<?php /** * @author Pierre-Henry Soria <*****@*****.**> * @copyright (c) 2012-2016, Pierre-Henry Soria. All Rights Reserved. * @license GNU General Public License; See PH7.LICENSE.txt and PH7.COPYRIGHT.txt in the root directory. * @package PH7 / App / System / Module / User */ namespace PH7; defined('PH7') or die('Restricted access'); // Automatic connection if (!UserCore::auth() && Framework\Registry\Registry::getInstance()->action != 'soon') { $oCookie = new Framework\Cookie\Cookie(); if ($oCookie->exists(array('member_remember', 'member_id'))) { if ((new ExistsCoreModel())->id($oCookie->get('member_id'))) { $oUserModel = new UserCoreModel(); $oUser = $oUserModel->readProfile($oCookie->get('member_id')); if ($oCookie->get('member_remember') === Framework\Security\Security::hashCookie($oUser->password)) { (new UserCore())->setAuth($oUser, $oUserModel, new Framework\Session\Session()); } } } unset($oCookie); }
public function config_site() { global $LANG; if (empty($_SESSION['step4'])) { if (!empty($_SESSION['step3']) && is_file(PH7_ROOT_PUBLIC . '_constants.php')) { session_regenerate_id(true); if (empty($_SESSION['val'])) { $_SESSION['val']['site_name'] = 'My Own Social/Dating Site!'; $_SESSION['val']['admin_login_email'] = ''; $_SESSION['val']['admin_email'] = ''; $_SESSION['val']['admin_feedback_email'] = ''; $_SESSION['val']['admin_return_email'] = ''; $_SESSION['val']['admin_username'] = '******'; $_SESSION['val']['admin_first_name'] = ''; $_SESSION['val']['admin_last_name'] = ''; } if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['config_site_submit'])) { if (filled_out($_POST)) { foreach ($_POST as $sKey => $sVal) { $_SESSION['val'][$sKey] = trim($sVal); } if (validate_email($_SESSION['val']['admin_login_email']) && validate_email($_SESSION['val']['admin_email']) && validate_email($_SESSION['val']['admin_feedback_email']) && validate_email($_SESSION['val']['admin_return_email'])) { if (validate_username($_SESSION['val']['admin_username']) == 0) { if (validate_password($_SESSION['val']['admin_password']) == 0) { if (validate_identical($_SESSION['val']['admin_password'], $_SESSION['val']['admin_passwords'])) { if (!find($_SESSION['val']['admin_password'], $_SESSION['val']['admin_username']) && !find($_SESSION['val']['admin_password'], $_SESSION['val']['admin_first_name']) && !find($_SESSION['val']['admin_password'], $_SESSION['val']['admin_last_name'])) { if (validate_name($_SESSION['val']['admin_first_name'])) { if (validate_name($_SESSION['val']['admin_last_name'])) { @(require_once PH7_ROOT_PUBLIC . '_constants.php'); @(require_once PH7_PATH_APP . 'configs/constants.php'); require PH7_PATH_FRAMEWORK . 'Loader/Autoloader.php'; // To load "Security" class. Framework\Loader\Autoloader::getInstance()->init(); try { require_once PH7_ROOT_INSTALL . 'inc/_db_connect.inc.php'; // SQL EXECUTE $oSqlQuery = $DB->prepare('INSERT INTO ' . $_SESSION['db']['prefix'] . 'Admins (profileId , username, password, email, firstName, lastName, joinDate, lastActivity, ip) VALUES (1, :username, :password, :email, :firstName, :lastName, :joinDate, :lastActivity, :ip)'); $sCurrentDate = date('Y-m-d H:i:s'); $oSqlQuery->execute(array('username' => $_SESSION['val']['admin_username'], 'password' => Framework\Security\Security::hashPwd($_SESSION['val']['admin_password']), 'email' => $_SESSION['val']['admin_login_email'], 'firstName' => $_SESSION['val']['admin_first_name'], 'lastName' => $_SESSION['val']['admin_last_name'], 'joinDate' => $sCurrentDate, 'lastActivity' => $sCurrentDate, 'ip' => client_ip())); $oSqlQuery = $DB->prepare('UPDATE ' . $_SESSION['db']['prefix'] . 'Settings SET value = :siteName WHERE name = \'siteName\''); $oSqlQuery->execute(array('siteName' => $_SESSION['val']['site_name'])); $oSqlQuery = $DB->prepare('UPDATE ' . $_SESSION['db']['prefix'] . 'Settings SET value = :adminEmail WHERE name = \'adminEmail\''); $oSqlQuery->execute(array('adminEmail' => $_SESSION['val']['admin_email'])); $oSqlQuery = $DB->prepare('UPDATE ' . $_SESSION['db']['prefix'] . 'Settings SET value = :feedbackEmail WHERE name = \'feedbackEmail\''); $oSqlQuery->execute(array('feedbackEmail' => $_SESSION['val']['admin_feedback_email'])); $oSqlQuery = $DB->prepare('UPDATE ' . $_SESSION['db']['prefix'] . 'Settings SET value = :returnEmail WHERE name = \'returnEmail\''); $oSqlQuery->execute(array('returnEmail' => $_SESSION['val']['admin_return_email'])); // We finalise by putting the correct permission to the config files $this->_chmodConfigFiles(); $_SESSION['step4'] = 1; redirect(PH7_URL_SLUG_INSTALL . 'service'); } catch (\PDOException $oE) { $aErrors[] = $LANG['database_error'] . escape($oE->getMessage()); } } else { $aErrors[] = $LANG['bad_last_name']; } } else { $aErrors[] = $LANG['bad_first_name']; } } else { $aErrors[] = $LANG['insecure_password']; } } else { $aErrors[] = $LANG['passwords_different']; } } elseif (validate_password($_SESSION['val']['admin_password']) == 1) { $aErrors[] = $LANG['password_too_short']; } elseif (validate_password($_SESSION['val']['admin_password']) == 2) { $aErrors[] = $LANG['password_too_long']; } elseif (validate_password($_SESSION['val']['admin_password']) == 3) { $aErrors[] = $LANG['password_no_number']; } elseif (validate_password($_SESSION['val']['admin_password']) == 4) { $aErrors[] = $LANG['password_no_upper']; } } elseif (validate_username($_SESSION['val']['admin_username']) == 1) { $aErrors[] = $LANG['username_too_short']; } elseif (validate_username($_SESSION['val']['admin_username']) == 2) { $aErrors[] = $LANG['username_too_long']; } elseif (validate_username($_SESSION['val']['admin_username']) == 3) { $aErrors[] = $LANG['bad_username']; } } else { $aErrors[] = $LANG['bad_email']; } } else { $aErrors[] = $LANG['all_fields_mandatory']; } } } else { redirect(PH7_URL_SLUG_INSTALL . 'config_system'); } } else { redirect(PH7_URL_SLUG_INSTALL . 'service'); } $this->oView->assign('sept_number', 4); $this->oView->assign('errors', @$aErrors); unset($aErrors); $this->oView->display('config_site.tpl'); }