/* check upass */
if (password_verify($_POST["user"], $_SESSION["upass"])) {
$_SESSION["user"] = $_POST["user"];
if (isset($_POST["admin"])) {
if (password_verify($_POST["admin"], $_SESSION["apass"])) {
$_SESSION["admin"] = $_POST["admin"];
}
}
header("Location: {$SERVER}");
} else {
/* mit user pass aber ohne eingabe , eingabe senden */
$PAGE = login_html("Fehler");
}
} else {
/* mit user pass aber ohne eingabe , eingabe senden */
$PAGE = login_html("");
}
}
} else {
/* mit user und userpass*/
if (!isset($_SESSION["mpass"])) {
/* kein masterpass */
if (isset($_POST["master"]) and $_POST["master"] != "") {
if (isset($_SESSION["admin"])) {
/*! wenn geoeffnet dann schreibe neue db */
$masterpasscrypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $_SESSION["user"], $_POST["master"], MCRYPT_MODE_ECB, $iv);
$wmpass = write_pass($SERVER_MPASS, $masterpasscrypt, "master");
$PAGE = post_tresor_schluessel_html($_POST["master"]);
}
} else {
/* ohne eingabe userpass diesen erfragen */
/**
* Login form validation.
*/
function validate_totp()
{
if (!isset($_POST['wp-auth-id'], $_POST['wp-auth-nonce'])) {
return;
}
$user = get_userdata($_POST['wp-auth-id']);
if (!$user) {
return;
}
$nonce = $_POST['wp-auth-nonce'];
if (true !== verify_login_nonce($user->ID, $nonce)) {
wp_safe_redirect(get_bloginfo('url'));
return safe_exit();
}
if (true !== validate_authentication($user)) {
do_action('wp_login_failed', $user->user_login);
$login_nonce = create_login_nonce($user->ID);
if (!$login_nonce) {
return;
}
login_html($user, $login_nonce['key'], $_REQUEST['redirect_to'], esc_html__('ERROR: Invalid verification code.', 'dovedi'));
return safe_exit();
}
delete_login_nonce($user->ID);
$rememberme = isset($_REQUEST['rememberme']) && $_REQUEST['rememberme'];
wp_set_auth_cookie($user->ID, $rememberme);
$redirect_to = apply_filters('login_redirect', $_REQUEST['redirect_to'], $_REQUEST['redirect_to'], $user);
wp_safe_redirect($redirect_to);
safe_exit();
}
