/**
* checks if the user is logged in
*
* @return true if there's a valid login, otherwise false
*/
static function check_login()
{
$return = FALSE;
if (isset($_SESSION[CFG_SESSION]['login'])) {
if ($_SESSION[CFG_SESSION]['login']['GENNUMBER'] != '' && $_SESSION[CFG_SESSION]['login']['PASSWORD'] != '') {
$return = session::login($_SESSION[CFG_SESSION]['login']['GENNUMBER'], $_SESSION[CFG_SESSION]['login']['PASSWORD']) == 'ok';
}
}
return $return;
}
}
// Handle logins
if (isset($_GET['login'])) {
if ($_GET['login'] == "guest" && $enable_guest_mode == 1) {
$_SESSION['guest'] = 1;
}
if ($_GET['login'] == "guest" && $enable_guest_mode != 1) {
$_SESSION['guest'] = 0;
}
if ($enable_user_login != 1) {
$login = $_POST['login'];
$password = $_POST['password'];
logSQL("POSSIBLE HACK ATTEMPT. Person was from IP: '" . getIP() . "'. and used Username: '******' Password: '******'.");
$_SESSION['error'] = 1;
} else {
session::login($_POST['login'], $_POST['password']);
}
header('Location: index.php');
exit;
}
// Verify user is logged in
if (session::logged_in() != TRUE) {
$body = new Template("templates/login.tmpl.php");
$error = isset($_SESSION['error']) ? 1 : 0;
$body->set('enable_guest_mode', $enable_guest_mode);
$body->set('enable_user_login', $enable_user_login);
$body->set('error', $error);
$body->set('login', $login);
$body->set('password', $password);
$tmpl->set('body', $body);
echo $tmpl->fetch('templates/index.tmpl.php');
$return = "";
//------------- register ------------------
if (isset($_POST["email"])) {
require_once getenv("DOCUMENT_ROOT") . '/framework/person/persons.class.php';
$user = $_POST["UserName"];
$pass = $_POST["md5Pass"];
$return = session::register($user, $pass);
if ($return === true) {
$result = session::login($user, $pass);
header("location: index.php");
}
} else {
if (isset($_POST["UserName"])) {
$user = $_POST["UserName"];
$pass = $_POST["md5Pass"];
$result = session::login($user, $pass);
if ($result !== true) {
echo $return;
$return = $result;
} else {
unset($_SESSION['USER']["framework"]);
$_SESSION['USER']["portal"] = true;
header("location: index.php");
die;
}
} else {
if (isset($_REQUEST["forgetStep1"])) {
if (!empty($_POST["ForgetUserName"])) {
echo session::getEmail($_POST["ForgetUserName"], true);
die;
}
