function determine_user_credentials()
{
global $userid, $username;
if ($_POST['login'] === 'Login') {
db_try_to_login($_POST['email'], $_POST['passwd']);
}
$userid = $_SESSION['userid'];
if (strlen($userid) === 0) {
show_login_form();
return FALSE;
} else {
db_users_load($userid);
}
return TRUE;
}
} else {
//if($HTTP_VARS['op'] == 'login')
if (strlen($HTTP_VARS['uid']) > 0 && strlen($HTTP_VARS['passwd']) > 0) {
$result = perform_login($HTTP_VARS);
if ($result === TRUE) {
if (strlen($HTTP_VARS['redirect']) > 0) {
// User tried to get in with an invalid session.
// We've just given her a valid one, so log it
// appropriately and send a redirect to where she
// really wanted to go.
opendb_redirect(urldecode($HTTP_VARS['redirect']));
return;
} else {
opendb_redirect('welcome.php');
return;
}
} else {
if ($result === "SITE_IS_DISABLED") {
opendb_site_disabled(get_opendb_config_var('login', 'show_menu') !== FALSE);
} else {
// $result === FALSE
show_login_form($HTTP_VARS, array('error' => get_opendb_lang_var('login_failure'), details => get_opendb_lang_var('double_check_info')));
}
}
} else {
show_login_form($HTTP_VARS);
}
}
}
// Cleanup after begin.inc.php
require_once "./include/end.inc.php";
function process_login_form()
{
$email = strtolower($_POST['email']);
$passhash = hash_pass($email, $_POST['pass']);
// Check to see if the user/ip is temporarily banned:
// An IP is banned when 10 unsuccessful attempts are made to log in from a single IP/email within 10 minutes,
// regardless of whether any successful attempts were made.
$attempts = DBExt::queryCount('login_attempts', array('successful=0', '(remote_ip=%s OR email=%s)', DBExt::timeInInterval('request_time', '-10m', '')), $_SERVER['REMOTE_ADDR'], $email);
if ($attempts > 10) {
log_attempt($email, false);
alert('You have been temporarily locked out. Please wait 10 minutes before attempting to sign in again.', -1);
show_login_form('');
return;
}
// Check for super-user login:
// (the account LHSMATH and password set in CONFIG
if ($email == 'lhsmath') {
global $LHSMATH_PASSWORD;
if ($passhash == $LHSMATH_PASSWORD) {
// $LHSMATH_PASSWORD is pre-hashed
log_attempt('LHSMATH', true);
session_destroy();
session_name('Session');
session_start();
session_regenerate_id(true);
$_SESSION['user_name'] = 'LHSMATH Super-Admin';
$_SESSION['permissions'] = '+';
$_SESSION['login_time'] = time();
$_SESSION['user_id'] = '-999';
header('Location: ' . URL::root() . '/Admin/Super_Admin');
die;
}
}
// Validate credentials
$id = DB::queryFirstField('SELECT id FROM users WHERE LOWER(email)=%s AND passhash=%s LIMIT 1', $email, $passhash);
if (is_null($id)) {
log_attempt($email, false);
show_login_form($email);
alert('Incorrect email address or password', -1);
return;
}
// ** CREDENTIALS ARE VALIDATED AT THIS POINT ** //
log_attempt($email, true);
set_login_data($id);
alert('Logged in!', 1);
//If this page was being included, redirect back.
global $being_included;
if ($being_included) {
header('Location: ' . $_SERVER['REQUEST_URI']);
} else {
header('Location: ../Home');
}
}
} else {
// the user is not login yet
if (isset($_POST['username']) && isset($_POST['password'])) {
$username = $_POST['username'];
$password = sha1($_POST['password']);
echo "username: "******"<br>";
echo "password: "******"<br>";
// user validation is here
// DATABASE CONNECTION
$CONN = mysqli_connect('LOCALHOST', 'root', '', 'login');
if ($CONN) {
//read the table
$SQL = "SELECT username,password from login\n\t\t\t\t\t\t\t where username='******' AND password='******'";
$TABLE = mysqli_query($CONN, $SQL);
if ($TABLE->num_rows > 0) {
//username is valid
//create COOKIE
// forexample user is valid
// here is code to save cookie
setcookie('USERNAME', $username, time() + 86400, "/");
include "start.php";
}
} else {
die("database server is off / connection fail");
//stop to proceed php code here
}
} else {
// show login form
show_login_form();
}
}
error_reporting(E_ALL);
ini_set('display_errors', '1');
} else {
error_reporting(0);
}
if ($conf['auth_required'] === true) {
session_start();
}
if ($conf['html_headers'] === true) {
echo '<!DOCTYPE html><html><head><meta charset="UTF-8"><title>' . $conf['title'] . '</title><link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css" type="text/css" media="screen" title="Normal" /></head><body><main class="container">';
}
if ($conf['auth_required'] === true) {
check_logout();
$err = check_login();
if (!isset($_SESSION['HenTie_login'])) {
show_login_form($err);
} else {
browser();
}
} else {
browser();
}
if ($conf['html_headers'] === true) {
echo '</main></body></html>';
}
// **********************************************************************
function show_login_form($err)
{
global $conf;
echo '<form method="post" class="form-signin" role="form" style="width: 40%; margin: auto; margin-top: 10%; text-align: center;">' . (empty($conf['logo']) ? '' : '<img src="' . $conf['logo'] . '" style="max-width: 70%;" alt="logo">') . '<h2 class="form-signin-heading">' . $conf['title'] . '</h2>';
if ($err === false) {
function eMember_login_widget()
{
if (!defined('DONOTCACHEPAGE')) {
define('DONOTCACHEPAGE', TRUE);
}
//Cache plugin compatibility. Do not cache the login form.
$emember_config = Emember_Config::getInstance();
$auth = Emember_Auth::getInstance();
$username = $auth->getUserInfo('user_name');
$output = '';
if ($auth->isLoggedIn()) {
$expires = $auth->getUserInfo('account_state');
$subscription_duration = $auth->permitted->subscription_duration;
if ($subscription_duration['type'] == 'noexpire') {
$sub_expires = EMEMBER_NEVER;
} else {
if ($subscription_duration['type'] == 'fixeddate') {
$sub_expires = emember_date_locale(strtotime($subscription_duration['duration']));
} else {
$sub_start = strtotime($auth->getUserInfo('subscription_starts'));
$sub_expires = emember_date_locale(strtotime("+" . $subscription_duration['duration'] . " days ", $sub_start));
}
}
$states = array('active' => EMEMBER_ACTIVE, 'inactive' => EMEMBER_INACTIVE, 'expired' => EMEMBER_EXPIRED, 'pending' => EMEMBER_PENDING, 'unsubscribed' => EMEMBER_UNSUBSCRIBED);
$eMember_secure_rss = $emember_config->getValue('eMember_secure_rss');
$eMember_show_welcome_page_link = $emember_config->getValue('eMember_show_link_to_after_login_page');
$feed_url = get_bloginfo('rss2_url');
//$feed_url = get_bloginfo('url') . '?feed=ememberfeed&key=' . md5($auth->getUserInfo('member_id'));
global $wp_rewrite;
//$nonce = wp_create_nonce('emember-secure-feed-nonce');
if ($wp_rewrite->using_permalinks()) {
$feed_url .= '?emember_feed_key=' . md5($auth->getUserInfo('member_id'));
} else {
$feed_url .= '&emember_feed_key=' . md5($auth->getUserInfo('member_id'));
}
$logout = get_logout_url();
$output .= '<div class="eMember_logged_widget">';
$output .= '<div class="eMember_logged_user_info_section">';
$output .= '<div class="eMember_logged_in_as">' . EMEMBER_LOGGED_IN_AS;
$output .= '<label class="eMember_highlight">' . $username . '</label></div>';
$output .= '<div class="eMember_logged_in_level">' . EMEMBER_LOGGED_IN_LEVEL;
$output .= '<label class="eMember_highlight">' . $auth->permitted->primary_level->get('alias') . '</label></div>';
$output .= '<div class="eMember_logged_in_account_status">' . EMEMBER_ACCOUNT_STATUS . " ";
$output .= '<label class="eMember_highlight">' . $states[$auth->getUserInfo('account_state')] . '</label></div>';
$output .= '<div class="eMember_logged_user_expiry">';
if ($expires != 'expired') {
$output .= EMEMBER_ACCOUNT_EXPIRES_ON . " ";
$output .= '<label class="eMember_highlight">' . $sub_expires . '</label>';
} else {
$renew_url = $emember_config->getValue('eMember_account_upgrade_url');
$output .= '<a href="' . $renew_url . '">' . EMEMBER_RENEW_OR_UPGRADE . '</a>';
}
$output .= '</div>';
//End of eMember_logged_user_expiry
$output .= '</div>';
//End of eMember_logged_user_info_section
$output .= '<ul>';
$output .= '<li><a href="' . $logout . '">' . EMEMBER_LOGOUT . '</a></li>';
if ($eMember_secure_rss) {
$output .= '<li><a href="' . $feed_url . '">' . EMEMBER_MY_FEED . '</a></li>';
}
$edit_profile_page = $emember_config->getValue('eMember_profile_edit_page');
$support_page = $emember_config->getValue('eMember_support_page');
if (!empty($edit_profile_page)) {
$output .= '<li><a href="' . $edit_profile_page . '">' . EMEMBER_EDIT_PROFILE . '</a></li>';
}
if (!empty($support_page)) {
$output .= '<li><a href="' . $support_page . '">' . EMEMBER_SUPPORT_PAGE . '</a></li>';
}
if ($eMember_show_welcome_page_link) {
$welcome_page_url = emember_get_after_login_page_url_of_current_user();
$output .= '<li><a href="' . $welcome_page_url . '">' . EMEMBER_WELCOME_PAGE . '</a></li>';
}
$bookmark_feature = $emember_config->getValue('eMember_enable_bookmark');
if ($bookmark_feature) {
$bookmark_page_url = $emember_config->getValue('eMember_bookmark_listing_page');
if (!empty($bookmark_page_url)) {
$output .= '<li><a href="' . $bookmark_page_url . '">' . EMEMBER_BOOKMARK_PAGE . '</a></li>';
}
}
$output .= '</ul>';
$custom_login_msg = stripslashes($emember_config->getValue('eMember_login_widget_message_for_logged_members'));
if (!empty($custom_login_msg)) {
$custom_login_msg = do_shortcode($custom_login_msg);
$output .= html_entity_decode($custom_login_msg, ENT_COMPAT);
}
$output .= '</div>';
//End of eMember_logged_widget
} else {
$output = show_login_form();
}
return $output;
}
