fURL::redirect('/members');
}
if (isset($_POST['submit'])) {
    try {
        fRequest::validateCSRFToken($_POST['token']);
        $validator = new fValidation();
        $validator->addRequiredFields('password', 'email');
        $validator->addEmailFields('email');
        $validator->validate();
        $users = fRecordSet::build('User', array('email=' => strtolower($_POST['email'])));
        if ($users->count() == 0) {
            throw new fValidationException('Invalid username or password.');
        }
        $rec = $users->getRecords();
        $user = $rec[0];
        if (!fCryptography::checkPasswordHash($_POST['password'], $user->getPassword())) {
            throw new fValidationException('Invalid username or password.');
        }
        fSession::set('user', $user->getId());
        if (fRequest::get('persistent_login', 'boolean')) {
            fSession::enablePersistence();
        }
        if (isset($_POST['forward'])) {
            fURL::redirect('http://' . $_SERVER['SERVER_NAME'] . $_POST['forward']);
        } else {
            fURL::redirect('/members');
        }
        exit;
    } catch (fValidationException $e) {
        echo "<p>" . $e->printMessage() . "</p>";
    } catch (fSQLException $e) {
示例#2
0
文件: login.php 项目: nagyist/Tattle
include 'inc/init.php';
$action = fRequest::get('action');
// --------------------------------- //
if ('log_out' == $action) {
    fAuthorization::destroyUserInfo();
    fSession::destroy();
    fMessaging::create('success', User::makeUrl('login'), 'You were successfully logged out');
    fURL::redirect(User::makeUrl('login'));
    // --------------------------------- //
} else {
    if (!fAuthorization::checkLoggedIn()) {
        if (fRequest::isPost()) {
            try {
                $user = new User(array('username' => fRequest::get('username')));
                $valid_pass = fCryptography::checkPasswordHash(fRequest::get('password'), $user->getPassword());
                if (!$valid_pass) {
                    throw new fValidationException('The login or password entered is invalid');
                }
                fAuthorization::setUserToken($user->getEmail());
                fAuthorization::setUserAuthLevel($user->getRole());
                fSession::set('user_id', $user->getUserId());
                fSession::set('user_name', $user->getUsername());
                fURL::redirect(fAuthorization::getRequestedURL(TRUE, 'index.php'));
            } catch (fExpectedException $e) {
                fMessaging::create('error', fURL::get(), $e->getMessage());
            }
        }
        include VIEW_PATH . '/log_in.php';
    } else {
        fURL::redirect('index.php');