public function testPasswordField() { $field = new CoreFields\PasswordField(); $password = "******"; $hash_password = $field->check($password); $this->assertEquals('', CoreFields\PasswordField::check_password("a", $hash_password)); $simple_password = "******"; $hash_password = $field->check($simple_password); $this->assertTrue(CoreFields\PasswordField::check_password($simple_password, $hash_password)); }
/** * The method used for login using login and password * * @param string $user A string contained the username * @param string $password A string contained the password * @param boolean $no_expire_session if true or 0, the session expires when the navigator is closed. If is true or 1, then the session have a lifetime of a year * @param boolean $yes_hash If is true or 1, then use the $password argument how a hash, if not, is treated how plain text */ public function login($user, $password, $no_expire_session = 0, $yes_hash = 0) { //load_libraries(array('fields/passwordfield')); $check_password = 0; $user = Utils::form_text($user); $this->arr_user_session[] = $this->field_password; $this->model_login->set_conditions(['where ' . $this->field_user . '=?', [$user]]); $arr_user = $this->model_login->select_a_row_where($this->arr_user_session); settype($arr_user[$this->model_login->idmodel], 'integer'); if ($arr_user[$this->model_login->idmodel] == 0) { ModelForm::set_values_form($this->model_login->forms, $_POST, 1); $this->model_login->forms[$this->field_password]->std_error = I18n::lang('users', 'user_error_nick_or_pass', 'Wrong user or password'); unset($arr_user[$this->field_password]); return false; } else { $yes_password = 0; if ($yes_hash == 0) { if (PasswordField::check_password($password, $arr_user[$this->field_password])) { $yes_password = 1; } } else { if ($password === $arr_user[$this->field_password]) { $yes_password = 1; } } if ($yes_password == 1) { unset($arr_user[$this->field_password]); LoginClass::$session[$this->model_login->name] = $arr_user; //Create token $new_token = sha1(Utils::get_token()); $this->model_login->reset_require(); $this->model_login->set_conditions('where `' . $this->model_login->idmodel . '`=' . $arr_user[$this->model_login->idmodel]); $this->model_login->fields_to_update = [$this->field_key]; $final_token = sha1($new_token); if ($this->model_login->update(array($this->field_key => $final_token))) { $this->model_login->reload_require(); $lifetime = 0; if ($no_expire_session == 1) { $lifetime = time() + 315360000; //Send cookie for remember login if (!setcookie($this->name_cookie, $new_token, $lifetime, $this->cookie_path)) { return false; } } if (!session_regenerate_id(true)) { $this->txt_error = 'Error: cannot regenerate the session id'; return false; } $_SESSION[$this->login_name] = 1; $_SESSION[$this->model_login->idmodel] = $arr_user[$this->model_login->idmodel]; $_SESSION[$this->token_name] = $final_token; /* if(!setcookie($this->name_cookie, $new_token,$lifetime, $this->cookie_path)) { return false; }*/ //echo sha1($new_token); die; return true; } else { ModelForm::set_values_form($this->model_login->forms, $_POST, 1); return false; } } else { ModelForm::set_values_form($this->model_login->forms, $_POST, 1); $this->model_login->forms[$this->field_password]->std_error = I18n::lang('users', 'user_error_nick_or_pass', 'Wrong user or password'); return false; } } }