function getUserId($token, $bdd)
{
if (!empty($token)) {
$tokenManager = new TokenManager($bdd);
if ($tokenbdd = $tokenManager->get($token, 'token')) {
if ($tokenbdd->userip() == $_SERVER['REMOTE_ADDR']) {
$userId = $tokenbdd->userid();
return $userId;
} else {
header('Location: ?controler=user&action=logoutForced');
exit;
}
}
}
}
<?php
switch ($action) {
case 'login':
if (!empty($_POST['login']) && !empty($_POST['pass'])) {
$_POST['pass'] = sha1($_POST['pass']);
$userToLog = new User($_POST);
$userManager = new UserManager($bdd);
if ($userToBdd = $userManager->get($userToLog->login(), 'login')) {
if ($userToLog->pass() == $userToBdd->pass()) {
$tokenParams = array('token' => sha1($userToBdd->id() . $userToBdd->login() . $userToBdd->pass() . $_SERVER['REMOTE_ADDR'] . date("Y-m-d H:i:s")), 'userid' => $userToBdd->id(), 'userip' => $_SERVER['REMOTE_ADDR'], 'datetime' => date("Y-m-d H:i:s"));
$token = new Token($tokenParams);
$tokenManager = new TokenManager($bdd);
if ($lastToken = $tokenManager->get($userToBdd->id(), 'userid')) {
$token->setId($lastToken->id());
$tokenManager->update($token);
} else {
$tokenManager->add($token);
}
$_SESSION['token'] = $token->token();
header('Location: ?controler=index');
} else {
//mot de passe incorrect
echo 'pass error';
}
} else {
//login incorrect
echo 'login error';
}
} else {
header('Location: ?controler=index');
/**
* Constructs the parse tree from a string of bbcode markup.
*
* @param string $str the bbcode markup to parse
*/
public function parse($str)
{
$this->reset();
$parent = $this->treeRoot;
$tokenManager = new TokenManager($str);
$nodeid = 1;
$inTag = false;
while ($tokenManager->hasCurrent()) {
// tokens are either "[", "]" or a string that contains neither a opening bracket nor a closing bracket
if ($inTag) {
// this token should be a tag name
// explode by = in case there's an attribute
$pieces = explode('=', $tokenManager->getCurrent(), 2);
// check if it's a closing tag
if (substr($pieces[0], 0, 1) == "/") {
$tagName = substr($pieces[0], 1);
$closing = true;
} else {
$tagName = $pieces[0];
$closing = false;
}
if (($this->codeExists($tagName, isset($pieces[1])) || $closing && $this->codeExists($tagName, true)) && $tokenManager->hasNext() && $tokenManager->next() == "]") {
if ($closing) {
$closestParent = $parent->closestParentOfType($tagName);
if ($closestParent != null && $closestParent->hasParent()) {
// closing an element... move to this element's parent
$parent->getCodeDefinition()->decrementCounter();
$parent = $closestParent->getParent();
$tokenManager->advance();
$tokenManager->advance();
$inTag = false;
continue;
}
} else {
// new element
$el = new ElementNode();
$code = $this->getCode($tagName, isset($pieces[1]));
$code->incrementCounter();
$el->setNestDepth($code->getCounter());
$el->setCodeDefinition($code);
$el->setTagName($tagName);
$el->setNodeId($nodeid++);
if (isset($pieces[1])) {
$el->setAttribute($pieces[1]);
}
$parent->addChild($el);
$parent = $el;
$tokenManager->advance();
$tokenManager->advance();
$inTag = false;
continue;
}
}
// the opening bracket that sent us in here was really just plain text
$node = new TextNode("[");
$node->setNodeId($nodeid++);
$parent->addChild($node);
$inTag = false;
// treat this token as regular text, and let the next if...else structure handle it as regular text
}
if ($tokenManager->getCurrent() == "[") {
$inTag = true;
} else {
$node = new TextNode($tokenManager->getCurrent());
$node->setNodeId($nodeid++);
$parent->addChild($node);
}
$tokenManager->advance();
}
}
<?php
switch ($action) {
case 'index':
/*création des tables*/
$pipeManager = new PipeManager($bdd);
$pipeManager->createTable();
$pipeoptionManager = new PipeoptionManager($bdd);
$pipeoptionManager->createTable();
$pageManager = new PageManager($bdd);
$pageManager->createTable();
$userManager = new UserManager($bdd);
$userManager->createTable();
$tokenManager = new TokenManager($bdd);
$tokenManager->createTable();
/*redirection*/
header('Location: ?controler=install&action=firstuser');
break;
case 'firstuser':
$userManager = new UserManager($bdd);
if ($userManager->count() > 0) {
header('Location: ?controler=index');
} else {
header('Location: ?controler=user&action=add');
}
break;
default:
break;
}
if (!MULTIPROVIDER && isset($GLOBALS['user_provider'])) {
$regProvider = array($GLOBALS['user_provider']);
} else {
$regProvider = array(ADA_PUBLIC_TESTER);
}
$id_user = Multiport::addUser($userObj, $regProvider);
if ($id_user < 0) {
$message = translateFN('Impossibile procedere. Un utente con questi dati esiste?') . ' ' . urlencode($userObj->getEmail());
header('Location:' . HTTP_ROOT_DIR . '/browsing/registration.php?message=' . $message);
exit;
}
/**
* Create a registration token for this user and send it to the user
* with the confirmation request.
*/
$tokenObj = TokenManager::createTokenForUserRegistration($userObj);
if ($tokenObj == false) {
$message = translateFN('An error occurred while performing your request. Pleaser try again later.');
header('Location:' . HTTP_ROOT_DIR . "/browsing/registration.php?message={$message}");
exit;
}
$token = $tokenObj->getTokenString();
$admTypeAr = array(AMA_TYPE_ADMIN);
$extended_data = TRUE;
$admList = $dh->get_users_by_type($admTypeAr, $extended_data);
if (!AMA_DataHandler::isError($admList) && array_key_exists('username', $admList[0]) && $admList[0]['username'] != '' && $admList[0]['username'] != null) {
$adm_uname = $admList[0]['username'];
$adm_email = $admList[0]['e_mail'];
} else {
$adm_uname = ADA_ADMIN_MAIL_ADDRESS;
$adm_email = ADA_ADMIN_MAIL_ADDRESS;
$common_dh->set_user_status(ADA_STATUS_REGISTERED);
*/
break;
case ADA_STATUS_REGISTERED:
break;
case ADA_STATUS_REMOVED:
default:
$error_page = HTTP_ROOT_DIR . "/browsing/forget.php";
$errObj = new ADA_Error($requestInfo, translateFN('It was impossible to confirm the password change: user unknown'), NULL, NULL, NULL, $error_page . '?message=' . urlencode(translateFN('It was impossible to confirm the password change: user unknown')));
exit;
}
$message = translateFN("Password cambiata con successo.");
// FIXME: add a get parameter to help user to login ??
//header('Location: '.$redirectPage."?message=$message&user=$username");
$tokenObj->markAsUsed();
TokenManager::updateToken($tokenObj);
header('Location: ' . HTTP_ROOT_DIR . "/browsing/forget.php?message={$message}");
exit;
}
}
}
break;
case "form_password":
/*
* Second time here.
* Show the password change form.
*/
$token = DataValidator::validate_action_token($_GET['tok']);
$userid = DataValidator::is_uinteger($_GET['uid']);
if ($token == false || $userid == false) {
/*
