Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * IlluCS 2.0
- * Content Management System
- *
- * All rights reserved to the developers of this project. This project
- * is private and may not be released to the public.
- *
- * @author Merijn
- */
- namespace Arrowhead\Controllers;
- use Arrowhead\Models\Users,
- Arrowhead\Models\Bans;
- class AccountController extends ControllerBase
- {
- public function loginAction()
- {
- if ($this->request->isPost()) {
- $username = $this->request->getPost('username', 'string');
- $password = $this->request->getPost('password', 'string');
- if ($this->security->checkToken()) {
- $userSettings = Users::findFirstByUsername($username);
- // User settings are okay. Let's validate and check the password.
- // If the password is correct, log 'em in.
- if ($userSettings) {
- // Do a check and see if the hashing algorithm is sha1.
- // If the hashing algorithm is sha1, convert it to bcrypt
- // and save it in the database.
- if (sha1($password) == $userSettings->password) {
- // It's sha1. Convert it into bcrypt and save the result.
- $userSettings->password = $this->security->hash($password);
- $userSettings->save();
- }
- if ($this->security->checkHash($password, $userSettings->password)) {
- // Because some morons try to use SQL injections within the IP Address
- $ipAddress = ((filter_var($this->request->getClientAddress(), FILTER_VALIDATE_IP)) ? $this->request->getClientAddress() : false);
- $bans = Bans::findFirstByValue($username);
- // Oh, bad boy. You're banned. Check the expiration
- // date. If expired, it'll go away.
- if ($bans != false) {
- $date = new \DateTime("NOW", new \DateTimeZone("Europe/Amsterdam"));
- if ($bans->expire <= $date->getTimestamp() && $bans->appeal_state > 0) {
- // Remove bans from database and move on.
- $bans->appeal_state = (int) 0;
- $bans->save();
- } else {
- $this->flash->error('Je bent verbannen door de World Staff. De volgende reden is bij je ban gegeven ' . $bans->reason);
- }
- }
- // Je bent niet verbannen, so move on.
- $this->session->set('world', array(
- 'username' => $username,
- 'motto' => $userSettings->motto,
- 'credits' => $userSettings->credits
- ));
- // Verander last_ip naar het nieuwe IP-adres
- $userSettings->ip_last = $ipAddress;
- $userSettings->save();
- return $this->response->redirect('me');
- }
- $this->flash->error('Het ingevoerde wachtwoord is incorrect. Probeer het opnieuw.');
- return $this->dispatcher->forward(array(
- 'controller' => "index",
- 'action' => "index"
- ));
- } else {
- $this->flash->error('Deze Worldnaam bestaat niet. Heb je het verkeerd ingevuld?');
- return $this->dispatcher->forward(array(
- 'controller' => "index",
- 'action' => "index"
- ));
- }
- }
- }
- return $this->response->redirect('index');
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement