function logon_perform()
{
// Check to see if the user is logging in as a guest or a normal user.
if (isset($_POST['guest_logon'])) {
// Check the Guest account is enabled.
if (!user_guest_enabled()) {
return false;
}
// Initialise Guest user session.
session::start(0);
// Generate new CSRF token
session::refresh_csrf_token();
// Update the visitor log
session::update_visitor_log(0, true);
// Success
return true;
} else {
if (isset($_POST['user_logon']) && isset($_POST['user_password'])) {
// Extract the submitted username
$user_logon = $_POST['user_logon'];
// Extract the submitted password
$user_password = $_POST['user_password'];
// Try and login the user.
if (($uid = user_logon($user_logon, $user_password)) !== false) {
// Initialise a user session.
session::start($uid);
// Generate new CSRF token
session::refresh_csrf_token();
// Update User's last forum visit
forum_update_last_visit($uid);
// Update the visitor log
session::update_visitor_log($uid, true);
// Check if we should save a token to allow auto logon,
if (isset($_POST['user_remember']) && $_POST['user_remember'] == 'Y') {
// Get a token for the entered password.
$user_token = user_generate_token($uid);
// Set a cookie with the logon and the token.
html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS);
html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS);
} else {
// Remove the cookie.
html_set_cookie('user_logon', '', time() - YEAR_IN_SECONDS);
html_set_cookie('user_token', '', time() - YEAR_IN_SECONDS);
}
// Success
return true;
}
}
}
// Failed
return false;
}
function logon_perform()
{
$webtag = get_webtag();
// Check to see if the user is logging in as a guest or a normal user.
if (isset($_POST['guest_logon'])) {
// Check the Guest account is enabled.
if (!user_guest_enabled()) {
return false;
}
// Initialise Guest user session.
session::create(0);
// Success
return true;
} else {
if (isset($_POST['user_logon']) && isset($_POST['user_password'])) {
// Extract the submitted username
$user_logon = $_POST['user_logon'];
// Extract the submitted password
$user_password = $_POST['user_password'];
// Try and login the user.
if ($uid = user_logon($user_logon, $user_password)) {
// Initialise a user session.
session::create($uid);
// Check if we should save a token to allow auto logon,
if (isset($_POST['user_remember']) && $_POST['user_remember'] == 'Y') {
// Get a token for the entered password.
$user_token = user_generate_token($uid);
// Set a cookie with the logon and the token.
html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS);
html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS);
} else {
// Remove the cookie.
html_set_cookie('user_logon', '', time() - YEAR_IN_SECONDS);
html_set_cookie('user_token', '', time() - YEAR_IN_SECONDS);
}
// Success
return true;
}
}
}
// Failed
return false;
}
<?php
session_start();
include 'Services/Twilio.php';
include 'config.php';
include "functions.php";
$username = cleanVar('username');
$password = cleanVar('password');
$phoneNum = cleanVar('phone_number');
if (isset($_POST['action'])) {
if (isset($_POST['username']) && isset($_POST['phone_number'])) {
$message = user_generate_token($username, $phoneNum);
} else {
if (isset($_POST['username']) && isset($_POST['password'])) {
$message = user_login($username, $password);
}
}
header("Location: two-factor-voice.php?message=" . urlencode($message));
exit;
}
?>
<html>
<body>
<p>Please enter a username, and a phone number you can be reached at, we will then call you with your one-time password</p>
<span id="message">
<?php
echo cleanVar('message');
$action = isset($_SESSION['password']) ? 'login' : 'token';
?>
</span>
<form id="reset-form" method="POST" class="center">
<?php
session_start();
include 'Services/Twilio.php';
include 'config.php';
include 'functions.php';
$username = cleanVar('username');
$password = cleanVar('password');
$phoneNum = cleanVar('phone_number');
if (isset($_POST['action'])) {
if (isset($_POST['username']) && isset($_POST['phone_number'])) {
$message = user_generate_token($username, $phoneNum, 'calls');
} else {
if (isset($_POST['username']) && isset($_POST['password'])) {
$message = user_login($username, $password);
}
}
header("Location: two-factor-voice.php?message=" . urlencode($message));
exit;
}
?>
<html>
<body>
<p>Please enter a username, and a phone number you can be
reached at, we will then call you with your one-time
password</p>
<span id="message">
<?php
echo cleanVar('message');
$action = isset($_SESSION['password']) ? 'login' : 'token';
?>