public static function validate($user, $pass)
{
global $lC_Database;
$validated = false;
if (!empty($user) && !empty($pass)) {
$Qadmin = $lC_Database->query('select id, user_name, user_password from :table_administrators where user_name = :user_name');
$Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qadmin->bindValue(':user_name', $user);
$Qadmin->execute();
if ($Qadmin->numberOfRows() > 0) {
if (lc_validate_password($pass, $Qadmin->value('user_password'))) {
$validated = true;
}
}
}
// check serial once per day and download any missing addons
$serial = defined('INSTALLATION_ID') && INSTALLATION_ID != NULL ? INSTALLATION_ID : NULL;
if ($serial != NULL) {
if (self::_timeToCheck() || isset($_SESSION['pro_success']) && $_SESSION['pro_success'] == true) {
self::validateSerial($serial);
if (isset($_SESSION['pro_success'])) {
unset($_SESSION['pro_success']);
}
}
}
return $validated;
}
public function __construct()
{
global $lC_Database, $lC_Language, $lC_MessageStack;
parent::__construct();
if (isset($_SESSION['img_resize_flag'])) {
unset($_SESSION['img_resize_flag']);
}
if (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {
$Qadmin = $lC_Database->query('select * from :table_administrators where user_name = :user_name');
$Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
$Qadmin->bindValue(':user_name', $_POST['user_name']);
$Qadmin->execute();
if ($Qadmin->numberOfRows() > 0) {
if (lc_validate_password($_POST['user_password'], $Qadmin->value('user_password'))) {
$_SESSION['admin'] = array('id' => $Qadmin->valueInt('id'), 'firstname' => $Qadmin->value('first_name'), 'lastname' => $Qadmin->value('last_name'), 'username' => $Qadmin->value('user_name'), 'password' => $Qadmin->value('user_password'), 'access' => lC_Access::getUserLevels($Qadmin->valueInt('access_group_id')), 'language_id' => $Qadmin->value('language_id'));
$get_string = null;
if (isset($_SESSION['redirect_origin'])) {
$get_string = http_build_query($_SESSION['redirect_origin']['get']);
if (substr($get_string, -1) == '=') {
$get_string = substr($get_string, 0, -1);
}
unset($_SESSION['redirect_origin']);
}
if (defined('INSTALLATION_ID') && INSTALLATION_ID != NULL) {
lc_redirect_admin(lc_href_link_admin(FILENAME_DEFAULT, $get_string));
} else {
// redirect to login=register
lc_redirect_admin(lc_href_link_admin(FILENAME_DEFAULT, 'login&action=register'));
}
}
}
}
$_SESSION['error'] = true;
$_SESSION['errmsg'] = $lC_Language->get('ms_error_login_invalid');
}
/**
* Validate the password
*
* @param string $_GET['encrypted'] Password hash from DB
* @param string $_GET['plain'] Plain Password
* @access public
* @return json
*/
public static function validatePassword()
{
$result = array();
if (lc_validate_password($_GET['plain'], $_GET['encrypted'])) {
$result['rpcStatus'] = RPC_STATUS_SUCCESS;
}
echo json_encode($result);
}
