public function process() { // TODO: There might be a cleaner way to handle honeypot errors // instead of exiting, but it's good enough for now. if ((string) $this->value != '') { Typeframe::Log('Mailform submission blocked due to value in honeypot field'); exit; } }
/** * Create an Auth object based on a user's auth setting or the default authentication method. * @param string $usernameOrEmail The user name or email address of the user. * @param string $field Which field to use (username, email, or either) * @param string $method Default authentication method for nonexistent users (e.g., so users can authenticate through LDAP even if they don't have a user record yet) * @return Auth */ public static function ForUser($usernameOrEmail, $field = 'either', $method = TYPEF_AUTH_DEFAULT) { switch ($field) { case 'username': $field = 'username'; break; case 'email': $field = 'email'; break; default: $field = 'username'; if (preg_match('/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,4}$/i', $usernameOrEmail)) { $field = 'email'; } break; } $users = new Model_User(); $users->where("{$field} = ?", $usernameOrEmail); $obj = null; if ($users->getTotal() == 0) { $user = Model_User::Create(); $user[$field] = $usernameOrEmail; $cls = 'Auth_' . $method; } else { if ($users->getTotal() > 1) { Typeframe::Log("WARNING: {$usernameOrEmail} matches more than one {$field} in the user table."); } $user = $users->getFirst(); $userAuth = $user['auth']; if (!$userAuth) { $userAuth = 'Hash'; } // Older users might have a blank auth field. Assume Hash $cls = 'Auth_' . $userAuth; } if (!is_subclass_of($cls, 'Auth')) { throw new Exception("{$cls} is not a subclass of Auth"); } $obj = new $cls($user); return $obj; }
$user = $users->getFirst(); $userid = $user->get('userid'); $resetkey = randomID(); $expire = date('Y-m-d H:i:s', time() + 86400); // create an entry in the password reset table $reset = Model_UserReset::Create(); $reset->set('userid', $userid); $reset->set('resetkey', $resetkey); $reset->set('expire', $expire); $reset->save(); // construct e-mail body $mm = new Pagemill($pm->root()->fork()); $mm->setVariable('username', $user->get('username')); $mm->setVariable('reseturl', sprintf('http://%s%s/password?userid=%d&resetkey=%s', $_SERVER['HTTP_HOST'], TYPEF_WEB_DIR, $userid, $resetkey)); $body = str_replace('&', '&', $mm->writeString('<pm:include template="/users/reset.eml" />', true)); // e-mail the user so they can reset their password $mailer = new Mailer(); $mailer->Configure(); $mailer->IsHTML(true); $mailer->AddAddress($_POST['email']); $mailer->Subject = 'Request to Reset Password for ' . TYPEF_TITLE; $mailer->Body = $body; $mailer->Send(); $pm->setVariable('reset_email_sent', true); Typeframe::Log('Request to reset password for ' . $_POST['email']); } else { $pm->setVariable('reset_email_failed', true); } } // set template (controller is at root, but template lives in users directory Typeframe::SetPageTemplate('/users/password-reset.html');
<?php $db = Typeframe::Database(); $pm = Typeframe::Pagemill(); if ($_POST['cmd'] == 'login') { $ftp = new Ftp(); if (!$ftp->connect(TYPEF_FTP_HOST)) { Typeframe::Log("Failed to connect to FTP at '" . TYPEF_FTP_HOST . "'"); $pm->addLoop('errors', array('message' => "Could not connect to '" . TYPEF_FTP_HOST . "'")); } else { if (!$ftp->login($_POST['username'], $_POST['password'])) { Typeframe::Log('FTP login failed'); $pm->addLoop('errors', array('message' => "Login failed.")); } else { Typeframe::Log('FTP login succeeded'); $_SESSION['typef_ftp_user'] = $_POST['username']; $_SESSION['typef_ftp_pass'] = $_POST['password']; Typeframe::Redirect('FTP login confirmed.', $_POST['redirect']); return; } } $pm->setVariable('redirect', $_POST['redirect']); }
/** * Log out the current user. */ public function logout() { Typeframe::Log('User logged out'); unset($_SESSION['typef_user']); if (defined('SESSION_DB') && SESSION_DB) { Session::SetUID(0); } setcookie('typef_username', false, time() - 3600, '/'); setcookie('typef_passhash', false, time() - 3600, '/'); }
// if no resets or invalid user, report error if (!$reset->exists() || !$user->exists()) { Typeframe::Redirect('Invalid reset key.', TYPEF_WEB_DIR . '/', -1); return; } // process form if ('POST' == $_SERVER['REQUEST_METHOD']) { // get password and password2 $password = trim(@$_POST['password']); $password2 = trim(@$_POST['password2']); // check for errors if (!strlen($password) && !strlen($password2)) { $pm->addLoop('errors', array('message' => 'A password is required.')); } elseif ($password != $password2) { $pm->addLoop('errors', array('message' => 'The passwords you entered did not match.')); } else { // reset it for this user $user->set('password', $password); $user->save(); $reset->delete(); Typeframe::User()->login($user->get('username'), $password); Typeframe::Log('Password changed.'); Typeframe::Redirect('Your password has been reset.', TYPEF_WEB_DIR . '/', 1); return; } } $pm->setVariable('userid', $userid); $pm->setVariable('username', $user->get('username')); $pm->setVariable('resetkey', $resetkey); // set template (controller is at root, but template lives in users directory Typeframe::SetPageTemplate('/users/password-new.html');
<?php Typeframe::SetPageTemplate('/users/login.html'); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $auth = Auth::ForUser($_POST['username']); try { $valid = $auth->validate($_POST['password']); } catch (Exception $e) { $valid = false; } if ($valid) { $user = $auth->user(); $_SESSION['typef_user'] = $user->getArray(false); if (!empty($_POST['remember'])) { // Store cookie setcookie('typef_userid', $user['userid'], time() + 60 * 60 * 24 * 30, '/'); setcookie('typef_passhash', $user['passhash'], time() + 60 * 60 * 24 * 30, '/'); } if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], '/login') === false) { $redirect = $_SERVER['HTTP_REFERER']; } else { $redirect = TYPEF_WEB_DIR . '/'; } Typeframe::Log("{$user['username']} logged in"); Typeframe::Redirect('Login Successful! Welcome!', $redirect); } else { $pm->addLoop('errors', array('message' => 'Invalid login.')); } }