/** * Generate, store, and return a new e-mail confirmation code. * A hash (unsalted since it's used as a key) is stored. * @param User $user * @param string $expiration * @return string */ public static function getConfirmationToken($user, &$expiration) { global $wgConfirmAccountRejectAge; $expires = time() + $wgConfirmAccountRejectAge; $expiration = wfTimestamp(TS_MW, $expires); $token = $user->generateToken($user->getName() . $user->getEmail() . $expires); return $token; }
public static function routes() { static::loadModules(); foreach (static::$modulesObjects as $object) { $object->routes(); } //Load login routes.. login, logoff, etc.. Router::register("GET", "manager/api/config/", function () { header("Content-Type: text/javascript; charset=utf-8"); if (Request::isLocal()) { if (@DB::query("select id from " . J_TP . "manager_users LIMIT 1;")->success === false) { DB::query("CREATE TABLE `" . J_TP . "manager_users` (\n\t\t\t\t\t\t\t\t`id` int(11) unsigned NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\t\t`name` varchar(255) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`email` varchar(255) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`typeID` int(11) unsigned NULL,\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t`username` varchar(255) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`password` varchar(40) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`active` int(11) DEFAULT NULL,\n\t\t\t\t\t\t\t\tPRIMARY KEY (`id`)\n\t\t\t\t\t\t\t) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;"); $user = ORM::make("manager_users"); $user->name = "Joy Interactive"; $user->email = "*****@*****.**"; $user->username = "******"; $user->password = "******"; $user->typeID = 1; $user->active = 1; $user->save(); } if (@DB::query("select id from " . J_TP . "manager_tokens LIMIT 1;")->success === false) { DB::query("CREATE TABLE `" . J_TP . "manager_tokens` (\n\t\t\t\t\t\t\t\t`id` int(40) NOT NULL AUTO_INCREMENT,\n\t\t\t\t\t\t\t\t`userID` int(11) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`typeID` int(11) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`token` varchar(100) DEFAULT NULL,\n\t\t\t\t\t\t\t\t`expirationDate` datetime DEFAULT NULL,\n\t\t\t\t\t\t\t\tPRIMARY KEY (`id`)\n\t\t\t\t\t\t\t) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;"); } } $config = array(); $config["api_url"] = URL::to("api/"); return "window.config = " . json_encode($config); }); Router::register("GET", "manager/api/structure/", function () { return Response::json(Structure::modules()); }); Router::register("POST", "manager/api/token/", function () { return User::generateToken(); }); Router::register("POST", "manager/api/token/renew/", function () { return User::renewToken(); }); Router::register("GET", "manager/api/logout/", function () { return User::logout(); }); Router::register("GET", "manager/api/customJS/", function () { $path = J_MANAGERPATH . "custom.js"; if (file_exists($path)) { return File::get($path); } }); }
/** * Register new user * @param User $user * @param Profile $profile * @return bool */ protected function _register($user, $profile) { // set up user and profile $roleId = Role::USER; $status = User::STATUS_ACTIVE; if (Config::get("auth.emailActivation")) { $status = User::STATUS_INACTIVE; $user->generateToken(); } $user->setDefaults($roleId, $status)->save(); $profile->setUser($user->id)->save(); // generate activation key and send email if (Config::get("auth.emailActivation")) { // send email $data["user"] = $user; $count = Mail::send(Config::get("auth.emailViewPath") . ".activate", $data, function ($message) use($user, $profile) { $message->to($user->email, $user->username)->subject("Activate your new account"); }); } else { Auth::login($user); } }
if (empty($_REQUEST['accept_empty_email'])) { $import_user[$username]['is_rejected'] = true; $import_user[$username]['reject_reason'] .= "<p class=error>" . _('Sorry, the user must have a email address.') . "</p>\n"; null; } else { $username_str = $db->escapeString($username); $db->execSqlUniqueRes("SELECT username FROM users WHERE username='******'", $user_info_username, false); if ($user_info_username != null) { $import_user[$username]['is_rejected'] = true; $import_user[$username]['reject_reason'] .= "<p class=error>" . _('Sorry, a user account already exists with the username: '******'import_confirm']) && $_REQUEST['import_confirm'] == 'true' && $import_user[$username]['is_rejected'] == false) { $status = ACCOUNT_STATUS_ALLOWED; $token = User::generateToken(); $password_hash = $db->escapeString($user['passwd_hash']); $username = $db->escapeString($username); $email = $db->escapeString($user['email']); $sql = "INSERT INTO users (user_id, username,email,pass,account_status,validation_token,reg_date) VALUES ('" . get_guid() . "','{$username}','{$email}','{$password_hash}','{$status}','{$token}',CURRENT_TIMESTAMP)"; $update_successful = $db->execSqlUpdate($sql); if ($update_successful) { //send_validation_email($email); $showform = false; } else { $import_user[$username]['is_rejected'] = true; $import_user[$username]['reject_reason'] .= "<p class=error>" . _('SQL error on: ') . "{$sql}</p>\n"; } } } $html .= "<h2>" . _('Report') . "</h2>\n";
/** * Randomly generate a new createaccount token and attach it to the current session */ public static function setCreateaccountToken() { global $wgRequest; $wgRequest->setSessionData('wsCreateaccountToken', User::generateToken()); }
/** * Makes a new login token for the given user and sets cookie. * * @param User $user The user to make the token for */ function makeNewToken($user) { $expiry = time() + LOGIN_EXPIRY_TIME; $token = $user->generateToken($expiry); setcookie('medicutor_token', $token, $expiry); }
/** Create a new User in the database * @param $id The id to be given to the new user * @return the newly created User object, or null if there was an error */ static function createUser($id, $username, Network $account_origin, $email, $password) { $db = AbstractDb::getObject(); $object = null; $id_str = $db->escapeString($id); $username_str = $db->escapeString($username); $account_origin_str = $db->escapeString($account_origin->getId()); $email_str = $db->escapeString($email); $password_hash = $db->escapeString(User::passwordHash($password)); $status = ACCOUNT_STATUS_VALIDATION; $token = User::generateToken(); $db->execSqlUpdate("INSERT INTO users (user_id,username, account_origin,email,pass,account_status,validation_token,reg_date) VALUES ('{$id_str}','{$username_str}','{$account_origin_str}','{$email_str}','{$password_hash}','{$status}','{$token}',CURRENT_TIMESTAMP)"); $object = self::getObject($id); return $object; }
$user = new User($userinfo['ID']); // Generate path for recovery URL $webroot_path = rtrim(ltrim((string) sConfig()->getVar("CONFIG/DIRECTORIES/WEBROOT"), '/'), '/'); if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) { $absoluteprefix = 'https://'; } else { $absoluteprefix = 'http://'; } $absoluteprefix .= $_SERVER['SERVER_NAME']; $docpath = (string) sConfig()->getVar('CONFIG/DIRECTORIES/LOGINURL'); if ($docpath == "") { $docpath = (string) sConfig()->getVar('CONFIG/DIRECTORIES/DOCPATH'); } // Generate a token for this user $expireTS = time() + 60 * 60 * 24; $token = $user->generateToken($expireTS); if ($newUser) { $passwordResetUrl = $absoluteprefix . $docpath . '?action=passwordreset&newuser=1&token=' . urlencode($token); } else { $passwordResetUrl = $absoluteprefix . $docpath . '?action=passwordreset&token=' . urlencode($token); } $mail = new PHPMailer(); $mail->Encoding = '8bit'; $mail->CharSet = 'utf-8'; $mail->From = '*****@*****.**'; $mail->FromName = 'yeager CMS'; $mail->Subject = $itext['TXT_PASSWORD_RECOVERY']; $mail->Body = $itext['TXT_PASSWORD_RECOVERY_EMAIL'] . "\n\n" . $passwordResetUrl; $mail->AddAddress($userinfo['LOGIN']); $smtpServer = (string) sConfig()->getVar('CONFIG/MAILINGS/SMTP'); if ($smtpServer) {
public static function setSessionKey(User $user) { global $wgRequest; if ($user->isAllowed('review')) { $key = $wgRequest->getSessionData('wsFlaggedRevsKey'); if ($key === null) { // should catch login $key = User::generateToken($user->getId()); // Temporary secret key attached to this session $wgRequest->setSessionData('wsFlaggedRevsKey', $key); } } return true; }