Пример #1
0
 public function index($parameter)
 {
     // authenticate user if form data POSTed
     if (isset($_POST['username'])) {
         if (Fari_User::authenticate($_POST['username'], $_POST['password'], $_POST['token'], 'realname')) {
             // JSON response for our client
             if ($_SERVER['HTTP_USER_AGENT'] == $this->clientIdentifier) {
                 echo json_encode(array('status' => 'success'));
             } else {
                 $user = Fari_User::getCredentials();
                 Fari_Message::notify("Welcome back {$user}!");
                 $this->redirect('/shoutbox/');
                 die;
             }
         } else {
             // JSON response for our client
             if ($_SERVER['HTTP_USER_AGENT'] == $this->clientIdentifier) {
                 echo json_encode(array('status' => 'fail'));
             } else {
                 Fari_Message::fail("Failed to authenticate!");
                 $this->view->system = Fari_Message::get();
             }
         }
     }
     // create token & display login form
     $this->view->token = Fari_Token::create();
     if ($_SERVER['HTTP_USER_AGENT'] != $this->clientIdentifier) {
         $this->view->display('login');
     }
 }
Пример #2
0
 /**
  * Authenticate user (input will be escaped).
  * @uses 'username', 'password'(sha1) in 'users' table
  *
  * @param string $username Username passed from a form
  * @param string $password Password passed from a form
  * @param string $token Token passed from a form
  * @param string $credentialsColumn Optionally specify which column to use for credentials
  * @return void
  */
 public static function authenticate($username, $password, $token, $credentialsColumn = 'username')
 {
     // if credentials provided and token is valid
     if (isset($username, $password) && Fari_Token::isValid($token)) {
         // escape input, add slashes and encrypt
         $username = Fari_Escape::text($username);
         $password = self::_encrypt(Fari_Escape::text($password));
         // select a matching row from a table
         $whereClause = array('username' => $username, 'password' => $password);
         $user = Fari_Db::selectRow('users', $credentialsColumn, $whereClause);
         // user id is set
         if (isset($user[$credentialsColumn])) {
             // create and set credentials string
             $_SESSION[self::SESSION_CREDENTIALS_STORAGE] = $user[$credentialsColumn];
             unset($user);
             return TRUE;
         }
     }
     return FALSE;
 }
Пример #3
0
 public function login()
 {
     if (Fari_User::isAuthenticated('realname')) {
         $this->redirect('/');
     }
     // authenticate user if form data POSTed
     if (isset($_POST['username'])) {
         if (Fari_User::authenticate($_POST['username'], $_POST['password'], $_POST['token'], 'realname')) {
             Fari_Message::success('Welcome back \'' . Fari_User::getCredentials() . '\'');
             $this->redirect('/');
             die;
         }
         Fari_Message::fail('Incorrect authentication details');
     }
     // create token & display login form
     $this->view->token = Fari_Token::create();
     // pickup messages for us
     $this->view->messages = Fari_Message::get();
     $this->view->display('/themes/' . BLOG_THEME . '/login');
 }