/**
* Update context after customer login
* @param Customer $customer Created customer
*/
public function updateCustomer(Customer $customer)
{
$this->customer = $customer;
$this->cookie->id_customer = (int) $customer->id;
$this->cookie->customer_lastname = $customer->lastname;
$this->cookie->customer_firstname = $customer->firstname;
$this->cookie->passwd = $customer->passwd;
$this->cookie->logged = 1;
$customer->logged = 1;
$this->cookie->email = $customer->email;
$this->cookie->is_guest = $customer->isGuest();
$this->cart->secure_key = $customer->secure_key;
if (Configuration::get('PS_CART_FOLLOWING') && (empty($this->cookie->id_cart) || Cart::getNbProducts($this->cookie->id_cart) == 0) && ($id_cart = (int) Cart::lastNoneOrderedCart($this->customer->id))) {
$this->cart = new Cart($id_cart);
} else {
$id_carrier = (int) $this->cart->id_carrier;
$this->cart->id_carrier = 0;
$this->cart->setDeliveryOption(null);
$this->cart->id_address_delivery = (int) Address::getFirstCustomerAddressId((int) $customer->id);
$this->cart->id_address_invoice = (int) Address::getFirstCustomerAddressId((int) $customer->id);
}
$this->cart->id_customer = (int) $customer->id;
if (isset($id_carrier) && $id_carrier) {
$delivery_option = [$this->cart->id_address_delivery => $id_carrier . ','];
$this->cart->setDeliveryOption($delivery_option);
}
$this->cart->save();
$this->cookie->id_cart = (int) $this->cart->id;
$this->cookie->write();
$this->cart->autosetProductAddress();
}
/**
* Preparing hidden form with payment data before sending it to Dotpay
*/
public function initContent()
{
parent::initContent();
$this->display_column_left = false;
$this->display_header = false;
$this->display_footer = false;
$cartId = 0;
if (Tools::getValue('order_id') == false) {
$cartId = $this->context->cart->id;
$exAmount = $this->api->getExtrachargeAmount(true);
if ($exAmount > 0 && !$this->isExVPinCart()) {
$productId = $this->config->getDotpayExchVPid();
if ($productId != 0) {
$product = new Product($productId, true);
$product->price = $exAmount;
$product->save();
$product->flushPriceCache();
$this->context->cart->updateQty(1, $product->id);
$this->context->cart->update();
$this->context->cart->getPackageList(true);
}
}
$discAmount = $this->api->getDiscountAmount();
if ($discAmount > 0) {
$discount = new CartRule($this->config->getDotpayDiscountId());
$discount->reduction_amount = $this->api->getDiscountAmount();
$discount->reduction_currency = $this->context->cart->id_currency;
$discount->reduction_tax = 1;
$discount->update();
$this->context->cart->addCartRule($discount->id);
$this->context->cart->update();
$this->context->cart->getPackageList(true);
}
$result = $this->module->validateOrder($this->context->cart->id, (int) $this->config->getDotpayNewStatusId(), $this->getDotAmount(), $this->module->displayName, NULL, array(), NULL, false, $this->customer->secure_key);
} else {
$this->context->cart = Cart::getCartByOrderId(Tools::getValue('order_id'));
$this->initPersonalData();
$cartId = $this->context->cart->id;
}
$this->api->onPrepareAction(Tools::getValue('dotpay_type'), array('order' => Order::getOrderByCartId($cartId), 'customer' => $this->context->customer->id));
$sa = new DotpaySellerApi($this->config->getDotpaySellerApiUrl());
if ($this->config->isDotpayDispInstruction() && $this->config->isApiConfigOk() && $this->api->isChannelInGroup(Tools::getValue('channel'), array(DotpayApi::cashGroup, DotpayApi::transfersGroup)) && $sa->isAccountRight($this->config->getDotpayApiUsername(), $this->config->getDotpayApiPassword(), $this->config->getDotpayApiVersion())) {
$this->context->cookie->dotpay_channel = Tools::getValue('channel');
Tools::redirect($this->context->link->getModuleLink($this->module->name, 'confirm', array('order_id' => Order::getOrderByCartId($cartId))));
die;
}
$this->context->smarty->assign(array('hiddenForm' => $this->api->getHiddenForm()));
$cookie = new Cookie('lastOrder');
$cookie->orderId = Order::getOrderByCartId($cartId);
$cookie->write();
$this->setTemplate("preparing.tpl");
}
public static function end()
{
// cookie details
$name = Config::get('session.name', 'anchorcms');
$expire = time() + Config::get('session.expire', 86400);
$path = Config::get('session.path', '/');
$domain = Config::get('session.domain', '');
// update db session
Db::update('sessions', array('date' => date(DATE_ISO8601), 'ip' => Input::ip_address(), 'ua' => Input::user_agent(), 'data' => serialize(static::$data)), array('id' => static::$id));
// create cookie with ID
if (!Cookie::write($name, static::$id, $expire, $path, $domain)) {
Log::error('Could not write session cookie: ' . static::$id);
}
}
/**
* @see FrontController::initContent()
*/
public function initContent()
{
parent::initContent();
try {
$resp = new Maestrano_Saml_Response($_POST['SAMLResponse']);
// Check if the Saml response is valid
if ($resp->isValid()) {
// Get the user as well as the user group
$mnoUser = new Maestrano_Sso_User($resp);
// intilize the user Model
$userModel = new Maestrano_Sso_Model_User();
// Find user in db by email if not exist then create locally
$userResp = $userModel->findOrCreate($mnoUser);
if ($userResp['id_employee'] > 0) {
//update the Cookie for prestashop
$cookie = new Cookie('psAdmin');
$cookie->id_employee = $userResp['id_employee'];
$cookie->email = $mnoUser->email;
$cookie->profile = $userResp['id_profile'];
$cookie->passwd = $userResp['passwd'];
$cookie->remote_addr = (int) ip2long(Tools::getRemoteAddr());
$cookie->last_activity = time();
// write the cookie in Prestashop session
$cookie->write();
// Once the user is created/identified, we store the maestrano session.
// This session will be used for single logout
$mnoSession = new Maestrano_Sso_Session($_SESSION, $mnoUser);
$mnoSession->save();
// If logged in redirect to admin dashboard startup page
if ($cookie->id_employee) {
$cookie = new Cookie('psAdDir');
Tools::redirect(Tools::getCurrentUrlProtocolPrefix() . Tools::getShopDomain() . __PS_BASE_URI__ . $cookie->admin_directory);
}
}
} else {
echo '<p>There was an error during the authentication process.</p><br/>';
echo '<p>Please try again. If issue persists please contact support@maestrano.com<p>';
exit;
}
} catch (Exception $ex) {
echo $ex;
exit;
}
}
/**
* Generate cookie for admin directory becuase prestashop have dynamic names of admin directory
*
* @return the directory name
*/
public function cookieForAdminDirectory()
{
$pageURL = 'http';
if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") {
$pageURL .= "s";
}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80") {
$pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["REQUEST_URI"];
} else {
$pageURL .= $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
}
$pageURL = str_replace(Tools::getCurrentUrlProtocolPrefix() . Tools::getShopDomain() . __PS_BASE_URI__, '', $pageURL);
$pageURL = str_replace(basename($pageURL), '', $pageURL);
// Write cookie for the Admin directory
$cookie = new Cookie('psAdDir');
$cookie->admin_directory = $pageURL;
$cookie->write();
return $pageURL;
}
/**
* Autentica um usuário.
*
* @param string $id ID do usuário
* @param string $password Senha do usuário
* @return void
*/
public function authenticate($id, $password)
{
Cookie::set("domain", $this->domain);
Cookie::set("path", $this->path);
Cookie::set("secure", $this->secure);
Cookie::write("user_id", $id, $this->expires);
Cookie::write("password", $password, $this->expires);
}
$errors[] = Tools::displayError('Invalid password');
} else {
/* Seeking for employee */
$employee = new Employee();
$employee = $employee->getByemail($email, $passwd);
if (!$employee) {
$errors[] = Tools::displayError('Employee does not exist or password is incorrect.');
$cookie->logout();
} else {
/* Creating cookie */
$cookie->id_employee = $employee->id;
$cookie->email = $employee->email;
$cookie->profile = $employee->id_profile;
$cookie->passwd = $employee->passwd;
$cookie->remote_addr = ip2long(Tools::getRemoteAddr());
$cookie->write();
/* Redirect to admin panel */
if (isset($_GET['redirect'])) {
$url = strval($_GET['redirect'] . (isset($_GET['token']) ? '&token=' . $_GET['token'] : ''));
} else {
$url = 'index.php';
}
if (!Validate::isCleanHtml($url)) {
die(Tools::displayError());
}
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="' . $iso . '" lang="' . $iso . '">
<meta http-equiv="Refresh" content="0;URL=' . Tools::safeOutput($url, true) . '">
<head>
<script language="javascript" type="text/javascript">
window.location.replace("' . Tools::safeOutput($url, true) . '");
public function init()
{
global $cookie, $smarty, $cart, $iso, $defaultCountry, $protocol_link, $protocol_content, $link, $css_files, $js_files;
if (self::$initialized) {
return;
}
self::$initialized = true;
$css_files = array();
$js_files = array();
if ($this->ssl and (empty($_SERVER['HTTPS']) or strtolower($_SERVER['HTTPS']) == 'off') and Configuration::get('PS_SSL_ENABLED')) {
header('HTTP/1.1 301 Moved Permanently');
header('Location: ' . Tools::getShopDomainSsl(true) . $_SERVER['REQUEST_URI']);
exit;
}
ob_start();
/* Loading default country */
$defaultCountry = new Country((int) Configuration::get('PS_COUNTRY_DEFAULT'), Configuration::get('PS_LANG_DEFAULT'));
$cookie = new Cookie('ps');
$link = new Link();
if ($this->auth and !$cookie->isLogged($this->guestAllowed)) {
Tools::redirect('authentication.php' . ($this->authRedirection ? '?back=' . $this->authRedirection : ''));
}
/* Theme is missing or maintenance */
if (!is_dir(_PS_THEME_DIR_)) {
die(Tools::displayError('Current theme unavailable. Please check your theme directory name and permissions.'));
} elseif (basename($_SERVER['PHP_SELF']) != 'disabled.php' and !(int) Configuration::get('PS_SHOP_ENABLE')) {
$this->maintenance = true;
} elseif (Configuration::get('PS_GEOLOCATION_ENABLED')) {
if (!isset($cookie->iso_code_country)) {
if ($cookie->logged) {
$id_country = Customer::getCurrentCountry((int) $cookie->id_customer);
$cookie->iso_code_country = Country::getIsoById($id_country);
} else {
$this->geolocationManagement();
}
}
if (!isset($cookie->iso_code_country)) {
$current_country_id = Customer::getCurrentCountry((int) $cookie->id_customer);
} else {
$current_country_id = Country::getByIso($cookie->iso_code_country);
}
$current_country = new Country($current_country_id, 1);
$cookie->id_country = $current_country->id;
$smarty->assign('current_country', $current_country->name);
$smarty->assign('current_country_id', $current_country->id);
if ($cookie->id_country == 110 && !isset($cookie->id_currency)) {
$cookie->id_currency = 4;
}
}
//set imagesize if not set
if (!isset($cookie->image_size)) {
$cookie->image_size = IMAGE_SIZE_LARGE;
$cookie->write();
}
if (!isset($cookie->greetings) && !$cookie->logged) {
$cookie->greetings = 1;
$cookie->write();
$smarty->assign('show_greetings', 1);
}
//echo $cookie->image_size;
if ($image_size = Tools::getValue("is")) {
if ($image_size == "s" && $cookie->image_size == IMAGE_SIZE_LARGE) {
$cookie->image_size = IMAGE_SIZE_SMALL;
$cookie->write();
} else {
if ($image_size == "l" && $cookie->image_size == IMAGE_SIZE_SMALL) {
$cookie->image_size = IMAGE_SIZE_LARGE;
$cookie->write();
}
}
}
// Switch language if needed and init cookie language
if ($iso = Tools::getValue('isolang') and Validate::isLanguageIsoCode($iso) and $id_lang = (int) Language::getIdByIso($iso)) {
$_GET['id_lang'] = $id_lang;
}
Tools::switchLanguage();
Tools::setCookieLanguage();
/* attribute id_lang is often needed, so we create a constant for performance reasons */
if (!defined('_USER_ID_LANG_')) {
define('_USER_ID_LANG_', (int) $cookie->id_lang);
}
if (isset($_GET['logout']) or $cookie->logged and Customer::isBanned((int) $cookie->id_customer)) {
$cookie->logout();
Tools::redirect(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : NULL);
} elseif (isset($_GET['mylogout'])) {
$this->logoutFacebook();
$cookie->mylogout();
Tools::redirect(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : NULL);
}
if ($source = Tools::getValue('utm_source')) {
$cookie->last_source = $source;
$cookie->write();
}
if ($ref_source = Tools::getValue('vbref')) {
$cookie->last_ref_source = $ref_source;
$cookie->write();
}
/*else
{
if(!isset($cookie->last_ref_source))
{
$cookie->last_ref_source = 0;
$cookie->write();
}
}*/
global $currency;
$currency = Tools::setCurrency();
$_MODULES = array();
/* Cart already exists */
if ((int) $cookie->id_cart) {
$cart = new Cart((int) $cookie->id_cart);
if ($cart->OrderExists()) {
unset($cookie->id_cart, $cart, $cookie->checkedTOS);
} elseif (intval(Configuration::get('PS_GEOLOCATION_ENABLED')) and !in_array(strtoupper($cookie->iso_code_country), explode(';', Configuration::get('PS_ALLOWED_COUNTRIES'))) and $cart->nbProducts() and intval(Configuration::get('PS_GEOLOCATION_NA_BEHAVIOR')) != -1 and !self::isInWhitelistForGeolocation()) {
unset($cookie->id_cart, $cart);
} elseif ($cookie->id_customer != $cart->id_customer or $cookie->id_lang != $cart->id_lang or $cookie->id_currency != $cart->id_currency) {
if ($cookie->id_customer) {
$cart->id_customer = (int) $cookie->id_customer;
}
$cart->id_lang = (int) $cookie->id_lang;
$cart->id_currency = (int) $cookie->id_currency;
$cart->update();
}
/* Select an address if not set */
if (isset($cart) && (!isset($cart->id_address_delivery) || $cart->id_address_delivery == 0 || !isset($cart->id_address_invoice) || $cart->id_address_invoice == 0) && $cookie->id_customer) {
$to_update = false;
if (!isset($cart->id_address_delivery) || $cart->id_address_delivery == 0) {
$to_update = true;
$cart->id_address_delivery = (int) Address::getFirstCustomerAddressId($cart->id_customer);
}
if (!isset($cart->id_address_invoice) || $cart->id_address_invoice == 0) {
$to_update = true;
$cart->id_address_invoice = (int) Address::getFirstCustomerAddressId($cart->id_customer);
}
if ($to_update) {
$cart->update();
}
}
}
if (!isset($cart) or !$cart->id) {
$this->checkIDS();
$cart = new Cart();
$cart->id_lang = (int) $cookie->id_lang;
$cart->id_currency = (int) $cookie->id_currency;
$cart->id_guest = (int) $cookie->id_guest;
if ($cookie->id_customer) {
$cart->id_customer = (int) $cookie->id_customer;
$cart->id_address_delivery = (int) Address::getFirstCustomerAddressId($cart->id_customer);
$cart->id_address_invoice = $cart->id_address_delivery;
} else {
$cart->id_address_delivery = 0;
$cart->id_address_invoice = 0;
}
}
if (!$cart->nbProducts()) {
$cart->id_carrier = NULL;
}
$locale = strtolower(Configuration::get('PS_LOCALE_LANGUAGE')) . '_' . strtoupper(Configuration::get('PS_LOCALE_COUNTRY') . '.UTF-8');
setlocale(LC_COLLATE, $locale);
setlocale(LC_CTYPE, $locale);
setlocale(LC_TIME, $locale);
setlocale(LC_NUMERIC, 'en_US.UTF-8');
if (Validate::isLoadedObject($currency)) {
$smarty->ps_currency = $currency;
}
if (Validate::isLoadedObject($ps_language = new Language((int) $cookie->id_lang))) {
$smarty->ps_language = $ps_language;
}
/* get page name to display it in body id */
$pathinfo = pathinfo(__FILE__);
$page_name = basename($_SERVER['PHP_SELF'], '.' . $pathinfo['extension']);
$page_name = preg_match('/^[0-9]/', $page_name) ? 'page_' . $page_name : $page_name;
$smarty->assign(Tools::getMetaTags($cookie->id_lang, $page_name));
$smarty->assign('request_uri', Tools::safeOutput(urldecode($_SERVER['REQUEST_URI'])));
/* Breadcrumb */
$navigationPipe = Configuration::get('PS_NAVIGATION_PIPE') ? Configuration::get('PS_NAVIGATION_PIPE') : '>';
$smarty->assign('navigationPipe', $navigationPipe);
$protocol_link = (Configuration::get('PS_SSL_ENABLED') or !empty($_SERVER['HTTPS']) and strtolower($_SERVER['HTTPS']) != 'off') ? 'https://' : 'http://';
$protocol_content = (isset($useSSL) and $useSSL and Configuration::get('PS_SSL_ENABLED') or !empty($_SERVER['HTTPS']) and strtolower($_SERVER['HTTPS']) != 'off') ? 'https://' : 'http://';
if (!defined('_PS_BASE_URL_')) {
define('_PS_BASE_URL_', Tools::getShopDomain(true));
}
if (!defined('_PS_BASE_URL_SSL_')) {
define('_PS_BASE_URL_SSL_', Tools::getShopDomainSsl(true));
}
$link->preloadPageLinks();
$this->canonicalRedirection();
Product::initPricesComputation();
$display_tax_label = $defaultCountry->display_tax_label;
if ($cart->{Configuration::get('PS_TAX_ADDRESS_TYPE')}) {
$infos = Address::getCountryAndState((int) $cart->{Configuration::get('PS_TAX_ADDRESS_TYPE')});
$country = new Country((int) $infos['id_country']);
if (Validate::isLoadedObject($country)) {
$display_tax_label = $country->display_tax_label;
}
}
global $isBetaUser, $conversion_rate_inr;
$conversion_rate_inr = 55;
if (!$cookie->isLogged()) {
$this->initFacebook();
} else {
$customer_groups = Customer::getGroupsStatic((int) $cookie->id_customer);
if (in_array(2, $customer_groups)) {
$smarty->assign('internal_vb_user', 1);
}
if (in_array(3, $customer_groups)) {
$isBetaUser = true;
} else {
$isBetaUser = false;
}
/*$reward_points = VBRewards::getCustomerPoints($cookie->id_customer);
$can_redeem = VBRewards::checkPointsValidity($cookie->id_customer, 0);
if($can_redeem)
$smarty->assign('can_redeem_points', 1);
$smarty->assign('balance_points', $reward_points);*/
}
$smarty->assign('img_version', IMG_VERSION);
$this->setRecaptchaHTML();
if ($page_name === "index") {
$sql = "select title,image_path,url from ps_banner where is_active = 1 order by display_order asc";
$home_banners = Db::getInstance()->ExecuteS($sql);
$smarty->assign("home_banners", $home_banners);
}
$smarty->assign(array('lazy' => 1, 'link' => $link, 'cart' => $cart, 'currency' => $currency, 'cookie' => $cookie, 'page_name' => $page_name, 'base_dir' => _PS_BASE_URL_ . __PS_BASE_URI__, 'base_dir_ssl' => $protocol_link . Tools::getShopDomainSsl() . __PS_BASE_URI__, 'content_dir' => $protocol_content . Tools::getShopDomain() . __PS_BASE_URI__, 'tpl_dir' => _PS_THEME_DIR_, 'modules_dir' => _MODULE_DIR_, 'mail_dir' => _MAIL_DIR_, 'lang_iso' => $ps_language->iso_code, 'come_from' => Tools::getHttpHost(true, true) . Tools::htmlentitiesUTF8(str_replace('\'', '', urldecode($_SERVER['REQUEST_URI']))), 'cart_qties' => (int) $cart->nbProducts(), 'currencies' => Currency::getCurrencies(), 'languages' => Language::getLanguages(), 'priceDisplay' => Product::getTaxCalculationMethod(), 'add_prod_display' => (int) Configuration::get('PS_ATTRIBUTE_CATEGORY_DISPLAY'), 'shop_name' => Configuration::get('PS_SHOP_NAME'), 'roundMode' => (int) Configuration::get('PS_PRICE_ROUND_MODE'), 'use_taxes' => (int) Configuration::get('PS_TAX'), 'display_tax_label' => (bool) $display_tax_label, 'vat_management' => (int) Configuration::get('VATNUMBER_MANAGEMENT'), 'opc' => (bool) Configuration::get('PS_ORDER_PROCESS_TYPE'), 'PS_CATALOG_MODE' => (bool) Configuration::get('PS_CATALOG_MODE'), 'conversion_rate' => $conversion_rate_inr));
// Deprecated
$smarty->assign(array('id_currency_cookie' => (int) $currency->id, 'logged' => $cookie->isLogged(), 'customerName' => $cookie->logged ? $cookie->customer_firstname . ' ' . $cookie->customer_lastname : false));
// TODO for better performances (cache usage), remove these assign and use a smarty function to get the right media server in relation to the full ressource name
$assignArray = array('img_ps_dir' => _PS_IMG_, 'img_cat_dir' => _THEME_CAT_DIR_, 'img_lang_dir' => _THEME_LANG_DIR_, 'img_prod_dir' => _THEME_PROD_DIR_, 'img_manu_dir' => _THEME_MANU_DIR_, 'img_sup_dir' => _THEME_SUP_DIR_, 'img_ship_dir' => _THEME_SHIP_DIR_, 'img_store_dir' => _THEME_STORE_DIR_, 'img_col_dir' => _THEME_COL_DIR_, 'img_dir' => _THEME_IMG_DIR_, 'css_dir' => _THEME_CSS_DIR_, 'js_dir' => _THEME_JS_DIR_, 'pic_dir' => _THEME_PROD_PIC_DIR_);
foreach ($assignArray as $assignKey => $assignValue) {
if (substr($assignValue, 0, 1) == '/' or $protocol_content == 'https://') {
$smarty->assign($assignKey, $protocol_content . Tools::getMediaServer($assignValue) . $assignValue);
} else {
$smarty->assign($assignKey, $assignValue);
}
}
// setting properties from global var
self::$cookie = $cookie;
self::$cart = $cart;
self::$smarty = $smarty;
self::$link = $link;
if ($this->maintenance) {
$this->displayMaintenancePage();
}
if ($this->restrictedCountry) {
$this->displayRestrictedCountryPage();
}
//live edit
if (Tools::isSubmit('live_edit') and $ad = Tools::getValue('ad') and Tools::getValue('liveToken') == sha1(Tools::getValue('ad') . _COOKIE_KEY_)) {
if (!is_dir(_PS_ROOT_DIR_ . DIRECTORY_SEPARATOR . $ad)) {
die(Tools::displayError());
}
}
$this->iso = $iso;
$this->setMedia();
//For sokrati pixel
self::$smarty->assign("new_customer_regd", false);
if ((int) self::$cookie->new_reg === 1) {
self::$smarty->assign("new_customer_regd", true);
unset(self::$cookie->new_reg);
}
if (self::$cookie->id_customer) {
self::$smarty->assign("balance_points", VBRewards::getCustomerPoints(self::$cookie->id_customer));
}
}
public function __beforeAction()
{
// User authentication
$user_model = new User_Model();
User_Model::$auth_status = User_Model::AUTH_STATUS_NOT_LOGGED;
// Authentication by post
if (isset($_POST['username']) && isset($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
try {
if (!preg_match('#^[a-z0-9-]+$#', $username)) {
throw new Exception('Invalid username');
}
if ($user_model->authenticate($username, $password)) {
User_Model::$auth_status = User_Model::AUTH_STATUS_LOGGED;
// Write session and cookie to remember sign-in
Cookie::write('login', Encryption::encode($username . ':' . $password), 60 * 24 * 3600);
Session::write('username', $username);
} else {
throw new Exception('Bad username or password');
}
} catch (Exception $e) {
User_Model::$auth_status = User_Model::AUTH_STATUS_BAD_USERNAME_OR_PASSWORD;
Cookie::delete('login');
Session::delete('username');
}
} else {
// Authentication by session
if (($username = Session::read('username')) !== null) {
try {
$user_model->loadUser($username);
User_Model::$auth_status = User_Model::AUTH_STATUS_LOGGED;
} catch (Exception $e) {
Session::delete('username');
Cookie::delete('login');
}
// Authentication by cookies
} else {
if (($login = Cookie::read('login')) !== null) {
try {
if (isset($login) && ($login = Encryption::decode($login))) {
$login = explode(':', $login);
$username = $login[0];
if (!preg_match('#^[a-z0-9-]+$#', $username)) {
throw new Exception('Invalid username');
}
array_splice($login, 0, 1);
$password = implode(':', $login);
if ($user_model->authenticate($username, $password)) {
User_Model::$auth_status = User_Model::AUTH_STATUS_LOGGED;
// Write session to remember sign-in
Session::write('username', $username);
} else {
throw new Exception('Bad username or password');
}
} else {
throw new Exception('Invalid user cookie');
}
} catch (Exception $e) {
Cookie::delete('login');
}
}
}
}
}
$page_address = rtrim($page_address, '?&');
header('Location: http://' . $_SERVER['HTTP_HOST'] . $page_address);
exit;
}
// Security : The $_POST variables are wiped if the referer domain is different from the current domain
if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER'] != '' && !preg_match('#^https?://' . preg_quote($_SERVER['SERVER_NAME']) . '#', $_SERVER['HTTP_REFERER'])) {
// On vide $_POST
$_POST = array();
}
// Removing special characters from $_POST variables (they may be a problem with DB or AJAX)
foreach ($_POST as $key => $value) {
if (!is_array($value)) {
$value = preg_replace('#[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F]#', '', $value);
}
}
// Detection of mobile device
$is_mobile = !empty($_SERVER['X_WAP_PROFILE']) || preg_match('#(text/vnd\\.wap\\.wml|application/vnd.wap.xhtml)#', $_SERVER['HTTP_ACCEPT']) || preg_match('#(?<![a-z])(' . 'iphone|ipod|symbian|nokia|wap|vodafone|pocket|' . 'ipad|sonyericsson|motorola|android|opera mini|' . 'blackberry|palm os|palm|hiptop|avantgo|plucker|' . 'xiino|blazer|elaine|iris|3g_t|windows ce|opera mobi|' . 'windows ce; smartphone|windows ce; iemobile|' . 'mini 9\\.5|vx1000|lge|m800|e860|u940|ux840|compal|' . 'wireless|mobi|ahong|lg380|lgku|lgu900|lg210|' . 'lg47|lg920|lg840|lg370|sam-r|mg50|s55|g83|t66|' . 'vx400|mk99|d615|d763|el370|sl900|mp500|samu3|' . 'samu4|vx10|xda|samu5|samu6|samu7|samu9|a615|' . 'b832|m881|s920|n210|s700|c-810|h797|mob-x|treo|' . 'sk16d|848b|mowser|s580|r800|471x|v120|rim8|' . 'c500foma|160x|x160|480x|x640|t503|w839|i250|' . 'sprint|w398samr810|m5252|c7100|mt126|x225|s5330|' . 's820|htil-g1|fly v71|s302|x113|novarra|k610i|' . 'three|8325rc|8352rc|sanyo|vx54|c888|nx250|n120|' . 'mtk|c5588|s710|t880|c5005|i;458x|p404i|s210|' . 'c5100|teleca|s940|c500|s590|foma|samsu|vx8|vx9|' . 'a1000|mms|myx|a700|gu1100|bc831|e300|ems100|' . 'me701|me702m-three|sd588|s800|8325rc|ac831|mw200|' . 'brew|d88|htc|355x|m50|km100|d736|kindle|mobile|' . 'p-9521|telco|sl74|ktouch|m4u\\/|me702|8325rc|kddi|' . 'phone|lg|samsung|240x|x320|vx10|sony cmd|psp|' . 'up\\.browser|up\\.link|mmp|symbian|smartphone|midp' . ')(?![a-z])#i', $_SERVER['HTTP_USER_AGENT']);
// Mobile mode for the website
$mobile_mode = false;
if (isset($_GET['mobile'])) {
$mobile_mode = $_GET['mobile'] == 1 ? 1 : 0;
Cookie::write('mobile', (string) $mobile_mode, 60 * 24 * 3600);
} else {
if (isset($_COOKIE['mobile'])) {
$mobile_mode = $_COOKIE['mobile'] == 1 ? 1 : 0;
} else {
$mobile_mode = $is_mobile;
}
}
define('MOBILE_BROWSER', $is_mobile);
define('MOBILE_MODE', $mobile_mode);
