From af2cf142736081c3da2eb6f1863d62f56080eb7b Mon Sep 17 00:00:00 2001 From: shubham_meena Date: Mon, 24 Mar 2014 17:07:53 +0530 Subject: [PATCH 1/3] changed login from username to both username and email --HG-- branch : Issue#123 --- .../ryzom_ams/ams_lib/translations/en.ini | 6 +- .../ryzom_ams/ams_lib/translations/fr.ini | 6 +- .../ryzom_ams/www/html/autoload/webusers.php | 60 ++++++++++++++++++- .../server/ryzom_ams/www/html/func/login.php | 29 +++++++-- .../ryzom_ams/www/html/templates/login.tpl | 4 +- 5 files changed, 91 insertions(+), 14 deletions(-) diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/en.ini b/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/en.ini index 586d49241..8eed7991a 100644 --- a/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/en.ini +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/en.ini @@ -126,8 +126,8 @@ go_home = "Go Home" userlist_info = "welcome to the userlist" [login] -login_info = "Please login with your Username and Password." -login_error_message = "The username/password were not correct!" +login_info = "Please login with your Email/Username and Password." +login_error_message = "The Email/username/password were not correct!" login_register_message ="Register If you don't have an account yet, create one" login_here = "here" login_forgot_password_message = "In case you forgot your password, click" @@ -242,4 +242,4 @@ email_body_forgot_password_header = "A request to reset your account's password email_body_forgot_password_footer = " ---------- If you didn't make this request, please ignore this message." -;=========================================================================== \ No newline at end of file +;=========================================================================== diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/fr.ini b/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/fr.ini index b4fa1fcf6..3284a5a7d 100644 --- a/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/fr.ini +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/fr.ini @@ -116,8 +116,8 @@ go_home = "Allez au main page" userlist_info = "bienvenue sur le userlist page!" [login] -login_info = "S'il vous plait vous connecter avec votre nom d'utilisateur et mot de passe." -login_error_message = "Le remplie nom d'utilisateur / mot de passe ne sont pas correctes!" +login_info = "S'il vous plait vous connecter avec votre Email/nom d'utilisateur et mot de passe." +login_error_message = "Le remplie Email/nom d'utilisateur / mot de passe ne sont pas correctes!" login_register_message =" Inscrivez-vous Si vous n'avez pas encore de compte, creez-en un" login_here = "ici" login_forgot_password_message = "Dans le cas ou vous avez oublie votre mot de passe, cliquez" @@ -230,4 +230,4 @@ email_body_forgot_password_header = "Une demande de reinitialiser le mot de pass email_body_forgot_password_footer = " ---------- Si vous n'avez pas fait cette demande, s'il vous plait ignorer ce message." -;=========================================================================== \ No newline at end of file +;=========================================================================== diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php b/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php index d8e59d1f9..aea4537b4 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php @@ -90,6 +90,47 @@ class WebUsers extends Users{ } + + /** + * check if the login email and password match the db. + * @param $email the inserted email id + * @param $password the inserted password (unhashed) + * @return the logged in user's db row as array if login was a success, else "fail" will be returned. + */ + public static function checkLoginMatchUsingEmail($email,$password){ + + $dbw = new DBLayer("web"); + $statement = $dbw->execute("SELECT * FROM ams_user WHERE Email=:emailid", array('emailid' => $email)); + $row = $statement->fetch(); + $salt = substr($row['Password'],0,2); + $hashed_input_pass = crypt($password, $salt); + if($hashed_input_pass == $row['Password']){ + return $row; + }else{ + return "fail"; + } + } + + /** + * check for the login type email or username. + * @param $value the inserted value + * @return the type email or username will be returned. + */ + public static function checkLoginType($login_value){ + + $dbl = new DBLayer("web"); + $statement = $dbl->executeWithoutParams("SELECT * FROM ams_user"); + $row = $statement->fetch(); + + foreach( $row as $key => $value) + { + if($login_value == $value){ + return $key; + } + } + } + + /** * returns te id for a given username * @param $username the username @@ -118,6 +159,23 @@ class WebUsers extends Users{ return "FALSE"; } } + + /** + * returns the username for a given emailaddress + * @param $email the emailaddress + * @return the username linked to the emailaddress + */ + public static function getUsernameFromEmail($email){ + $dbw = new DBLayer("web"); + $statement = $dbw->execute("SELECT * FROM ams_user WHERE Email=:email", array('email' => $email)); + $row = $statement->fetch(); + if(!empty($row)){ + return $row['Login']; + }else{ + return "FALSE"; + } + } + /** @@ -355,4 +413,4 @@ class WebUsers extends Users{ } } -} \ No newline at end of file +} diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php b/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php index b0b6b5add..ca971d3cd 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php @@ -9,15 +9,34 @@ function login(){ global $INGAME_WEBPATH; global $WEBPATH; try{ - $username = filter_var($_POST['Username'],FILTER_SANITIZE_STRING); + $login_value = filter_var($_POST['LoginValue'],FILTER_SANITIZE_STRING); $password = filter_var($_POST['Password'],FILTER_SANITIZE_STRING); + + //check login type if email or username + $login_type = WebUsers::checkLoginType($login_value); + //check if the filtered sent POST data returns a match with the DB - $result = WebUsers::checkLoginMatch($username, $password); + if($login_type == 'Login') + { + $result = WebUsers::checkLoginMatch($login_value, $password); + }else + { + $result = WebUsers::checkLoginMatchUsingEmail($login_value, $password); + } + if( $result != "fail"){ //handle successful login - $_SESSION['user'] = $username; - $_SESSION['id'] = WebUsers::getId($username); + + if($login_type == 'Login') + { + $_SESSION['user'] = $login_value; + $_SESSION['id'] = WebUsers::getId($login_value); + }else{ + $_SESSION['user'] = WebUsers::getUsernameFromEmail($login_value); + $_SESSION['id'] = WebUsers::getIdFromEmail($login_value); + } + $_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id'])); $user = new WebUsers($_SESSION['id']); $_SESSION['Language'] = $user->getLanguage(); @@ -54,4 +73,4 @@ function login(){ exit; } -} \ No newline at end of file +} diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/templates/login.tpl b/code/ryzom/tools/server/ryzom_ams/www/html/templates/login.tpl index 26c992d50..54a87bbcb 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/templates/login.tpl +++ b/code/ryzom/tools/server/ryzom_ams/www/html/templates/login.tpl @@ -14,8 +14,8 @@
-
- +
+
From 26c8e7ad15be95249b47a5dec6064aaa6587a389 Mon Sep 17 00:00:00 2001 From: shubham_meena Date: Tue, 25 Mar 2014 06:29:17 +0000 Subject: [PATCH 2/3] changed login through email / username --HG-- branch : Issue#123 --- .../ryzom_ams/www/html/autoload/webusers.php | 72 ++----------------- 1 file changed, 7 insertions(+), 65 deletions(-) diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php b/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php index aea4537b4..90730291a 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php @@ -70,15 +70,15 @@ class WebUsers extends Users{ /** - * check if the login username and password match the db. - * @param $username the inserted username + * check if the login username/email and password match the db. + * @param $value the inserted username or email * @param $password the inserted password (unhashed) * @return the logged in user's db row as array if login was a success, else "fail" will be returned. */ - public static function checkLoginMatch($username,$password){ + public static function checkLoginMatch($value,$password){ $dbw = new DBLayer("web"); - $statement = $dbw->execute("SELECT * FROM ams_user WHERE Login=:user", array('user' => $username)); + $statement = $dbw->execute("SELECT * FROM ams_user WHERE Login=:value OR Email:value", array('value' => $value)); $row = $statement->fetch(); $salt = substr($row['Password'],0,2); $hashed_input_pass = crypt($password, $salt); @@ -89,50 +89,9 @@ class WebUsers extends Users{ } } - - - /** - * check if the login email and password match the db. - * @param $email the inserted email id - * @param $password the inserted password (unhashed) - * @return the logged in user's db row as array if login was a success, else "fail" will be returned. - */ - public static function checkLoginMatchUsingEmail($email,$password){ - - $dbw = new DBLayer("web"); - $statement = $dbw->execute("SELECT * FROM ams_user WHERE Email=:emailid", array('emailid' => $email)); - $row = $statement->fetch(); - $salt = substr($row['Password'],0,2); - $hashed_input_pass = crypt($password, $salt); - if($hashed_input_pass == $row['Password']){ - return $row; - }else{ - return "fail"; - } - } - - /** - * check for the login type email or username. - * @param $value the inserted value - * @return the type email or username will be returned. - */ - public static function checkLoginType($login_value){ - - $dbl = new DBLayer("web"); - $statement = $dbl->executeWithoutParams("SELECT * FROM ams_user"); - $row = $statement->fetch(); - - foreach( $row as $key => $value) - { - if($login_value == $value){ - return $key; - } - } - } - - + /** - * returns te id for a given username + * returns the id for a given username * @param $username the username * @return the user's id linked to the username */ @@ -145,7 +104,7 @@ class WebUsers extends Users{ /** - * returns te id for a given emailaddress + * returns the id for a given emailaddress * @param $email the emailaddress * @return the user's id linked to the emailaddress */ @@ -160,23 +119,6 @@ class WebUsers extends Users{ } } - /** - * returns the username for a given emailaddress - * @param $email the emailaddress - * @return the username linked to the emailaddress - */ - public static function getUsernameFromEmail($email){ - $dbw = new DBLayer("web"); - $statement = $dbw->execute("SELECT * FROM ams_user WHERE Email=:email", array('email' => $email)); - $row = $statement->fetch(); - if(!empty($row)){ - return $row['Login']; - }else{ - return "FALSE"; - } - } - - /** * get uId attribute of the object. From 420a61532177bd4aba072c7a150ef4f1759e2d98 Mon Sep 17 00:00:00 2001 From: shubham_meena Date: Tue, 25 Mar 2014 06:35:21 +0000 Subject: [PATCH 3/3] login.php edited online with Bitbucket: to provide access through both username and email --HG-- branch : Issue#123 --- .../server/ryzom_ams/www/html/func/login.php | 26 +++---------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php b/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php index ca971d3cd..f0212f18b 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php @@ -12,31 +12,13 @@ function login(){ $login_value = filter_var($_POST['LoginValue'],FILTER_SANITIZE_STRING); $password = filter_var($_POST['Password'],FILTER_SANITIZE_STRING); - //check login type if email or username - $login_type = WebUsers::checkLoginType($login_value); - //check if the filtered sent POST data returns a match with the DB - - if($login_type == 'Login') - { - $result = WebUsers::checkLoginMatch($login_value, $password); - }else - { - $result = WebUsers::checkLoginMatchUsingEmail($login_value, $password); - } - + $result = WebUsers::checkLoginMatch($login_value, $password); + if( $result != "fail"){ //handle successful login - - if($login_type == 'Login') - { - $_SESSION['user'] = $login_value; - $_SESSION['id'] = WebUsers::getId($login_value); - }else{ - $_SESSION['user'] = WebUsers::getUsernameFromEmail($login_value); - $_SESSION['id'] = WebUsers::getIdFromEmail($login_value); - } - + $_SESSION['user'] = $result['Login']; + $_SESSION['id'] = $result['UId']; $_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id'])); $user = new WebUsers($_SESSION['id']); $_SESSION['Language'] = $user->getLanguage();