* but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * */ require_once __DIR__ . "/../../../../session.php"; require_once __DIR__ . "/../../../../moneyio.php"; require_once __DIR__ . "/../../../../mio-user/show/user_func.php"; require_once __DIR__ . "/../../../../mio-wallet/show/wallet_func.php"; open_session(); $user_id = $_SESSION["mio-username_id"]; if (isset($_SESSION) && !empty($_SESSION)) { $user_info = show_user_profile($user_id); $picture = $_SESSION["mio-pic"]; ?> <div class="container-fluid"> <h1 id="show-profile-now">Visualizando tu perfil <strong><?php echo $user_info->nick; ?> </strong></h1> <div class"row"> <div class="col-xs-12 col-sm-6 col-md-6 col-lg-6"> <p><h3>Nombre</h3> <strong><?php echo $user_info->name;
} $columns = "registrationDate, email, passwordHash, firstName, lastName, " . "married, city, street, house, education, year"; $values = "NOW(), '{$fieldValues->email}', '{$passwordHash}', '{$fieldValues->firstName}', " . "'{$fieldValues->lastName}', '{$fieldValues->married}', '{$fieldValues->city}', " . "'{$fieldValues->street}', '{$fieldValues->house}', '{$fieldValues->education}', '{$fieldValues->year}'"; $nonRequiredColumns = ["phone", "phone2", "middleName", "apartment", "professionalExperience", "info", "image"]; foreach ($fieldValues as $fieldName => $fieldValue) { foreach ($nonRequiredColumns as $nonRequiredColumn) { if ($fieldName == $nonRequiredColumn && $fieldValue) { $columns .= ", " . $nonRequiredColumn; $values .= ", '{$fieldValue}'"; } } } $q = "insert into user ({$columns}) values ({$values})"; db_query($dbLink, $q); $userId = mysqli_insert_id($dbLink); $sessionUid = open_session($dbLink, $userId, true); } catch (DbException $e) { $error = "internalException"; } catch (Exceptioni $e) { $error = $e->getCode(); } finally { $responce = []; if ($error) { $responce["status"] = "error"; $responce["error"] = $error; $responce["fieldErrors"] = $errors; } else { $responce["status"] = "ok"; $responce["sessionUid"] = $sessionUid; } db_close($dbLink);
if ($errors) { throw new Exceptioni("fieldErrors"); } $dbLink = db_init(); $uid = $fieldValues->captchaUid; $captcha = $fieldValues->captcha; if (!captcha_match($dbLink, $captcha, $uid)) { $errors["captcha"] = "mismatch"; throw new Exceptioni("fieldErrors"); } $auth = authenticate_by_password($dbLink, $fieldValues->email, $fieldValues->password); $status = $auth["status"]; if ($status != "ok") { throw new Exceptioni($status); } $sessionUid = open_session($dbLink, $auth["userId"], $fieldValues->stayLogged); } catch (DbException $e) { $error = "internalException"; } catch (Exceptioni $e) { $error = $e->getCode(); } finally { db_close($dbLink); $responce = []; if ($error) { $responce["status"] = "error"; $responce["error"] = $error; $responce["fieldErrors"] = $errors; } else { $responce["status"] = "ok"; $responce["sessionUid"] = $sessionUid; }
function ferina_session() { if (get_wp_session('is_open')) { open_session(); } }
function getSidInCookie($link) { $login = $_COOKIE['login']; $password = $_COOKIE['password']; if ($login == null) { return null; } //Если же в куках есть какой-то логин, то ищем его в БД $user = getByLogin($link, $login); //Если что-то находится и пароль в базе совпадает с паролем из кук, то заново открываем сессию if ($user != null && $user['password'] == $password) { $sid = open_session($link, $user['id_user']); } return $sid; }
if ($login) { // Decodage de la chaine d'authentification cote serveur avec une cle privee extraction des parametres $tmp = preg_split ("/[\|]/",decodekey($string_auth),4); $pass = $tmp[0]; $ip_src = $tmp[1]; $timestamp = $tmp[2]; $timewait = $tmp[3]; $timetotal= $timewait+$timestamp+$MaxLifeTime; // Verification de la validite de la source IP et du du TimeStamp if ( $ip_src != remote_ip() && time() < $timetotal ) { $error = 1; } elseif ( time() > $timetotal && $ip_src == remote_ip() ) { $error = 2; } elseif ( $ip_src != remote_ip() && time() > $timetotal ) { $error = 3; } elseif ( !open_session( mb_strtolower($login), $pass, $string_auth) ) { $error = 4; } // Interpretation erreurs if ($error) { // Log en cas d'echec $fp=fopen($logpath."/error.log","a"); if($fp) { fputs($fp,"[".date("D M d H:i:s Y")."] [".$MsgError[$error]."] [client ".$ip_src."] [remote ip : ".remote_ip()."] [Login : "******"] [TimeStamp srv : ".time()."] [TimeTotal : ".$timetotal."] \n"); fclose($fp); } // Redirection vers la page d'authentification header("Location:auth.php?error=$error"); exit; } else { // Log en cas de succes