Пример #1
0
function index_password_change()
{
    global $tpl;
    if (!isset($_GET['valid']) || $_GET['valid'] != $_SESSION['index_password_code']) {
        $tpl->assign('hsuccess', false);
        modexec('index');
    }
    $mdl = new Modele('users');
    $mdl->find(array('user_email' => $_SESSION['index_password_email']));
    $mdl->next();
    if (isset($_POST['pwd1'])) {
        $success = $mdl->modFrom(array('user_pass' => $_POST['pwd1']), false);
        $tpl->assign('hsuccess', $success);
        if ($success) {
            unset($_SESSION['index_password_code']);
            $_SESSION['user'] = $mdl->toArray();
            $_SESSION['user']['role'] = aclFromText($mdl->raw_user_role);
            $tpl->assign('_user', $_SESSION['user']);
            modexec('index');
        }
    }
    $tpl->assign('user', $mdl);
    display();
}
Пример #2
0
function tripusr_step4()
{
    global $tpl;
    $ufile = _tripusr_load();
    if ($ufile->tu_step != 4) {
        redirect('tripusr', 'continue', array('file' => $ufile->getKey()));
    }
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        if (isset($_POST["next"])) {
            $bill = new Modele('trip_types');
            $bill->fetch($_POST['ticket']);
            switch ($bill->raw_tt_restriction) {
                case 'ALL':
                    $ufile->tu_type = $bill->getKey();
                    $ufile->tu_price = $bill->tt_price;
                    $ufile->tu_step = 5;
                    redirect('tripusr', 'step5', array('file' => $ufile->getKey()));
                    break;
                case 'USER':
                    $ufile->tu_type = $bill->getKey();
                    if (aclFromText($_SESSION['user']['user_role']) >= ACL_USER) {
                        $ufile->tu_price = $bill->tt_price;
                        $ufile->tu_step = 5;
                        redirect('tripusr', 'step5', array('file' => $ufile->getKey()));
                    }
                    break;
                default:
                    echo 'ERROR: not implemented';
                    quit();
                    break;
            }
        }
        /* else {
           $questions = new Modele('trip_options');
           $questions->find(array('topt_trip' => $ufile->raw_tu_trip));
           // Pas de complements, go back etape 2
           if ($questions->count() == 0) {
           $ufile->tu_step = 2;
           redirect('tripusr', 'step2', array('file' => $ufile->getKey()));
           } else {
           $ufile->tu_step = 3;
           redirect('tripusr', 'step3', array('file' => $ufile->getKey()));
           }
           } */
    }
    $tickets = new Modele('trip_types');
    $tickets->find(array('tt_trip' => $ufile->raw_tu_trip));
    $tickets->appendTemplate('tickets');
    display();
}
Пример #3
0
function user_add_mandate($user, $mandate)
{
    $usr = new Modele('users');
    $mdt = new Modele('mandate');
    $lnk = new Modele('user_mandate');
    if (preg_match('/^9([0-9]{4})([0-9]{7})[0-9]$/', $user, $matchs)) {
        $user = $matchs[2];
        $mandate = $matchs[1];
    }
    $usr->fetch($user);
    $mdt->fetch($mandate);
    if ($lnk->find(array('um_user' => $usr->getKey(), 'um_mandate' => $mdt->getKey())) && $lnk->count() > 0) {
        return 'L\'utilisateur a déjà un mandat, changez ces privilèges manuellement';
    }
    $succ = $lnk->addFrom(array('um_user' => $usr->getKey(), 'um_mandate' => $mdt->getKey()));
    if ($succ && aclFromText($usr->raw_user_role) < ACL_USER) {
        $usr->user_role = ACL_USER;
    }
    return $succ;
}
Пример #4
0
/**
 * Permet d'authentifier un utilisateur
 *
 * @global type $pdo
 * @param type $user Utilisateur
 * @param type $pass Mot de passe chiffré
 * @return boolean True si authentification réussie
 */
function login_user($user, $pass, $otp_code = null)
{
    global $pdo, $srcdir;
    $sql = $pdo->prepare('SELECT * FROM users WHERE user_name = ?');
    $sql->bindValue(1, $user);
    $sql->execute();
    if ($user = $sql->fetch()) {
        //Ici l'utilisateur existe
        if (strlen($user['user_pass']) != 32) {
            // Mot de passe non chiffré ...
            $user['user_pass'] = md5($user['user_name'] . ':' . $user['user_pass']);
        }
        if (strlen($user['user_otp'])) {
            require_once $srcdir . '/libs/GoogleAuthenticator/GoogleAuthenticator.php';
            $otp = new GoogleAuthenticator();
            if (!$otp->checkCode($user['user_otp'], $otp_code)) {
                return -1;
            }
        }
        //Mot de passe correct ?
        if (md5($user['user_pass'] . $_SESSION['random']) == $pass) {
            $_SESSION['user'] = $user;
            $_SESSION['user']['role'] = aclFromText($user['user_role']);
            unset($_SESSION['random']);
            return true;
        }
    }
    return false;
}