if (isset($path_info[1]) && ($tmp_page = clean_input($path_info[1], array("trim")))) {
$PAGE_URL = $tmp_page;
}
}
$query = "\tSELECT a.`community_protected`, b.`allow_public_view`\n FROM `communities` AS a\n LEFT JOIN `community_pages` AS b\n ON b.`community_id` = a.`community_id`\n WHERE `community_url` = " . $db->qstr($COMMUNITY_URL) . "\n AND `page_url` = " . $db->qstr(isset($PAGE_URL) && $PAGE_URL ? $PAGE_URL : "");
$page_permissions = $db->GetRow($query);
$PAGE_PROTECTED = isset($page_permissions) && $page_permissions && ($page_permissions["community_protected"] == 1 || $page_permissions["allow_public_view"] == 0) ? true : false;
if (!$LOGGED_IN && (isset($_GET["auth"]) && $_GET["auth"] == "true")) {
if (!isset($_SERVER["PHP_AUTH_USER"])) {
http_authenticate();
} else {
require_once "Entrada/authentication/authentication.class.php";
$username = clean_input($_SERVER["PHP_AUTH_USER"], "credentials");
$password = clean_input($_SERVER["PHP_AUTH_PW"], "trim");
$auth = new AuthSystem(defined("AUTH_DEVELOPMENT") && AUTH_DEVELOPMENT != "" ? AUTH_DEVELOPMENT : AUTH_PRODUCTION);
$auth->setAppAuthentication(AUTH_APP_ID, AUTH_USERNAME, AUTH_PASSWORD);
$auth->setEncryption(AUTH_ENCRYPTION_METHOD);
$auth->setUserAuthentication($username, $password, AUTH_METHOD);
$result = $auth->Authenticate(array("id", "firstname", "lastname", "email", "role", "group", "username", "prefix" . "telephone", "expires", "lastlogin", "privacy_level"));
$ERROR = 0;
if ($result["STATUS"] == "success") {
if ($result["ACCESS_STARTS"] && $result["ACCESS_STARTS"] > time()) {
$ERROR++;
application_log("error", "User[" . $username . "] tried to access account prior to activation date.");
} elseif ($result["ACCESS_EXPIRES"] && $result["ACCESS_EXPIRES"] < time()) {
$ERROR++;
application_log("error", "User[" . $username . "] tried to access account after expiration date.");
} else {
// If $ENTRADA_USER was previously initialized in init.inc.php before the
// session was authorized it is set to false and needs to be re-initialized.
if ($ENTRADA_USER == false) {
<?php
ob_start();
function getmicrotime()
{
list($usec, $sec) = explode(" ", microtime());
return (double) $usec + (double) $sec;
}
if ($_POST) {
// header ("Content-type: text/xml");
require_once dirname(__FILE__) . "/classes/authentication.class.php";
$auth = new AuthSystem();
$auth->setAppAuthentication($_POST["app_id"], $_POST["script_id"], $_POST["script_pass"]);
$auth->setUserAuthentication($_POST["username"], $_POST["password"]);
$result = $auth->Authenticate($_POST["requested_info"]);
if ($result["STATUS"] == "success") {
$auth->updateLastLogin();
$auth->updateData($_POST["update_fields"]);
}
echo "<pre>";
print_r($result);
echo "</pre>";
} else {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Testing Authentication Class</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
