public static function login($username, $password, $language) { if ($username and $password) { $auth = new Auth(); if ($auth->login($username, $password) == true) { $session_id = $auth->get_session_id(); $session = new Session($session_id); $user = new User($session->get_user_id()); $regional = new Regional($session->get_user_id()); if (is_numeric($language)) { $session->write_value("LANGUAGE", $language); } else { $session->write_value("LANGUAGE", $regional->get_language_id()); } if ($user->get_boolean_user_entry("user_locked") == false) { return "index.php?username="******"&session_id=" . $session_id; } else { return 0; } } else { return 0; } } else { return 0; } }
/** * Initalisation of IO Controller */ public function init() { global $session, $user, $regional; if (!isset($GLOBALS['fatal_error'])) { if ($_GET['session_id']) { try { $session = new Session($_GET['session_id']); $user = new User($session->get_user_id()); $regional = new Regional(); } catch (UserException $e) { $GLOBALS['fatal_error'] = "User initialisation failed!"; } } else { $session = new Session(null); $user = null; } } require_once "modules/content_handler.php"; require_once "modules/base/common/io/common.io.php"; require_once "modules/base/common/io/error.io.php"; require_once "modules/base/common/io/list.io.php"; if ($this->type == "io") { require_once "modules/base/common/io/tab.io.php"; ContentHandler_IO::io(); } elseif ($this->type == "ajax") { require_once "modules/base/common/io/list_request.io.php"; ContentHandler_IO::ajax(); } }
require_once "core/include/base/system/events/delete_event.class.php"; require_once "core/include/base/system/system_handler.class.php"; require_once "core/include/base/security/security.class.php"; require_once "core/include/base/security/session.class.php"; require_once "core/include/base/system/autoload.function.php"; SystemConfig::load_module_config(); if ($_GET['session_id'] and $_GET['file_id']) { $transaction = new Transaction(); try { $system_handler = new SystemHandler(false); } catch (Exception $e) { die("Exception"); } Security::protect_session(); $session = new Session($_GET['session_id']); $user = new User($session->get_user_id()); $session_valid_array = $session->is_valid(); if ($session_valid_array[0] === true) { try { $image_cache = new ImageCache($_GET['file_id']); } catch (Exception $e) { die("Exception"); } if ($_GET['max_width']) { $image_cache->set_max_width($_GET['max_width']); } if ($_GET['max_height']) { $image_cache->set_max_height($_GET['max_height']); } if ($_GET['width']) { $file_path = constant("BASE_DIR") . "/filesystem/temp/" . $image_cache->get_image($_GET['width']);
/** * reset the password and sign the user on * * The user has entered his or her new password. It should be entered * twice -- just in case... * If both entries match, the new password is stored in the database and * the user is logged in. * * @return WP_Error event if password could not be reset or user could not be signed on */ public static function handle_reset_password() { // Prevent Cross-Site-Request-Forgery if (!Handlers::is_nonce_ok('new_password_form')) { return new \WP_Error('nonce', __('There seems to be a security issue. Please do not continue, but inform us!', 'YALW'), 'error'); } // Prevent user's from obtaining rights of other users if (Handlers::get_retrieval_code(Session::get_user_login()) != $_POST['YALW_code']) { return new \WP_Error('security', __('I\'m sorry, Dave. I\'m afraid I can\'t do that.', 'YALW'), 'error'); } $events = new \WP_Error(); if (empty($_POST['YALW_new_password'])) { // password empty? Session::set_next_widget_task('enter_new_password'); $events->add('password_empty', __('The password cannot be empty.', 'YALW'), 'warn'); } elseif ($_POST['YALW_new_password'] != $_POST['YALW_control_password']) { // password mismatch? Session::set_next_widget_task('enter_new_password'); $events->add('password_mismatch', __('The passwords are not the same. Please re-enter.', 'YALW'), 'warn'); } else { // set new password and login wp_set_password($_POST['YALW_new_password'], Session::get_user_id()); $tmp_error = Handlers::sign_on(Session::get_user_login(), $_POST['YALW_new_password']); $events->add($tmp_error->get_error_code(), $tmp_error->get_error_message(), Handlers::get_event_type($tmp_error)); } return $events; }