/**
* This function is called when a user initially tries to login.
* It will return true if the user successfully logs in or false otherwise.
*
* @param STRING $username
* @param STRING $password
* @param ARRAY $PARAMS
* @return boolean
*/
function login($username, $password, $PARAMS = array())
{
$SESSION['loginAttempts'] = isset($SESSION['loginAttempts']) ? $SESSION['loginAttempts'] + 1 : 1;
unset($GLOBALS['login_error']);
if ($this->loggedIn) {
return $this->loginSuccess;
}
$this->loginSuccess = $this->authController->loginAuthenticate($username, $password, $PARAMS);
$this->loggedIn = true;
if ($this->loginSuccess) {
//Ensure the user is authorized
checkAuthUserStatus();
loginLicense();
// PP 20061207 do not count/ignore the 'Please replace the SugarCRM logos.' error
if (!empty($GLOBALS['login_error']) && $GLOBALS['login_error'] != 'Please replace the SugarCRM logos.') {
session_unregister('authenticated_user_id');
$GLOBALS['log']->fatal('FAILED LOGIN: potential hack attempt');
$this->loginSuccess = false;
return false;
}
$ut = $GLOBALS['current_user']->getPreference('ut');
if (empty($ut) && $_REQUEST['action'] != 'SaveTimezone') {
$GLOBALS['module'] = 'Users';
$GLOBALS['action'] = 'SetTimezone';
ob_clean();
header("Location: index.php?module=Users&action=SetTimezone");
sugar_cleanup(true);
}
} else {
$GLOBALS['log']->fatal('FAILED LOGIN:attempts[' . $SESSION['loginAttempts'] . '] - ' . $username);
}
return $this->loginSuccess;
}
/**
* This function is called when a user initially tries to login.
*
* @param string $username
* @param string $password
* @param array $PARAMS
* @return boolean true if the user successfully logs in or false otherwise.
*/
public function login($username, $password, $PARAMS = array())
{
//kbrill bug #13225
$_SESSION['loginAttempts'] = isset($_SESSION['loginAttempts']) ? $_SESSION['loginAttempts'] + 1 : 1;
unset($GLOBALS['login_error']);
if ($this->loggedIn) {
return $this->loginSuccess;
}
LogicHook::initialize()->call_custom_logic('Users', 'before_login');
$this->loginSuccess = $this->authController->loginAuthenticate($username, $password, false, $PARAMS);
$this->loggedIn = true;
if ($this->loginSuccess) {
//Ensure the user is authorized
checkAuthUserStatus();
loginLicense();
if (!empty($GLOBALS['login_error'])) {
unset($_SESSION['authenticated_user_id']);
$GLOBALS['log']->fatal('FAILED LOGIN: potential hack attempt:' . $GLOBALS['login_error']);
$this->loginSuccess = false;
return false;
}
//call business logic hook
if (isset($GLOBALS['current_user'])) {
$GLOBALS['current_user']->call_custom_logic('after_login');
}
// Check for running Admin Wizard
$config = new Administration();
$config->retrieveSettings();
if (is_admin($GLOBALS['current_user']) && empty($config->settings['system_adminwizard']) && $_REQUEST['action'] != 'AdminWizard') {
$GLOBALS['module'] = 'Configurator';
$GLOBALS['action'] = 'AdminWizard';
ob_clean();
header("Location: index.php?module=Configurator&action=AdminWizard");
sugar_cleanup(true);
}
$ut = $GLOBALS['current_user']->getPreference('ut');
$checkTimeZone = true;
if (is_array($PARAMS) && !empty($PARAMS) && isset($PARAMS['passwordEncrypted'])) {
$checkTimeZone = false;
}
// if
if (empty($ut) && $checkTimeZone && $_REQUEST['action'] != 'SetTimezone' && $_REQUEST['action'] != 'SaveTimezone') {
$GLOBALS['module'] = 'Users';
$GLOBALS['action'] = 'Wizard';
ob_clean();
header("Location: index.php?module=Users&action=Wizard");
sugar_cleanup(true);
}
} else {
//kbrill bug #13225
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
$GLOBALS['log']->fatal('FAILED LOGIN:attempts[' . $_SESSION['loginAttempts'] . '] - ' . $username);
}
// if password has expired, set a session variable
return $this->loginSuccess;
}
function apiCheckLoginStatus()
{
unset($GLOBALS['login_error']);
// Run loginLicense()
loginLicense();
// The other license check codes are handled by apiCheckSystemLicenseStatus
if (!empty($GLOBALS['login_error'])) {
return array('level' => 'admin_only', 'message' => 'ERROR_LICENSE_VALIDATION', 'url' => '#bwc/index.php?action=LicenseSettings&module=Administration');
}
// Force it to recheck the system license on login
unset($_SESSION['LICENSE_EXPIRES_IN']);
return apiCheckSystemStatus();
}
/**
* This function is called when a user initially tries to login.
* It will return true if the user successfully logs in or false otherwise.
*
* @param STRING $username
* @param STRING $password
* @param ARRAY $PARAMS
* @return boolean
*/
function login($username, $password, $PARAMS = array())
{
//kbrill bug #13225
$_SESSION['loginAttempts'] = isset($_fSESSION['loginAttempts']) ? $_SESSION['loginAttempts'] + 1 : 1;
unset($GLOBALS['login_error']);
if ($this->loggedIn) {
return $this->loginSuccess;
}
$this->loginSuccess = $this->authController->loginAuthenticate($username, $password, $PARAMS);
$this->loggedIn = true;
if ($this->loginSuccess) {
//Ensure the user is authorized
checkAuthUserStatus();
loginLicense();
if (!empty($GLOBALS['login_error'])) {
session_unregister('authenticated_user_id');
$GLOBALS['log']->fatal('FAILED LOGIN: potential hack attempt');
$this->loginSuccess = false;
return false;
}
$ut = $GLOBALS['current_user']->getPreference('ut');
if (empty($ut) && $_REQUEST['action'] != 'SaveTimezone') {
$GLOBALS['module'] = 'Users';
$GLOBALS['action'] = 'SetTimezone';
ob_clean();
header("Location: index.php?module=Users&action=SetTimezone");
sugar_cleanup(true);
}
require_once 'modules/Users/expiration.php';
if (($GLOBALS['sugar_config']['passwordsetting']['userexpiration'] > 0 && hasPasswordExpired($username) || $GLOBALS['current_user']->system_generated_password == '1') && $_REQUEST['action'] != 'Save') {
$GLOBALS['module'] = 'Users';
$GLOBALS['action'] = 'ChangePassword';
ob_clean();
header("Location: index.php?module=Users&action=ChangePassword");
$_SESSION['hasExpiredPassword'] = '******';
sugar_cleanup(true);
}
//call business logic hook
if (isset($GLOBALS['current_user'])) {
$GLOBALS['current_user']->call_custom_logic('after_login');
}
} else {
//kbrill bug #13225
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
$GLOBALS['log']->fatal('FAILED LOGIN:attempts[' . $_SESSION['loginAttempts'] . '] - ' . $username);
}
return $this->loginSuccess;
}
