public function searchAction() { if ($this->getRequest()->isXmlHttpRequest()) { $request = $this->getRequest(); $sm = $this->getServiceLocator(); $oFormModel = $sm->get('FormsElementTable'); $aFormModel = $oFormModel->getPolaFormularza(2); if ($request->isPost()) { $oPost = $request->getPost(); $aPost = $oPost->toArray(); $container = new \Zend\Session\Container($this->sSessionNameSpace); foreach ($aPost as $klucz => $wartosc) { $container->offsetSet($klucz, $wartosc); } $ind = $this->params()->fromQuery('orderby', 0); $direction = $this->params()->fromQuery('direction', 'desc'); $container->offsetSet('direction', $direction); $container->offsetSet('orderby', $ind); $xml = '<info>Ok</info>'; $this->getResponse()->getHeaders()->addHeaders(array('Content-type' => 'text/xml')); return $this->getResponse()->setContent($xml); } $oForm = new Form(); $oForm->setPokazPrzyciskZapisz(false); $xml = $oForm->getXMLForm($aFormModel); $this->getResponse()->getHeaders()->addHeaders(array('Content-type' => 'text/xml')); return $this->getResponse()->setContent($xml); } }
/** * Handle login form * * @return array|\Zend\Http\Response array (form => \Console\Form\Login) or redirect response */ public function loginAction() { // Don't show the login form if the user is already logged in if ($this->_authenticationService->hasIdentity()) { return $this->redirectToRoute('client'); } $vars = array('form' => $this->_form); if ($this->getRequest()->isPost()) { $this->_form->setData($this->params()->fromPost()); if ($this->_form->isValid()) { // Check credentials $data = $this->_form->getData(); if ($this->_authenticationService->login($data['User'], $data['Password'])) { // Authentication successful. Redirect to appropriate page. $session = new \Zend\Session\Container('login'); if (isset($session->originalUri)) { // We got redirected here from another page. Redirect to original page. $response = $this->redirect()->toUrl($session->originalUri); } else { // Redirect to default page (client listing) $response = $this->redirectToRoute('client'); } $session->getManager()->getStorage()->clear('login'); return $response; } } $vars['invalidCredentials'] = true; } return $vars; }
/** * * @param \Zend\Db\TableGateway\TableGateway $tableGateway */ public function __construct(\Zend\Db\TableGateway\TableGateway $tableGateway) { $this->tableGateway = $tableGateway; $session = new \Zend\Session\Container(); $this->id = $session->offsetGet('id'); $this->role = $session->offsetGet('role'); }
public function captcha2() { $path = BASEPATH . '../resources/captcha/' . (date('Y') . '/' . date('m') . '/' . date('d')); if (!file_exists($path)) { mkdir($path, 0777, TRUE); } $session = new Zend\Session\Container('ZEND_PARANGARI'); $session->offsetSet('text1', 'value1'); //$session->set $obj = new Zend\Captcha\Image(); $obj->setImgDir($path); $obj->setFont(BASEPATH . '../application/third_party/fonts/LesJoursHeureux.otf'); $obj->setFontSize(40); $obj->setWidth(250); $obj->setHeight(100); $obj->setDotNoiseLevel(40); $obj->setLineNoiseLevel(3); $obj->setWordlen(6); $obj->setSession($session); $string_captcha_ID = $obj->generate(); echo $string_captcha_ID . "<br/>"; echo $obj->getWord(); $obj->isValid($string_captcha_ID); Helper_Log::write($_SESSION); }
function userMessageAction() { $sessionContainer = new \Zend\Session\Container(); $user = $sessionContainer->offsetGet("user"); $username = $user['username']; $userMessage = $this->getUserMessageTable()->getUserMessage($username); return ['userMessage' => $userMessage]; }
public function onDispatch(\Zend\Mvc\MvcEvent $e) { $id = (int) $this->getEvent()->getRouteMatch()->getParam('id_container'); $container = new \Zend\Session\Container($this->sSessionNameSpace); $container->offsetSet('id_container', $id); $this->aAdditionalArray = array('id_container' => $id); return parent::onDispatch($e); }
/** * Constructor */ public function __construct() { $this->msg = $this->flashMessenger()->getCurrentMessages(); $this->flashMessenger()->clearMessages(); $session = new \Zend\Session\Container(); $this->role = $session->offsetGet('role'); $this->id = $session->offsetGet('id'); }
/** * Constructor * @param \Zend\Db\TableGateway\TableGateway $tableGateway */ public function __construct(TableGateway $tableGateway) { $this->tableGateway = $tableGateway; $session = new \Zend\Session\Container(); $this->id = $session->offsetGet('id'); $this->role = $session->offsetGet('role'); $adapter = $this->tableGateway->getAdapter(); $this->sql = new Sql($adapter); }
public function authenticate(AuthEvent $e) { // check if cookie needs to be set, only when prior auth has been successful if ($e->getIdentity() !== null && $e->getRequest()->isPost() && $e->getRequest()->getPost()->get('remember_me') == 1) { $userObject = $this->getUserMapper()->findById($e->getIdentity()); $this->getRememberMeService()->createSerie($userObject->getId()); /** * If the user has first logged in with a cookie, * but afterwords login with identity/credential * we remove the "cookieLogin" session. */ $session = new \Zend\Session\Container('zfcuser'); $session->offsetSet("cookieLogin", false); return; } if ($this->isSatisfied()) { $storage = $this->getStorage()->read(); $e->setIdentity($storage['identity'])->setCode(AuthenticationResult::SUCCESS)->setMessages(array('Authentication successful.')); return; } $cookies = $e->getRequest()->getCookie(); // no cookie present, skip authentication if (!isset($cookies['remember_me'])) { return false; } $cookie = explode("\n", $cookies['remember_me']); $rememberMe = $this->getRememberMeMapper()->findByIdSerie($cookie[0], $cookie[1]); if (!$rememberMe) { $this->getRememberMeService()->removeCookie(); return false; } if ($rememberMe->getToken() !== $cookie[2]) { // H4x0r // @TODO: Inform user of theft, change password? $this->getRememberMeMapper()->removeAll($cookie[0]); $this->getRememberMeService()->removeCookie(); $this->setSatisfied(false); $e->setCode(AuthenticationResult::FAILURE)->setMessages(array('Possible identity theft detected.')); return false; } $userObject = $this->getUserMapper()->findById($cookie[0]); $this->getRememberMeService()->updateSerie($rememberMe); // Success! $e->setIdentity($userObject->getId()); $this->setSatisfied(true); $storage = $this->getStorage()->read(); $storage['identity'] = $e->getIdentity(); $this->getStorage()->write($storage); $e->setCode(AuthenticationResult::SUCCESS)->setMessages(array('Authentication successful.')); // Reference for weak login. Should not be allowed to change PW etc. $session = new \Zend\Session\Container('zfcuser'); $session->offsetSet("cookieLogin", true); }
/** * __invoke * * @access public * @param array $options array of options * @return string */ public function __invoke($url, $parentId) { $form = $this->getCommentForm(); $form->get('url')->setAttribute('value', $url); $container = new \Zend\Session\Container(); $errors = $container->offsetGet('form_errors'); if (isset($errors)) { $form->setMessages($errors); } $container->offsetUnset('form_errors'); $vm = new ViewModel(array('form' => $form, 'url' => $url, 'parentId' => $parentId)); $vm->setTemplate('comment/comment/index'); return $this->getView()->render($vm); }
/** * Return cart content * * @return array */ public function cart() { $items = $this->session->offsetGet('cart'); if (empty($items)) { return array(); } return $items; }
/** * 登出 * * @return \Zend\Http\Response */ public function logoutAction() { if (!$this->getAuthService()->getIdentity()) { return $this->redirect()->toRoute('home'); } $username = $this->getAuthService()->getIdentity()->getUsername(); // $this->getSessionStorage()->forgetMe(); $this->getAuthService()->clearIdentity(); $httpIp = $this->getRequest()->getServer('REMOTE_ADDR'); $this->getServiceLocator()->get('Zend\\Log')->info($username . ' logout from ' . $httpIp); // $this->flashmessenger()->addMessage("您已經登出"); $session = new \Zend\Session\Container('user'); $session->getManager()->destroy(); /* $session = $this->getServiceLocator()->get('SchoolSession'); $session->getManager()->destroy();*/ return $this->redirect()->toRoute('home'); }
unset($session_params); try { Zend\Session\Container::getDefaultManager()->start(); /* This portion may seem strange, but it is an extra validation against session * collisions. An extra cookie is set with an additional random value. When loading * the session, it makes sure the extra cookie matches the one in the session. Otherwise * it destroys the session and reloads the page for the user. * * Effectively, in the occurence of a collision, both users are kicked out. * This is an extremely rare occurence that is hard to reproduce by nature. */ if (isset($_SESSION['extra_validation'])) { $cookie = isset($_COOKIE[$extra_cookie_name]) ? $_COOKIE[$extra_cookie_name] : null; if ($cookie !== $_SESSION['extra_validation']) { TikiLib::lib('logs')->add_log('system', 'session cookie validation failed'); Zend\Session\Container::getDefaultManager()->destroy(); header('Location: ' . $_SERVER['REQUEST_URI']); exit; } } else { $sequence = $tikilib->generate_unique_sequence(16); $_SESSION['extra_validation'] = $sequence; setcookie($extra_cookie_name, $sequence, time() + 365 * 24 * 3600, ini_get('session.cookie_path')); unset($sequence); } } catch (Zend\Session\Exception\ExceptionInterface $e) { // Ignore } } } // Moved here from tiki-setup.php because smarty use a copy of session
/* * Notes: * - Add CSRF protection anywhere where a user may enter data. Add 'csrf-middleware' before 'csrf' * - Add UnauthenticatedAccessMiddleware whenever a user should be authenticated to access a page. */ $app->get('/', function (Request $request, Response $response, array $args) { //TODO pull recipes from database, store into objects, pass objects to home.twig $container = new \Zend\Session\Container('authentication'); $user = $container->user; $this->view->render($response, 'templates/home.twig', array('user' => $user)); })->setName('home')->add($container->get('csrf-middleware'))->add($container->get('csrf')); $app->get('/login', function (Request $request, Response $response, array $args) { $this->view->render($response, 'templates/login-page.twig'); })->setName('login')->add($container->get('csrf-middleware'))->add($container->get('csrf')); $app->get('/register', function (Request $request, Response $response, array $args) { $this->view->render($response, 'templates/register-page.twig'); })->setName('register')->add($container->get('csrf-middleware'))->add($container->get('csrf')); $app->get('/verify/{key}', function (Request $request, Response $response, array $args) { $key = $args['key']; $success = $this->DatabaseService->verifyUser($key); $this->view->render($response, 'templates/user-verify.twig', array('success' => $success)); }); $app->get('/profile', function (Request $request, Response $response, array $args) { $container = new \Zend\Session\Container('authentication'); $user = $container->user; $this->view->render($response, 'templates/edit-profile.twig', array('user' => $user)); })->setName('edit-profile')->add($container->get('csrf-middleware'))->add($container->get('csrf'))->add($container->get('unauth-access-middleware')); /** TESTING! */ $app->get('/test', function (\Psr\Http\Message\ServerRequestInterface $req, Response $res, $args = []) { var_dump($req->getServerParams()); });
public function _init(Dispatcher $dispatcher) { // 引入Composer,Yaf扩展的配置项yaf.use_spl_autoload务必设置为1 if (file_exists(ROOT_PATH . '/vendor/autoload.php')) { $loader = (include ROOT_PATH . '/vendor/autoload.php'); //$loader->add("",ROOT_PATH.'/library'); //$loader->addPsr4("Zend\\",ROOT_PATH.'/library/Zend'); Registry::set('loader', $loader); } // 禁止自动渲染 $dispatcher->autoRender(FALSE); // 保存配置 $this->_config = Application::app()->getConfig(); Registry::set('config', $this->_config); // 报错设置 if ($this->_config->global->showError) { error_reporting(-1); ini_set('display_errors', 'On'); } // 加解密 if (!empty($this->_config->global->key)) { Registry::set('enc', function () { $blockCipher = BlockCipher::factory('mcrypt', array('algo' => 'aes')); $blockCipher->setKey($this->_config->global->key); return $blockCipher; }); } // 命令行方式,跳过SESSION if (!defined("RUN_IN_CLI")) { // 保存路径 $sessionConfig = $this->_config->session->toArray(); if (isset($sessionConfig['save_path'])) { @mkdir($sessionConfig['save_path'], 0777, true); } // 配置 $config = new SessionConfig(); $config->setOptions($sessionConfig); // 会话管理器 $manager = new SessionManager($config); // 开启会话 $manager->start(); // 验证会话 $manager->getValidatorChain()->attach('session.validate', array(new HttpUserAgent(), 'isValid')); if (!$manager->isValid()) { $manager->destroy(); throw new \Exception("会话验证失败"); } // 会话Token $default = new Zend\Session\Container(); if (empty($default->offsetGet('securityToken'))) { $default->offsetSet('securityToken', md5(uniqid(rand(), true))); } // 保存实例 Registry::set('session', $default); Registry::set('sm', $manager); } // 数据库 Registry::set('db', function () { $mysqlMasterConfig = $this->_config->mysql->master->toArray(); $adapter = new Adapter($mysqlMasterConfig); $connect = $adapter->getDriver()->getConnection(); for ($i = 0; $i < 5; $i++) { if ($connect->isConnected()) { break; } $connect->connect(); } return $adapter; }); // 邮件 Registry::set('mail', function () { $options = new SmtpOptions($this->_config->smtp->toArray()); $mail = new SmtpTransport(); $mail->setOptions($options); return $mail; }); // 日志 Registry::set('logger', function () { $logger = new Zend\Log\Logger(); $writer = new Zend\Log\Writer\Stream($this->_config->log->path . '/' . date("Ymd") . ".log"); $logger->addWriter($writer); return $logger; }); }
<?php $manager = new \Zend\Session\SessionManager(); $manager->setName('abbrevia'); \Zend\Session\Container::setDefaultManager($manager); $auth = new Zend\Authentication\AuthenticationService(); $db->session = $manager->getStorage(); $facebookSession = new \Zend\Session\Container('facebook_id'); if (array_key_exists('action', $_REQUEST) && $_REQUEST['action'] == 'login' && array_key_exists('xhrValidate', $_REQUEST) && array_key_exists('username', $_REQUEST) && array_key_exists('password', $_REQUEST)) { if (is_numeric(session_id())) { session_destroy(); } $authAdapter = new \login\Auth($db, $_REQUEST['username'], $_REQUEST['password']); $authResult = $auth->authenticate($authAdapter); if ($authResult->getCode() != \Zend\Authentication\Result::SUCCESS) { $control->addValidationMessage('username_login', 'Credenziali errate'); } $db->session->plain_pwd = $_REQUEST['password']; } else { if (array_key_exists('action', $_REQUEST) && $_REQUEST['action'] == 'register' && array_key_exists('username', $_REQUEST) && array_key_exists('password', $_REQUEST)) { $_REQUEST['task'] = 'register'; if (array_key_exists('xhrValidate', $_REQUEST)) { if (!filter_var($_REQUEST['username'], FILTER_VALIDATE_EMAIL)) { $control->addValidationMessage('username_register', 'Inserisci una mail valida'); } if (strlen($_REQUEST['password']) < 3) { $control->addValidationMessage('password_register', 'La password deve avere almeno tre caratteri'); } if ($_REQUEST['password'] !== $_REQUEST['passwordr']) { $control->addValidationMessage('password_register', 'Le due password non coincidono'); }
public function addComment($data) { $comment = new CommentEntity(); $form = $this->getCommentForm(); $form->setHydrator(new ClassMethods()); $form->bind($comment); $form->setData($data); if (!$form->isValid()) { $container = new \Zend\Session\Container(); $container->offsetSet('form_errors', $form->getMessages()); return false; } $comment = $form->getData(); $comment->setComment($data['comment']); $comment->setProjectId('1'); //$comment->setDtc('date'); $this->repository->saveEntity($comment); return $comment; }
public function getServiceConfig() { return array('aliases' => array('Zend\\Authentication\\AuthenticationService' => 'auth_service'), 'factories' => array('Backend\\Model\\GtueData' => function ($sm) { $fahrzeugGateway = $sm->get('FahrzeugTableGateway'); $hauptuntersuchungGateway = $sm->get('HauptuntersuchungTableGateway'); $sicherheitsGateway = $sm->get('SicherheitsTableGateway'); $aenderungGateway = $sm->get('AenderungTableGateway'); $oldtimerGateway = $sm->get('OldtimerTableGateway'); $table = new gtueData($fahrzeugGateway, $hauptuntersuchungGateway, $sicherheitsGateway, $aenderungGateway, $oldtimerGateway); return $table; }, 'FahrzeugTableGateway' => function ($sm) { $dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter'); return new TableGateway('fahrzeug', $dbAdapter, null, null); }, 'SicherheitsTableGateway' => function ($sm) { $dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter'); return new TableGateway('sp', $dbAdapter, null, null); }, 'AenderungTableGateway' => function ($sm) { $dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter'); return new TableGateway('aenderung', $dbAdapter, null, null); }, 'OldtimerTableGateway' => function ($sm) { $dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter'); return new TableGateway('oldtimer', $dbAdapter, null, null); }, 'HauptuntersuchungTableGateway' => function ($sm) { $dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter'); return new TableGateway('hu', $dbAdapter, null, null); }, 'Backend\\Model\\UserTable' => function ($sm) { $tableGateway = $sm->get('UserTableGateway'); $table = new UserTable($tableGateway); return $table; }, 'UserTableGateway' => function ($sm) { $dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter'); $resultSetPrototype = new ResultSet(); $resultSetPrototype->setArrayObjectPrototype(new User()); return new TableGateway('user', $dbAdapter, null, $resultSetPrototype); }, 'app_navigation' => 'Zend\\Navigation\\Service\\DefaultNavigationFactory', 'member_navigation' => 'Backend\\Navigation\\Service\\MemberNavigationFactory', 'admin_navigation' => 'Backend\\Navigation\\Service\\AdminNavigationFactory', 'AuthService' => function ($sm) { //My assumption, you've alredy set dbAdapter //and has users table with columns : user_name and pass_word //that password hashed with md5 $dbAdapter = $sm->get('Zend\\Db\\Adapter\\Adapter'); $dbTableAuthAdapter = new DbTableAuthAdapter($dbAdapter, 'user', 'username', 'password', 'MD5(?)'); $authService = new \Zend\Authentication\AuthenticationService(); $authService->setAdapter($dbTableAuthAdapter); $sessionContainer = new \Zend\Session\Container('System_Auth'); $sessionContainer->setExpirationSeconds(60 * 15); $authService->setStorage(new \Zend\Authentication\Storage\Session('System_Auth')); // SQLITE: /*$dbTableAuthAdapter = new DbTableAuthAdapter($dbAdapter, 'user','username','password', '?'); */ //$authService = new AuthenticationService(); //$authService->setStorage($sm->get('SanAuth\Model\MyAuthStorage')); return $authService; })); }
public function logoutAction() { $loginaccess = new \Zend\Session\Container('myacl'); $loginaccess->getManager()->getStorage()->clear('myacl'); //return $this->redirect()->toRoute('Login'); }
/** * Check whether the current login is done via cookie * * Should be performed before allowing to change PW, access Financial Information etc. * * @return Boolean */ public function isCookieLogin() { $session = new \Zend\Session\Container('zfcuser'); return $session->offsetGet("cookieLogin"); }
<?php require_once './autoloader.php'; require_once EVA_LIB_PATH . '/Markdown/markdownextra.php'; $sm1 = new Zend\Session\SessionManager(); $sm1->setId(md5('session1')); $sessionContainer1 = new Zend\Session\Container('Namespace', $sm1); $sessionContainer1->offsetSet('testKey', 'foo'); echo $sessionContainer1->offsetGet('testKey'); //output foo $sm2 = new Zend\Session\SessionManager(); $sm2->setId(md5('session2')); /* $sessionContainer2 = new Zend\Session\Container('Namespace', $sm2); $sessionContainer2->offsetSet('testKey', 'bar'); echo $sessionContainer2->offsetGet('testKey'); //output bar */
/** * __invoke * * @access public * @param string * @return String */ public function __invoke() { $userSession = new \Zend\Session\Container('user'); $userName = $userSession->offsetGet('userData'); return $userName; }