}
# get latest version
$fp = fopen('http://agileco.com/Version.txt', "r");
$abv = fread($fp, 255);
fclose($fp);
# get encoding version
require_once 'includes/pear/Compat/Function/file_get_contents.php';
$tmp = file_get_contents(PATH_AGILE . 'index.php');
if (eregi('ioncube', $tmp)) {
$enc = 'ioncube';
} elseif (eregi('zend', $tmp)) {
$enc = 'zend';
} else {
$enc = 'ioncube';
}
# get installed optional modules:
$modules = array('affiliate' => array('affiliate', 'campaign', 'affiliate_commission', 'affiliate_template'), 'charge' => array('charge'), 'db_mapping' => array('db_mapping'), 'email_queue' => array('email_queue'), 'file' => array('file', 'file_category'), 'faq' => array('faq', 'faq_translate', 'faq_category'), 'htaccess' => array('htaccess', 'htaccess_dir', 'htaccess_exclude'), 'import' => array('import'), 'hosting' => array('host_server', 'host_registrar_plugin', 'host_tld'), 'ticket' => array('ticket', 'ticket_department', 'ticket_message'), 'login_share' => array('login_share'), 'static_page' => array('static_page', 'static_page_category', 'static_page_translate'));
foreach ($modules as $name => $m) {
foreach ($m as $module) {
if (empty($avail["{$name}"]) && $list->is_installed($module)) {
$avail["{$name}"] = true;
$module_arr[] = $name;
}
}
}
# set smarty vars
global $smarty;
$smarty->assign('version', $ver);
$smarty->assign('ab_version', $abv);
$smarty->assign('encoding_version', $enc);
$smarty->assign('modules', @$module_arr);
function login($VAR, $md5 = true)
{
global $C_translate, $C_debug;
# check that the username/password are both set
if ($VAR['_username'] == '' || $VAR['_password'] == '') {
$C_debug->alert($C_translate->translate('login_enter_both', '', ''));
return;
}
# md5 the password
if ($md5) {
$pass = md5($VAR['_password']);
} else {
$pass = $VAR['_password'];
}
# check the database for a match
$db =& DB();
$q = "SELECT id,status,username,password,date_expire FROM " . AGILE_DB_PREFIX . "account WHERE\n\t\t\t\tpassword = '******' AND\n\t\t\t\tusername = '******'_username'] . "' AND\n\t\t\t\tsite_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
# get the account id
$id = $result->fields['id'];
# check that their is no lock on this account id or IP address:
if ($this->locked($id)) {
$C_debug->alert($C_translate->translate('login_locked', '', ''));
return;
}
# verify the username/password match.
if ($result->fields['username'] == $VAR['_username']) {
if ($result->fields['password'] !== $VAR['_password'] && $result->fields['password'] != $pass) {
# no match
$C_debug->alert($C_translate->translate('login_pw_failed', '', ''));
# log as a failed login
$this->lock_check($VAR, "0", $id);
return;
}
} else {
# no username match
$C_debug->alert($C_translate->translate('login_un_pw_failed', '', ''));
# reload the login page
$VAR["_page"] = 'account:login';
# log as a failed login
$this->lock_check($VAR, "0", $VAR['_username']);
return;
}
if ($result->fields['date_expire'] == "0" || $result->fields['date_expire'] == "") {
$date_expire = time() + 99;
} else {
$date_expire = $result->fields['date_expire'];
}
# check that it is an active account
if ($result->fields['status'] != "1" || $date_expire <= time()) {
# inactive account
$C_debug->alert($C_translate->translate('login_inactive', '', ''));
# log as failed login
$this->lock_check($VAR, "0", $id);
return;
} else {
# active account - check for password sharing if login_share module is installed
include_once PATH_CORE . 'list.inc.php';
$C_list = new CORE_list();
if ($C_list->is_installed('login_share')) {
include_once PATH_MODULES . 'login_share/login_share.inc.php';
$share = new login_share();
if (!$share->login($id, $VAR['_username'])) {
# shared account alert
$C_debug->alert($C_translate->translate('shared_account', 'login_share', ''));
# log as failed login
$this->lock_check($VAR, "0", $id);
return;
}
}
}
# set the expiry date of the login session
$date_expire = time() + SESSION_EXPIRE * 60;
# update the DB
$db =& DB();
$q = "UPDATE " . AGILE_DB_PREFIX . "session\n\t\t\t\tSET\n\t\t\t\tip= '" . USER_IP . "',\n\t\t\t\tdate_expire = '{$date_expire}',\n\t\t\t\tlogged = '1',\n\t\t\t\taccount_id = '{$id}'\n\t\t\t\tWHERE\n\t\t\t\tid = '" . SESS . "'\n\t\t\t\tAND\n\t\t\t\tsite_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
# delete any old sessions for this account
$db =& DB();
$q = "DELETE FROM " . AGILE_DB_PREFIX . "session WHERE\n\t\t\t\taccount_id = '{$id}' \tAND\n\t\t\t\tid != '" . SESS . "' AND\n\t\t\t\tsite_id = '" . DEFAULT_SITE . "'";
$result = $db->Execute($q);
#return logged in message
$C_debug->alert($C_translate->translate('login_success', '', ''));
# Get the last successful login:
$db =& DB();
$q = "SELECT * FROM " . AGILE_DB_PREFIX . "login_log WHERE\n\t\t\t account_id = " . $db->qstr($id) . " \tAND\n\t\t\t status = " . $db->qstr(1) . " AND\n\t\t\t site_id = " . $db->qstr(DEFAULT_SITE) . "\n\t\t\t ORDER BY date_orig DESC LIMIT 1";
$result = $db->Execute($q);
if ($result->RecordCount() != 0) {
$ip = $result->fields["ip"];
$date = $result->fields["date_orig"];
$date1 = date(UNIX_DATE_FORMAT, $date);
$date1 .= " " . date(DEFAULT_TIME_FORMAT, $date);
$message = $C_translate->translate('login_log_success', '', '');
$message = ereg_replace('%date%', $date1, $message);
$message = ereg_replace('%ip%', $ip, $message);
$C_debug->alert($message);
}
# log the successful login
$this->lock_check($VAR, "1", $id);
####################################################################
### Do any db_mapping
####################################################################
$sql = 'SELECT id FROM ' . AGILE_DB_PREFIX . 'module WHERE
site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND
name = ' . $db->qstr('db_mapping') . ' AND
status = ' . $db->qstr("1");
$result = $db->Execute($sql);
if ($result->RecordCount() > 0) {
include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php';
$db_map = new db_mapping();
$db_map->login($id);
}
}
function dbmap()
{
global $C_list;
if (!is_object($C_list)) {
include_once PATH_CORE . 'list.inc.php';
$C_list = new CORE_list();
}
if ($C_list->is_installed('db_mapping')) {
# Update the db_mapping accounts
include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php';
$db_map = new db_mapping();
$db_map->account_group_sync($this->rs['account_id']);
}
}
