public static function login($username, $password, $language)
{
if ($username and $password) {
$auth = new Auth();
if ($auth->login($username, $password) == true) {
$session_id = $auth->get_session_id();
$session = new Session($session_id);
$user = new User($session->get_user_id());
$regional = new Regional($session->get_user_id());
if (is_numeric($language)) {
$session->write_value("LANGUAGE", $language);
} else {
$session->write_value("LANGUAGE", $regional->get_language_id());
}
if ($user->get_boolean_user_entry("user_locked") == false) {
return "index.php?username="******"&session_id=" . $session_id;
} else {
return 0;
}
} else {
return 0;
}
} else {
return 0;
}
}
/**
* Initalisation of IO Controller
*/
public function init()
{
global $session, $user, $regional;
if (!isset($GLOBALS['fatal_error'])) {
if ($_GET['session_id']) {
try {
$session = new Session($_GET['session_id']);
$user = new User($session->get_user_id());
$regional = new Regional();
} catch (UserException $e) {
$GLOBALS['fatal_error'] = "User initialisation failed!";
}
} else {
$session = new Session(null);
$user = null;
}
}
require_once "modules/content_handler.php";
require_once "modules/base/common/io/common.io.php";
require_once "modules/base/common/io/error.io.php";
require_once "modules/base/common/io/list.io.php";
if ($this->type == "io") {
require_once "modules/base/common/io/tab.io.php";
ContentHandler_IO::io();
} elseif ($this->type == "ajax") {
require_once "modules/base/common/io/list_request.io.php";
ContentHandler_IO::ajax();
}
}
require_once "core/include/base/system/events/delete_event.class.php";
require_once "core/include/base/system/system_handler.class.php";
require_once "core/include/base/security/security.class.php";
require_once "core/include/base/security/session.class.php";
require_once "core/include/base/system/autoload.function.php";
SystemConfig::load_module_config();
if ($_GET['session_id'] and $_GET['file_id']) {
$transaction = new Transaction();
try {
$system_handler = new SystemHandler(false);
} catch (Exception $e) {
die("Exception");
}
Security::protect_session();
$session = new Session($_GET['session_id']);
$user = new User($session->get_user_id());
$session_valid_array = $session->is_valid();
if ($session_valid_array[0] === true) {
try {
$image_cache = new ImageCache($_GET['file_id']);
} catch (Exception $e) {
die("Exception");
}
if ($_GET['max_width']) {
$image_cache->set_max_width($_GET['max_width']);
}
if ($_GET['max_height']) {
$image_cache->set_max_height($_GET['max_height']);
}
if ($_GET['width']) {
$file_path = constant("BASE_DIR") . "/filesystem/temp/" . $image_cache->get_image($_GET['width']);
/**
* reset the password and sign the user on
*
* The user has entered his or her new password. It should be entered
* twice -- just in case...
* If both entries match, the new password is stored in the database and
* the user is logged in.
*
* @return WP_Error event if password could not be reset or user could not be signed on
*/
public static function handle_reset_password()
{
// Prevent Cross-Site-Request-Forgery
if (!Handlers::is_nonce_ok('new_password_form')) {
return new \WP_Error('nonce', __('There seems to be a security issue. Please do not continue, but inform us!', 'YALW'), 'error');
}
// Prevent user's from obtaining rights of other users
if (Handlers::get_retrieval_code(Session::get_user_login()) != $_POST['YALW_code']) {
return new \WP_Error('security', __('I\'m sorry, Dave. I\'m afraid I can\'t do that.', 'YALW'), 'error');
}
$events = new \WP_Error();
if (empty($_POST['YALW_new_password'])) {
// password empty?
Session::set_next_widget_task('enter_new_password');
$events->add('password_empty', __('The password cannot be empty.', 'YALW'), 'warn');
} elseif ($_POST['YALW_new_password'] != $_POST['YALW_control_password']) {
// password mismatch?
Session::set_next_widget_task('enter_new_password');
$events->add('password_mismatch', __('The passwords are not the same. Please re-enter.', 'YALW'), 'warn');
} else {
// set new password and login
wp_set_password($_POST['YALW_new_password'], Session::get_user_id());
$tmp_error = Handlers::sign_on(Session::get_user_login(), $_POST['YALW_new_password']);
$events->add($tmp_error->get_error_code(), $tmp_error->get_error_message(), Handlers::get_event_type($tmp_error));
}
return $events;
}
