function loginFunctions()
{
global $dbc;
$response = array();
if (isset($_POST['email'], $_POST['password'])) {
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$email = filter_var($email, FILTER_VALIDATE_EMAIL);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = 'Invalid Email Address';
}
$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
if (strlen($password) != 128) {
$errors[] = 'Invalid password configuration. ';
}
}
if (isset($_POST['firstName'], $_POST['lastName'])) {
$firstName = filter_input(INPUT_POST, 'firstName', FILTER_SANITIZE_STRING);
$lastName = filter_input(INPUT_POST, 'lastName', FILTER_SANITIZE_STRING);
}
if (empty($errors)) {
if ($_POST['call'] == 'login') {
$response = userLogin($email, $password);
} else {
$response = userSignup($firstName, $lastName, $email, $password);
}
} else {
$response['success'] = false;
$response['errors'] = $errors;
}
echo json_encode($response);
}
function authenticate()
{
global $db, $authRealm, $style;
$rmt = $authRealm != false;
$extAuth = externalAuth();
if (!$rmt || $extAuth === false) {
// built-in authentication attempt
if (empty($_REQUEST['u']) || !isset($_POST['p'])) {
// simple logout
return false;
}
$authData = array("user" => $_REQUEST['u'], "pass" => $_POST['p'], "email" => false);
} else {
// external authentication
if (isset($_REQUEST['u']) && empty($_REQUEST['u'])) {
// remote logout
header('HTTP/1.0 401 Unauthorized');
header('WWW-Authenticate: Basic realm="' . $authRealm . '"');
includeTemplate("{$style}/include/rmtlogout.php");
return null;
}
$authData = $extAuth;
}
// verify if we have administration rights
$DATA = userLogin($authData["user"], $authData["pass"], $rmt, $authData["email"]);
// check if the external authenticator provides an email address
if ($DATA !== false && empty($DATA["email"])) {
$DATA['email'] = $authData["email"];
}
return $DATA;
}
function LoginAPI($databasename, $user, $password)
{
global $PathPrefix;
// For included files
include '../config.php';
// Include now for the error code values.
include '../includes/UserLogin.php';
/* Login checking and setup */
$RetCode = array();
// Return result.
if (!isset($_SESSION['DatabaseName']) or $_SESSION['DatabaseName'] == '') {
// Establish the database connection for this session.
$_SESSION['DatabaseName'] = $databasename;
/* Drag in the code to connect to the DB, and some other
* functions. If the connection is established, the
* variable $db will be set as the DB connection id.
* NOTE: This is needed here, as the api_session.inc file
* does NOT include this if there is no database name set.
*/
include '../includes/ConnectDB.inc';
// Need to ensure we have a connection.
if (!isset($db)) {
$RetCode[0] = NoAuthorisation;
$RetCode[1] = UL_CONFIGERR;
return $RetCode;
}
$_SESSION['db'] = $db;
// Set in above include
}
$rc = userLogin($user, $password, $_SESSION['db']);
switch ($rc) {
case UL_OK:
$RetCode[0] = 0;
// All is well
DoSetup();
// Additional setting up
break;
case UL_NOTVALID:
case UL_BLOCKED:
case UL_CONFIGERR:
case UL_SHOWLOGIN:
// Following not in use at 18 Nov 09.
// Following not in use at 18 Nov 09.
case UL_MAINTENANCE:
/* Just return an error for now */
$RetCode[0] = NoAuthorisation;
$RetCode[1] = $rc;
break;
}
return $RetCode;
}
if (mb_strlen($pwdNew, 'UTF8') < 4 || mb_strlen($pwdNew, 'UTF8') > 16) {
return 'bad.密码长度应在4-16字符之间';
exit;
}
if (md5($pwdInput . "sdshare") != $pwdNow) {
return 'bad.原密码错误';
exit;
}
$pwdNew = md5($pwdNew . "sdshare");
$sql = "UPDATE `sd_users` SET `pwd` = '{$pwdNew}' WHERE `uid` = {$userId}";
mysqli_query($con, $sql);
return 'ok.密码修改成功';
}
switch ($action) {
case 'login':
print_r(userLogin($_POST['username'], $_POST['password'], $con));
break;
case 'register':
print_r(userReg($_POST['username-reg'], $_POST['password-reg'], $con));
break;
case 'delshare':
print_r(delShare($_POST['key'], $con, $userInfo['uid']));
break;
case 'delshares':
print_r(delShareS($_POST['key'], $con, $userInfo['uid']));
break;
case 'changepwd':
print_r(changePwd($_POST['pwd'], $con, $userInfo['pwd'], $_POST['pwdnow'], $userInfo['uid']));
break;
default:
# code...
<?php
include "incl/config.php";
$pageId = "login";
// Check if the url contains a querystring with a page-part.
$p = null;
if (isset($_GET["p"])) {
$p = $_GET["p"];
}
// Is the action a known action?
$content = null;
$output = null;
if ($p == "login") {
$title = "Logga in";
$content = userLogin();
} else {
if ($p == "logout") {
$title = "Logga ut";
$content = userLogout();
} else {
$title = "Status login / logout";
}
}
?>
<?php
include "incl/header.php";
?>
<div id="content">
<div class="left borderRight width80"">
/**
* Logs a user in.
*
* @param string $username
* @param string $password
* @return User or Error
*/
function login($username, $password)
{
global $CFG;
if ($password == "" || $username == "") {
$ERROR = new Error();
$ERROR->createLoginFailedError();
return $ERROR;
}
$user = userLogin($username, $password);
if ($user instanceof Error) {
return $user;
} else {
if ($user instanceof User) {
$user->setPHPSessID(session_id());
return $user;
} else {
$ERROR = new Error();
return $ERROR->createLoginFailedError();
}
}
}
<?php
//Session management
ini_set("session.cookie_secure", 0);
session_start();
if (empty($_SESSION['token'])) {
$_SESSION['token'] = base64_encode(mcrypt_create_iv(8, MCRYPT_DEV_URANDOM));
}
if (!empty($_POST['action']) and isEqual($_POST['action'], "login") and !empty($_POST['username']) and !empty($_POST['password']) and !empty($_POST['CRSFtoken'])) {
$user = userLogin($file_db, $_POST['username'], $_POST['password'], $_POST['CRSFtoken']);
error_log($user);
} elseif (isLoged()) {
$user = userInfo($file_db, $_SESSION['userId']);
}
function checkLoginExternalAuth($uid = "", $userPassword = "")
{
global $userDn_rz, $userDN, $suffix, $suffix_ext, $ldapError, $standpwd;
# Abfrage, ob das Loginformular Daten enthält
if (!($uid == "" || $userPassword == "")) {
# UID und Passwort wurden eingegeben
# Fallunterscheidung welche Logins möglich sind
if ($ds_rz = rzLdapConnect($uid, $userPassword)) {
# RZ-LDAP-Login erfolgreich,
# -> Mache Datenabgleich und anschließenden Login am LSM-LDAP
datenabgleich($uid, $ds_rz);
ldap_unbind($ds_rz);
# echo "RZ Bind OK<br>";
if (dummyUidCheck($uid)) {
userLogin($uid, $standpwd);
} else {
# Nachricht User melden bei ... d.h. von Hand anlegen zur Kontrolle
#userAnlegen($uid,$userPassword,$ds_rz);
ldap_unbind($ds_rz);
redirect(3, "index.php", "<h3>Benutzer lokal nicht angelegt!<h3>" . $ldapError, FALSE);
die;
}
} elseif (!($ds_rz = rzLdapConnect($uid, $userPassword)) && ($ds = uniLdapConnect($uid, $userPassword))) {
# RZ-LDAP-Login nicht erfolgreich, LSM-LDAP-Login erfolgreich,
# -> User nicht in RZ-LDAP gespeichert.
# -> Login am LSM-LDAP (z.B. für lokale Spezialuser ... )
# echo "RZ Bind FAILED / LSM Bind OK<br>";
ldap_unbind($ds);
userLogin($uid, $userPassword);
} else {
# In anderen Fällen waren die Zugangsdaten nicht korrekt.
# -> Redirect auf index.php.
redirect(3, "index.php", "<h3>Bitte geben Sie korrekte Zugangsdaten ein.<h3>" . $ldapError, FALSE);
die;
}
} else {
# UID und/oder Passwort wurden NICHT eingegeben
redirect(3, "index.php", "<h3>Bitte geben Sie User-Id und Passwort ein.</h3>" . $ldapError, FALSE);
die;
}
}
$types = array();
$changes = getFormChanges($dbUser, $_REQUEST['newUser'], $types);
if ($_REQUEST['newUser']['Password']) {
$changes['Password'] = "******" . dbEscape($_REQUEST['newUser']['Password']) . ")";
} else {
unset($changes['Password']);
}
if (count($changes)) {
if (!empty($_REQUEST['uid'])) {
dbQuery("update Users set " . implode(", ", $changes) . " where Id = ?", array($_REQUEST['uid']));
} else {
dbQuery("insert into Users set " . implode(", ", $changes));
}
$refreshParent = true;
if ($dbUser['Username'] == $user['Username']) {
userLogin($dbUser['Username'], $dbUser['Password']);
}
}
$view = 'none';
} elseif ($action == "state") {
if (!empty($_REQUEST['runState'])) {
//if ( $cookies ) session_write_close();
packageControl($_REQUEST['runState']);
$refreshParent = true;
}
} elseif ($action == "save") {
if (!empty($_REQUEST['runState']) || !empty($_REQUEST['newState'])) {
$sql = "select Id,Function,Enabled from Monitors order by Id";
$definitions = array();
foreach (dbFetchAll($sql) as $monitor) {
$definitions[] = $monitor['Id'] . ":" . $monitor['Function'] . ":" . $monitor['Enabled'];
$extAuth = externalAuth();
$authData = httpBasicDecode($_SERVER['HTTP_X_AUTHORIZATION']);
if ($rmt || $extAuth !== false) {
// enforce double auth/consistency when using remote authentication
if ($authData === false || $extAuth === false || $authData["user"] !== $extAuth["user"] || $extAuth["pass"] !== false && $authData["pass"] !== $extAuth["pass"]) {
logError('inconsistent double authorization token');
unset($authData);
}
}
}
if (isset($authData)) {
if (empty($authData["user"]) || !$rmt && empty($authData["pass"])) {
logError('missing credentials');
httpUnauthorized();
}
$auth = userLogin($authData["user"], $authData["pass"], $rmt);
unset($authData);
}
if (empty($auth)) {
logError('invalid credentials');
httpUnauthorized();
}
// action
$args = explode("/", $_SERVER["PATH_INFO"]);
if ($args[0] !== "" || count($args) < 2 || !isset($rest[$args[1]])) {
logError('unknown request action or arguments');
httpNotFound();
}
$act = strtolower($args[1]);
array_splice($args, 0, 2);
if ($rest[$act]['admin'] && !$auth['admin']) {
<?php
require "init.php";
require_once 'CamsDatabase.php';
require_once 'users.php';
if (!empty($_POST)) {
$username = htmlspecialchars($_POST['userid']);
$password = htmlspecialchars($_POST['password']);
if (empty($username) || empty($password)) {
$_SESSION["login_error"] = 'User Name and Password cannot be blank';
} else {
if (!userExists($username)) {
$_SESSION["login_error"] = 'User Does not exist.';
} else {
$user = userLogin($username, $password);
if (!$user) {
$_SESSION["login_error"] = 'incorrect password';
} else {
$_SESSION['FirstName'] = $user['FirstName'];
$_SESSION['LastName'] = $user['LastName'];
$_SESSION['userid'] = $user['userid'];
$_SESSION['Email'] = $user['Email'];
$_SESSION['Empno'] = $user['Empno'];
$_SESSION['Phone'] = $user['Phone'];
$_SESSION['Role'] = $user['Role'];
$_SESSION['Agy'] = $user['Agy'];
$_SESSION['Dpt'] = $user['Dpt'];
}
}
}
header('Location: ../index.php');
}
return $msgStr;
}
//controllers start here
if (isset($_POST['sig_response'])) {
if (function_exists('verifyDuoSign')) {
if (!verifyDuoSign($_POST)) {
$_GET['errorMsg'] = "duoFailed";
}
}
} elseif (!empty($_GET['passlink'])) {
verifyPasscode($_GET['passlink'], 'link');
} elseif (!empty($_POST['passcode'])) {
verifyPasscode($_POST);
} elseif (!empty($_POST['email']) && !empty($_POST['password'])) {
userLogin($_POST);
} elseif (!empty($_GET['logout'])) {
userLogout(true);
} elseif (!empty($_POST['action']) && ($_POST['action'] == 'resetPasswordSendMail' || $_POST['action'] == 'resetPasswordChange')) {
userLoginResetPassword($_POST);
} elseif (!empty($_GET['view']) && $_GET['view'] == 'resetPasswordChange') {
userLoginResetPassword($_GET);
}
//controllers ends here
$min = '.min';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="robots" content="noindex">
<?php
$loggedin = FALSE;
if (isset($_POST['user']) && isset($_POST['pass'])) {
$user = cleanInput($_POST['user']);
$pass = md5(cleanInput($_POST['pass']));
//echo $_POST['pass'] . "<br />";
//echo $pass . "<br />";
$userinfo = userLogin($user, $pass);
if ($userinfo[0] != 0) {
$_SESSION['uid'] = $userinfo[0];
$_SESSION['uname'] = $userinfo[1];
} else {
$_SESSION['uid'] = 0;
$_SESSION['uname'] = "";
echo "Wrong Username or Password";
}
//echo "Hello, " . $_POST["verified_user"];
}
if ($_SESSION['uid'] == 0) {
echo "<form name=\"input\" action=\"/index.php\" method=\"post\">\n";
echo "<table>\n";
echo "\t<tr>\n";
echo "\t\t<td>Username:</td><td><input type=\"text\" name=\"user\" /></td>\n";
echo "\t</tr>\n";
echo "\t<tr>\n";
echo "\t\t<td>Password:</td><td><input type=\"password\" name=\"pass\" /></td>\n";
echo "\t</tr>\n";
echo "\t<tr>\n";
echo "\t\t<td></td><td><input type=\"submit\" value=\"Submit\" /></td>\n";
echo "\t</tr>\n";
function userCheck($user, $pass)
{
return userLogin($user, $pass, false);
}
if (!$new_user_name) {
// Encrypt the user's password.
$user_password = password_hash($_POST['password'], PASSWORD_DEFAULT) . "";
// Insert a new row for the newly-registered user.
$database->insert("users2", ["email" => $_POST['email'], "password" => $user_password, "name" => $_POST['name'], "created_at" => date("Y-m-d H:i:s"), "ip" => $_SERVER['REMOTE_ADDR']]);
// $database->error();
// echo $database->last_query();
$new_user_data = $database->get("users2", ["name", "email"], ["email" => $_POST['email']]);
$new_user_name = $new_user_data['name'];
if ($new_user_name) {
echo 'Hey, thanks for registering, ' . $_POST['name'] . '! <a href="/?a=dash">Proceeding to dashboard now...</a>';
} else {
echo '<br> <font color="red">Oh jeez.</font> You were not registered for some reason. SQL problem? form data: <br>';
// print_r($_POST);
}
userLogin($_POST['email']);
} else {
echo 'It seems you are already registered. Have you forgotten your password? <a href="/?a=forgotten">Reset it.</a>';
}
} else {
// Show form if no submission
echo '
<form method="POST" action="?a=register">
<input type="text" required name="name" placeholder="Your name" /> <br>
<input type="text" required name="email" placeholder="Email" /> <br>
<input type="password" required name="password" placeholder="Password" /> <br>
<button type="submit">Submit</button>
</form>
';
}
break;
<?php
session_name('fabian');
session_start();
define('site', 1);
$appResponse = array('response' => false, 'message' => 'Error en la App', 'content' => '');
if (isset($_POST) && !empty($_POST) && isset($_POST['action'])) {
include_once 'functions.php';
if ($errorDb == false) {
switch ($_POST['action']) {
case 'login':
$appResponse['response'] = userLogin($_POST, $mysqli);
$appResponse['message'] = '';
break;
default:
$appResponse['message'] = 'Opción incorrecta';
break;
}
} else {
$appResponse['message'] = 'Error al conectar con la base de datos';
}
} else {
$appResponse['message'] = 'Opción incorrecta';
}
echo json_encode($appResponse);
if (isset($USER->userid)) {
header('Location: ' . $CFG->homeAddress . 'index.php');
return;
}
$errors = array();
$ref = optional_param("ref", $CFG->homeAddress . "index.php", PARAM_URL);
if ($ref == "") {
$ref = "http" . (!empty($_SERVER["HTTPS"]) ? "s" : "") . "://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
//$ref = $CFG->homeAddress."index.php";
}
$revalidateEmail = false;
// check to see if form submitted
if (isset($_POST["login"])) {
$email = required_param("username", PARAM_TEXT);
$password = required_param("password", PARAM_TEXT);
$user = userLogin($email, $password);
if ($user instanceof Error) {
$error = $user;
array_push($errors, $error->message);
if ($error->code == $LNG->ERROR_LOGIN_FAILED_UNVALIDATED_MESSAGE) {
$revalidateEmail = true;
}
} else {
if ($user instanceof User) {
if (strlen($password) < 8) {
header('Location: ' . $CFG->homeAddress . '/ui/pages/changepassword.php?update=y');
} else {
header('Location: ' . $ref);
}
} else {
// should never happen
$resource = "0";
}
// session initilization
session_start();
include_once "conf.inc.php";
// Routing
// ***************************************************************************
if ($resource != true) {
if (isset($_GET['relay'])) {
$_POST['relay'] = $_GET['relay'];
}
if (isset($_POST['relay'])) {
switch ($_POST['relay']) {
case "userLogin":
if (isset($_POST['username'], $_POST['password'])) {
userLogin($_POST['username'], $_POST['password']);
} else {
error("username and password are both required");
}
break;
case "userLogoff":
userLogoff();
break;
case "checkLogin":
checkLogin();
break;
case "regenerateThumbs":
regenerateThumbs();
break;
case "search":
if (isset($_POST['terms'])) {
$credentials = "user=eventos password=12345678";
$db = pg_connect("{$host} {$port} {$dbname} {$credentials}");
if (!$db) {
$result['success'] = 'false';
$result['error'] = 'Cannot open db connection';
echo json_encode($result);
} else {
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
if (isset($_GET['selector'])) {
$selector = $_GET['selector'];
switch ($selector) {
case 2:
if (isset($_GET['email']) && isset($_GET['password'])) {
$email = $_GET['email'];
$password = $_GET['password'];
userLogin($selector, $email, $password, $db);
} else {
$result['success'] = 'false';
$result['error'] = 'Missing Paramters';
echo json_encode($result);
}
break;
case 4:
if (isset($_REQUEST['userid'])) {
displaygeofence($_REQUEST['userid'], $db);
} else {
$result['success'] = 'false';
$result['error'] = 'Invalid or missing UserId';
echo json_encode($result);
}
break;
<?php
session_start();
include "dbconnection.php";
$email = clean($_REQUEST['email']);
$password = clean(md5($_REQUEST['password']));
$result = userLogin($email, $password);
$row = mysql_fetch_array($result);
$loginuser = $row['email'];
$loginpassword = $row['password'];
$fullname = $row['name'];
$userId = $row['user_id'];
$user_image = $row['userimages'];
$user_name = $row['user_name'];
if ($loginuser == $email and $loginpassword == $password) {
$_SESSION['name'] = $fullname;
$_SESSION['email'] = $loginuser;
$_SESSION['password'] = $loginpassword;
$_SESSION['fullname'] = $fullname;
$_SESSION['user_id'] = $userId;
$_SESSION['user_image'] = $user_image;
$_SESSION['user_name'] = $user_name;
header("location:mom-forum-user-profile");
if (isset($_REQUEST['rememberme'])) {
header("location:mom-forum-user-profile");
setcookie("email", $_SESSION['email'], time() + 60 * 60 * 24 * 100, "/");
setcookie("password", $_REQUEST['password'], time() + 60 * 60 * 24 * 100, "/");
setcookie($_COOKIE['email'], $_COOKIE['password'], $expire);
}
} else {
if ($user_name == $email and $loginpassword == $password) {
$result = newClient($data);
echo $result;
} elseif ($action == "updateClientProfile") {
$data['ce_fname'] = ucfirst(trim($_POST['ce_fname']));
$data['ce_lname'] = ucfirst(trim($_POST['ce_lname']));
$data['ce_address'] = ucfirst(trim($_POST['ce_address']));
$data['ce_email'] = trim($_POST['ce_email']);
$data['ce_uname'] = trim($_POST['ce_uname']);
$data['ce_contact'] = trim($_POST['ce_contact']);
$result = updateClientProfile($data);
echo $result;
} else {
if ($action == "userlogin") {
$data['user_login_username'] = trim($_POST['user_login_username']);
$data['user_login_password'] = trim($_POST['user_login_password']);
$result = userLogin($data);
if ($result) {
echo $result;
}
} elseif ($action == "getClientProfile") {
$result = getClientProfile();
header('content-type: application/json');
echo json_encode($result);
} elseif ($action == "clientLogout") {
clientLogout();
} else {
if ($action == "serviceProvregistration") {
$data['own_reg_first_name'] = ucfirst(trim($_POST['own_reg_first_name']));
$data['own_reg_club_name'] = ucfirst(trim($_POST['own_reg_club_name']));
$data['own_reg_address'] = ucfirst(trim($_POST['own_reg_address']));
$data['own_reg_email'] = trim($_POST['own_reg_email']);
require_once 'ip_to_country.php';
session_start();
if ($_REQUEST['command'] == "verify_user") {
header("Content-type: text/html");
} else {
header("Content-type: text/xml");
}
$connection = connectDb();
$response = "";
logUserAction();
switch ($_REQUEST['command']) {
case "check_login_status":
$response = checkLoginStatus();
break;
case "user_login":
$response = userLogin($_REQUEST['user_name'], $_REQUEST['password']);
break;
case "user_logout":
$response = userLogout();
break;
case "get_comments":
$response = getComments($_REQUEST['url']);
break;
case "new_comment":
$response = newComment($_REQUEST['url'], $_REQUEST['content'], $_REQUEST['parent_id']);
break;
case "rate_comment":
$response = rateComment($_REQUEST['comment_id'], $_REQUEST['up']);
break;
case "register_new_user":
$response = registerNewUser($_REQUEST['user'], $_REQUEST['password'], $_REQUEST['email']);
displayFormLogout();
}
} else {
if (isset($_REQUEST['numTroll']) && isset($_REQUEST['password'])) {
setcookie('autologin', $_REQUEST['autologin'], time() + 365 * 24 * 3600, '/');
$password = md5($password);
if ($_REQUEST['autologin']) {
setcookie('hash_pass_troll', $password, time() + 365 * 24 * 3600, '/');
setcookie('num_troll', $_REQUEST['numTroll'], time() + 365 * 24 * 3600, '/');
}
if (!userLogin($numTroll, $password)) {
// UNSET auto login
displayFormLogin("Mot de passe incorrect", false);
} else {
displayFormLogout();
}
} else {
if ($autologin) {
$numTroll = $_COOKIE["num_troll"];
$password = $_COOKIE["hash_pass_troll"];
if (!userLogin($numTroll, $password)) {
// UNSET auto login
displayFormLogin("Mot de passe incorrect", false);
} else {
displayFormLogout();
}
} else {
displayFormLogin("Vous devez vous authentifier pour utiliser les outils R&M", true);
}
}
}
<?php
define('IN_ECS', true);
define('WEB_ROOT', 'D:/wamp/www/benhushop1231');
define('NEW_UESER_RANKNAME', 'VIP0');
define('MOBILE_PHONE_ERROR', '2');
define('SMS_ERROR', 3);
define('SYSTEM_ERROR', 4);
require WEB_ROOT . '/includes/init.php';
require WEB_ROOT . '/MobileInterface/lib/lib_user.php';
$act = trim(compile_str($_REQUEST['act']));
switch ($act) {
case 'login':
$userName = trim(compile_str($_REQUEST['userName']));
$md5Password = trim($_REQUEST['pwd']);
userLogin($userName, $md5Password);
break;
case 'SMS':
$mobileNum = trim(compile_str($_REQUEST['userName']));
generateSMS($mobileNum);
break;
case 'register':
$mobileNum = trim(compile_str($_REQUEST['userName']));
$SMS = trim(compile_str($_REQUEST['SMS']));
$md5Password = trim($_REQUEST['pwd']);
userRegister($mobileNum, $SMS, $md5Password);
break;
case 'send_find_pwd_SMS':
generateSMS('', 'send_find_pwd_SMS');
break;
case 'check_find_pwd_SMS':
if (isset($token['access_token'])) {
$params = array('uids' => $token['user_id'], 'fields' => 'uid,first_name,last_name,screen_name,sex,bdate,photo_big', 'access_token' => $token['access_token']);
$userInfo = json_decode(file_get_contents('https://api.vk.com/method/users.get' . '?' . urldecode(http_build_query($params))), true);
if (isset($userInfo['response'][0]['uid'])) {
$userInfo = $userInfo['response'][0];
$result = true;
}
}
if ($result) {
$login = formChars($userInfo['uid']);
$pass = formChars($userInfo['uid']);
$repass = formChars($userInfo['uid']);
$id = userLogin($login, $pass, $con);
if ($id == false) {
newUser($login, "", $pass, $repass, "vkontakte", $userInfo['first_name'], "", $userInfo['photo_bit'], $con);
}
$id = userLogin($login, $pass, $con);
usersLog($id, "Пользователь успешно авторизовался и вошел в сеть", $con);
$_SESSION['idUser'] = $id;
header("Location: ../pages/profile.php");
exit;
/*
echo "Социальный ID пользователя: " . $userInfo['uid'] . '<br />';
echo "Имя пользователя: " . $userInfo['first_name'] . '<br />';
echo "Ссылка на профиль пользователя: " . $userInfo['screen_name'] . '<br />';
echo "Пол пользователя: " . $userInfo['sex'] . '<br />';
echo "День Рождения: " . $userInfo['bdate'] . '<br />';
echo '<img src="' . $userInfo['photo_big'] . '" />'; echo "<br />";
*/
}
}
<?php
include_once 'include/view-helper.php';
// Les erreurs de remplisssement du formulaire
$errors = [];
// Empêche un utilisateur connecté d'accéder au formulaire
if (userCheck()) {
redirect('index.php');
}
// Verifie que les paramètres requis sont présents
if (verifyKeysIn($_POST, 'submit', 'name', 'pwd')) {
// Essaie de connecter l'utilisateur
$logged = userLogin($_POST['name'], $_POST['pwd']);
if ($logged) {
redirect('index.php');
} else {
$errors[] = 'Pseudo ou mot de passe incorrect';
}
}
head();
?>
<h1>Connexion</h1>
<?php
// Les éventuelles erreurs
if (count($errors) > 0) {
?>
<div class="errors">
<ul>
<?php
foreach ($errors as $error) {
echo '<li>' . $error . '</li>';
$userTel = $_POST["usertel"];
$userPassword = $_POST["password"];
include "config.php";
if (!$con) {
$fruitStatus = 0;
$response = array('fruitStatus' => $Status);
// 将数据字典使用JSON编码
die(json_encode($response));
}
mysql_select_db("efruit");
//选择数据库
mysql_query("set names utf8;");
$result = mysql_query("select * from fruit");
$json = array();
while ($row = mysql_fetch_array($result)) {
$fruitId = $row['fruit_id'];
$fruitName = $row['fruit_name'];
$fruitImage = $row['fruit_image'];
$fruitIntro = $row['fruit_intro'];
$fruitPrice = $row['fruit_price'];
$fruitSales = $row['fruit_sales_volume'];
$fruitBuyable = $row['fruit_is_buyable'];
$response = array('fruitId' => $fruitId, 'fruitName' => $fruitName, 'fruitImage' => $fruitImage, 'fruitIntro' => $fruitIntro, 'fruitPrice' => $fruitPrice, 'fruitSales' => $fruitSales, 'fruitBuyable' => $fruitBuyable);
array_push($json, $response);
}
// 将数据字典使用JSON编码
echo json_encode($json, JSON_UNESCAPED_UNICODE);
}
header('Content-Type:application/json;charset=utf-8');
userLogin();
function getTags($xmlrpcmsg)
{
$sql = e107::getDb();
$blogid = $xmlrpcmsg->getParam(0)->scalarval();
$username = $xmlrpcmsg->getParam(1)->scalarval();
$password = $xmlrpcmsg->getParam(2)->scalarval();
if (userLogin($username, $password, 'H') == true) {
// get set post categories
$query = "SELECT \n GROUP_CONCAT( n.news_meta_keywords SEPARATOR ',') AS meta_keys\n FROM `#news` AS n \n WHERE news_meta_keywords != '' ;";
$sql->db_Select_gen($query);
$row = $sql->db_Fetch();
//explode data in array and remove duplicates
$meta_tags = array();
$meta_tags = explode(',', $row['meta_keys']);
$meta_tags = array_unique($meta_tags);
foreach ($meta_tags as $key => $value) {
$structArray[] = new xmlrpcval(array('tag_id' => new xmlrpcval($key, 'string'), 'name' => new xmlrpcval($value, 'string'), 'count' => new xmlrpcval('1', 'string'), 'slug' => new xmlrpcval('1', 'string'), 'html_url' => new xmlrpcval('1', 'string'), 'rss_url' => new xmlrpcval('1', 'string')), 'struct');
}
return new xmlrpcresp(new xmlrpcval($structArray, 'array'));
// Return type is struct[] (array of struct)
} else {
return new xmlrpcresp(0, $xmlrpcerruser + 1, 'Login Failed');
}
}
<?php
include_once "../config.php";
$format = optional_param("format", "plain", PARAM_TEXT);
if ($format == 'json') {
header('Content-type: application/json; charset=UTF-8');
} else {
header("Content-type:text/plain;charset:utf-8");
}
$username = optional_param("username", "", PARAM_TEXT);
$password = optional_param("password", "", PARAM_TEXT);
$response = new stdClass();
if (!userLogin($username, $password, false)) {
$response->login = false;
echo json_encode($response);
die;
}
/**
* Created by IntelliJ IDEA.
* User: kbatchelor
* Date: 10/16/13
* Time: 4:02 PM
*/
include_once "dbconnection.php";
include_once "../pdo/user.php";
include_once "../pdo/session.php";
if ($_REQUEST['compassword']) {
register($_REQUEST['username'], $_REQUEST['password'], $_REQUEST['compassword']);
} else {
if ($_REQUEST['logout']) {
logout($_REQUEST['logout'], $_REQUEST['token']);
} else {
userLogin($_REQUEST['username'], $_REQUEST['password']);
}
}
function register($username = null, $password = null, $compassword = null)
{
$salt = "Zo4rU5Z1YyKJAASY0PT6EUg7BBYdlEhPaNLuxAwU8lqu1ElzHv0Ri7EM6irpx5w";
if ($password == $compassword) {
try {
$con = new PDO(DB_DSN, DB_USERNAME, DB_PASSWORD);
$con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO users(username, password,type) VALUES(:username, :password,'10')";
$stmt = $con->prepare($sql);
$stmt->bindValue("username", $username, PDO::PARAM_STR);
$stmt->bindValue("password", hash("sha256", $password . $salt), PDO::PARAM_STR);
$stmt->execute();
$sql = "INSERT INTO features(username, voteforcard,loadcards) VALUES(:username, '1','1')";
