function train($f3) { // Check if Logged In User is Allowed to Train if (!$f3->get('SESSION.active') || !$f3->get('SESSION.admin') && !\R::findOne('trainings', 'users_id=? AND tools_id=? AND level=?', array($f3->get('SESSION.id'), $this->D->id, 'T'))) { throw new \Exception('You are not authorized to train for this machine.'); } if ($f3->get('POST')) { // Check Instructor Validity if ($f3->get('POST.instructor') != $f3->get('SESSION.username')) { if (!$f3->get('SESSION.admin')) { throw new \Exception('Cannot Change Instructor'); } } if (!($instructor = \R::findOne('users', 'username=? AND active=1', array($f3->get('POST.instructor'))))) { throw new \Exception('Invalid Instructor Username'); } $f3->set('instructor', $instructor); if ($f3->exists('POST.username')) { // Ensure User Checked the Affirmation if (!$f3->get('POST.affirmation')) { throw new \Exception('Did not check legal aggreement box.'); } // Get Trained User $user = new Users($f3); $user->authenticate($f3); $user->update_user($f3); $this->create_record($f3, $user->D, $instructor); } } $f3->set('data.training_levels', json_decode($f3->get('data.training_levels'))); show_page($f3, 'trainings.train'); }
function users_after_pie_reroute($params, &$stop_dispatch) { $uri = Pie_Dispatcher::uri(); $app = Pie_Config::expect('pie', 'app'); $ma = $uri->module . '/' . $uri->action; $requireComplete = Pie_Config::get('users', 'requireComplete', array()); if (isset($requireComplete[$ma])) { $redirect_action = is_string($requireComplete[$ma]) ? $requireComplete[$ma] : "{$app}/login"; $test_complete = true; } else { $requireLogin = Pie_Config::get('users', 'requireLogin', array()); if (!isset($requireLogin[$ma])) { // We don't have to require complete or login here return; } $redirect_action = is_string($requireLogin[$ma]) ? $requireLogin[$ma] : "{$app}/login"; } // First, try to get the user $user = Users::loggedInUser(); if (!$user) { // Try authenticating with facebook $module = Pie_Dispatcher::uri()->module; $app_id = Pie_Config::expect('users', 'facebookApps', $module, 'appId'); $user = Users::authenticate('facebook', $app_id); } if (!$user) { $uri->onSuccess = $uri->module . '/' . $uri->action; $uri->onCancel = "{$app}/welcome"; if ($uri->onSuccess === $redirect_action) { // avoid a redirect loop $uri->onSuccess = "{$app}/home"; } $parts = explode('/', $redirect_action); $uri->action = $parts[0]; $uri->action = $parts[1]; } // If have requireLogin but not requireComplete, then // simply change the underlying URI without redirecting if (empty($test_complete)) { return; } // If we are here, we should check if the user account is complete $complete = Pie::event('users/account/complete'); if ($complete) { // good, nothing else to complete return; } // redirect to account page $account_action = Pie_Config::expect('users', 'accountAction', $uri->module); if ($ma != $account_action) { // Make the user launch into setting up their account. // If they want to return to this URL later, they can do it on their own. Pie_Response::redirect($account_action); $stop_dispatch = true; return; } }
function Users_authenticate_post() { // Authenticate the logged-in user with the provider via the app // It will try to set an email address for the user if one isn't set yet $user = Users::authenticate('facebook', null, $authenticated, true); if (!$user) { throw new Users_Exception_NotLoggedIn(); } Users::setLoggedInUser($user); }
/** * Authenticates the user. If the authentication fails, displays the login * page. Otherwise, sets the user id to the 'user' session variable and * redirects to checkout. */ public static function login() { $params = $_POST; $user = Users::authenticate($params['username'], $params['password']); if ($user) { $_SESSION['user'] = $user->id; Redirect::to('/kassa', array('message' => 'Kirjautuminen onnistui!')); } else { View::make('user/login.html', array('message' => 'Väärä käyttäjätunnus tai salasana!', 'username' => $params['username'])); } }
public function actionIndex() { if (!Yii::app()->user->isGuest) { $this->redirect("/"); } $user = new Users(); if (Yii::app()->request->isPostRequest && isset($_POST['Auth'])) { $user->setAttributes($_POST['Auth']); $user->authenticate(); if (!$user->hasErrors()) { $this->redirect("/"); } } $this->render("index", array("model" => $user)); }
public function actionIndex() { if (!Yii::app()->user->isGuest) { $this->redirect($this->createUrl("/personal/cabinet/index")); } $user = new Users(); if (Yii::app()->request->isPostRequest && isset($_POST['Auth'])) { if (!isset($_POST['YII_CSRF_TOKEN']) || $_POST['YII_CSRF_TOKEN'] !== Yii::app()->getRequest()->getCsrfToken()) { throw new CHttpException(400, 'Invalid request. Please do not repeat this request again.'); } $user->setAttributes($_POST['Auth']); $user->authenticate(); if (!$user->hasErrors()) { $this->redirect($this->createUrl("/personal/cabinet/index")); } } $this->Title = "Авторизация"; $this->render("index", array("model" => $user)); }
/** * Performs an authentication attempt * * @throws Zend_Auth_Adapter_Exception If authentication cannot be performed * @return Zend_Auth_Result */ public function authenticate() { try { $this->user = Users::authenticate($this->email, $this->password); } catch (Exception $e) { if ($e->getMessage() == Users::WRONG_PW) { return $this->result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, self::BAD_PW_MESSAGE); } if ($e->getMessage() == Users::NOT_FOUND) { return $this->result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, self::NOT_FOUND_MESSAGE); } if ($e->getMessage() == Users::BAN) { return $this->result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, self::BAN_MESSAGE); } if ($e->getMessage() == Users::NOT_VERIFY) { return $this->result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, self::VERIFY_MESSAGE); } } return $this->result(Zend_Auth_Result::SUCCESS); }
* - feed.php?id=12 * * @link http://blogs.law.harvard.edu/tech/rss RSS 2.0 Specification * * @author Bernard Paques * @author GnapZ * @tester Pat * @reference * @license http://www.gnu.org/copyleft/lesser.txt GNU Lesser General Public License */ // common definitions and initial processing include_once '../shared/global.php'; // ensure we only provide public content through newsfeeds $context['users_without_teasers'] = 'Y'; // check network credentials, if any -- used by winamp and other media players if ($user = Users::authenticate()) { Surfer::empower($user['capability']); } // look for the id $id = NULL; if (isset($_REQUEST['id'])) { $id = $_REQUEST['id']; } elseif (isset($context['arguments'][0])) { $id = $context['arguments'][0]; } elseif (Surfer::is_logged()) { $id = Surfer::get_id(); } $id = strip_tags($id); // get the item from the database $item = Users::get($id); // associates can do what they want
/** * Registers a user in the system. * @method register * @static * @param {string} $username The name of the user * @param {string|array} $identifier Can be an email address or mobile number. Or it could be an array of $type => $info * @param {string} [$identifier.identifier] an email address or phone number * @param {array} [$identifier.device] an array with keys "deviceId", "platform", "version" * to store in the Users_Device table for sending notifications * @param {array|string} [$icon=array()] Array of filename => url pairs * @param {string} [$provider=null] Provider such as "facebook" * @param {array} [$options=array()] An array of options that could include: * @param {string} [$options.activation] The key under "Users"/"transactional" config to use for sending an activation message. Set to false to skip sending the activation message for some reason. * @return {Users_User} * @throws {Q_Exception_WrongType} If identifier is not e-mail or modile * @throws {Q_Exception} If user was already verified for someone else * @throws {Users_Exception_AlreadyVerified} If user was already verified * @throws {Users_Exception_UsernameExists} If username exists */ static function register($username, $identifier, $icon = array(), $provider = null, $options = array()) { if (is_array($provider)) { $options = $provider; $provider = null; } /** * @event Users/register {before} * @param {string} username * @param {string|array} identifier * @param {string} icon * @param {string} provider * @return {Users_User} */ $return = Q::event('Users/register', compact('username', 'identifier', 'icon', 'provider', 'options'), 'before'); if (isset($return)) { return $return; } $during = 'register'; if (is_array($identifier)) { reset($identifier); switch (key($identifier)) { case 'device': $fields = array('deviceId', 'platform', 'version'); Q_Valid::requireFields($fields, $identifier, true); $device = $identifier; if (isset($identifier['identifier'])) { $identifier = $identifier['identifier']; } break; default: throw new Q_Exception_WrongType(array('field' => 'identifier', 'type' => 'an array with entry named "device"')); } } if (Q_Valid::email($identifier, $emailAddress)) { $ui_identifier = $emailAddress; $key = 'email address'; $type = 'email'; } else { if (Q_Valid::phone($identifier, $mobileNumber)) { $key = 'mobile number'; $ui_identifier = $mobileNumber; $type = 'mobile'; } else { throw new Q_Exception_WrongType(array('field' => 'identifier', 'type' => 'email address or mobile number'), array('emailAddress', 'mobileNumber')); } } $user = false; if ($provider) { if ($provider != 'facebook') { throw new Q_Exception_WrongType(array('field' => 'provider', 'type' => '"facebook"')); } $facebook = Users::facebook(); if ($facebook) { $uid = $facebook->getUser(); try { // authenticate (and possibly adopt) an existing provider user // or insert a new user during this authentication $user = Users::authenticate($provider, null, $authenticated, true); } catch (Exception $e) { } if ($user) { // the user is also logged in $adopted = true; // Adopt this provider user /** * @event Users/adoptFutureUser {before} * @param {Users_User} user * @param {string} during * @return {Users_User} */ $ret = Q::event('Users/adoptFutureUser', compact('user', 'during'), 'before'); if ($ret) { $user = $ret; } } } } if (!$user) { $user = new Users_User(); // the user we will save in the database } if (empty($adopted)) { // We will be inserting a new user into the database, so check if // this identifier was already verified for someone else. $ui = Users::identify($type, $ui_identifier); if ($ui) { throw new Users_Exception_AlreadyVerified(compact('key'), array('emailAddress', 'mobileNumber', 'identifier')); } } // Insert a new user into the database, or simply modify an existing (adopted) user $user->username = $username; if (!isset($user->signedUpWith) or $user->signedUpWith == 'none') { $user->signedUpWith = $type; } $user->icon = 'default'; $user->passphraseHash = ''; $url_parts = parse_url(Q_Request::baseUrl()); if (isset($url_parts['host'])) { // By default, the user's url would be this: $user->url = $username ? "http://{$username}." . $url_parts['host'] : ""; } /** * @event Users/insertUser {before} * @param {string} during * @param {Users_User} user */ Q::event('Users/insertUser', compact('user', 'during'), 'before'); $user->save(); // sets the user's id /** * @event Users/insertUser {after} * @param {string} during * @param {Users_User} user */ Q::event('Users/insertUser', compact('user', 'during'), 'after'); $sizes = Q_Config::expect('Users', 'icon', 'sizes'); sort($sizes); if (empty($icon)) { switch ($provider) { case 'facebook': // let's get this user's icon on facebook if (empty($uid)) { break; } $icon = array(); foreach ($sizes as $size) { $icon["{$size}.png"] = "https://graph.facebook.com/{$uid}/picture?width={$size}&height={$size}"; } break; } } else { // Import the user's icon and save it if (is_string($icon)) { // assume it's from gravatar $iconString = $icon; $icon = array(); foreach ($sizes as $size) { $icon["{$size}.png"] = "{$iconString}&s={$size}"; } } else { // locally generated icons $hash = md5(strtolower(trim($identifier))); $icon = array(); foreach ($sizes as $size) { $icon["{$size}.png"] = array('hash' => $hash, 'size' => $size); } } } if (!Q_Config::get('Users', 'register', 'icon', 'leaveDefault', false)) { self::importIcon($user, $icon); $user->save(); } if (empty($user->emailAddress) and empty($user->mobileNumber)) { // Add an email address or mobile number to the user, that they'll have to verify try { $activation = Q::ifset($options, 'activation', 'activation'); if ($activation) { $subject = Q_Config::get('Users', 'transactional', $activation, "subject", null); $body = Q_Config::get('Users', 'transactional', $activation, "body", null); } else { $subject = $body = null; } if ($type === 'email') { $user->addEmail($identifier, $subject, $body, array(), $options); } else { if ($type === 'mobile') { $p = $options; if ($delay = Q_Config::get('Users', 'register', 'delaySms', 0)) { $p['delay'] = $delay; } $sms = Q_Config::get('Users', 'transactional', $activation, "sms", null); $user->addMobile($mobileNumber, $sms, array(), $p); } } } catch (Exception $e) { // The activation message could not be sent, so remove this user // from the database. This way, this username will be // back on the market. $user->remove(); throw $e; } } if (!empty($device)) { $device['userId'] = $user->id; Users_Device::add($device); } /** * @event Users/register {after} * @param {string} username * @param {string|array} identifier * @param {string} icon * @param {Users_User} user * @param {string} provider * @return {Users_User} */ $return = Q::event('Users/register', compact('username', 'identifier', 'icon', 'user', 'provider', 'options', 'device'), 'after'); return $user; }
/** * Get the status of the logged-in user and their account. * @param Users_Email $email * Optional. Pass a reference here to be filled with the email object, if it's loaded. * You can use it in conjunction with the "verify email" status. * @return array|boolean * Returns false if the user is not logged in. * Returns true if everything is complete. * Otherwise, returns an array whose keys are the names of the missing fields: * ("first_name", "last_name", "birthday", "gender", "desired_gender", "username", * "email_address") * and the values are "missing" or "unverified" */ static function accountStatus(&$email = null) { $module = Pie_Dispatcher::uri()->module; $user = Users::loggedInUser(); if (!$user) { // Try to authenticate $app_id = Pie_Config::expect('users', 'facebookApps', $module, 'appId'); $user = Users::authenticate('facebook', $app_id); if (!$user) { return false; } } $result = array(); if (empty($user->email_address)) { // An email address isn't verified for this user yet. // If the user hasn't even added an email address, then ask for one. if (!isset(self::$email)) { self::$email = new Users_Email(); self::$email->user_id = $user->id; self::$email = self::$email->retrieve(null, false, '*', true)->orderBy('time_created', false)->resume(); } $email = self::$email; if ($email) { // The email could be unverified, sunspended, unsubscribed, etc. $result['email_address'] = $email->state; } else { $result['email_address'] = 'missing'; } } $fieldnames = array('first_name', 'last_name', 'username', 'birthday', 'gender', 'desired_gender', 'relationship_status', 'relationship_user_id', 'zipcode'); foreach ($fieldnames as $k => $v) { if (empty($user->{$v})) { $result[$v] = 'missing'; } } return $result; }
function items_addPhoto_response_content() { if (isset($_POST['fb_sig_app_id'])) { $app_id = $_POST['fb_sig_app_id']; } else { $app = Pie_Config::expect('pie', 'app'); $app_id = Pie_Config::expect('users', 'facebookApps', $app, 'appId'); } Users::authenticate('facebook', $app_id); return Pie::tool('items/addPhoto', array()); }