/**
* 入口函数。此函数会被自动调用
* */
public function run()
{
//检查验证码
if (!(APP_DEBUG && C('Not_VerifyCode'))) {
check_verify(I('post.verifycode')) or drop(EC_4741);
}
//尝试创建数据对象
//users表
$usersMo = new UsersModel();
$usersMo->field('qq,password');
$usersMo->create(I('post.'), Model::MODEL_INSERT) or drop($usersMo->getError());
//invite_code表
$icMo = new InviteCodeModel();
$icMo->field('uid,invite_code');
$icMo->create(array('invite_code' => I('post.invite_code'), 'uid' => $usersMo->getUid()), Model::MODEL_INSERT) or drop($icMo->getError());
//数据检查
if (I('post.password') != I('post.re_password')) {
drop(EC_4742);
}
$this->checkInviteCode_0(I('post.invite_code')) or drop(EC_4751);
$this->checkInviteCode_1(I('post.invite_code')) or drop(EC_4752);
//注册信息
$usersMo->add() or drop(EC_4761);
$icMo->save() or drop(EC_4762);
//生成登陆信息
log_in($usersMo->getUid());
//返回成功信息
echo drop('1200,' . $usersMo->getUid(), true);
}
/**
* 入口函数。此函数会被自动调用
* */
public function run()
{
//检查验证码
if (!(APP_DEBUG && C('Not_VerifyCode'))) {
check_verify(I('post.verifycode')) or drop(EC_4541);
}
//检查字段值
preg_match(RegExp_username, I('post.username')) or drop(EC_4531);
//检查用户名是否存在
$this->checkUsername(I('post.username')) or drop(EC_4551);
//检查密码是否正确
$this->checkPassword(I('post.password')) or drop(EC_4552);
//生成登陆信息
log_in($this->uid);
//返回成功
drop(true);
}
<!-- LOG IN CHECK --> <!-- OVDJE UZIMAM PAS I USER I POZIVAM FUNCKCIU CHECK LOG IN --> <h3>Please wait</h3> <?php require_once "lib/functions.php"; $username = $_POST['username']; $password = $_POST['password']; log_in($username, $password); //echo $_SESSION['user'];
if (empty($ccar_to_treat)) {
$ccar_to_treat = "go_home";
}
} else {
$ccar_to_treat = "go_home";
}
// Appel de la fonction associée à la demande
switch ($ccar_to_treat) {
case "go_home":
about_ppr();
break;
case "display_nouvelingenieur":
about_nouvelingenieur();
break;
case "login":
log_in();
break;
case "logout":
log_out();
break;
case "create_account":
create_account();
break;
case "confirm_subscribe":
validate_account();
break;
case "change_pass":
change_password(false);
break;
case "lost_ids":
change_password(true);
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . "/exam-simulator/private/functions/sql_functions.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/exam-simulator/private/functions/session_functions.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/exam-simulator/private/functions/input.php";
if (logged_in()) {
log_out();
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$username = fix_string($_POST['new_username']);
$password = fix_string($_POST['new_password']);
$msg = "";
if (!username_valid($username)) {
$msg .= "<li>The username provided is not valid</li>";
}
if (!password_valid($password)) {
$msg .= "<li>The password provided is not valid</li>";
}
$conn = get_conn();
$password = encrypt_password($password);
if (username_available($conn, $username) && $msg == "") {
new_user($conn, $username, $password);
log_in($username);
$msg = '<script>location.href = \'//localhost/exam-simulator/public/index.php\'</script>';
} else {
$msg .= "<li>The username already exists.</li>";
}
$conn->close();
echo $msg;
} else {
go_home();
}
<?php
$error = '';
if (strvals_exist($_POST, 'name', 'password')) {
$result = $db->fetch('SELECT id, pass, is_admin FROM users WHERE name=?', $_POST['name']);
if (!$result || !password_verify($_POST['password'], $result->pass)) {
$error = 'Wrong username or password!';
} else {
log_in($result->id, $_POST['name'], $result->is_admin);
$solves = $db->fetchAll('SELECT challenge_id FROM solves WHERE user_id=?', $result->id);
foreach ($solves as $solve) {
add_solved_challenge($solve->challenge_id);
}
redirect_to('?p=home');
}
}
echo render('login.html.php', array('error' => $error));
LogIn exist user
* ********************* */
/* * *********************
LogIn exist user
* ********************* */
case 'login':
$email = $_POST['email_login'];
$email = addslashes($email);
$email = strip_tags($email);
$user_password = $_POST['pwd_login'];
$user_password = addslashes($user_password);
$user_password = strip_tags($user_password);
$remember_me = $_POST['remember_me'];
$remember_me = addslashes($remember_me);
$remember_me = strip_tags($remember_me);
echo log_in($email, $user_password, $remember_me);
break;
/* * *********************
View User Profile
* ********************* */
/* * *********************
View User Profile
* ********************* */
case 'get_user_profile':
echo view_user_profile();
break;
//Update User Profile
//Update User Profile
case 'update_user_profile':
$firstName = $_POST['firstName'];
$firstName = addslashes($firstName);
$err = "Internal system error: {$rc} {$memberinfo}";
break;
}
}
list($rc, $err) = ff_checkpassword($memberinfo["encpwd"], $password);
if ($rc == 5) {
$err = "Incorrect username or password";
break;
} else {
if ($rc) {
$err = "Internal system error: {$rc} {$err}";
break;
}
}
include_once "loginlogic.php";
list($rc, $err) = log_in($memberinfo["username"], $sid, $remember);
if ($rc) {
print "Internal system error: {$rc} {$err}";
exit;
}
if ($url === '') {
$url = "account.php";
}
header("Location: {$GLOBALS['SITE_URL']}{$url}");
exit;
}
header("Location: {$GLOBALS['SITE_URL']}login.php?url=" . urlencode($url) . "&u=" . urlencode($userid) . "&remember=" . urlencode($remember) . "&err=" . urlencode($err));
exit;
}
apply_template("Member Login", array(array("name" => "Login", "href" => "login.php")));
if (isset($msg) && !$err) {
<?php
session_start();
require_once "includes/auth.php";
if(credentials_valid($_POST['username'], $_POST['password'])){
log_in($_POST['username']);
if($_SESSION['redirect_to']){
header("Location: ".$_SESSION['redirect_to']);
unset($_SESSION['redirect_to']);
}else {
header("Location: index.php");
}
} else{
header("location: index.php?error=1");
exit("You are being redirected");
}
?>
} else {
if (!$pwd) {
$err = "You forgot to enter a new password.";
} else {
// Reset the password
list($rc, $e) = ff_setmemberinfo($u, false, false, $pwd);
if ($rc) {
$err = "{$rc} {$e}";
}
}
}
if (!$err) {
$err = "Success";
// Log the person in
include_once "loginlogic.php";
list($rc, $err) = log_in($u, $sid);
if (!$rc) {
header("Location: {$GLOBALS['SITE_URL']}resetpwd.php?u=" . urlencode($u) . "&err=Success");
exit;
}
}
header("Location: {$GLOBALS['SECURE_URL']}resetpwd.php?u=" . urlencode($u) . "&c=" . urlencode($c) . "&err=" . urlencode($err));
exit;
}
apply_template("Password Reset", array(array("name" => "Password Reset", "href" => "{$GLOBALS['SECURE_URL']}resetpwd.php?u=" . urlencode($u) . "&c=" . urlencode($c))));
if ($err === "Success") {
?>
<p>
Your password has been successfully reset.
</p>
<a href="account.php">Continue</a>
private static function resetpass($user)
{
if (FW4_User::is_logged_in()) {
redirect(url(ADMINDIR, false));
}
$error = $success = false;
$site = current_site();
if (isset($_POST['password'])) {
if (strlen($_POST['password']) < 6) {
$error = 'Het door u gekozen wachtwoord is te kort. Kies bij voorkeur een wachtwoord van minstens 6 tekens.';
} else {
if ($_POST['password'] != $_POST['confirm-password']) {
$error = 'De door u opgegeven wachtwoorden komen niet overeen.';
} else {
where('id = %d', $user->id)->update('user', array('password_code' => '', 'password' => FW4_User::hash_password($_POST['password']), 'password_attempts' => ''));
log_in($user->email, $_POST['password']);
redirect(url(ADMINDIR, false));
}
}
}
echo view("resetpass", array('site' => $site, 'error' => $error, 'success' => $success));
return true;
}
if (!ereg("^[-._+a-zA-Z0-9]+@[-._+a-zA-Z0-9]+\$", $email)) {
$err = "You entered an invalid email address.";
break;
}
if ($email !== $email2) {
$err = "The email addresses that you entered don't match.";
break;
}
// Try to create the account
list($rc, $err) = ff_createmember($uname, $pwd, $name, $email);
if ($rc) {
break;
}
// Log the person in.
include_once "loginlogic.php";
log_in($uname, $sid);
if ($url !== '') {
header("Location: {$GLOBALS['SITE_URL']}{$url}");
exit;
}
header("Location: {$GLOBALS['SITE_URL']}account.php");
exit;
}
header("Location: {$GLOBALS['SITE_URL']}signup.php?" . "name=" . urlencode($name) . "&email=" . urlencode($email) . "&email2=" . urlencode($email2) . "&uname=" . urlencode($uname) . "&url=" . urlencode($url) . "&err=" . urlencode($err));
exit;
}
apply_template("Member Sign Up", array(array("name" => "Sign Up", "href" => "signup.php")));
if ($err) {
print "<div class=error>" . htmlentities($err) . "</div>\n";
}
?>
$username = fix_string($_POST['username']);
$password1 = fix_string($_POST['pass1']);
$password2 = fix_string($_POST['pass2']);
$email = fix_string($_POST['email']);
if ($password1 != $password2) {
fail();
}
if (!username_valid($username)) {
fail();
}
if (!password_valid($password1)) {
fail();
}
if (!email_valid($email)) {
fail();
}
// need to salt and hash the password first
$password1 = encrypt_password($password1);
$conn = get_conn();
if (!new_user($conn, $username, $password1, $email)) {
$conn->close();
fail();
// username already taken
} else {
log_in($username, 'false');
$conn->close();
go_home();
}
} else {
go_home();
}
<?php
include "../config.php";
include "../core.php";
$postdata = json_decode(file_get_contents('php://input'));
$action = $postdata->action;
switch ($action) {
case "logIn":
log_in($postdata);
break;
case "logOut":
log_out($postdata);
break;
case "changePassword":
change_password($postdata);
break;
case "remindPassword":
remind_password($postdata);
break;
}
function log_in($postdata)
{
global $db_host;
global $db_name;
global $db_user;
global $db_password;
$username = $postdata->data->username;
$password = $postdata->data->password;
$user_permissions = array();
$result = new stdClass();
/* Подключение к БД */
<?php
if (logged_in()) {
redirect_to('?p=home');
}
$error = '';
if (strvals_exist($_POST, 'name', 'pass')) {
$user = $db->fetch('SELECT id FROM users WHERE name=?', $_POST['name']);
if ($user) {
$error = 'User already exists.';
} else {
$admin = 0;
if (strvals_exist($_POST, 'admin-pass')) {
if ($_POST['admin-pass'] === ADMIN_PW) {
$admin = 1;
} else {
$error = 'Admin password wrong!';
}
}
if (empty($error)) {
$db->put('INSERT INTO users (name, pass, is_admin) VALUES (?, ?, ?)', $_POST['name'], password_hash($_POST['pass'], PASSWORD_DEFAULT), $admin);
log_in($db->lastInsertId(), $_POST['name'], $admin);
redirect_to('?p=home');
}
}
}
echo render('register.html.php', array('error' => $error));
