********************************************************************************/
require_once 'modules/Leads/LeadFormBase.php';
global $app_strings, $app_list_strings;
$mod_strings = return_module_language($sugar_config['default_language'], 'Leads');
$app_list_strings['record_type_module'] = array('Contact' => 'Contacts', 'Account' => 'Accounts', 'Opportunity' => 'Opportunities', 'Case' => 'Cases', 'Note' => 'Notes', 'Call' => 'Calls', 'Email' => 'Emails', 'Meeting' => 'Meetings', 'Task' => 'Tasks', 'Lead' => 'Leads', 'Bug' => 'Bugs');
/**
 * To make your changes upgrade safe create a file called leadCapture_override.php and place the changes there
 */
$users = array('PUT A RANDOM KEY FROM THE WEBSITE HERE' => array('name' => 'PUT THE USER_NAME HERE', 'pass' => 'PUT THE USER_HASH FOR THE RESPECTIVE USER HERE'));
if (file_exists('leadCapture_override.php')) {
    include 'leadCapture_override.php';
}
if (!empty($_POST['user']) && !empty($users[$_POST['user']])) {
    $current_user = new User();
    $current_user->user_name = $users[$_POST['user']]['name'];
    if ($current_user->authenticate_user($users[$_POST['user']]['pass'])) {
        $userid = $current_user->retrieve_user_id($users[$_REQUEST['user']]['name']);
        $current_user->retrieve($userid);
        $leadForm = new LeadFormBase();
        $prefix = '';
        if (!empty($_POST['prefix'])) {
            $prefix = $_POST['prefix'];
        }
        if (!isset($_POST['assigned_user_id']) || !empty($_POST['assigned_user_id'])) {
            $_POST['prefix'] = $userid;
        }
        $_POST['record'] = '';
        if (isset($_POST['_splitName'])) {
            $name = explode(' ', $_POST['name']);
            if (sizeof($name) == 1) {
                $_POST['first_name'] = '';
示例#2
0
/**
 * Validate the user session based on user name and password hash.
 *
 * @param string $user_name -- The user name to create a session for
 * @param string $password -- The MD5 sum of the user's password
 * @return true -- If the session is created
 * @return false -- If the session is not created
 */
function validate_user($user_name, $password)
{
    global $server, $current_user, $sugar_config, $system_config;
    $user = new User();
    $user->user_name = $user_name;
    $system_config = new Administration();
    $system_config->retrieveSettings('system');
    $authController = new AuthenticationController();
    // Check to see if the user name and password are consistent.
    if ($user->authenticate_user($password)) {
        // we also need to set the current_user.
        $user->retrieve($user->id);
        $current_user = $user;
        login_success();
        return true;
    } else {
        if (function_exists('mcrypt_cbc')) {
            $password = decrypt_string($password);
            if ($authController->login($user_name, $password) && isset($_SESSION['authenticated_user_id'])) {
                $user->retrieve($_SESSION['authenticated_user_id']);
                $current_user = $user;
                login_success();
                return true;
            }
        } else {
            $GLOBALS['log']->fatal("SECURITY: failed attempted login for {$user_name} using SOAP api");
            $server->setError("Invalid username and/or password");
            return false;
        }
    }
}
<?php

$success = false;
$errors = array();
require 'includes/initialize.php';
if ($session->is_logged_in()) {
    //already logged in
    $session->logout();
}
if (isset($_POST['email']) && isset($_POST['pwd'])) {
    if (User::authenticate_user($_POST['email'], $_POST['pwd'])) {
        $user = User::find_by_email($_POST['email']);
        if ($user->is_activated($_POST['email'])) {
            $session->login($user);
            $success = true;
        } else {
            array_push($errors, 'Please activate your email account.');
        }
    } else {
        array_push($errors, 'Invalid username and password combination.');
    }
}
display_success($success, $errors);
示例#4
0
<?php

if (!isset($_POST['username']) || !isset($_POST['password'])) {
    header("Refresh: 3 URL=\"login.php?action=loginFailed&reason=empty\"");
    echo "<h1>CANNOT LOGIN!</h1> <p>Reason: Password or name is empty. If your page doesn't refresh, <a href='login.php?action=loginFailed&reason=empty'>click here to back</a></p>";
} else {
    if (empty($_POST['username']) || empty($_POST['password'])) {
        header("Refresh: 3 URL=\"login.php?action=loginFailed&reason=empty\"");
        echo "<h1>CANNOT LOGIN!</h1> <p>Reason: Password or name is empty. If your page doesn't refresh, <a href='login.php?action=loginFailed&reason=empty'>click here to back</a></p>";
    } else {
        include_once "config/opendb.php";
        include_once 'classes/AAA.php';
        $user = addslashes($_POST['username']);
        $pass = $_POST['password'];
        $userCheck = new User();
        if ($userCheck->authenticate_user($user, $pass)) {
            $userID = $userCheck->get_user_id_by_user_name($user);
            $newUser = new User($userID);
            $access = $newUser->get_access_level();
            $full = $newUser->get_full_name();
            $newUser->update_last_login(getIP());
            session_start();
            $_SESSION['username'] = $user;
            $_SESSION['fullname'] = $full;
            $_SESSION['password'] = $pass;
            $_SESSION['access'] = $access;
            $_SESSION['userid'] = $userID;
            $_SESSION['action'] = "";
            header("Location: index.php");
            echo "Login complete.";
        } else {
示例#5
0
 public function authenticate_user($id)
 {
     $user = new User();
     $user->retrieve($id);
     //test with invalid password
     $result = $user->authenticate_user(md5("pass"));
     $this->assertEquals(false, $result);
     //test with invalid password
     $result = $user->authenticate_user(md5("test"));
     $this->assertEquals(true, $result);
 }
<?php

session_start();
if (empty($_POST['email']) || empty($_POST['password'])) {
    setcookie("flash_danger", "Invalid Email or Password", time() + 3600);
    header("Location: index.php");
} else {
    $email = $_POST["email"];
    $password = $_POST["password"];
    // var_dump($result); die();
    require_once 'class.user.php';
    $user = new User();
    $users = $user->authenticate_user($email, $password);
    if ($users->num_rows > 0) {
        $_SESSION["login_user"] = $email;
        setcookie("flash_success", "Logged In Successfully", time() + 3600);
        header("Location: index.php");
    } else {
        setcookie("flash_danger", "Invalid Email or Password", time() + 3600);
        header("Location: index.php");
    }
}
         if ($group_invitation_id) {
             $location .= "&amp;GInvID={$group_invitation_id}";
         }
     }
     if ($token) {
         $location .= "&amp;token={$token}";
     }
     if ($return_url) {
         $location .= "&return={$return_url}";
     }
     header("Location:{$location}");
     exit;
 }
 // username and password supplied - attempt to authenticate
 try {
     $u = User::authenticate_user($username, $password);
 } catch (CNException $e) {
     $msg = "Error: {$e->message}";
     $error = TRUE;
     $u = FALSE;
 }
 if ($u > 0) {
     // if authetication succeeded
     $pal = new PA_Login();
     $remember_me = isset($_POST['remember']) && $_POST['remember'] == 1;
     $pal->log_in($u, $remember_me, "password");
     // verify token
     if (!empty($token)) {
         // if token isn't empty
         try {
             $token_arr = authenticate_invitation_token($token);
示例#8
0
function changePass()
{
    global $propertyForm;
    $oldpass = $_POST[oldpass];
    $newpass1 = $_POST[newpass1];
    $newpass2 = $_POST[newpass2];
    $status == false;
    $user_id = $_SESSION[userid];
    $user_name = $_SESSION[username];
    $user = new User($user_id);
    if (empty($oldpass)) {
        $error = "Old password is empty<br>";
    } elseif (empty($newpass1)) {
        $error = "new password is empty<br>";
    } elseif (empty($newpass2)) {
        $error = "new password (confirm) is empty<br>";
    } elseif ($newpass2 != $newpass1) {
        $error = "new password are not the same<br>";
    } elseif (!$user->is_local_user($user_name, 'local')) {
        $error = "Sorry you're not a local user so can not change your password<br>\n\t\t\tYou are probably an LDAP user. Please contact your admin<br>";
    } elseif (!$user->authenticate_user($user_name, $oldpass)) {
        $error = "Old password incorrect<br>";
    } elseif (!$user->set_password($newpass1)) {
        $error = $user->get_error();
    } elseif (!$user->update()) {
        $error = $user->get_error();
        return false;
    } else {
        $status = "success";
    }
    if ($status == "success") {
        echo "<script language='javascript'>LoadPage(\"userSettings.php?action=widgetsManagement&mode=edit&update=" . $status . "\", 'settingsInfo');</script>";
    } else {
        $propertyForm->warning("Warning: Failed to update password. Reason: " . $error);
    }
}
示例#9
0
/**
 * Validate the user session based on user name and password hash.
 *
 * @param string $user_name -- The user name to create a session for
 * @param string $password -- The MD5 sum of the user's password
 * @return true -- If the session is created
 * @return false -- If the session is not created
 */
function validate_user($user_name, $password)
{
    global $server, $current_user;
    $user = new User();
    $user->user_name = $user_name;
    // Check to see if the user name and password are consistent.
    if ($user->authenticate_user($password)) {
        // we also need to set the current_user.
        $user->retrieve($user->id);
        $current_user = $user;
        return true;
    } else {
        $GLOBALS['log']->fatal("SECURITY: failed attempted login for {$user_name} using SOAP api");
        $server->setError("Invalid username and/or password");
        return false;
    }
}