Пример #1
0
 public function login($user_id)
 {
     $this->unbanip();
     $user = new User();
     $user->loadFromId($user_id);
     Session::Add(self::SESSION_USER_ID, $user_id);
     Session::Add(self::SESSION_USER_EMAIL, $user->getEmail());
     Session::Add(self::SESSION_LOGGED, TRUE);
 }
Пример #2
0
     $this->getToken();
     $this->getExtendedToken();
     if (isset($_GET['updated'])) {
         $this->assign('message', 'The user password have been updated.');
     }
     break;
 case 'delete':
     if (!$this->request(3) || !$this->request(4)) {
         break;
     }
     $this->acceptExtendedToken($this->request(4));
     // can not delete current user
     if (Session::Get(Authentification::SESSION_USER_ID) == intval($this->request(3))) {
         $this->errorPage('Unable to delete your own account', 'You can not delete yourself. Please ask another administrator to do it!', FALSE);
     }
     $u = new User();
     $u->loadFromId(intval($this->request(3)));
     if (!$u->exists()) {
         break;
     }
     if (!empty($_POST)) {
         $this->acceptToken();
         try {
             if (empty($_POST['delete'])) {
                 throw new \Exception('Nobody will be deleted until you check the box…');
             }
             if (empty($_POST['user_id']) || $_POST['user_id'] != intval($this->request(3))) {
                 $this->hackAttempt();
             }
             if (!$u->hasStillUser()) {
                 throw new \Exception('You can not delete the only remaining user.');
Пример #3
0
$this->canLogin();
if ($this->auth->isLogged()) {
    header('Location: ' . $this->URL('manage'));
    exit;
}
if (!empty($_POST)) {
    $this->acceptToken();
    try {
        $this->assign('form_data', array('email' => htmlspecialchars($_POST['email']), 'remember' => !empty($_POST['remember']) && $_POST['remember'] == 'on'));
        if (empty($_POST['email']) || !filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
            throw new \Exception('Please enter a valid email address.');
        }
        if (empty($_POST['pass'])) {
            throw new \Exception('Please enter a valid password.');
        }
        $u = new User();
        if (!$u->acceptCredential($_POST['email'], $_POST['pass'])) {
            $this->auth->addFailure();
            $this->canLogin();
            throw new \Exception('I’m so sorry but I can’t accept your credential… Please try again.');
        }
        $u->registerLogin();
        $this->auth->login($u->getId());
        header('Location: ' . $this->URL('manage'));
        exit;
    } catch (\Exception $e) {
        $this->assign('form_error', $e->getMessage());
    }
}
$this->page('authentification');
$this->getToken();