1 2015-06-19 13:21:23

Topic: Users::getLogin

Please help, it is necessary to make the authorization on all pages

does not work sad


Re: Users::getLogin

To be precise, the form is displayed, but does not transmit data.

Re: Users::getLogin

is ur website on localhost? is it in subfolder? wht theme do u use? does it work if u install a default fresh monstra 3.0.1 with default theme?

(с) Roman Art
So far So good wink

RomanArt's Website

Re: Users::getLogin

I checked again on a new engine all the same form is displayed, but no data is sent.

5 2015-06-19 15:17:13

Re: Users::getLogin

assign('users', Users::$users->select(null, 'all'))
            ->display();
    }
    /**
     * Get user profile
     */
    public static function getProfile($id)
    {
        View::factory('box/users/views/frontend/profile')
            ->assign('user', Users::$users->select("[id=".(int) $id."]", null))
            ->display();
    }
    /**
     * Get New User Registration
     */
    public static function getRegistration()
    {
        if (Option::get('users_frontend_registration') == 'true') {
            // Is User Loged in ?
            if ( ! Session::get('user_id')) {
                $errors = array();
                $user_email = Request::post('email');
                $user_login = Request::post('login');
                $user_password = Request::post('password');
                // Register form submit
                if (Request::post('register')) {
                    // Check csrf
                    if (Security::check(Request::post('csrf'))) {
                        $user_email = trim($user_email);
                        $user_login = trim($user_login);
                        $user_password = trim($user_password);
                        if (Option::get('captcha_installed') == 'true' && ! CryptCaptcha::check(Request::post('answer'))) $errors['users_captcha_wrong'] = __('Captcha code is wrong', 'captcha');
                        if ($user_login == '')    $errors['users_empty_login']    = __('Required field', 'users');
                        if ($user_password == '') $errors['users_empty_password'] = __('Required field', 'users');
                        if ($user_email == '')    $errors['users_empty_email']    = __('Required field', 'users');
                        if ($user_email != '' && ! Valid::email($user_email)) $errors['users_invalid_email'] = __('User email is invalid', 'users');
                        if (Users::$users->select("[login='".$user_login."']")) $errors['users_this_user_alredy_exists'] = __('This user alredy exist', 'users');
                        if (Users::$users->select("[email='".$user_email."']")) $errors['users_this_email_alredy_exists'] = __('This email alredy exist', 'users');
                        if (count($errors) == 0) {
                            Users::$users->insert(array('login'    => Security::safeName($user_login),
                                                 'password'        => Security::encryptPassword(Request::post('password')),
                                                 'email'           => Request::post('email'),
                                                 'hash'            => Text::random('alnum', 12),
                                                 'date_registered' => time(),
                                                 'role'            => 'user'));
                            // Log in
                            $user = Users::$users->select("[id='".Users::$users->lastId()."']", null);
                            Session::set('user_id', (int) $user['id']);
                            Session::set('user_login', (string) $user['login']);
                            Session::set('user_role', (string) $user['role']);
                            Session::set('user_email', (string) $user['email']);
                            $mail = new PHPMailer();
                            $mail->CharSet = 'utf-8';
                            $mail->ContentType = 'text/html';
                            $mail->SetFrom(Option::get('system_email'));
                            $mail->AddReplyTo(Option::get('system_email'));
                            $mail->AddAddress($user['email'], $user['login']);
                            $mail->Subject = Option::get('sitename');
                            $mail->MsgHTML(View::factory('box/emails/views/emails/email_layout')
                                ->assign('site_name', Option::get('sitename'))
                                ->assign('user_login', $user['login'])
                                ->assign('email_template', 'new-user')
                                ->render());
                            $mail->Send();
                            // Redirect to user profile
                            Request::redirect(Option::get('siteurl').'/users/'.Users::$users->lastId());
                        }
                    } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
                }
                // Display view
                View::factory('box/users/views/frontend/registration')
                        ->assign('errors', $errors)
                        ->assign('user_email', $user_email)
                        ->assign('user_login', $user_login)
                        ->assign('user_password', $user_password)
                        ->display();
            } else {
                Request::redirect(Site::url().'/users/'.Session::get('user_id'));
            }
        } else {
            echo __('User registration is closed.', 'users');
        }
    }
    /**
     * Get user panel
     */
    public static function getPanel()
    {
        View::factory('box/users/views/frontend/userspanel')->display();
    }
    /**
     * Is User Loged
     */
    public static function isLoged()
    {
        if ((Session::get('user_id')) and (((int) Session::get('user_id') == Uri::segment(1)) or (in_array(Session::get('user_role'), array('admin'))))) {
            return true;
        } else {
            return false;
        }
    }
    /**
     * Logout
     */
    public static function logout()
    {
        Session::destroy();
        Request::redirect($_SERVER["HTTP_REFERER"]);
    }
    /**
     * Edit user profile
     */
    public static function getProfileEdit($id)
    {
        // Is Current User Loged in ?
        if (Users::isLoged()) {
            $user = Users::$users->select("[id='".(int) $id."']", null);
            // Edit Profile Submit
            if (Request::post('edit_profile')) {
                // Check csrf
                if (Security::check(Request::post('csrf'))) {
                    if (Security::safeName(Request::post('login')) != '') {
                        if (Users::$users->update(Request::post('user_id'),
                                                                array('login' => Security::safeName(Request::post('login')),
                                                                      'firstname' => Request::post('firstname'),
                                                                      'lastname'  => Request::post('lastname'),
                                                                      'email'     => Request::post('email'),
                                                                      'skype'     => Request::post('skype'),
                                                                      'about_me'  => Request::post('about_me'),
                                                                      'twitter'   => Request::post('twitter')))) {
                            // Change password
                            if (trim(Request::post('new_password')) != '') {
                                Users::$users->update(Request::post('user_id'), array('password' => Security::encryptPassword(trim(Request::post('new_password')))));
                            }
                            Notification::set('success', __('Your changes have been saved.', 'users'));
                            Request::redirect(Site::url().'/users/'.$user['id']);
                        }
                    } else { }
                } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
            }
            View::factory('box/users/views/frontend/edit')
                ->assign('user', $user)
                ->display();
        } else {
            Request::redirect(Site::url().'/users/login');
        }
    }
    /**
     * Get Password Reset
     */
    public static function getPasswordReset()
    {
        // Is User Loged in ?
        if ( ! Session::get('user_id')) {
            $errors = array();
            $site_url  = Option::get('siteurl');
            $site_name = Option::get('sitename');
            // Reset Password from hash
            if (Request::get('hash')) {
                // Get user with specific hash
                $user = Users::$users->select("[hash='" . Request::get('hash') . "']", null);
                // If user exists
                if ((count($user) > 0) && ($user['hash'] == Request::get('hash'))) {
                    // Generate new password
                    $new_password = Text::random('alnum', 6);
                    // Update user profile
                    // Set new hash and new password
                    Users::$users->updateWhere("[login='" . $user['login'] . "']", array('hash' => Text::random('alnum', 12), 'password' => Security::encryptPassword($new_password)));
                    $mail = new PHPMailer();
                    $mail->CharSet = 'utf-8';
                    $mail->ContentType = 'text/html';
                    $mail->SetFrom(Option::get('system_email'));
                    $mail->AddReplyTo(Option::get('system_email'));
                    $mail->AddAddress($user['email'], $user['login']);
                    $mail->Subject = __('Your new password for :site_name', 'users', array(':site_name' => $site_name));
                    $mail->MsgHTML(View::factory('box/emails/views/emails/email_layout')
                        ->assign('site_url', $site_url)
                        ->assign('site_name', $site_name)
                        ->assign('user_id', $user['id'])
                        ->assign('user_login', $user['login'])
                        ->assign('new_password', $new_password)
                        ->assign('email_template', 'new-password')
                        ->render());
                    $mail->Send();
                    // Set notification
                    Notification::set('success', __('New password has been sent', 'users'));
                    // Redirect to password-reset page
                    Request::redirect(Site::url().'/users/login');
                }
            }
            // Reset Password Form Submit
            if (Request::post('reset_password_submit')) {
                $user_login = trim(Request::post('login'));
                // Check csrf
                if (Security::check(Request::post('csrf'))) {
                    if (Option::get('captcha_installed') == 'true' && ! CryptCaptcha::check(Request::post('answer'))) $errors['users_captcha_wrong'] = __('Captcha code is wrong', 'users');
                    if ($user_login == '') $errors['users_empty_field'] = __('Required field', 'users');
                    if ($user_login != '' && ! Users::$users->select("[login='".$user_login."']")) $errors['users_user_doesnt_exists'] = __('This user doesnt exist', 'users');
                    if (count($errors) == 0) {
                        // Get user
                        $user = Users::$users->select("[login='" . $user_login . "']", null);
                        // Generate new hash
                        $new_hash = Text::random('alnum', 12);
                        // Update user hash
                        Users::$users->updateWhere("[login='" . $user_login . "']", array('hash' => $new_hash));
                        $mail = new PHPMailer();
                        $mail->CharSet = 'utf-8';
                        $mail->ContentType = 'text/html';
                        $mail->SetFrom(Option::get('system_email'));
                        $mail->AddReplyTo(Option::get('system_email'));
                        $mail->AddAddress($user['email'], $user['login']);
                        $mail->Subject = __('Your login details for :site_name', 'users', array(':site_name' => $site_name));
                        $mail->MsgHTML(View::factory('box/emails/views/emails/email_layout')
                            ->assign('site_url', $site_url)
                            ->assign('site_name', $site_name)
                            ->assign('user_id', $user['id'])
                            ->assign('user_login', $user['login'])
                            ->assign('new_hash', $new_hash)
                            ->assign('email_template', 'reset-password')
                            ->render());
                        $mail->Send();
                        // Set notification
                        Notification::set('success', __('Your login details for :site_name has been sent', 'users', array(':site_name' => $site_name)));
                        // Redirect to password-reset page
                        Request::redirect(Site::url().'/users/password-reset');
                    }
                } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
            }
            View::factory('box/users/views/frontend/password_reset')
                ->assign('errors', $errors)
                ->assign('user_login', trim(Request::post('login')))
                ->display();
        }
    }
    /**
     * Get User login
     */
    public static function getLogin()
    {
        // Is User Loged in ?
        if ( ! Session::get('user_id')) {
            // Login Form Submit
            if (Request::post('login_submit')) {
                if (Cookie::get('login_attempts') && Cookie::get('login_attempts') >= 5) {
                    Notification::setNow('error', __('You are banned for 10 minutes. Try again later', 'users'));
                } else {
                    // Check csrf
                    if (Security::check(Request::post('csrf'))) {
                        $user = Users::$users->select("[login='" . trim(Request::post('username')) . "']", null);
                        if (count($user) !== 0) {
                            if ($user['login'] == Request::post('username')) {
                                if (trim($user['password']) == Security::encryptPassword(Request::post('password'))) {
                                    if ($user['role'] == 'admin' || $user['role'] == 'editor') {
                                        Session::set('admin', true);
                                    }
                                    Session::set('user_id', (int) $user['id']);
                                    Session::set('user_login', (string) $user['login']);
                                    Session::set('user_role', (string) $user['role']);
                                    Session::set('user_email', (string) $user['email']);
                                    Request::redirect(Site::url().'/users/'.Session::get('user_id'));
                                } else {
                                    Notification::setNow('error', __('Wrong username or password', 'users'));
                                    if (Cookie::get('login_attempts')) {
                                        if (Cookie::get('login_attempts') < 5) {
                                            $attempts = Cookie::get('login_attempts') + 1;
                                            Cookie::set('login_attempts', $attempts , 600);
                                        } else {
                                            Notification::setNow('error', __('You are banned for 10 minutes. Try again later', 'users'));
                                        }
                                    } else {
                                        Cookie::set('login_attempts', 1, 600);
                                    }
                                }
                            }
                        } else {
                            Notification::setNow('error', __('Wrong username or password', 'users'));
                            if (Cookie::get('login_attempts')) {
                                if (Cookie::get('login_attempts') < 5) {
                                    $attempts = Cookie::get('login_attempts') + 1;
                                    Cookie::set('login_attempts', $attempts , 600);
                                } else {
                                    Notification::setNow('error', __('You are banned for 10 minutes. Try again later', 'users'));
                                }
                            } else {
                                Cookie::set('login_attempts', 1, 600);
                            }
                        }
                    } else { die('Request was denied because it contained an invalid security token. Please refresh the page and try again.'); }
                }
            }
            View::factory('box/users/views/frontend/login')->display();
        } else {
            Request::redirect(Site::url().'/users/'.Session::get('user_id'));
        }
    }
    /**
     * Set title
     */
    public static function title()
    {
        switch (Users::route()) {
            case 'list':   return __('Users', 'users'); break;
            case 'profile': return __('Users - Profile', 'users'); break;
            case 'edit': return __('Users - Edit Profile', 'users'); break;
            case 'login':   return __('Users - Login', 'users'); break;
            case 'registration':   return __('Users - Registration', 'users'); break;
            case 'password-reset': return __('Users - Password Recover', 'users'); break;
        }
    }
    /**
     * Set content
     */
    public static function content()
    {
        switch (Users::route()) {
            case 'list':    Users::getList(); break;
            case 'profile': Users::getProfile(Uri::segment(1)); break;
            case 'edit': Users::getProfileEdit(Uri::segment(1)); break;
            case 'login':   Users::getLogin(); break;
            case 'registration': Users::getRegistration(); break;
            case 'password-reset': Users::getPasswordReset(); break;
        }
    }
    /**
     * Set template
     */
    public static function template()
    {
        return 'index';
    }
    /**
     * Get Gravatar
     *
     *  
     *      
     *  
     *
     * @param string  $email  Email
     * @param integer $size   Image Size
     */
    public static function getGravatarURL($email, $size)
    {
        return 'http://www.gravatar.com/avatar/'.md5(strtolower(trim($email))).'?size='.$size;
    }
}

Re: Users::getLogin

'.$error.'
'); ?>