/** * This function performs the logging in. * * What it does: * - It sets the cookie, it call hooks, updates runtime settings for the user. * * @package Authorization */ function doLogin() { global $user_info, $user_settings, $maintenance, $modSettings, $context; // Load authentication stuffs. require_once SUBSDIR . '/Auth.subs.php'; // Call login integration functions. call_integration_hook('integrate_login', array($user_settings['member_name'], isset($_POST['hash_passwrd']) && strlen($_POST['hash_passwrd']) == 64 ? $_POST['hash_passwrd'] : null, $modSettings['cookieTime'])); // Get ready to set the cookie... $user_info['id'] = $user_settings['id_member']; // Bam! Cookie set. A session too, just in case. setLoginCookie(60 * $modSettings['cookieTime'], $user_settings['id_member'], hash('sha256', $user_settings['passwd'] . $user_settings['password_salt'])); // Reset the login threshold. if (isset($_SESSION['failed_login'])) { unset($_SESSION['failed_login']); } $user_info['is_guest'] = false; $user_settings['additional_groups'] = explode(',', $user_settings['additional_groups']); $user_info['is_admin'] = $user_settings['id_group'] == 1 || in_array(1, $user_settings['additional_groups']); // Are you banned? is_not_banned(true); // An administrator, set up the login so they don't have to type it again. if ($user_info['is_admin'] && isset($user_settings['openid_uri']) && empty($user_settings['openid_uri'])) { // Let's validate if they really want.. if (!empty($modSettings['auto_admin_session']) && $modSettings['auto_admin_session'] == 1) { $_SESSION['admin_time'] = time(); } unset($_SESSION['just_registered']); } // Don't stick the language or theme after this point. unset($_SESSION['language'], $_SESSION['id_theme']); // We want to know if this is first login if (isFirstLogin($user_info['id'])) { $_SESSION['first_login'] = true; } else { unset($_SESSION['first_login']); } // You're one of us: need to know all about you now, IP, stuff. $req = request(); // You've logged in, haven't you? updateMemberData($user_info['id'], array('last_login' => time(), 'member_ip' => $user_info['ip'], 'member_ip2' => $req->ban_ip())); // Get rid of the online entry for that old guest.... deleteOnline('ip' . $user_info['ip']); $_SESSION['log_time'] = 0; // Log this entry, only if we have it enabled. if (!empty($modSettings['loginHistoryDays'])) { logLoginHistory($user_info['id'], $user_info['ip'], $user_info['ip2']); } // Just log you back out if it's in maintenance mode and you AREN'T an admin. if (empty($maintenance) || allowedTo('admin_forum')) { redirectexit('action=auth;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']); } else { redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']); } }
function testLogLoginHistory() { logLoginHistory(1, '10.100.10.100', '11.111.100.10'); }