function login_session_create_from_login_cookie() { if (!login_cookie_isset()) { log_exception(new Exception('Tried to create session from nonexistent login cookie')); logout(); } $cookie = login_cookie_decode(); $cookie_token_entry = db_select_one('cookie_tokens', array('user_id'), array('token' => $cookie['t'], 'token_series' => $cookie['ts'])); if (!$cookie_token_entry['user_id']) { /* * TODO, here we could check: * - if the token_series matches but * - the token does not match * this probably means someone has already * used this cookie to re-authenticate. * This probably mean the cookie has been stolen. */ log_exception(new Exception('An invalid cookie token was used. Cookie likely stolen. TS: ' . $cookie['ts'])); logout(); // explicitly exit here, even // though we do in redirect() exit; } // get the user whom this token // was issued for $user = db_select_one('users', array('id', 'class', 'enabled', '2fa_status'), array('id' => $cookie_token_entry['user_id'])); // remove the cookie token from the db // as it is used, and we don't want it // to every be used again db_delete('cookie_tokens', array('token' => $cookie['t'], 'token_series' => $cookie['ts'])); // issue a new login cookie for the user // using the same token series identifier login_cookie_create($user, $cookie['ts']); login_session_create($user); }
trigger_error($ind294, E_USER_WARNING); } $post_user = isset($VARS['username']) ? ltrim(substr($VARS['username'], 0, 40)) : ''; $post_pass = isset($VARS['password']) ? ltrim(substr($VARS['password'], 0, 40)) : ''; $keep_login = isset($VARS['keep_login']) ? 1 : 0; if (!$post_user || !$post_pass) { trigger_error($ind18, E_USER_WARNING); } $file = file(FNEWS_ROOT_PATH . 'users.php'); array_shift($file); $passwordhash = md5($post_pass); $successful = false; foreach ($file as $value) { $user = get_line_data('users', $value); if ($post_user == $user['username'] && $passwordhash == $user['passwordhash']) { $userdata = login_session_create($user['username'], $keep_login); $successful = true; break; } } if (!$successful) { trigger_error($ind18b, E_USER_WARNING); } $title = $ind397; echo make_redirect($ind398); } else { if ($id == 'admin') { /*id Admin*/ if (has_access(NEWS_ADMIN)) { $title = $ind280; echo <<<html