function mongoQuery($config, $request)
{
$result = false;
$mongo_request = array();
if (!isset($request['mode'])) {
$request['mode'] = 'SELECT';
}
if (!isset($request['limit'])) {
$request['limit'] = array(0, 25);
}
if ($GLOBALS['debug'] == true) {
print_r($request);
}
createLog(prettyJson(json_encode($request)));
// Execute Mongo query:
if (isset($request)) {
$result = mongoExecute($config, $request);
// print_r($mongo_result);
} else {
$result = array('query' => null, 'result' => array('records' => array(0 => null), 'response' => array(0 => array('error' => 'ERROR - incorrect array supplied'))));
}
// Print query output to command line:
if ($GLOBALS['debug']) {
echo chr(10) . 'Mongo DB============================================================================================' . chr(10) . $result['query'] . chr(10) . chr(10);
print_r($result['result']);
echo chr(10) . chr(10);
echo '====================================================================================================' . chr(10);
}
return $result;
}
<?php
$conn = sqlConnectDefault();
if (is_null($conn)) {
$statusMessage = makeStatusMessage(1, "error");
return;
}
$user = getUser($conn);
if (empty($user)) {
$log = createLog("", "", "", $id);
} else {
$log = createLog("", "", "", $id, "");
}
$selQ = new selectSQL($conn);
$selQ->select = array("catid");
$selQ->tableNames = array("products");
$selQ->where = "promo != '0'";
if (!$selQ->executeQuery()) {
$statusMessage = $selQ->status;
mysqli_close($conn);
return;
}
if ($selQ->getNumberOfResults() == 0) {
$statusMessage = makeStatusMessage(52, "error");
mysqli_close($conn);
return;
}
$tmp = $selQ->result->fetch_assoc();
$catid = $tmp['catid'];
unset($selQ);
$selQ = new selectSQL($conn);
<?php
$conn = sqlConnectDefault();
if (is_null($conn)) {
$statusMessage = makeStatusMessage(1, "error");
return;
}
$user = getUser($conn);
if ($user['access'] != 3) {
$statusMessage = makeStatusMessage(3, "error");
mysqli_close($conn);
return;
}
$log = createLog(1);
// ADD ADMIN LOG
if (isset($_POST['delete']) && isset($_POST['discountid'])) {
$delQ = new deleteSQL($conn);
$delQ->tableName = "discounts";
$delQ->where = "id = " . $conn->real_escape_string($_POST['discountid']);
if (!$delQ->executeQuery()) {
$statusMessage = $delQ->status;
} else {
$statusMessage = makeStatusMessage(46, "success");
}
} else {
if (!(isset($_POST["catid"]) || isset($_POST["prodid"])) || !(isset($_POST['flat']) || isset($_POST['percent']))) {
$discounts = array();
$selQ = new selectSQL($conn);
$selQ->select = array("d.id as `Discount ID`", "userid as `User ID`", "user as User", "flat as `Flat Discount`", "percent as `Percent Discount`", "minprice as `Minumun price for discount`", "categoryid as `Category ID`", "c.name" . $language . " as `Category Name`", "productid as `Product ID`", "p.names" . $language . " as `Product Name`");
$selQ->tableNames = array("discounts as d", "users as u", "categories as c", "products as p");
$selQ->joinTypes = array("LEFT JOIN", "LEFT JOIN", "LEFT JOIN");
<?php
$conn = sqlConnectDefault();
if (is_null($conn)) {
$statusMessage = makeStatusMessage(1, "error");
return;
}
$user = getUser($conn);
if (empty($user)) {
$log = createLog("", "categories");
} else {
$log = createLog("", "categories", "", "", $user['id']);
}
if (!isset($language)) {
$language = $GLOBALS['language'];
}
if (isset($_POST['catid'])) {
$where = "id = '" . $conn->real_escape_string($_POST['catid']) . "'";
} elseif (isset($catid)) {
$where = "id = '" . $catid . "'";
} else {
$where = "parentid IS NULL OR parentid = 0";
}
if (isset($allLangs)) {
require_once 'languageConfig.php';
$data = getCat($where, $conn, null, $langResult);
} else {
$data = getCat($where, $conn, $GLOBALS['language'], null);
}
if (empty($data)) {
$statusMessage = makeStatusMessage(51, "error");
<?php
if (isset($_POST['VerPas']) && !empty($_POST['VerPas'])) {
include 'include/global.php';
include 'include/function.php';
$data = explode(";", $_POST['VerPas']);
$stud_id = $data[0];
$vStamp = $data[1];
$time = $data[2];
$sn = $data[3];
$fingerData = getUserFinger($stud_id);
$device = getDeviceBySn($sn);
$sql1 = "SELECT * FROM student_tbl WHERE stud_id='" . $stud_id . "'";
$result1 = mysql_query($sql1);
$data = mysql_fetch_array($result1);
$stud_fname = $data['stud_fname'];
$salt = md5($sn . $fingerData[0]['finger_data'] . $device[0]['vc'] . $time . $stud_id . $device[0]['vkey']);
if (strtoupper($vStamp) == strtoupper($salt)) {
$log = createLog($stud_fname, $time, $sn);
if ($log == 1) {
echo $base_path . "messages.php?stud_fname={$stud_fname}&time={$time}";
} else {
echo $base_path . "messages.php?msg={$log}";
}
} else {
$msg = "Parameter invalid..";
echo $base_path . "messages.php?msg={$msg}";
}
}
$statusMessage = makeStatusMessage(4, "error");
return;
}
$conn = sqlConnectDefault();
if (is_null($conn)) {
$statusMessage = makeStatusMessage(1, "error");
return;
}
$id = $conn->real_escape_string($_POST['id']);
$user = getUser($conn);
if ($id != $user['id']) {
$statusMessage = makeStatusMessage(3, "error");
mysqli_close($conn);
return;
}
$log = createLog("", "changeUserInfo", "", "", $id);
$selQ = new selectSQL($conn);
$selQ->select = array("u.id as uid", "i.userid as iid");
$selQ->tableNames = array("user_info as i", "users as u");
$selQ->joinTypes = array("RIGHT OUTER JOIN");
$selQ->joins = array("u.id = i.userid");
$selQ->where = "u.id='" . $id . "'";
if (!$selQ->executeQuery()) {
$statusMessage = $selQ->status;
mysqli_close($conn);
return;
}
if ($selQ->getNumberOfResults() > 1) {
$statusMessage = $selQ->status;
mysql_close($conn);
return;
if (!isset($_POST["id"])) {
$statusMessage = makeStatusMessage(4, "error");
return;
}
$conn = sqlConnectDefault();
if (is_null($conn)) {
$statusMessage = makeStatusMessage(1, "error");
return;
}
$catid = $conn->real_escape_string($_POST['id']);
$user = getUser($conn);
if (empty($user)) {
$log = createLog("", "", $catid);
} else {
$log = createLog("", "", $catid, "", $user['id']);
}
$selQ = new selectSQL($conn);
$selQ->select = array("id");
$selQ->tableNames = array("categories");
$selQ->where = "id = '" . $catid . "' AND visible = 1";
if (!$selQ->executeQuery()) {
$statusMessage = $selQ->status;
mysqli_close($conn);
return;
}
if ($selQ->getNumberOfResults() == 0) {
$statusMessage = makeStatusMessage(51, "error");
mysqli_close($conn);
return;
}
function verifica($post, $tipoEnvio = false)
{
global $_retPagSeguroErrNo, $_retPagSeguroErrStr;
if ('array' !== gettype($tipoEnvio)) {
$tipoEnvio = RetornoPagSeguro::_tipoEnvio();
}
$spost = RetornoPagSeguro::_preparaDados($post);
if (!in_array($tipoEnvio[0], array('curl', 'fsocket'))) {
return false;
}
$confirma = false;
if ($tipoEnvio[0] === 'curl') {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $tipoEnvio[1]);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $spost);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$resp = curl_exec($ch);
if (!RetornoPagSeguro::not_null($resp)) {
curl_setopt($ch, CURLOPT_URL, $tipoEnvio[1]);
$resp = curl_exec($ch);
}
curl_close($ch);
$confirma = strcmp($resp, 'VERIFICADO') == 0;
} elseif ($tipoEnvio[0] === 'fsocket') {
if (!$tipoEnvio[2]) {
die("{$_retPagSeguroErrStr} ({$_retPagSeguroErrNo})");
} else {
$cabecalho = "POST {$tipoEnvio[1]} HTTP/1.0\r\n";
$cabecalho .= "Content-Type: application/x-www-form-urlencoded\r\n";
$cabecalho .= "Content-Length: " . strlen($spost) . "\r\n\r\n";
$resp = '';
fwrite($tipoEnvio[2], "{$cabecalho}{$spost}");
while (!feof($tipoEnvio[2])) {
$resp = fgets($tipoEnvio[2], 1024);
if (strcmp($resp, 'VERIFICADO') == 0) {
$confirma = strcmp($resp, 'VERIFICADO') == 0;
$confirma = true;
break;
}
}
fclose($tipoEnvio[2]);
}
}
if ($confirma && function_exists('retorno_automatico')) {
$itens = array('VendedorEmail', 'TransacaoID', 'Referencia', 'TipoFrete', 'ValorFrete', 'Anotacao', 'DataTransacao', 'TipoPagamento', 'StatusTransacao', 'CliNome', 'CliEmail', 'CliEndereco', 'CliNumero', 'CliComplemento', 'CliBairro', 'CliCidade', 'CliEstado', 'CliCEP', 'CliTelefone', 'NumItens');
foreach ($itens as $item) {
if (!isset($post[$item])) {
$post[$item] = '';
}
if ($item == 'ValorFrete') {
$post[$item] = str_replace(',', '.', $post[$item]);
}
}
$produtos = array();
for ($i = 1; isset($post["ProdID_{$i}"]); $i++) {
$produtos[] = array('ProdID' => $post["ProdID_{$i}"], 'ProdDescricao' => $post["ProdDescricao_{$i}"], 'ProdValor' => (double) str_replace(',', '.', $post["ProdValor_{$i}"]), 'ProdQuantidade' => $post["ProdQuantidade_{$i}"], 'ProdFrete' => (double) str_replace(',', '.', $post["ProdFrete_{$i}"]), 'ProdExtras' => (double) str_replace(',', '.', $post["ProdExtras_{$i}"]));
}
retorno_automatico($post['VendedorEmail'], $post['TransacaoID'], $post['Referencia'], $post['TipoFrete'], $post['ValorFrete'], $post['Anotacao'], $post['DataTransacao'], $post['TipoPagamento'], $post['StatusTransacao'], $post['CliNome'], $post['CliEmail'], $post['CliEndereco'], $post['CliNumero'], $post['CliComplemento'], $post['CliBairro'], $post['CliCidade'], $post['CliEstado'], $post['CliCEP'], $post['CliTelefone'], $produtos, $post['NumItens']);
}
if (function_exists('createLog')) {
createLog($confirma);
}
return $confirma;
}
if (!unlink($pathtologs . $pfileprev)) {
$data = chr(60) . "?php\n" . chr(47) . "* e107 website system: Log file: " . date("z:Y", time()) . " *" . chr(47) . "\n\n\n\n" . chr(47) . "* THE INFORMATION IN THIS LOG FILE HAS BEEN CONSOLIDATED INTO THE DATABASE - YOU CAN SAFELY DELETE IT. *" . chr(47) . "\n\n\n?" . chr(62);
if ($handle = fopen($pathtologs . $pfileprev, 'w')) {
fwrite($handle, $data);
}
fclose($handle);
}
if (!unlink($pathtologs . $ifileprev)) {
$data = chr(60) . "?php\n" . chr(47) . "* e107 website system: Log file: " . date("z:Y", time()) . " *" . chr(47) . "\n\n\n\n" . chr(47) . "* THE INFORMATION IN THIS LOG INFO FILE HAS BEEN CONSOLIDATED INTO THE DATABASE - YOU CAN SAFELY DELETE IT. *" . chr(47) . "\n\n\n?" . chr(62);
if ($handle = fopen($pathtologs . $ifileprev, 'w')) {
fwrite($handle, $data);
}
fclose($handle);
}
/* and finally, we need to create new logfiles for today ... */
createLog($pathtologs);
/* done! */
function createLog($pathtologs)
{
global $statTotal, $statUnique, $pfile, $ifile;
if (!is_writable($pathtologs)) {
echo "Log directory is not writable - please CHMOD " . e_LOG . " to 777";
echo '<br />Path to logs: ' . $pathtologs;
return FALSE;
}
$varStart = chr(36);
$quote = chr(34);
$data = chr(60) . "?php\n" . chr(47) . "* e107 website system: Log file: " . date("z:Y", time()) . " *" . chr(47) . "\n\n" . $varStart . "refererData = " . $quote . $quote . ";\n" . $varStart . "ipAddresses = " . $quote . $quote . ";\n" . $varStart . "hosts = " . $quote . $quote . ";\n" . $varStart . "siteTotal = " . $quote . "0" . $quote . ";\n" . $varStart . "siteUnique = " . $quote . "0" . $quote . ";\n" . $varStart . "screenInfo = array();\n" . $varStart . "browserInfo = array();\n" . $varStart . "osInfo = array();\n" . $varStart . "pageInfo = array(\n";
$data .= "\n);\n\n?" . chr(62);
if (!touch($pathtologs . $pfile)) {
return FALSE;
$statusMessage = makeStatusMessage(4, "error");
return;
}
$conn = sqlConnectDefault();
if (is_null($conn)) {
$statusMessage = makeStatusMessage(1, "error");
return;
}
$userid = $conn->real_escape_string($_POST['userid']);
$user = getUser($conn);
if ($user['id'] != $userid) {
$statusMessage = makeStatusMessage(3, "error");
mysqli_close($conn);
return;
}
$log = createLog("", "order", "", "", $userid);
require_once 'orderConfig.php';
$nameLang = array("EN" => "Product", "BG" => "Продукт");
$priceLang = array("EN" => "Price", "BG" => "Цена");
$prodids = array();
$prodQuantity = array();
foreach ($_POST['products'] as $pid => $q) {
$pid = $conn->real_escape_string($pid);
$prodids[] = $pid;
if (!is_int($q) || $q < 1) {
$q = 1;
}
$prodQuantity[$pid] = $q;
}
$selQ = new selectSQL($conn);
$selQ->distinct = true;
function processCheckIn($rfid)
{
$errors = 0;
$processCheckInMessage = "";
$rfid = testInput($rfid);
$date = date('Y-m-d H:i:s');
if (getMemberInfoByRFID($rfid, 'k.serial')["serial"] != null) {
if (getMemberInfoByRFID($rfid, "c.active")["active"] == 0) {
// check if user is active
if (!createLog(getMemberInfoByRFID($rfid, "c.cid")["cid"], $date)) {
// create a log with the current date
$errors = 1;
$processCheckInMessage .= 'Could not create a new log in the database!';
die;
} else {
if (!updateContactCheckinStatus($date, getMemberInfoByRFID($rfid, "c.cid")["cid"], 1)) {
// update user table, set active to 1 and insert last checkin time
$errors = 1;
$processCheckInMessage .= 'Could not update member status when checking in!';
die;
} else {
$processCheckInMessage .= "Checkin successful!";
}
}
} else {
if (!updateContactCheckinStatus($date, getMemberInfoByRFID($rfid, "c.cid")["cid"], 0)) {
// update user table, set active to 0 and insert last checkout time
$errors = 1;
$processCheckInMessage .= 'Could not update member status when checking out!';
die;
} else {
if (!updateLog(getMemberInfoByRFID($rfid, "c.cid")["cid"], $date, getMemberInfoByRFID($rfid, "c.last_checkin_time")["last_checkin_time"])) {
// close log, insert checkout time (current date time)
$errors = 1;
$processCheckInMessage .= 'Could not close the log for user check out!';
die;
} else {
$processCheckInMessage .= "Checkout successful!";
}
}
}
} else {
$errors = 1;
$processCheckInMessage .= "RFID key not found in the database!";
}
if ($errors == 1) {
$processCheckInMessage = 'ERROR: ' . $processCheckInMessage;
// in case there are errors, add 'ERROR: ' at the beginning of a status message.
$response['hasErrors'] = $errors;
$response['message'] = $processCheckInMessage;
} else {
$response['hasErrors'] = $errors;
$response['message'] = $processCheckInMessage;
$response['firstName'] = getMemberInfoByRFID($rfid, 'c.firstName')["firstName"];
$response['lastName'] = getMemberInfoByRFID($rfid, 'c.lastName')["lastName"];
$response['lastCheckInTime'] = getMemberInfoByRFID($rfid, 'c.last_checkin_time')["last_checkin_time"];
$response['lastCheckOutTime'] = getMemberInfoByRFID($rfid, 'c.last_checkout_time')["last_checkout_time"];
}
return $response;
}
}
if (isset($_POST["userid"])) {
$userid = $conn->real_escape_string($_POST['userid']);
}
$user = getUser($conn);
if ($user['access'] == 3) {
$adminCheck = 1;
$log = createLog(1);
// ADD ADMIN LOG
} else {
if ($user['id'] != $userid) {
$statusMessage = makeStatusMessage(3, "error");
mysqli_close($conn);
return;
} else {
$log = createLog("", "history", "", "", $userid);
}
}
require_once 'orderConfig.php';
$selQ = new selectSQL($conn);
$selQ->tableNames = array("orders as o");
$selQ->select = array("o.id as " . $oid[$language], "o.payment as " . $payment[$language], "o.date as " . $date[$language], "o.status as " . $status[$language], "o.address as " . $address[$language], "o.totalprice as" . $totalPrice[$language]);
if ($adminCheck) {
$selQ->select[] = "o.ip as " . $ip[$language];
}
$selQ->select[] = "u.id as " . $uid[$language];
$selQ->select[] = "u.user as " . $user[$language];
$selQ->tableNames[] = "users as u";
$selQ->joins = array("o.userid = u.id");
$selQ->joinTypes = array("JOIN");
if (isset($userid)) {
function esQuery($config, $request, $report)
{
$query = array();
$method = '';
$url = '';
$result = false;
$es_query = array();
if (!isset($request['mode'])) {
$request['mode'] = 'SELECT';
}
/*
if(strstr($request['mode'], 'SELECT') == true) {
if(!isset($request['order'])) {
$request['order'] = array('id' => 'asc');
}
}
*/
if ($GLOBALS['debug'] == true) {
print_r($request);
}
createLog(prettyJson(json_encode($request)));
$query_build = $request;
unset($query_build['db'], $query_build['route'], $query_build['mode'], $query_build['items']);
foreach ($query_build as $function => $arg) {
if (!empty($arg)) {
$es_query = call_user_func_array('es' . ucfirst($function), array($es_query, $arg));
}
}
// print_r($es_query);
switch ($request['mode']) {
case 'SELECT':
case 'SELECT COUNT':
$method = 'POST';
$query = array($es_query);
$url = $config['server'] . $request['route'] . '/_search?';
break;
case 'UPDATE':
break;
case 'CREATE':
$method = 'POST';
$query = $request['items'];
$url = $config['server'] . $request['route'];
// createLog(json_encode($request));
break;
case 'DELETE':
$method = 'DELETE';
$query = $request['items'];
$url = $config['server'] . $request['route'];
break;
case 'DROP':
$method = 'DELETE';
$query = array(true);
$url = $config['server'] . $request['route'];
break;
}
if (!empty($query)) {
$es_result = esExecute($request['mode'], $method, $url, $query);
// print_r($es_result);
} else {
$es_result = array('query' => null, 'result' => array('records' => array(0 => null), 'response' => array(0 => array('error' => 'ERROR - query is null'))));
}
// Print query output to command line:
if ($GLOBALS['debug'] and $report == true) {
echo chr(10) . 'ElasticSearch=======================================================================================';
// echo chr(10).$es_result['query'].chr(10).chr(10);
print_r($es_result['result']);
echo '====================================================================================================' . chr(10);
}
return array('result' => $es_result['result'], 'query' => $query);
}
if (is_null($conn)) {
$statusMessage = makeStatusMessage(1, "error");
return;
}
if (empty($_POST['userid'])) {
$statusMessage = makeStatusMessage(4, "error");
return;
}
$userid = $conn->real_escape_string($_POST['userid']);
$user = getUser($conn);
if ($user['id'] != $userid) {
$statusMessage = makeStatusMessage(3, "error");
mysqli_close($conn);
return;
}
$log = createLog("", "favorites", "", "", $userid);
if (isset($_POST['add']) && (!empty($_POST['productid']) || !empty($_POST['categoryid']))) {
$fieldArr = array("userid", "productid", "categoryid");
$insQ = new insertSQL($conn);
$insQ->insertData = array();
foreach ($fieldArr as $f) {
if (!empty($_POST[$f])) {
$insQ->insertData[] = $conn->real_escape_string($_POST[$f]);
$insQ->cols[] = $f;
}
}
$insQ->tableName = "favorites";
if (!$insQ->executeQuery()) {
$statusMessage = $insQ->status;
mysqli_close($conn);
return;
function dbRequest($request, $report)
{
$dbs = array('es' => 'elasticsearch', 'mongo' => 'mongodb', 'mysql' => 'mysql');
$message = array(chr(10) . date("Y-m-d H:i:s"));
$message[3] = '==============================================================================================';
$message[4] = chr(10);
// print_r($request);
if (!empty($request['db']) and isset($dbs[$request['db']])) {
$db = $dbs[$request['db']];
$db_config = yaml_parse_file('config/database.yml');
// print_r($db_config);
require_once 'vendor/' . $db . '/functions.php';
$db_result = call_user_func_array($request['db'] . 'Query', array($db_config[$db], $request, $report));
if ($report == true) {
$message[1] = $dbs[$request['db']] . '=================================================================================';
$message[2] = preg_replace('@"|\\\\@', '', prettyJson(json_encode($db_result['result'])));
} else {
$message = array();
}
} else {
$message[2] = 'ERROR - no database criteria supplied';
}
ksort($message);
createLog(implode(chr(10), $message));
return $db_result;
}
<?php
use Faid\DB;
use Faid\DBSimple;
use Extasy\Audit\Record;
use Extasy\Audit\Log;
DB::post('TRUNCATE audit_logs');
DB::post('TRUNCATE audit_records');
//
$sql = 'select distinct category from cms_log order by category asc';
$data = DB::query($sql);
foreach ($data as $row) {
$log = createLog($row);
importMessages($log, $row['category']);
}
function createLog($row)
{
$log = new Log();
$log->name = 'Developer.' . $row['category'];
$log->enable_logging = true;
if (CMSLog::RuntimeErrors == $row['category']) {
$log->critical = true;
}
$log->insert();
return $log;
}
function importMessages($log, $category)
{
$data = selectMessages($category);
foreach ($data as $record) {
Record::add($log->name, $record['message'], $record['message']);
<?php
if (isset($_POST['VerPas']) && !empty($_POST['VerPas'])) {
include 'include/global.php';
include 'include/function.php';
$data = explode(";", $_POST['VerPas']);
$user_id = $data[0];
$vStamp = $data[1];
$time = $data[2];
$sn = $data[3];
$fingerData = getUserFinger($user_id);
$device = getDeviceBySn($sn);
$sql1 = "SELECT * FROM demo_user WHERE user_id='" . $user_id . "'";
$result1 = mysql_query($sql1);
$data = mysql_fetch_array($result1);
$user_name = $data['user_name'];
$salt = md5($sn . $fingerData[0]['finger_data'] . $device[0]['vc'] . $time . $user_id . $device[0]['vkey']);
if (strtoupper($vStamp) == strtoupper($salt)) {
$log = createLog($user_name, $time, $sn);
if ($log == 1) {
echo $base_path . "messages.php?user_name={$user_name}&time={$time}";
} else {
echo $base_path . "messages.php?msg={$log}";
}
} else {
$msg = "Parameter invalid..";
echo $base_path . "messages.php?msg={$msg}";
}
}
<?php
// AUTHENTXICATION controller //
// $_POST = array('url-path' => '/', 'user' => 'ucm-publisher', 'pass' => 'D1sc0veR1es');
if (!empty($_POST)) {
createLog(implode(',', $_POST));
$user = array();
// Check for username entry:
if (isset($_POST['user'])) {
// Get user accounts from model:
$criteria['filter'] = array('username' => $_POST['user']);
require loadMVC('model', 'authentication');
// Validate username against user account:
if (!empty($model['result']['records'])) {
foreach ($model['result']['records'] as $user_id => $user) {
}
// print_r($user);
// Validate password against user account
if ($user['password'] === crypt($_POST['pass'], $user['password'])) {
// Set cookie if validated:
setcookie($config['authentication']['cookie_name'], session_id() . '-' . $user_id . '-' . $user['username'], time() + 3600, "/");
$response['status'] = 'success';
} else {
$response['status'] = 'failed';
}
} else {
$response['status'] = 'failed';
}
} else {
$response['status'] = 'failed';
}
