/** * Tries to login a user and populates self::$data on success. * * @param string $login user login * @param string $password user password * * @throws Exception if user cannot be logged in * * @return bool */ public static function login($login, $password) { try { self::setDefault(); self::$data = API::User()->login(array('user' => $login, 'password' => $password, 'userData' => true)); if (!self::$data) { throw new Exception(); } if (self::$data['gui_access'] == GROUP_GUI_ACCESS_DISABLED) { error(_('GUI access disabled.')); throw new Exception(); } if (empty(self::$data['url'])) { self::$data['url'] = CProfile::get('web.menu.view.last', 'index.php'); } $result = (bool) self::$data; if (isset(self::$data['attempt_failed']) && self::$data['attempt_failed']) { CProfile::init(); CProfile::update('web.login.attempt.failed', self::$data['attempt_failed'], PROFILE_TYPE_INT); CProfile::update('web.login.attempt.ip', self::$data['attempt_ip'], PROFILE_TYPE_STR); CProfile::update('web.login.attempt.clock', self::$data['attempt_clock'], PROFILE_TYPE_INT); $result &= CProfile::flush(); } // remove guest session after successful login $result &= DBexecute('DELETE FROM sessions WHERE sessionid=' . zbx_dbstr(get_cookie('zbx_sessionid'))); if ($result) { self::setSessionCookie(self::$data['sessionid']); add_audit_ext(AUDIT_ACTION_LOGIN, AUDIT_RESOURCE_USER, self::$data['userid'], '', null, null, null); } return $result; } catch (Exception $e) { self::setDefault(); return false; } }
public static function login($login, $password) { try { self::setDefault(); self::$data = API::User()->login(array('user' => $login, 'password' => $password, 'userData' => true)); if (!self::$data) { throw new Exception(); } if (self::$data['gui_access'] == GROUP_GUI_ACCESS_DISABLED) { error(_('GUI access disabled.')); throw new Exception(); } if (empty(self::$data['url'])) { self::$data['url'] = CProfile::get('web.menu.view.last', 'index.php'); } if (isset(self::$data['attempt_failed']) && self::$data['attempt_failed']) { CProfile::init(); CProfile::update('web.login.attempt.failed', self::$data['attempt_failed'], PROFILE_TYPE_INT); CProfile::update('web.login.attempt.ip', self::$data['attempt_ip'], PROFILE_TYPE_STR); CProfile::update('web.login.attempt.clock', self::$data['attempt_clock'], PROFILE_TYPE_INT); CProfile::flush(); } // remove guest session after successful login DBexecute('DELETE FROM sessions WHERE sessionid=' . zbx_dbstr(get_cookie('zbx_sessionid'))); zbx_setcookie('zbx_sessionid', self::$data['sessionid'], self::$data['autologin'] ? time() + SEC_PER_DAY * 31 : 0); return true; } catch (Exception $e) { self::setDefault(); return false; } }
} } $result = DBend($result); if ($page['type'] == PAGE_TYPE_JS && $result) { echo 'switchElementClass("addrm_fav", "iconminus", "iconplus");'; } } } if (!empty($_REQUEST['period']) || !empty($_REQUEST['stime'])) { CScreenBase::calculateTime(array('profileIdx' => 'web.screens', 'profileIdx2' => $pageFilter->graphid, 'updateProfile' => true, 'period' => getRequest('period'), 'stime' => getRequest('stime'))); $curl = new CUrl(); $curl->removeArgument('period'); $curl->removeArgument('stime'); ob_end_clean(); DBstart(); CProfile::flush(); DBend(); redirect($curl->getUrl()); } ob_end_flush(); if ($page['type'] == PAGE_TYPE_JS || $page['type'] == PAGE_TYPE_HTML_BLOCK) { require_once dirname(__FILE__) . '/include/page_footer.php'; exit; } /* * Display */ $data = array('pageFilter' => $pageFilter, 'graphid' => $pageFilter->graphid, 'fullscreen' => $_REQUEST['fullscreen']); // render view $chartsView = new CView('monitoring.charts', $data); $chartsView->render();
if (isset($page['hist_arg']) && CWebUser::$data['alias'] != ZBX_GUEST_USER && $page['type'] == PAGE_TYPE_HTML && !defined('ZBX_PAGE_NO_MENU')) { // if URL length is greater than DB field size, skip history update $url = getHistoryUrl($page); if ($url) { DBstart(); $result = addUserHistory($page['title'], $url); DBend($result); } } // last page if (!defined('ZBX_PAGE_NO_MENU') && $page['file'] != 'profile.php') { CProfile::update('web.paging.lastpage', $page['file'], PROFILE_TYPE_STR); } if (CProfile::isModified()) { DBstart(); $result = CProfile::flush(); DBend($result); } // end transactions if they have not been closed already if (isset($DB) && isset($DB['TRANSACTIONS']) && $DB['TRANSACTIONS'] != 0) { error(_('Transaction has not been closed. Aborting...')); DBend(false); } show_messages(); if (in_array($page['type'], array(PAGE_TYPE_HTML_BLOCK, PAGE_TYPE_HTML))) { if (!is_null(CWebUser::$data) && isset(CWebUser::$data['debug_mode']) && CWebUser::$data['debug_mode'] == GROUP_DEBUG_MODE_ENABLED) { CProfiler::getInstance()->stop(); CProfiler::getInstance()->show(); } } if ($page['type'] == PAGE_TYPE_HTML) {
/** * Main controller processing routine. Returns response object: data, redirect or fatal redirect. * * @return var */ public final function run() { if ($this->validateSID && !$this->checkSID()) { access_deny(ACCESS_DENY_PAGE); } if ($this->checkInput()) { if ($this->checkPermissions() !== true) { access_deny(ACCESS_DENY_PAGE); } $this->doAction(); } if (CProfile::isModified()) { DBstart(); $result = CProfile::flush(); DBend($result); } return $this->getResponse(); }