本文整理汇总了PHP中authenticate_success函数的典型用法代码示例。如果您正苦于以下问题:PHP authenticate_success函数的具体用法?PHP authenticate_success怎么用?PHP authenticate_success使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了authenticate_success函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: api_login
/**
* API Login via basic-auth or OAuth
*/
function api_login(&$a)
{
$record = null;
require_once 'include/oauth.php';
// login with oauth
try {
$oauth = new ZotOAuth1();
$req = OAuth1Request::from_request();
list($consumer, $token) = $oauth->verify_request($req);
if (!is_null($token)) {
$oauth->loginUser($token->uid);
App::set_oauth_key($consumer->key);
call_hooks('logged_in', App::$user);
return;
}
killme();
} catch (Exception $e) {
logger($e->getMessage());
}
// workarounds for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}
if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}
require_once 'include/auth.php';
require_once 'include/security.php';
// process normal login request
if (isset($_SERVER['PHP_AUTH_USER'])) {
$channel_login = 0;
$record = account_verify_password($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
if ($record && $record['channel']) {
$channel_login = $record['channel']['channel_id'];
}
}
if ($record['account']) {
authenticate_success($record['account']);
if ($channel_login) {
change_channel($channel_login);
}
$_SESSION['allow_api'] = true;
return true;
} else {
$_SERVER['PHP_AUTH_PW'] = '*****';
logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG);
log_failed_login('API login failure');
retry_basic_auth();
}
}
示例2: manage_post
function manage_post(&$a)
{
if (!local_user()) {
return;
}
$uid = local_user();
$orig_record = $a->user;
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
$r = q("select * from user where uid = %d limit 1", intval($_SESSION['submanage']));
if (count($r)) {
$uid = intval($r[0]['uid']);
$orig_record = $r[0];
}
}
$r = q("select * from manage where uid = %d", intval($uid));
$submanage = $r;
$identity = x($_POST['identity']) ? intval($_POST['identity']) : 0;
if (!$identity) {
return;
}
$limited_id = 0;
$original_id = $uid;
if (count($submanage)) {
foreach ($submanage as $m) {
if ($identity == $m['mid']) {
$limited_id = $m['mid'];
break;
}
}
}
if ($limited_id) {
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($limited_id));
} else {
$r = q("SELECT * FROM `user` WHERE `uid` = %d AND `email` = '%s' AND `password` = '%s' LIMIT 1", intval($identity), dbesc($orig_record['email']), dbesc($orig_record['password']));
}
if (!count($r)) {
return;
}
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
unset($_SESSION['visitor_id']);
unset($_SESSION['administrator']);
unset($_SESSION['cid']);
unset($_SESSION['theme']);
unset($_SESSION['page_flags']);
unset($_SESSION['return_url']);
if (x($_SESSION, 'submanage')) {
unset($_SESSION['submanage']);
}
require_once 'include/security.php';
authenticate_success($r[0], true, true);
if ($limited_id) {
$_SESSION['submanage'] = $original_id;
}
goaway($a->get_baseurl(true) . '/profile/' . $a->user['nickname']);
// NOTREACHED
}
示例3: api_login
/**
* Simple HTTP Login
*/
function api_login(&$a)
{
// login with oauth
try {
$oauth = new FKOAuth1();
list($consumer, $token) = $oauth->verify_request(OAuthRequest::from_request());
if (!is_null($token)) {
$oauth->loginUser($token->uid);
call_hooks('logged_in', $a->user);
return;
}
echo __FILE__ . __LINE__ . __FUNCTION__ . "<pre>";
var_dump($consumer, $token);
die;
} catch (Exception $e) {
logger(__FILE__ . __LINE__ . __FUNCTION__ . "\n" . $e);
//die(__file__.__line__.__function__."<pre>".$e); die();
}
// workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}
if (!isset($_SERVER['PHP_AUTH_USER'])) {
logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
}
$user = $_SERVER['PHP_AUTH_USER'];
$encrypted = hash('whirlpool', trim($_SERVER['PHP_AUTH_PW']));
/**
* next code from mod/auth.php. needs better solution
*/
// process normal login request
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) \n\t\t\tAND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($user)), dbesc(trim($user)), dbesc($encrypted));
if (count($r)) {
$record = $r[0];
} else {
logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendika"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
}
require_once 'include/security.php';
authenticate_success($record);
call_hooks('logged_in', $a->user);
}
示例4: new_cookie
// to expire after one year (the default is when the browser is closed).
// If the user did not specify to remember, change the cookie to expire when the
// browser is closed. The reason this is necessary is because if the user
// specifies to remember, then logs out and logs back in without specifying to
// remember, the old "remember" cookie may remain and prevent the session from
// expiring when the browser is closed.
//
// It seems like I should be able to test for the old cookie, but for some reason when
// I read the lifetime value from session_get_cookie_params(), I always get '0'
// (i.e. expire when the browser is closed), even when there's a time expiration
// on the cookie
if ($_POST['remember']) {
new_cookie(31449600);
// one year
} else {
new_cookie(0);
// 0 means delete on browser exit
}
// if we haven't failed up this point, log them in.
$_SESSION['last_login_date'] = datetime_convert();
authenticate_success($record, true, true);
}
}
function match_openid($authid)
{
$r = q("select * from pconfig where cat = 'system' and k = 'openid' and v = '%s' limit 1", dbesc($authid));
if ($r) {
return $r[0]['uid'];
}
return false;
}
示例5: get
function get()
{
$noid = get_config('system', 'disable_openid');
if ($noid) {
goaway(z_root());
}
logger('mod_openid ' . print_r($_REQUEST, true), LOGGER_DATA);
if (x($_REQUEST, 'openid_mode')) {
$openid = new LightOpenID(z_root());
if ($openid->validate()) {
logger('openid: validate');
$authid = normalise_openid($_REQUEST['openid_identity']);
if (!strlen($authid)) {
logger(t('OpenID protocol error. No ID returned.') . EOL);
goaway(z_root());
}
$x = match_openid($authid);
if ($x) {
$r = q("select * from channel where channel_id = %d limit 1", intval($x));
if ($r) {
$y = q("select * from account where account_id = %d limit 1", intval($r[0]['channel_account_id']));
if ($y) {
foreach ($y as $record) {
if ($record['account_flags'] == ACCOUNT_OK || $record['account_flags'] == ACCOUNT_UNVERIFIED) {
logger('mod_openid: openid success for ' . $x[0]['channel_name']);
$_SESSION['uid'] = $r[0]['channel_id'];
$_SESSION['account_id'] = $r[0]['channel_account_id'];
$_SESSION['authenticated'] = true;
authenticate_success($record, $r[0], true, true, true, true);
goaway(z_root());
}
}
}
}
}
// Successful OpenID login - but we can't match it to an existing account.
// See if they've got an xchan
$r = q("select * from xconfig left join xchan on xchan_hash = xconfig.xchan where cat = 'system' and k = 'openid' and v = '%s' limit 1", dbesc($authid));
if ($r) {
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $r[0]['xchan_hash'];
$_SESSION['my_url'] = $r[0]['xchan_url'];
$_SESSION['my_address'] = $r[0]['xchan_addr'];
$arr = array('xchan' => $r[0], 'session' => $_SESSION);
call_hooks('magic_auth_openid_success', $arr);
\App::set_observer($r[0]);
require_once 'include/security.php';
\App::set_groups(init_groups_visitor($_SESSION['visitor_id']));
info(sprintf(t('Welcome %s. Remote authentication successful.'), $r[0]['xchan_name']));
logger('mod_openid: remote auth success from ' . $r[0]['xchan_addr']);
if ($_SESSION['return_url']) {
goaway($_SESSION['return_url']);
}
goaway(z_root());
}
// no xchan...
// create one.
// We should probably probe the openid url and figure out if they have any kind of
// social presence we might be able to scrape some identifying info from.
$name = $authid;
$url = trim($_REQUEST['openid_identity'], '/');
if (strpos($url, 'http') === false) {
$url = 'https://' . $url;
}
$pphoto = z_root() . '/' . get_default_profile_photo();
$parsed = @parse_url($url);
if ($parsed) {
$host = $parsed['host'];
}
$attr = $openid->getAttributes();
if (is_array($attr) && count($attr)) {
foreach ($attr as $k => $v) {
if ($k === 'namePerson/friendly') {
$nick = notags(trim($v));
}
if ($k === 'namePerson/first') {
$first = notags(trim($v));
}
if ($k === 'namePerson') {
$name = notags(trim($v));
}
if ($k === 'contact/email') {
$addr = notags(trim($v));
}
if ($k === 'media/image/aspect11') {
$photosq = trim($v);
}
if ($k === 'media/image/default') {
$photo_other = trim($v);
}
}
}
if (!$nick) {
if ($first) {
$nick = $first;
} else {
$nick = $name;
}
}
require_once 'library/urlify/URLify.php';
//.........这里部分代码省略.........
示例6: api_login
/**
* Simple HTTP Login
*/
function api_login(&$a)
{
// login with oauth
try {
$oauth = new FKOAuth1();
list($consumer, $token) = $oauth->verify_request(OAuthRequest::from_request());
if (!is_null($token)) {
$oauth->loginUser($token->uid);
call_hooks('logged_in', $a->user);
return;
}
echo __FILE__ . __LINE__ . __FUNCTION__ . "<pre>";
var_dump($consumer, $token);
die;
} catch (Exception $e) {
logger(__FILE__ . __LINE__ . __FUNCTION__ . "\n" . $e);
//die(__file__.__line__.__function__."<pre>".$e); die();
}
// workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}
if (!isset($_SERVER['PHP_AUTH_USER'])) {
logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
header('HTTP/1.0 401 Unauthorized');
die(api_error($a, 'json', "This api requires login"));
//die('This api requires login');
}
$user = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
$encrypted = hash('whirlpool', trim($password));
// allow "user@server" login (but ignore 'server' part)
$at = strstr($user, "@", true);
if ($at) {
$user = $at;
}
/**
* next code from mod/auth.php. needs better solution
*/
$record = null;
$addon_auth = array('username' => trim($user), 'password' => trim($password), 'authenticated' => 0, 'user_record' => null);
/**
*
* A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record
* Plugins should never set 'authenticated' except to indicate success - as hooks may be chained
* and later plugins should not interfere with an earlier one that succeeded.
*
*/
call_hooks('authenticate', $addon_auth);
if ($addon_auth['authenticated'] && count($addon_auth['user_record'])) {
$record = $addon_auth['user_record'];
} else {
// process normal login request
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )\n\t\t\t\tAND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($user)), dbesc(trim($user)), dbesc($encrypted));
if (count($r)) {
$record = $r[0];
}
}
if (!$record || !count($record)) {
logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
}
authenticate_success($record);
$_SESSION["allow_api"] = true;
call_hooks('logged_in', $a->user);
}
示例7: post
function post()
{
$max_dailies = intval(get_config('system', 'max_daily_registrations'));
if ($max_dailies) {
$r = q("select count(account_id) as total from account where account_created > %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 day'));
if ($r && $r[0]['total'] >= $max_dailies) {
notice(t('Maximum daily site registrations exceeded. Please try again tomorrow.') . EOL);
return;
}
}
if (!x($_POST, 'tos')) {
notice(t('Please indicate acceptance of the Terms of Service. Registration failed.') . EOL);
return;
}
$policy = get_config('system', 'register_policy');
$email_verify = get_config('system', 'verify_email');
switch ($policy) {
case REGISTER_OPEN:
$flags = ACCOUNT_OK;
break;
case REGISTER_APPROVE:
$flags = ACCOUNT_BLOCKED | ACCOUNT_PENDING;
break;
default:
case REGISTER_CLOSED:
if (!is_site_admin()) {
notice(t('Permission denied.') . EOL);
return;
}
$flags = ACCOUNT_BLOCKED;
break;
}
if ($email_verify && $policy == REGISTER_OPEN) {
$flags = $flags | ACCOUNT_UNVERIFIED;
}
if (!$_POST['password'] || $_POST['password'] !== $_POST['password2']) {
notice(t('Passwords do not match.') . EOL);
return;
}
$arr = $_POST;
$arr['account_flags'] = $flags;
$result = create_account($arr);
if (!$result['success']) {
notice($result['message']);
return;
}
require_once 'include/security.php';
if ($_REQUEST['name']) {
set_aconfig($result['account']['account_id'], 'register', 'channel_name', $_REQUEST['name']);
}
if ($_REQUEST['nickname']) {
set_aconfig($result['account']['account_id'], 'register', 'channel_address', $_REQUEST['nickname']);
}
if ($_REQUEST['permissions_role']) {
set_aconfig($result['account']['account_id'], 'register', 'permissions_role', $_REQUEST['permissions_role']);
}
$using_invites = intval(get_config('system', 'invitation_only'));
$num_invites = intval(get_config('system', 'number_invites'));
$invite_code = x($_POST, 'invite_code') ? notags(trim($_POST['invite_code'])) : '';
if ($using_invites && $invite_code) {
q("delete * from register where hash = '%s'", dbesc($invite_code));
// @FIXME - this also needs to be considered when using 'invites_remaining' in mod/invite.php
set_aconfig($result['account']['account_id'], 'system', 'invites_remaining', $num_invites);
}
if ($policy == REGISTER_OPEN) {
if ($email_verify) {
$res = verify_email_address($result);
} else {
$res = send_register_success_email($result['email'], $result['password']);
}
if ($res) {
info(t('Registration successful. Please check your email for validation instructions.') . EOL);
}
} elseif ($policy == REGISTER_APPROVE) {
$res = send_reg_approval_email($result);
if ($res) {
info(t('Your registration is pending approval by the site owner.') . EOL);
} else {
notice(t('Your registration can not be processed.') . EOL);
}
goaway(z_root());
}
if ($email_verify) {
goaway(z_root());
}
authenticate_success($result['account'], null, true, false, true);
$new_channel = false;
$next_page = 'new_channel';
if (get_config('system', 'auto_channel_create') || UNO) {
$new_channel = auto_channel_create($result['account']['account_id']);
if ($new_channel['success']) {
$channel_id = $new_channel['channel']['channel_id'];
change_channel($channel_id);
$next_page = '~';
} else {
$new_channel = false;
}
}
$x = get_config('system', 'workflow_register_next');
if ($x) {
//.........这里部分代码省略.........
示例8: account_approve
function account_approve($hash)
{
$ret = array('success' => false);
// Note: when the password in the register table is 'verify', the uid actually contains the account_id
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' and password = 'verify' LIMIT 1", dbesc($hash));
if (!$register) {
return $ret;
}
$account = q("SELECT * FROM account WHERE account_id = %d LIMIT 1", intval($register[0]['uid']));
if (!$account) {
return $ret;
}
$r = q("DELETE FROM register WHERE hash = '%s' and password = 'verify'", dbesc($register[0]['hash']));
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_BLOCKED), intval(ACCOUNT_BLOCKED), intval($register[0]['uid']));
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_PENDING), intval(ACCOUNT_PENDING), intval($register[0]['uid']));
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d", intval(ACCOUNT_UNVERIFIED), intval(ACCOUNT_UNVERIFIED), intval($register[0]['uid']));
// get a fresh copy after we've modified it.
$account = q("SELECT * FROM account WHERE account_id = %d LIMIT 1", intval($register[0]['uid']));
if (!$account) {
return $ret;
}
if (get_config('system', 'auto_channel_create') || get_config('system', 'server_role') === 'basic') {
auto_channel_create($register[0]['uid']);
} else {
$_SESSION['login_return_url'] = 'new_channel';
authenticate_success($account[0], null, true, true, false, true);
}
// info( t('Account verified. Please login.') . EOL );
return true;
}
示例9: loginUser
function loginUser($uid)
{
logger("ZotOAuth1::loginUser {$uid}");
$r = q("SELECT * FROM channel WHERE channel_id = %d LIMIT 1", intval($uid));
if (count($r)) {
$record = $r[0];
} else {
logger('ZotOAuth1::loginUser failure: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('HTTP/1.0 401 Unauthorized');
echo 'This api requires login';
killme();
}
$_SESSION['uid'] = $record['channel_id'];
$_SESSION['addr'] = $_SERVER['REMOTE_ADDR'];
$x = q("select * from account where account_id = %d limit 1", intval($record['channel_account_id']));
if ($x) {
require_once 'include/security.php';
authenticate_success($x[0], true, false, true, true);
$_SESSION['allow_api'] = true;
}
}
示例10: api_login
/**
* Simple HTTP Login
*/
function api_login(&$a)
{
// login with oauth
try {
$oauth = new FKOAuth1();
$req = OAuthRequest::from_request();
list($consumer, $token) = $oauth->verify_request($req);
// list($consumer,$token) = $oauth->verify_request(OAuthRequest::from_request());
if (!is_null($token)) {
$oauth->loginUser($token->uid);
$a->set_oauth_key($consumer->key);
call_hooks('logged_in', $a->user);
return;
}
echo __FILE__ . __LINE__ . __FUNCTION__ . "<pre>";
// var_dump($consumer, $token);
die;
} catch (Exception $e) {
logger(__FILE__ . __LINE__ . __FUNCTION__ . "\n" . $e);
}
// workaround for HTTP-auth in CGI mode
if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}
if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
$userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6));
if (strlen($userpass)) {
list($name, $password) = explode(':', $userpass);
$_SERVER['PHP_AUTH_USER'] = $name;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}
if (!isset($_SERVER['PHP_AUTH_USER'])) {
logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Red"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
}
// process normal login request
require_once 'include/auth.php';
$channel_login = 0;
$record = account_verify_password($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
if (!$record) {
$r = q("select * from channel where channel_address = '%s' limit 1", dbesc($_SERVER['PHP_AUTH_USER']));
if ($r) {
$x = q("select * from account where account_id = %d limit 1", intval($r[0]['channel_account_id']));
if ($x) {
$record = account_verify_password($x[0]['account_email'], $_SERVER['PHP_AUTH_PW']);
if ($record) {
$channel_login = $r[0]['channel_id'];
}
}
}
if (!$record) {
logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Red"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
}
}
require_once 'include/security.php';
authenticate_success($record);
if ($channel_login) {
change_channel($channel_login);
}
$_SESSION['allow_api'] = true;
}
示例11: register_post
function register_post(&$a)
{
$max_dailies = intval(get_config('system', 'max_daily_registrations'));
if ($max_dailies) {
$r = q("select count(account_id) as total from account where account_created > UTC_TIMESTAMP() - INTERVAL 1 day");
if ($r && $r[0]['total'] >= $max_dailies) {
notice(t('Maximum daily site registrations exceeded. Please try again tomorrow.') . EOL);
return;
}
}
if (!x($_POST, 'tos')) {
notice(t('Please indicate acceptance of the Terms of Service. Registration failed.') . EOL);
return;
}
$policy = get_config('system', 'register_policy');
$email_verify = get_config('system', 'verify_email');
switch ($policy) {
case REGISTER_OPEN:
$flags = ACCOUNT_OK;
break;
case REGISTER_APPROVE:
$flags = ACCOUNT_BLOCKED | ACCOUNT_PENDING;
break;
default:
case REGISTER_CLOSED:
if (!is_site_admin()) {
notice(t('Permission denied.') . EOL);
return;
}
$flags = ACCOUNT_BLOCKED;
break;
}
if ($email_verify && $policy == REGISTER_OPEN) {
$flags = $flags | ACCOUNT_UNVERIFIED;
}
if (!$_POST['password'] || $_POST['password'] !== $_POST['password2']) {
notice(t('Passwords do not match.') . EOL);
return;
}
$arr = $_POST;
$arr['account_flags'] = $flags;
$result = create_account($arr);
if (!$result['success']) {
notice($result['message']);
return;
}
require_once 'include/security.php';
$using_invites = intval(get_config('system', 'invitation_only'));
$num_invites = intval(get_config('system', 'number_invites'));
$invite_code = x($_POST, 'invite_code') ? notags(trim($_POST['invite_code'])) : '';
if ($using_invites && $invite_code) {
q("delete * from register where hash = '%s' limit 1", dbesc($invite_code));
set_pconfig($result['account']['account_id'], 'system', 'invites_remaining', $num_invites);
}
if ($policy == REGISTER_OPEN) {
if ($email_verify) {
$res = verify_email_address($result);
} else {
$res = send_verification_email($result['email'], $result['password']);
}
if ($res) {
info(t('Registration successful. Please check your email for validation instructions.') . EOL);
}
} elseif ($policy == REGISTER_APPROVE) {
$res = send_reg_approval_email($result);
if ($res) {
info(t('Your registration is pending approval by the site owner.') . EOL);
} else {
notice(t('Your registration can not be processed.') . EOL);
}
goaway(z_root());
}
if ($email_verify) {
goaway(z_root());
}
authenticate_success($result['account'], true, false, true);
if (!strlen($next_page = get_config('system', 'workflow_register_next'))) {
$next_page = 'new_channel';
}
$_SESSION['workflow'] = true;
goaway(z_root() . '/' . $next_page);
}
示例12: datetime_convert
// I read the lifetime value from session_get_cookie_params(), I always get '0'
// (i.e. expire when the browser is closed), even when there's a time expiration
// on the cookie
if ($_POST['remember_me']) {
$_SESSION['remember_me'] = 1;
App::$session->new_cookie(31449600);
// one year
} else {
$_SESSION['remember_me'] = 0;
App::$session->new_cookie(0);
// 0 means delete on browser exit
}
// if we haven't failed up this point, log them in.
$_SESSION['last_login_date'] = datetime_convert();
if (!$atoken) {
authenticate_success($account, $channel, true, true);
}
}
}
/**
* @brief Returns the channel_id for a given openid_identity.
*
* Queries the values from pconfig configuration for the given openid_identity
* and returns the corresponding channel_id.
*
* @fixme How do we prevent that an OpenID identity is used more than once?
*
* @param string $authid
* The given openid_identity
* @return int|bool
* Return channel_id from pconfig or false.
示例13: openid_content
function openid_content(&$a)
{
$noid = get_config('system', 'no_openid');
if ($noid) {
goaway(z_root());
}
if (x($_GET, 'openid_mode') && x($_SESSION, 'openid')) {
$openid = new LightOpenID();
if ($openid->validate()) {
if (x($_SESSION, 'register')) {
unset($_SESSION['register']);
$args = '';
$attr = $openid->getAttributes();
if (is_array($attr) && count($attr)) {
foreach ($attr as $k => $v) {
if ($k === 'namePerson/friendly') {
$nick = notags(trim($v));
}
if ($k === 'namePerson/first') {
$first = notags(trim($v));
}
if ($k === 'namePerson') {
$args .= '&username=' . notags(trim($v));
}
if ($k === 'contact/email') {
$args .= '&email=' . notags(trim($v));
}
if ($k === 'media/image/aspect11') {
$photosq = bin2hex(trim($v));
}
if ($k === 'media/image/default') {
$photo = bin2hex(trim($v));
}
}
}
if ($nick) {
$args .= '&nickname=' . $nick;
} elseif ($first) {
$args .= '&nickname=' . $first;
}
if ($photosq) {
$args .= '&photo=' . $photosq;
} elseif ($photo) {
$args .= '&photo=' . $photo;
}
$args .= '&openid_url=' . notags(trim($_SESSION['openid']));
if ($a->config['register_policy'] != REGISTER_CLOSED) {
goaway($a->get_baseurl() . '/register' . $args);
} else {
goaway(z_root());
}
// NOTREACHED
}
$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` \n\t\t\t\tFROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc($_SESSION['openid']));
if (!count($r)) {
notice(t('Login failed.') . EOL);
goaway(z_root());
}
unset($_SESSION['openid']);
require_once 'include/security.php';
authenticate_success($r[0], true, true);
// just in case there was no return url set
// and we fell through
goaway(z_root());
}
}
notice(t('Login failed.') . EOL);
goaway(z_root());
// NOTREACHED
}
示例14: openid_content
function openid_content(&$a)
{
$noid = get_config('system', 'no_openid');
if ($noid) {
goaway(z_root());
}
logger('mod_openid ' . print_r($_REQUEST, true), LOGGER_DATA);
if (x($_GET, 'openid_mode') && x($_SESSION, 'openid')) {
$openid = new LightOpenID();
if ($openid->validate()) {
$authid = normalise_openid($_REQUEST['openid_identity']);
if (!strlen($authid)) {
logger(t('OpenID protocol error. No ID returned.') . EOL);
goaway(z_root());
}
$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` \n\t\t\t\tFROM `user` WHERE `openid` = '%s' AND `blocked` = 0 \n\t\t\t\tAND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1", dbesc($authid));
if ($r && count($r)) {
// successful OpenID login
unset($_SESSION['openid']);
require_once 'include/security.php';
authenticate_success($r[0], true, true);
// just in case there was no return url set
// and we fell through
goaway(z_root());
}
// Successful OpenID login - but we can't match it to an existing account.
// New registration?
if ($a->config['register_policy'] == REGISTER_CLOSED) {
notice(t('Account not found and OpenID registration is not permitted on this site.') . EOL);
goaway(z_root());
}
unset($_SESSION['register']);
$args = '';
$attr = $openid->getAttributes();
if (is_array($attr) && count($attr)) {
foreach ($attr as $k => $v) {
if ($k === 'namePerson/friendly') {
$nick = notags(trim($v));
}
if ($k === 'namePerson/first') {
$first = notags(trim($v));
}
if ($k === 'namePerson') {
$args .= '&username=' . notags(trim($v));
}
if ($k === 'contact/email') {
$args .= '&email=' . notags(trim($v));
}
if ($k === 'media/image/aspect11') {
$photosq = bin2hex(trim($v));
}
if ($k === 'media/image/default') {
$photo = bin2hex(trim($v));
}
}
}
if ($nick) {
$args .= '&nickname=' . $nick;
} elseif ($first) {
$args .= '&nickname=' . $first;
}
if ($photosq) {
$args .= '&photo=' . $photosq;
} elseif ($photo) {
$args .= '&photo=' . $photo;
}
$args .= '&openid_url=' . notags(trim($authid));
goaway($a->get_baseurl() . '/register' . $args);
// NOTREACHED
}
}
notice(t('Login failed.') . EOL);
goaway(z_root());
// NOTREACHED
}
示例15: windowsphonepush_login
function windowsphonepush_login()
{
if (!isset($_SERVER['PHP_AUTH_USER'])) {
logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
}
$user = $_SERVER['PHP_AUTH_USER'];
$encrypted = hash('whirlpool', trim($_SERVER['PHP_AUTH_PW']));
// check if user specified by app is available in the user table
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )\n\t AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($user)), dbesc(trim($user)), dbesc($encrypted));
if (count($r)) {
$record = $r[0];
} else {
logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
}
require_once 'include/security.php';
authenticate_success($record);
$_SESSION["allow_api"] = true;
call_hooks('logged_in', $a->user);
}