function saveOauthTokens($token, $verifier, $userid) { dbConnect(); $this->oauth_verifier = dbRealEscapeString($verifier); $this->oauth_token = dbRealEscapeString($token); $this->userid = $userid; $in['oauthToken'] = $token; $in['oauthVerifier'] = $verifier; $in['userId'] = $userid; $sql = "UPDATE deviceAuth " . makeSql($in, "update") . " WHERE device={$this->device} AND c3url='{$this->c3url}' AND uRec='{$this->uRec}'"; if (!($rc = dbQuery($sql))) { logit(WARN, " DB Error: {$sql} in " . __FILE__ . " on line: " . __LINE__); } }
} else { $loginUsername = 0; $loginPassword = 0; $loginCookieCrypt = 0; $loginPasswordCrypt = 0; } if (empty($loginPassword) && empty($loginCookieCrypt) && isset($_POST['loginUsername']) && isset($_POST['loginPassword'])) { $loginUsername = $_POST['loginUsername']; $loginPassword = $_POST['loginPassword']; $loginCookieSet = $_POST['loginCookieSet']; $loginPasswordCrypt = ecCrypt($loginPassword); $loginPassword = 0; } session_start(); if (!empty($loginUsername) && (!empty($loginPasswordCrypt) || !empty($loginCookieCrypt)) && !isset($_SESSION['userId'])) { $loginUsername = dbRealEscapeString($loginUsername); $ecUsersData = dbSelect('*', 1, 'users', "usersUsername='******'"); while ($users = mysql_fetch_object($ecUsersData)) { if ($users->usersPassword == $loginPasswordCrypt || ecCryptCookie($users->usersPassword) == $loginCookieCrypt) { $loginStatus = 1; $_SESSION['userId'] = $users->usersId; $_SESSION['userIP'] = $ecLocal['userIP']; if (!empty($loginCookieSet)) { $cookieTime = time() + $loginCookieSet; setcookie("ecLoginUsername", $loginUsername, $cookieTime); setcookie("ecLoginPassword", ecCryptCookie($loginPasswordCrypt), $cookieTime); } } else { session_destroy(); $loginStatus = 3; if (!empty($_COOKIE['ecLoginUsername']) || !empty($_COOKIE['ecLoginPassword'])) {