public function login() { if (current_user() == null) { $provider = new \BDE42\OAuth2\Client\Provider\Marvin(['clientId' => env('42_ID'), 'clientSecret' => env('42_SECRET'), 'redirectUri' => env('42_REDIRECT', 'http://localhost:8000/auth/login')]); // If we don't have an authorization code then get one if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl(); session(['oauth2state' => $provider->getState()]); return redirect($authUrl); // Check given state against previously stored one to mitigate CSRF attack } else { if (empty($_GET['state']) || $_GET['state'] !== session('oauth2state')) { session()->forget('oauth2state'); exit('Invalid state'); } } session()->forget('oauth2state'); // Try to get an access token (using the authorization code grant) $token = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]); // Try to get an access token (using the authorization code grant) try { $user = $provider->getResourceOwner($token); setLogin($user->getUserInfos()); //Basic informations (uid, email, name and login) //$user->toArray() //Get all user informations whose you have the access authorization } catch (Exception $e) { exit('Oh dear...'); } } //return redirect::route('clubs'); return redirect::route('clubs'); }
$stmt->bindParam(":UserName", $username); $stmt->execute(); $results = $stmt->fetch(PDO::FETCH_ASSOC); if (count($results) > 0 && $password === $results['UPassword']) { $userid = $results['UserID']; print "<H2>Login Completed</H2><p>Thanks {$username}, you have been logged in</p>"; print "<form method='post' name='getList' action='home.php?{$userid}' autocomplete='on'>"; print "<input type='hidden' name='userid' value='{$userid}' />"; print "<input type='submit' value='Request Services'/>"; print "</form>"; attemptedLoginSuccess($userid); } else { die("<p class='error'>Password does not match file " . mysql_error() . "</p></body></html>"); attemptedLoginFailure(); } setLogin($userid); function setLogin($userid) { include_once './panels/dbConnect.php'; $dbh = OpenConn(); $stmt = $dbh->prepare("UPDATE tUser Set LastLogin=getDate() WHERE UserID=:UserID"); $stmt->bindParam(":UserID", $userid); $stmt->execute(); $dbh = null; } function attemptedLoginSuccess($userid) { include_once './panels/dbConnect.php'; $dbh = OpenConn(); $stmt = $dbh->prepare("INSERT INTO tLoginAttempt (UserID,Success,ApplicationID,IP,AttemptedDateTime) VALUES(:UserID,1,0,:ip,getDate())"); $stmt->bindParam(":UserID", $userid);
/** * Создаёт исполнителя по данным из mysql * * @param array $data данные из mysql * * @return &array объект исполнителя */ function &unserializeFromMysql(array $data) { $Executor =& construct(); setId($Executor, $data['id']); setFio($Executor, $data['fio']); setSalary($Executor, $data['salary']); setLogin($Executor, $data['login']); return $Executor; }
loginForm($category, $authStatus); } else { echo "<h2>Ustawienie loginu</h2>"; if (isset($_POST['setlogin'])) { $newLogin = clearVariable($_POST['newlogin']); $repeatLogin = clearVariable($_POST['repeatlogin']); $changeStatus; if (empty($newLogin) || empty($repeatLogin)) { // zwrócenie błędu jeżeli któreś pole jest puste $changeStatus = "<p>Musisz wypełnić oba pola.</p>"; } else if ($newLogin != $repeatLogin) { $changeStatus = "<p>Oba wpisane loginy są różne.</p>"; } else { include('php/setlogin.php'); $changeStatus = setLogin($newLogin); } echo $changeStatus; } // jeśli jest, to wyświetlenie prawidłowej zawartości strony if ($_SESSION['userLogin']) { echo "<p>Posiadasz już ustawiony login.</p>"; } else { // jeżeli wcisnięty został przycisk "zmień" echo "<p>Twoje konto nie posiada jeszcze ustalonego loginu. Logowanie poprzez numer indeksu jest niebezpieczne. Aby móc korzystać ze swojego konta należy teraz ustawić swój login, który będzie służył do logowania.</p>"; ?> <form action="?category=user/setlogin" method="post"> <table>
<?php session_start(); require_once dirname(__FILE__) . "/lib/header.php"; if (isset($_SESSION['loginID'])) { locate($URLPv . "index.php"); } else { if (isset($_POST['stuID']) && isset($_POST['stuPW'])) { if (CheckPOP3($_POST['mailserver'] . ".ndhu.edu.tw", $_POST['stuID'], $_POST['stuPW'])) { $_SESSION['loginID'] = $_POST['stuID']; $_SESSION['loginToken'] = genToken($DBmain, $_SESSION['loginID']); setLogin($DBmain, $_SESSION['loginID'], $_SESSION['loginToken']); if (checkAdmin($DBmain, $_SESSION['loginID'])) { setLog($DBmain, "info", "Admin Login", $_SESSION['loginID']); } if (checkReg($DBmain, $_SESSION['loginID'])) { locate($URLPv . "index.php"); } else { locate($URLPv . "regist.php"); } } else { alert("Login Failed! Please try again. "); locate($URLPv . "login.php"); } } else { ?> <div class="login"> <form action="login.php" method="post"> <div class="form-horizontal"> <div class="form-group"> <label class="control-label col-sm-2">Email: </label>
<?php require_once 'conf.php'; require_once 'lib.php'; $error = ""; if (getField('submit') == "Login") { if (isValidUser()) { setLogin(); header("Location: index.php"); } else { $error = "Invalid Username or Password!"; } } $conf['pageTitle'] .= " | SignUp"; $data['menu'] = getTopMenu(); $data['bodyContent'] = getLoginForm($error); require_once TEMPLATE; function getLoginForm($error) { $temp = '<div class="title">User Login</div> <div class="form login-form"> <div class="errors">' . $error . '</div> <form action="login.php" method="post" id="login_form"> <div class="field"> <label for="username">Username</label><br/> <input type="text" name="username" id="username"/> </div> <div class="field"> <label for="password">Password</label><br/> <input type="password" name="password" id="password"/> </div>