function getUserId($token, $bdd) { if (!empty($token)) { $tokenManager = new TokenManager($bdd); if ($tokenbdd = $tokenManager->get($token, 'token')) { if ($tokenbdd->userip() == $_SERVER['REMOTE_ADDR']) { $userId = $tokenbdd->userid(); return $userId; } else { header('Location: ?controler=user&action=logoutForced'); exit; } } } }
<?php switch ($action) { case 'login': if (!empty($_POST['login']) && !empty($_POST['pass'])) { $_POST['pass'] = sha1($_POST['pass']); $userToLog = new User($_POST); $userManager = new UserManager($bdd); if ($userToBdd = $userManager->get($userToLog->login(), 'login')) { if ($userToLog->pass() == $userToBdd->pass()) { $tokenParams = array('token' => sha1($userToBdd->id() . $userToBdd->login() . $userToBdd->pass() . $_SERVER['REMOTE_ADDR'] . date("Y-m-d H:i:s")), 'userid' => $userToBdd->id(), 'userip' => $_SERVER['REMOTE_ADDR'], 'datetime' => date("Y-m-d H:i:s")); $token = new Token($tokenParams); $tokenManager = new TokenManager($bdd); if ($lastToken = $tokenManager->get($userToBdd->id(), 'userid')) { $token->setId($lastToken->id()); $tokenManager->update($token); } else { $tokenManager->add($token); } $_SESSION['token'] = $token->token(); header('Location: ?controler=index'); } else { //mot de passe incorrect echo 'pass error'; } } else { //login incorrect echo 'login error'; } } else { header('Location: ?controler=index');
/** * Constructs the parse tree from a string of bbcode markup. * * @param string $str the bbcode markup to parse */ public function parse($str) { $this->reset(); $parent = $this->treeRoot; $tokenManager = new TokenManager($str); $nodeid = 1; $inTag = false; while ($tokenManager->hasCurrent()) { // tokens are either "[", "]" or a string that contains neither a opening bracket nor a closing bracket if ($inTag) { // this token should be a tag name // explode by = in case there's an attribute $pieces = explode('=', $tokenManager->getCurrent(), 2); // check if it's a closing tag if (substr($pieces[0], 0, 1) == "/") { $tagName = substr($pieces[0], 1); $closing = true; } else { $tagName = $pieces[0]; $closing = false; } if (($this->codeExists($tagName, isset($pieces[1])) || $closing && $this->codeExists($tagName, true)) && $tokenManager->hasNext() && $tokenManager->next() == "]") { if ($closing) { $closestParent = $parent->closestParentOfType($tagName); if ($closestParent != null && $closestParent->hasParent()) { // closing an element... move to this element's parent $parent->getCodeDefinition()->decrementCounter(); $parent = $closestParent->getParent(); $tokenManager->advance(); $tokenManager->advance(); $inTag = false; continue; } } else { // new element $el = new ElementNode(); $code = $this->getCode($tagName, isset($pieces[1])); $code->incrementCounter(); $el->setNestDepth($code->getCounter()); $el->setCodeDefinition($code); $el->setTagName($tagName); $el->setNodeId($nodeid++); if (isset($pieces[1])) { $el->setAttribute($pieces[1]); } $parent->addChild($el); $parent = $el; $tokenManager->advance(); $tokenManager->advance(); $inTag = false; continue; } } // the opening bracket that sent us in here was really just plain text $node = new TextNode("["); $node->setNodeId($nodeid++); $parent->addChild($node); $inTag = false; // treat this token as regular text, and let the next if...else structure handle it as regular text } if ($tokenManager->getCurrent() == "[") { $inTag = true; } else { $node = new TextNode($tokenManager->getCurrent()); $node->setNodeId($nodeid++); $parent->addChild($node); } $tokenManager->advance(); } }
<?php switch ($action) { case 'index': /*création des tables*/ $pipeManager = new PipeManager($bdd); $pipeManager->createTable(); $pipeoptionManager = new PipeoptionManager($bdd); $pipeoptionManager->createTable(); $pageManager = new PageManager($bdd); $pageManager->createTable(); $userManager = new UserManager($bdd); $userManager->createTable(); $tokenManager = new TokenManager($bdd); $tokenManager->createTable(); /*redirection*/ header('Location: ?controler=install&action=firstuser'); break; case 'firstuser': $userManager = new UserManager($bdd); if ($userManager->count() > 0) { header('Location: ?controler=index'); } else { header('Location: ?controler=user&action=add'); } break; default: break; }
if (!MULTIPROVIDER && isset($GLOBALS['user_provider'])) { $regProvider = array($GLOBALS['user_provider']); } else { $regProvider = array(ADA_PUBLIC_TESTER); } $id_user = Multiport::addUser($userObj, $regProvider); if ($id_user < 0) { $message = translateFN('Impossibile procedere. Un utente con questi dati esiste?') . ' ' . urlencode($userObj->getEmail()); header('Location:' . HTTP_ROOT_DIR . '/browsing/registration.php?message=' . $message); exit; } /** * Create a registration token for this user and send it to the user * with the confirmation request. */ $tokenObj = TokenManager::createTokenForUserRegistration($userObj); if ($tokenObj == false) { $message = translateFN('An error occurred while performing your request. Pleaser try again later.'); header('Location:' . HTTP_ROOT_DIR . "/browsing/registration.php?message={$message}"); exit; } $token = $tokenObj->getTokenString(); $admTypeAr = array(AMA_TYPE_ADMIN); $extended_data = TRUE; $admList = $dh->get_users_by_type($admTypeAr, $extended_data); if (!AMA_DataHandler::isError($admList) && array_key_exists('username', $admList[0]) && $admList[0]['username'] != '' && $admList[0]['username'] != null) { $adm_uname = $admList[0]['username']; $adm_email = $admList[0]['e_mail']; } else { $adm_uname = ADA_ADMIN_MAIL_ADDRESS; $adm_email = ADA_ADMIN_MAIL_ADDRESS;
$common_dh->set_user_status(ADA_STATUS_REGISTERED); */ break; case ADA_STATUS_REGISTERED: break; case ADA_STATUS_REMOVED: default: $error_page = HTTP_ROOT_DIR . "/browsing/forget.php"; $errObj = new ADA_Error($requestInfo, translateFN('It was impossible to confirm the password change: user unknown'), NULL, NULL, NULL, $error_page . '?message=' . urlencode(translateFN('It was impossible to confirm the password change: user unknown'))); exit; } $message = translateFN("Password cambiata con successo."); // FIXME: add a get parameter to help user to login ?? //header('Location: '.$redirectPage."?message=$message&user=$username"); $tokenObj->markAsUsed(); TokenManager::updateToken($tokenObj); header('Location: ' . HTTP_ROOT_DIR . "/browsing/forget.php?message={$message}"); exit; } } } break; case "form_password": /* * Second time here. * Show the password change form. */ $token = DataValidator::validate_action_token($_GET['tok']); $userid = DataValidator::is_uinteger($_GET['uid']); if ($token == false || $userid == false) { /*