/** * Log the user in */ public static function ProcessLogin($useridoremail, $password) { # Allow them to login in any manner: # Email: blah@blah.com # Pilot ID: VMA0001, VMA 001, etc # Just ID: 001 if (is_numeric($useridoremail)) { $useridoremail = $useridoremail - intval(Config::Get('PILOTID_OFFSET')); $sql = 'SELECT * FROM ' . TABLE_PREFIX . 'pilots WHERE pilotid=' . $useridoremail; } else { # They're logging in with an email if (preg_match('/^.*\\@.*$/i', $useridoremail) > 0) { $emailaddress = DB::escape($useridoremail); $sql = 'SELECT * FROM ' . TABLE_PREFIX . 'pilots WHERE email=\'' . $useridoremail . '\''; } elseif (preg_match('/^([A-Za-z]*)(.*)(\\d*)/', $useridoremail, $matches) > 0) { $id = trim($matches[2]); $id = $id - intval(Config::Get('PILOTID_OFFSET')); $sql = 'SELECT * FROM ' . TABLE_PREFIX . 'pilots WHERE pilotid=' . $id; } else { self::$error_message = 'Invalid user ID'; return false; } } $password = DB::escape($password); $userinfo = DB::get_row($sql); if (!$userinfo) { self::$error_message = 'This user does not exist'; return false; } /* Implement the pilot statuses, see if they are allowed in according to their status */ $pilotStatuses = Config::get('PILOT_STATUS_TYPES'); foreach ($pilotStatuses as $id => $info) { if ($userinfo->retired == $id && $info['canlogin'] == false) { self::$error_message = $info['message']; return false; } } /*if($userinfo->retired == 1) { self::$error_message = 'Your account was deactivated, please contact an admin'; return false; }*/ //ok now check it $hash = md5($password . $userinfo->salt); if ($hash == $userinfo->password) { self::$userinfo = $userinfo; #deprecated self::$pilot = self::$userinfo; self::update_session(self::$session_id, self::$userinfo->pilotid); SessionManager::Set('loggedin', 'true'); SessionManager::Set('userinfo', $userinfo); SessionManager::Set('usergroups', PilotGroups::GetUserGroups($userinfo->pilotid)); PilotData::updateProfile($pilotid, array('lastlogin' => 'NOW()', 'lastip' => $_SERVER['REMOTE_ADDR'])); return true; } else { self::$error_message = 'Invalid login, please check your username and password'; self::LogOut(); return false; } }