| 1 |
<?php |
| 2 |
|
| 3 |
// Copyright (c) 2009 Katsuhisa Yuasa <berupon [at] gmail.com> |
| 4 |
// License http://www.opensource.org/licenses/mit-license.html |
| 5 |
|
| 6 |
require_once('master/user/model.php'); |
| 7 |
|
| 8 |
class LoginValidator extends Validator |
| 9 |
{ |
| 10 |
var $con; |
| 11 |
|
| 12 |
function __construct($con) { |
| 13 |
$this->con = $con; |
| 14 |
} |
| 15 |
|
| 16 |
function settings() { |
| 17 |
return array( |
| 18 |
'userid' => array( |
| 19 |
'notBlank : ユーザーID が 空です。', |
| 20 |
'word : ユーザーID には半角英数数字とアンダーバーのみ使用出来ます。', |
| 21 |
), |
| 22 |
'digested_password' => array( |
| 23 |
'notBlank : パスワード が 空です。', |
| 24 |
'isValidPassword : 認証に失敗しました。', |
| 25 |
), |
| 26 |
); |
| 27 |
} |
| 28 |
|
| 29 |
function isValidPassword() { |
| 30 |
return UserData::ValidatePassword( |
| 31 |
$this->con, |
| 32 |
$this->values['userid'], |
| 33 |
$this->values['digested_password'], |
| 34 |
$this->values['nonce'] |
| 35 |
); |
| 36 |
} |
| 37 |
|
| 38 |
} |
| 39 |
|
| 40 |
$paramNames = explodeTrim(' |
| 41 |
userid, |
| 42 |
digested_password |
| 43 |
'); |
| 44 |
|
| 45 |
initMembers($tpl, $paramNames, ''); |
| 46 |
$tpl['realm'] = REALM; |
| 47 |
$tpl['messages'] = null; |
| 48 |
|
| 49 |
updateOnetimeToken($params); |
| 50 |
|
| 51 |
if (array_keys_exist($paramNames, $params)) { |
| 52 |
|
| 53 |
checkOnetimeToken($params); |
| 54 |
|
| 55 |
if (!array_key_exists('nonce', $_SESSION)) { |
| 56 |
exit('invalid access'); |
| 57 |
} |
| 58 |
|
| 59 |
$params['nonce'] = $_SESSION['nonce']; |
| 60 |
|
| 61 |
copyMembers(getMembers($params, $paramNames), $tpl); |
| 62 |
|
| 63 |
$validator = new LoginValidator($con); |
| 64 |
$errors = $validator->validate($params); |
| 65 |
if (count($errors)) { |
| 66 |
$tpl['messages'] = Validator::GetErrorMessages($errors); |
| 67 |
}else { |
| 68 |
unset($_SESSION['nonce']); |
| 69 |
$_SESSION['userid'] = $params['userid']; |
| 70 |
$_SESSION['authenticated'] = true; |
| 71 |
header("Location: index.php"); |
| 72 |
exit; |
| 73 |
} |
| 74 |
} |
| 75 |
|
| 76 |
$nonce = hash('sha256', session_id() . ':' . uniqid(mt_rand(), true)); |
| 77 |
$_SESSION['nonce'] = $nonce; |
| 78 |
$tpl['nonce'] = $nonce; |
| 79 |
|
| 80 |
display_template(__FILE__); |
| 81 |
|
Parent Directory
Revision Log