function require_user($auth_type = '')
 {
     if (AUTH::logged_in() == false) {
         if ($auth_type == "toolbar") {
             $_SESSION['toolbar'] = 'true';
         }
         //echo "what";
         die(include_once $_SERVER['DOCUMENT_ROOT'] . '/202-access-denied.php');
     }
     AUTH::set_timezone($_SESSION['user_timezone']);
 }
Beispiel #2
0
 function require_user()
 {
     if (AUTH::logged_in() == false) {
         die(include_once $_SERVER['DOCUMENT_ROOT'] . '/202-access-denied.php');
     }
 }
function memcache_set_user_key($sql)
{
    if (AUTH::logged_in() == true) {
        global $memcache;
        $sql = md5($sql);
        $user_id = $_SESSION['user_id'];
        $getCache = $memcache->get(md5($user_id . systemHash()));
        $queries = explode(",", $getCache);
        if (!in_array($sql, $queries)) {
            $queries[] = $sql;
        }
        $queries = implode(",", $queries);
        $setCache = $memcache->set(md5($user_id, $queries . systemHash()), false);
    }
}
Beispiel #4
0
<?php

include_once $_SERVER['DOCUMENT_ROOT'] . '/202-config/connect.php';
if (AUTH::logged_in()) {
    header('location: /202-Mobile/mini-stats');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $mysql['user_name'] = $db->real_escape_string($_POST['user_name']);
    $user_pass = salt_user_pass($_POST['user_pass']);
    $mysql['user_pass'] = $db->real_escape_string($user_pass);
    //check to see if this user exists
    $user_sql = "\tSELECT \t* \n\t\t\t\t\tFROM \t\t202_users  \n\t\t\t\t \tWHERE \tuser_name='" . $mysql['user_name'] . "'\n\t\t\t\t\tAND     \t\tuser_pass='******'user_pass'] . "'";
    $user_result = _mysqli_query($user_sql);
    $user_row = $user_result->fetch_assoc();
    if (!$user_row) {
        $error['user'] = '******';
    }
    //check tokens
    /* ($_POST['token'] != $_SESSION['token']) {
    		$error['token'] = '<div class="error">You must use theses forms to submit data.</div'; 
    	}*/
    //RECORD THIS USER LOGIN, into user_logs
    $mysql['login_server'] = $db->real_escape_string(serialize($_SERVER));
    $mysql['login_session'] = $db->real_escape_string(serialize($_SESSION));
    $mysql['login_error'] = $db->real_escape_string(serialize($error));
    $mysql['ip_address'] = $db->real_escape_string($_SERVER['REMOTE_ADDR']);
    $mysql['login_time'] = time();
    if ($error) {
        $mysql['login_success'] = 0;
    } else {
        $mysql['login_success'] = 1;