public function login()
 {
     if ($this->administrator_model->isExist(trim($_POST['username']), md5(trim($_POST['password'])))) {
         $this->administrator_model->queryUser_Type(trim($_POST['username']), md5(trim($_POST['password'])));
         if ($this->administrator_model->Account_Type == "Admin") {
             Session::set_user(trim($_POST['username']), md5(trim($_POST['password'])));
             $this->setSession('Admin');
             header('Location: ' . HOST . '/administrator/');
         } else {
             if ($this->administrator_model->Account_Type == "Student" && $this->administrator_model->validation_status == "Confirmed") {
                 Session::set_user(trim($_POST['username']), md5(trim($_POST['password'])));
                 $this->setSession('Student');
                 header('Location: ' . HOST . '/student/');
             } else {
                 if ($this->administrator_model->Account_Type == "Signatory" && $this->administrator_model->validation_status == "Confirmed") {
                     $assign_sign = $this->administrator_model->getAssignSignatory(trim($_POST['username']));
                     Session::set_user(trim($_POST['username']), md5(trim($_POST['password'])));
                     Session::set_assignSignatory(trim($assign_sign));
                     $this->setSession('Signatory');
                     header('Location: ' . HOST . '/signatory/');
                 } else {
                     header('Location: index.php?action=login_error');
                     exit;
                 }
             }
         }
     } else {
         header('Location: index.php?action=login_error');
         exit;
     }
 }
Example #2
0
 public function execute()
 {
     if (Session::get_state() != Session::ST_LIFE) {
         self::set_client_command('refresh', array('url' => 'self'));
         self::set_result(FALSE);
         return;
     }
     $additionally = Buffer::get(Identification_strategy::USER_TYPE) == User::T_ALL ? '' : 'AND `type` = "' . Buffer::get(Identification_strategy::USER_TYPE) . '"';
     $pass_hash_lib = Loader::get_library('pass_hash');
     $captcha_lib = Loader::get_library('captcha');
     $login = db::escape_string($this->login);
     $row = db::row(self::Q_GET_USER_BY_NAME, array('%login' => $login, '%additionally' => $additionally));
     $this->remember = (bool) $this->remember;
     if (empty($row)) {
         Security::set_ip_violation();
         throw new Command_exception(NULL, 'Введённый логин - не существует!');
     }
     if (!$captcha_lib->check($this->captcha)) {
         Security::set_ip_violation();
         throw new Command_exception(NULL, 'Введён неправильный проверочный код!');
     }
     if (!$pass_hash_lib->check_password($row['password'], $this->password)) {
         Security::set_ip_violation();
         throw new Command_exception(NULL, 'Введён неправильный пароль!');
     }
     //SELECT DATA_FREE FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA='db_test' AND TABLE_NAME = 'log_error'
     Session::set_user($row['id'], $this->remember);
     $user = Loader::get_user();
     $secret_key = $user->get_module('secret_key')->regenerate_secret_key();
     self::set_client_command('set_secret_key', array('secretKey' => $secret_key));
     self::set_client_command('refresh', array('url' => 'self'));
 }