Beispiel #1
0
 /**
  * Turns out I use this a couple times so let's make it a utility function
  * Authenticates a user based on the contents of the login and password parameters
  * or makes them anonymous. Does not set any cookies or anything permanent.
  */
 private function authenticate_user()
 {
     global $config, $user;
     if (isset($_REQUEST['login']) && isset($_REQUEST['password'])) {
         // Get this user from the db, if it fails the user becomes anonymous
         // Code borrowed from /ext/user
         $name = $_REQUEST['login'];
         $pass = $_REQUEST['password'];
         $duser = User::by_name_and_pass($name, $pass);
         if (!is_null($duser)) {
             $user = $duser;
         } else {
             $user = User::by_id($config->get_int("anon_id", 0));
         }
     }
 }
Beispiel #2
0
 /**
  * @param Page $page
  */
 private function login(Page $page)
 {
     global $config, $user;
     $name = $_POST['user'];
     $pass = $_POST['pass'];
     if (empty($name) || empty($pass)) {
         $this->theme->display_error(400, "Error", "Username or password left blank");
         return;
     }
     $duser = User::by_name_and_pass($name, $pass);
     if (!is_null($duser)) {
         $user = $duser;
         $this->set_login_cookie($duser->name, $pass);
         log_info("user", "{$user->class->name} logged in");
         $page->set_mode("redirect");
         // Try returning to previous page
         if ($config->get_int("user_loginshowprofile", 0) == 0 && isset($_SERVER['HTTP_REFERER']) && strstr($_SERVER['HTTP_REFERER'], "post/")) {
             $page->set_redirect($_SERVER['HTTP_REFERER']);
         } else {
             $page->set_redirect(make_link("user"));
         }
     } else {
         log_warning("user", "Failed to log in as " . html_escape($name));
         $this->theme->display_error(401, "Error", "No user with those details was found");
     }
 }