/**
* Login user
*
* This function logs the user in the system, using the specified password
* <br/>Example:
* <code>
* $user = EfrontUserFactory :: factory('jdoe');
* $user -> login('mypass');
* </code>
*
* @param string $password The password to login with
* @param boolean $encrypted Whether the password is already encrypted
* @return boolean True if the user logged in successfully
* @since 3.5.0
* @access public
*/
public function login($password, $encrypted = false)
{
//If the user is already logged in, log him out
if ($this->isLoggedIn()) {
//If the user is logged in right now on the same pc with the same session, return true (nothing to do)
if ($this->isLoggedIn(session_id())) {
if (!$encrypted && EfrontUser::createPassword($password) != $this->user['password']) {
throw new EfrontUserException(_INVALIDPASSWORD, EfrontUserException::INVALID_PASSWORD);
} else {
if ($encrypted && $password != $this->user['password']) {
throw new EfrontUserException(_INVALIDPASSWORD, EfrontUserException::INVALID_PASSWORD);
}
}
return true;
} elseif (!$this->allowMultipleLogin()) {
$this->logout();
}
}
//If we are logged in as another user, log him out
if (isset($_SESSION['s_login']) && $_SESSION['s_login'] != $this->user['login']) {
try {
EfrontUserFactory::factory($_SESSION['s_login'])->logout(session_id());
} catch (Exception $e) {
}
}
//Empty session without destroying it
foreach ($_SESSION as $key => $value) {
if ($key != 'login_mode' && strpos($key, "facebook") === false) {
//'login_mode' is used to facilitate lesson registrations
unset($_SESSION[$key]);
}
}
if ($this->user['pending']) {
throw new EfrontUserException(_USERPENDING, EfrontUserException::USER_PENDING);
}
if (!$this->user['active']) {
throw new EfrontUserException(_USERINACTIVE, EfrontUserException::USER_INACTIVE);
}
if ($this->isLdapUser) {
//Authenticate LDAP user
if (!eF_checkUserLdap($this->user['login'], $password)) {
throw new EfrontUserException(_INVALIDPASSWORD, EfrontUserException::INVALID_PASSWORD);
}
} else {
if (!$encrypted) {
$password = EfrontUser::createPassword($password);
}
if ($password != $this->user['password']) {
throw new EfrontUserException(_INVALIDPASSWORD, EfrontUserException::INVALID_PASSWORD);
}
}
//if user language is deactivated or deleted, login user with system default language
if ($GLOBALS['configuration']['onelanguage']) {
$loginLanguage = $GLOBALS['configuration']['default_language'];
} else {
$activeLanguages = array_keys(EfrontSystem::getLanguages(true, true));
if (in_array($this->user['languages_NAME'], $activeLanguages)) {
$loginLanguage = $this->user['languages_NAME'];
} else {
$loginLanguage = $GLOBALS['configuration']['default_language'];
}
}
//Assign session variables
$_SESSION['s_login'] = $this->user['login'];
$_SESSION['s_password'] = $this->user['password'];
$_SESSION['s_type'] = $this->user['user_type'];
$_SESSION['s_language'] = $loginLanguage;
$_SESSION['s_custom_identifier'] = sha1(microtime() . $this->user['login']);
$_SESSION['s_time_target'] = array(0 => 'system');
//'s_time_target' is used to signify which of the system's area the user is currently accessing. It is a id => entity pair
//$_SESSION['last_action_timestamp'] = time(); //Initialize first action
//Insert log entry
$fields_insert = array('users_LOGIN' => $this->user['login'], 'timestamp' => time(), 'action' => 'login', 'comments' => session_id(), 'session_ip' => eF_encodeIP($_SERVER['REMOTE_ADDR']));
eF_insertTableData("logs", $fields_insert);
eF_updateTableData("users", array('last_login' => time()), "login='******'login']}'");
if ($GLOBALS['configuration']['ban_failed_logins']) {
eF_deleteTableData("logs", "users_LOGIN='******'login'] . "' and action='failed_login'");
}
//Insert user times entry
$fields = array("session_timestamp" => time(), "session_id" => session_id(), "session_custom_identifier" => $_SESSION['s_custom_identifier'], "session_expired" => 0, "users_LOGIN" => $_SESSION['s_login'], "timestamp_now" => time(), "time" => 0, "entity" => 'system', "entity_id" => 0);
eF_insertTableData("user_times", $fields);
return true;
}
// Check if the mobile version of eFront is required - if so set a session variable accordingly
//eF_setMobile();
if ($GLOBALS['configuration']['show_license_note'] && $user->user['viewed_license'] == 0) {
eF_redirect("index.php?ctg=agreement");
} else {
EfrontEvent::triggerEvent(array("type" => EfrontEvent::SYSTEM_VISITED, "users_LOGIN" => $user->user['login'], "users_name" => $user->user['name'], "users_surname" => $user->user['surname']));
loginRedirect($user->user['user_type']);
}
exit;
} catch (EfrontUserException $e) {
if ($GLOBALS['configuration']['activate_ldap'] && $e->getCode() == EfrontUserException::USER_NOT_EXISTS) {
if (!extension_loaded('ldap')) {
$message = $e->getMessage() . '<br/>' . _LDAPEXTENSIONNOTLOADED;
$message_type = 'failure';
} else {
$result = eF_checkUserLdap($fb_form_new->exportValue('login'), $fb_form_new->exportValue('password'));
if ($result) {
//The user exists in the LDAP server
eF_redirect("index.php?ctg=signup&ldap=1&login=" . $fb_form_new->exportValue('login'));
} else {
$message = _LOGINERRORPLEASEMAKESURECAPSLOCKISOFF;
$message_type = 'failure';
}
}
} elseif ($e->getCode() == EfrontUserException::USER_PENDING) {
$message = $e->getMessage();
$message_type = 'failure';
} elseif ($e->getCode() == EfrontUserException::USER_INACTIVE) {
$message = $e->getMessage();
$message_type = 'failure';
} else {
