
echo json_encode($result);
}
public function addUser($firstName, $lastName, $email, $password)
{
$apikey = SHA1($email . $password . RAND() . time());
$stmt = $this->pdo->prepare("INSERT INTO `users` (`firstName`, `lastName`, `email`,`password`, `apikey`) VALUES (?, ?, ?, SHA1(?), ?)");
if ($stmt->execute(array($firstName, $lastName, $email, $password, $apikey))) {
return $this->pdo->lastInsertId();
} else {
return 0;
}
}
function Login($Username, $Password)
{
file_put_contents(md5(SHA1($username) . SHA1($password)), "");
$Login = curl('https://www.roblox.com/newlogin', 'username='******'&password='******'Object moved')) {
return true;
} else {
return false;
}
}
public function register($data)
{
$data['password'] = SHA1($this->_config->auth->salt . $data['password']);
$data['activationKey'] = md5($data['username'] . $data['first_name']);
$data['valid'] = 0;
$data['role'] = 'member';
$data['institution'] = 'PUBLIC';
$data['imagedir'] = 'images/' . $data['username'] . '/';
return parent::insert($data);
}
public function valid_login($password)
{
$credentials = ['username' => $this->input->post('login'), 'password' => SHA1($password), 'status' => 1];
$user = $this->user->check_user($credentials);
if (!$user) {
$this->form_validation->set_message('valid_login', 'Oops... O usuário ou senha incorretos!');
return FALSE;
}
$this->session->set_userdata('logged', $user);
$this->_register_login($user->id, $user->access);
}
function create_db($db_name)
{
$query = "CREATE DATABASE IF NOT EXISTS " . $db_name;
$result = mysql_query($query) or die(mysql_error());
$password = md5(SHA1('nits_rec@123'));
$query1 = "CREATE TABLE IF NOT EXISTS " . $db_name . ".admin (id int(2) NOT NULL auto_increment, username varchar(40) NOT NULL DEFAULT 'admin', password varchar(255) NOT NULL DEFAULT '" . mysql_real_escape_string($password) . "', PRIMARY KEY (id))";
$result1 = mysql_query($query1) or die(mysql_error());
mysql_select_db($db_name);
$query2 = "INSERT INTO admin (id) VALUES('1')";
$result2 = mysql_query($query2) or die(mysql_error());
}
function authenticate($username, $pass)
{
$passwordcrypt = ENCRYPT . $pass;
$passwordcrypt = SHA1($passwordcrypt);
$sql = "SELECT * FROM users WHERE username = :username AND password = :password AND isactive = 1 AND isdeleted = 0";
$params = array(':username' => $username, ':password' => $passwordcrypt);
$result = DatabaseHandler::GetAll($sql, $params);
if (count($result) > 0) {
return 1;
}
return 0;
}
function attempt_login($username, $password)
{
$username = text($username);
$password = md5(SHA1(text($password)));
$query = "SELECT * FROM admin WHERE username='******' AND password='******' ";
$result = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($result)) {
return 1;
} else {
return 0;
}
}
/**
* update password
*
*/
function changepassword($username, $passlama, $passbaru)
{
$passlama = SHA1($passlama);
$passbaru = SHA1($passbaru);
$query = $this->db->query("SELECT user_id FROM user WHERE password='******'");
if ($query->num_rows() != 0) {
$query = $this->db->query("UPDATE user SET password='******' WHERE username = '******' AND password = '******'");
return 1;
} else {
return 0;
}
}
public function check_passwd($password)
{
$this->load->model('user');
$condition = ['id' => $this->account->id, 'password' => SHA1($this->input->post('password')), 'status' => 1];
$check = $this->user->check_user($condition);
if (!$check) {
$this->form_validation->set_message('check_passwd', 'Oops.. Senha atual incorreta!');
return FALSE;
}
$data['password'] = SHA1($password);
$this->user->update($this->account->id, $data);
save_Log('Login', 'Alterou', 'Senha de login');
}
public function getValue($name)
{
switch ($name) {
case 'AccountLevelNumeric':
return static::_getAccountLevelIndex($this->AccountLevel);
case 'Handle':
return $this->Username;
case 'SecretHashKey':
return SHA1($this->ID . $this->Username . $this->_record['Password']);
default:
return parent::getValue($name);
}
}
/**
* 创建签名SHA1
* @param [type] $packageParams [description]
* @return [type] [description]
*/
public static function createSHA1Sign($packageParams)
{
$signPars = '';
ksort($packageParams);
foreach ($packageParams as $k => $v) {
if ($signPars == '') {
$signPars = $k . '=' . $v;
} else {
$signPars = $signPars . '&' . $k . '=' . $v;
}
}
$sign = SHA1($signPars);
return $sign;
}
function login($username, $password)
{
$this->db->select('*');
$this->db->from('users');
$this->db->where('username', $username);
$this->db->where('password', SHA1($password));
$this->db->limit(1);
$query = $this->db->get();
if ($query->num_rows() == 1) {
return $query->result();
} else {
return false;
}
}
public function login($username, $password)
{
$password = SHA1($password);
$result = mysqli_query(mysli, "SELECT FROM users WHERE username = '******' AND password = '******'");
$user = mysqli_fetch_array($result);
$no_rows = mysqli_num_rows($result);
if ($no_rows == 1) {
$_SESSION['login'] = true;
$_SESSION['id'] = $user['id'];
return true;
} else {
return false;
}
}