Пример #1
0
 private function validateForm()
 {
     // The errors array will hold all validation errors discovered
     $errors = array();
     // Do validation --
     // Verify the current password
     $currentPassword = $this->pageState['currentPassword'];
     if ($_SESSION['password'] != User::generatePassword($currentPassword)) {
         // Current password is incorrect
         $errors[] = 'The current password you provided is incorrect. Please enter your current password.';
     }
     // Validate the new password
     $newPassword = $this->pageState['newPassword'];
     if (strlen($newPassword) == 0) {
         // No new password provided
         $errors[] = 'Your new password cannot be blank. Please enter a new password.';
     }
     // Validate the retyped password
     $confirmPassword = $this->pageState['confirmPassword'];
     if (strlen($newPassword) == 0) {
         // No new password confirmation provided
         $errors[] = 'Your have not yet re-typed your new password to confirm it. Please do so.';
     }
     if ($newPassword != $confirmPassword) {
         $errors[] = 'The value in the new password box does not match the re-typed confirmation value. Please enter the new password into both boxes again, so that we can ensure that your password is free of typos.';
     }
     // Return the errors array
     return $errors;
 }
 public function generatePassword($email, &$new_non_crypted_password)
 {
     if (!($user_data = $this->getUserByEmail($email))) {
         return false;
     }
     $this->merge($user_data);
     $new_non_crypted_password = User::generatePassword();
     $crypted_password = SimpleAuthenticator::getCryptedPassword($user_data['identifier'], $new_non_crypted_password);
     $this->set('generated_password', $crypted_password);
     $this->update(false);
     return true;
 }
Пример #3
0
 private function authenticateUser($username, $password)
 {
     // Look up the incoming user
     $currentUserInfo = User::getUserInfo($username);
     // Compare the incoming password to the stored password for the user
     if ($currentUserInfo['password'] == User::generatePassword($password)) {
         // The user has been authenticated, so start up a session and store user info there
         session_start();
         $_SESSION['auth'] = 'simple';
         $_SESSION['username'] = $username;
         $_SESSION['email'] = $currentUserInfo['email'];
         $_SESSION['password'] = $currentUserInfo['password'];
         $_SESSION['userPath'] = trim($currentUserInfo['userPath']);
         $_SESSION['usernameFriendly'] = trim($currentUserInfo['friendlyName']);
         $_SESSION['directoryMode'] = trim($currentUserInfo['directoryMode']);
         $_SESSION['editorMode'] = trim($currentUserInfo['editorMode']);
         // Set the current working directory
         $_SESSION['cwd'] = $_SESSION['userPath'];
         return true;
     } else {
         // Authentication failed
         return false;
     }
 }
Пример #4
0
        return;
    }
}
///////
///////////////////////////////////////////////////
///////////////////////////////////////////////////
///////  Check email address
if (!preg_match($regexmail, $usr->emailAddress->getPrimaryAddress($usr))) {
    echo $mod_strings['ERR_EMAIL_INCORRECT'];
    return;
}
///////
///////////////////////////////////////////////////
$isLink = isset($_POST['link']) && $_POST['link'] == '1';
// if i need to generate a password (not a link)
$password = $isLink ? '' : User::generatePassword();
///////////////////////////////////////////////////
///////  Create URL
// if i need to generate a link
if ($isLink) {
    global $timedate;
    $guid = create_guid();
    $url = $GLOBALS['sugar_config']['site_url'] . "/index.php?entryPoint=Changenewpassword&guid={$guid}";
    $time_now = TimeDate::getInstance()->nowDb();
    //$q2="UPDATE `users_password_link` SET `deleted` = '1' WHERE `username` = '".$username."'";
    //$usr->db->query($q2);
    $q = "INSERT INTO users_password_link (id, username, date_generated) VALUES('" . $guid . "','" . $username . "','" . $time_now . "') ";
    $usr->db->query($q);
}
///////
///////////////////////////////////////////////////
Пример #5
0
 public function testgeneratePassword()
 {
     //generate apsswords and verify they are not same
     $password1 = User::generatePassword();
     $this->assertGreaterThan(0, strlen($password1));
     $password2 = User::generatePassword();
     $this->assertGreaterThan(0, strlen($password2));
     $this->assertNotEquals($password1, $password2);
 }
Пример #6
0
 /**
  * Resets password and sends email to user
  * @param $api
  * @param array $args
  * @return bool
  * @throws SugarApiExceptionRequestMethodFailure
  * @throws SugarApiExceptionMissingParameter
  */
 public function requestPassword($api, $args)
 {
     require_once 'modules/Users/language/en_us.lang.php';
     $res = $GLOBALS['sugar_config']['passwordsetting'];
     $requiredParams = array('email', 'username');
     if (!$GLOBALS['sugar_config']['passwordsetting']['forgotpasswordON']) {
         throw new SugarApiExceptionRequestMethodFailure(translate('LBL_FORGOTPASSORD_NOT_ENABLED', 'Users'), $args);
     }
     foreach ($requiredParams as $key => $param) {
         if (!isset($args[$param])) {
             throw new SugarApiExceptionMissingParameter('Error: Missing argument.', $args);
         }
     }
     $usr = empty($this->usr) ? new User() : $this->usr;
     $useremail = $args['email'];
     $username = $args['username'];
     if (!empty($username) && !empty($useremail)) {
         $usr_id = $usr->retrieve_user_id($username);
         $usr->retrieve($usr_id);
         if (!$usr->isPrimaryEmail($useremail)) {
             throw new SugarApiExceptionRequestMethodFailure(translate('LBL_PROVIDE_USERNAME_AND_EMAIL', 'Users'), $args);
         }
         if ($usr->portal_only || $usr->is_group) {
             throw new SugarApiExceptionRequestMethodFailure(translate('LBL_PROVIDE_USERNAME_AND_EMAIL', 'Users'), $args);
         }
         // email invalid can not reset password
         if (!SugarEmailAddress::isValidEmail($usr->emailAddress->getPrimaryAddress($usr))) {
             throw new SugarApiExceptionRequestMethodFailure(translate('ERR_EMAIL_INCORRECT', 'Users'), $args);
         }
         $isLink = !$GLOBALS['sugar_config']['passwordsetting']['SystemGeneratedPasswordON'];
         // if i need to generate a password (not a link)
         $password = $isLink ? '' : User::generatePassword();
         // Create URL
         // if i need to generate a link
         if ($isLink) {
             $guid = create_guid();
             $url = $GLOBALS['sugar_config']['site_url'] . "/index.php?entryPoint=Changenewpassword&guid={$guid}";
             $time_now = TimeDate::getInstance()->nowDb();
             $q = "INSERT INTO users_password_link (id, username, date_generated) VALUES('" . $guid . "','" . $username . "','" . $time_now . "') ";
             $usr->db->query($q);
         }
         if ($isLink && isset($res['lostpasswordtmpl'])) {
             $emailTemp_id = $res['lostpasswordtmpl'];
         } else {
             $emailTemp_id = $res['generatepasswordtmpl'];
         }
         $additionalData = array('link' => $isLink, 'password' => $password);
         if (isset($url)) {
             $additionalData['url'] = $url;
         }
         $result = $usr->sendEmailForPassword($emailTemp_id, $additionalData);
         if ($result['status']) {
             return true;
         } elseif ($result['message'] != '') {
             throw new SugarApiExceptionRequestMethodFailure($result['message'], $args);
         } else {
             throw new SugarApiExceptionRequestMethodFailure('LBL_EMAIL_NOT_SENT', $args);
         }
     } else {
         throw new SugarApiExceptionMissingParameter('Error: Empty argument', $args);
     }
 }
Пример #7
0
 public static function replacePassword($username, $newPassword)
 {
     // Generate the new password hash
     $newPWHash = User::generatePassword($newPassword);
     // Open the user's config file and parse it
     $userFile = Constants::$ROOT_DIR . 'config/users/' . $username . '.user';
     $handle = @fopen($userFile, "r");
     if ($handle) {
         // Read the line describing the user values
         $userLine = fgets($handle);
         // Parse it out
         $userData = explode("|", $userLine);
         fclose($handle);
     }
     // Replace the old password hash with the new password hash
     $userData[1] = $newPWHash;
     // Also put the new password hash into the session data
     $_SESSION['password'] = $newPWHash;
     // Reassemble the user data line and write it to the user's config file
     $userLine = implode("|", $userData);
     file_put_contents($userFile, $userLine);
 }
Пример #8
0
 /**
  * Get user information.
  *
  * @return array
  */
 public function getUserInfo()
 {
     $res = $this->apiRequest('getProfiles', array('uids' => $this->m_uid, "fields" => "uid,first_name,last_name,sex,city,country,photo"));
     if (is_array($res['response'])) {
         $userInfo = array('u_name' => $res['response'][0]['uid'] . '@vk.com', 'u_vkid' => $res['response'][0]['uid'], 'u_password' => User::generatePassword(), 'u_city' => isset($res['response'][0]['city']) ? $res['response'][0]['city'] : '', 'u_country' => isset($res['response'][0]['country']) ? $res['response'][0]['country'] : '', 'u_fullname' => $res['response'][0]['first_name'] . ' ' . $res['response'][0]['last_name']);
         if (isset($res['response'][0]['city'])) {
             $userInfo['u_city'] = $res['response'][0]['city'];
             $userInfo['u_country'] = $res['response'][0]['country'];
         }
     } else {
         $userInfo = false;
     }
     return $userInfo;
 }
        }
    }
}
///////
///////////////////////////////////////////////////
///////////////////////////////////////////////////
///////  Check email address
if (!preg_match($regexmail, $usr->emailAddress->getPrimaryAddress($usr))) {
    echo $mod_strings['ERR_EMAIL_INCORRECT'];
    return;
}
///////
///////////////////////////////////////////////////
// if i need to generate a password (not a link)
if (!isset($_POST['link'])) {
    $password = User::generatePassword();
}
///////////////////////////////////////////////////
///////  Create URL
// if i need to generate a link
if (isset($_POST['link']) && $_POST['link'] == '1') {
    global $timedate;
    $guid = create_guid();
    $url = $GLOBALS['sugar_config']['site_url'] . "/index.php?entryPoint=Changenewpassword&guid={$guid}";
    $time_now = TimeDate::getInstance()->nowDb();
    //$q2="UPDATE `users_password_link` SET `deleted` = '1' WHERE `username` = '".$username."'";
    //$usr->db->query($q2);
    $q = "INSERT INTO users_password_link (id, username, date_generated) VALUES('" . $guid . "','" . $username . "',' " . $time_now . "' ) ";
    $usr->db->query($q);
}
///////
Пример #10
0
 protected function proccessRequest($model = null)
 {
     if (Yii::app()->request->getPost('User') !== null) {
         if (!$model) {
             $model = new User('register');
             $model->makeForm('register', $this->params['content']->fields, $this->params['content']->fields_req);
         }
         $tpldata = array();
         $model->attributes = Yii::app()->request->getPost('User');
         if ($model->password == '') {
             $model->password = $model->password_repeat = $tpldata['generatedPassword'] = User::generatePassword();
             $model->askfill = true;
         }
         if ($model->validate()) {
             $model->save(false);
             $cfg = ContentUnit::loadConfig();
             $viewFileDir = $cfg['UnitRegister'] . '.register.templates.mail.';
             $tpldata['model'] = $model->getAttributes();
             $tpldata['settings'] = Yii::app()->settings->model->getAttributes();
             $tpldata['page'] = $this->params['content']->getWidgetPageArray();
             if ($this->params['content']->notify_admin) {
                 // send 'to_admin_notify' mail
                 Yii::app()->messenger->send('email', Yii::app()->settings->getValue('adminEmail'), '[' . $_SERVER['HTTP_HOST'] . '] ' . Yii::t('UnitRegister.main', 'New user registration'), Yii::app()->controller->renderPartial($viewFileDir . 'to_admin_notify', $tpldata, true));
             }
             if ($this->params['content']->is_emailauth_req) {
                 $model->saveAttributes(array('authcode' => User::hash($model->id . $model->login . time() . rand())));
                 $tpldata['model'] = $model;
                 // send 'to_user_confirm' mail
                 Yii::app()->messenger->send('email', $model->email, Yii::t('UnitRegister.main', 'Registration confirm'), Yii::app()->controller->renderPartial($viewFileDir . 'to_user_confirm', $tpldata, true));
                 return true;
             } else {
                 $model->saveAttributes(array('active' => true));
                 if ($this->params['content']->notify_user || $tpldata['generatedPassword']) {
                     // send 'to_user_notify' mail
                     Yii::app()->messenger->send('email', $model->email, Yii::t('UnitRegister.main', 'Registration completed'), Yii::app()->controller->renderPartial($viewFileDir . 'to_user_notify', $tpldata, true));
                 }
                 $loginForm = new LoginForm();
                 $loginForm->username = $model->email;
                 $loginForm->password = !empty($_POST['User']['password']) ? $_POST['User']['password'] : $tpldata['generatedPassword'];
                 if ($loginForm->login()) {
                     return true;
                 }
             }
         }
     }
     return false;
 }
Пример #11
0
 /**
  * Store a newly created resource in storage.
  *
  * @return Response
  */
 public function store()
 {
     //guest send request
     if (!Sentry::check()) {
         $rules = array('title' => 'required', 'first_name' => 'required', 'last_name' => 'required', 'email' => 'required|email', 'service_type_id' => 'required|numeric', 'requirement' => 'required', 'link' => 'required|url', 'info' => 'required', 'budget_id' => 'required', 'deliver_in' => 'required|numeric', 'attachment' => 'mimes:pdf,doc,docx,txt');
         $validator = Validator::make(Input::all(), $rules);
         //validate the input
         if ($validator->fails()) {
             return Redirect::route('items.create')->withErrors($validator)->withInput();
         }
         /**
          * Create account login for guest from email
          */
         try {
             // Create the user
             $password = User::generatePassword();
             $userData = array('email' => Input::get('email'), 'password' => $password, 'activated' => 1, 'first_name' => Input::get('first_name'), 'last_name' => Input::get('last_name'));
             $user = Sentry::createUser($userData);
             // Find the group using the group id
             $userGroup = Sentry::findGroupByName('user');
             // Assign the group to the user
             $user->addGroup($userGroup);
             //insert request
             $itemData = Input::except('_token', 'first_name', 'last_name', 'email');
             $itemData['user_id'] = $user->id;
             if (!is_null(Input::file('attachment'))) {
                 $fileName = time() . Input::file('attachment')->getClientOriginalName();
                 $destinationPath = 'public/uploads/items';
                 Input::file('attachment')->move($destinationPath, $fileName);
                 $attach_path = $destinationPath . '/' . $fileName;
             }
             if (isset($attach_path)) {
                 $itemData['attachment'] = $attach_path;
             }
             $item = Item::create($itemData);
             return Redirect::route('users.index')->with('message', 'Your request had been submited! Our has create your account.<br />Please check your email and login with username, password for check your request.<br />' . 'Email:' . $user->email . '/' . $password);
             /**send mail **/
             /*
                 			Mail::send('emails.welcome', array('key' => 'value'), function($message)
             {
                 $message->to('*****@*****.**', 'John Smith')->subject('Welcome!');
             });
             */
         } catch (Cartalyst\Sentry\Users\LoginRequiredException $e) {
             return Redirect::route('items.create')->withErrors('Login field is required.')->withInput();
         } catch (Cartalyst\Sentry\Users\PasswordRequiredException $e) {
             return Redirect::route('items.create')->withErrors('Password field is required.')->withInput();
         } catch (Cartalyst\Sentry\Users\UserExistsException $e) {
             return Redirect::route('items.create')->withErrors('Email with this login already exists.')->withInput();
         } catch (Cartalyst\Sentry\Groups\GroupNotFoundException $e) {
             return Redirect::route('items.create')->withErrors('Group was not found.')->withInput();
         }
     } else {
         //member has login
         //current user
         $user = Sentry::getUser();
         //validate the input
         $rules = array('title' => 'required', 'service_type_id' => 'required|numeric', 'requirement' => 'required', 'link' => 'required', 'info' => 'required', 'budget_id' => 'required', 'deliver_in' => 'required|numeric', 'attachment' => 'mimes:pdf,doc,docx,txt');
         $validator = Validator::make(Input::all(), $rules);
         if ($validator->fails()) {
             return Redirect::route('items.create')->withErrors($validator)->withInput();
         }
         //insert request
         $itemData = Input::except('_token');
         $itemData['user_id'] = $user->id;
         if (!is_null(Input::file('attachment'))) {
             $fileName = time() . Input::file('attachment')->getClientOriginalName();
             $destinationPath = 'public/uploads';
             Input::file('attachment')->move($destinationPath, $fileName);
             $attach_path = $destinationPath . '/' . $fileName;
         }
         if (isset($attach_path)) {
             $itemData['attachment'] = $attach_path;
         }
         $item = Item::create($itemData);
         return Redirect::route('users.index')->with('message', 'Your request had been submited!');
     }
 }
Пример #12
0
 function beforeInsert(array &$values, User $record, Am_Grid_Editable $grid)
 {
     if ($values['_pass']) {
         $record->setPass($values['_pass']);
     }
     if ($record->get('login') == '') {
         $record->generateLogin();
     }
     if ($record->get('pass') == '') {
         $record->generatePassword();
     }
     $record->data()->set('signup_email_sent', 1);
     $record->set('subusers_parent_id', $this->reseller->pk());
     $record->is_approved = 1;
 }
Пример #13
0
 public function sendForgotPasswordEmail()
 {
     $password = User::generatePassword();
     $this->setPassword(md5($password));
     $this->save();
     $to = $this->getEmail();
     $subject = 'Forgot Password - ' . Tools::get('name');
     $message = 'Unbelievable! You forgot your password. ' . "\n" . 'Here\'s a newly generated one: ' . $password . '' . "\n" . 'Go login and change your password immediately.' . "\n" . Tools::get('url');
     $headers = 'From: ' . Tools::get('webmaster_email') . "\n" . 'Reply-To: ' . Tools::get('webmaster_email') . "\n" . 'X-Mailer: ' . Tools::get('name') . ' Mailer';
     mail($to, $subject, $message, $headers);
 }
Пример #14
0
 private function createNewUser()
 {
     // Get data
     $uname = $this->pageState['username'];
     $pw = $this->pageState['password'];
     $fname = $this->pageState['fullname'];
     $email = $this->pageState['email'];
     $home = $this->pageState['homefolder'];
     $dm = $this->pageState['foldermgr'];
     $em = $this->pageState['adveditor'];
     // If the user is an admin, make their home folder blank
     if ($home == '/') {
         $home = '';
     }
     // Place the given data into the user's information
     $userInfo['username'] = $uname;
     $userInfo['password'] = User::generatePassword($pw);
     $userInfo['friendlyName'] = $fname;
     $userInfo['email'] = $email;
     $userInfo['userPath'] = $home;
     $userInfo['directoryMode'] = strtolower($dm) == 'foldermgr' ? 'ADVANCED' : 'BASIC';
     $userInfo['editorMode'] = strtolower($em) == 'adveditor' ? 'ADVANCED' : 'BASIC';
     // Save the information to the user's config file
     if (User::saveUserInfo($uname, $userInfo)) {
         // Now save the username and fullname to the user file
         if (User::addNewUser($uname, $fname)) {
             // Redirect to userMgmt page
             header('Location:/manage/userMgmt/showMessage/msg/newUserAdded/user/' . $uname);
         } else {
             $errors[] = 'There was a problem adding the new user to the users file. Please check file permissions on the users file (make sure the file is writeable) and try again.';
             showForm($pageState, $errors);
         }
     } else {
         $errors[] = 'There was a problem creating a new user file for the user. Please check permissions on the config/users folder (make sure the folder is writeable) and try again.';
         $this->view->errors = $errors;
         $this->get();
     }
 }
Пример #15
0
if (mysqli_connect_errno()) {
    echo 'Error  : could not connect to database. Try again';
    exit;
}
//select the user by email and get user ID
$sql = "select `user_id`,`username` from `{$tprefix}" . "_users` where `email` = '{$email}'";
//echo $sql.'<br />';
$get_user_id = $db->query($sql);
if ($get_user_id) {
    $row = $get_user_id->fetch_assoc();
    $user_id = $row["user_id"];
    //echo 'user id = '. $user_id .'<br />';
    $username = $row["username"];
}
if (isset($user_id)) {
    $newpassword = $myUser->generatePassword();
    $md5password = md5($newpassword);
    //update password field in DB
    $updateQuery = "UPDATE `{$tprefix}" . "_users` SET `password`='" . $md5password . "' WHERE `user_id` = {$user_id}";
    //echo $updateQuery;
    $db->query($updateQuery) or die("Echec de la MAJ, veuillez contacter l'administrateur du site {$masteremail}");
    //==========send new password by email=================
    //configure SMTP
    ini_set('SMTP', 'smtp.free.fr');
    ini_set('smtp_port', '25');
    $to = $email;
    $subject = 'Votre nouveau mot de passe';
    //the important part The Headers
    //this enable the email in HTML type
    $headers = 'MIME-Version: 1.0' . "\r\n";
    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";