Example #1
0
function do_login()
{
    global $errors;
    $errors = array();
    if (!array_key_exists('email', $_POST) || !$_POST['email'] || !array_key_exists('password', $_POST) || !$_POST['password']) {
        $errors[] = "Please provide both an email address and a password";
    }
    if (count($errors)) {
        return;
    }
    $email = $_POST['email'];
    $password = $_POST['password'];
    error_log("Login attempt from <{$email}>");
    $users = fetch_all('users', 'email_address', $email);
    if (count($users) > 1) {
        die('Multiple users with that address!');
    }
    if (count($users) == 0) {
        $errors[] = 'Incorrect email address';
    } elseif (crypt($password, $users[0]->password_crypt) != $users[0]->password_crypt) {
        $errors[] = 'Incorrect password';
    } elseif (!$users[0]->date_verified) {
        $errors[] = 'Your account is not yet activated';
    } elseif (!$users[0]->date_approved) {
        $errors[] = 'Your account is not yet approved';
    }
    if (count($errors)) {
        return;
    }
    $forever = array_key_exists('forever', $_POST) && $_POST['forever'];
    set_login_cookie($uid = $users[0]->id, $forever ? 2147483647 : 0);
    error_log("Login succeeded from <{$email}>");
    redirect_away();
}
Example #2
0
function cm_logon($username, $password, $remember)
{
    if ($user_id = cm_check_login($username, $password)) {
        set_login_cookie($user_id, $remember);
        return true;
    }
    return false;
}
Example #3
0
 function save()
 {
     if ($this->valid()) {
         set_login_cookie($this->user->id);
         return true;
     } else {
         return false;
     }
 }
Example #4
0
function LoginForm_AttemptLogin()
{
    global $q_stash, $q_email, $q_name, $q_rememberme;
    /* User has tried to log in. */
    if (is_null($q_email)) {
        return array('email' => 'Please enter your email address');
    }
    if (!validate_email($q_email)) {
        return array('email' => 'Please enter a valid email address');
    }
    global $q_password;
    $P = person_get($q_email);
    if (is_null($P) || !$P->check_password($q_password)) {
        return array('badpass' => 'Either your email or password weren\'t recognised.  Please try again.');
    } else {
        /* User has logged in correctly. Decide whether they are changing
         * their name. */
        set_login_cookie($P, $q_rememberme ? 28 * 24 * 3600 : null);
        // one month
        $P->inc_numlogins();
        db_commit();
        return array();
    }
}
Example #5
0
function grant_auth($db)
{
    $salt = generate_salt();
    $ip = get_client_ip();
    clear_auth($db);
    //Adding new record
    $insert_sql = sprintf("INSERT INTO `auth` (`salt`, `ip`, `valid`) VALUES ('%s', '%s', 1)", $db->real_escape_string($salt), $db->real_escape_string($ip));
    if (!$db->query($insert_sql)) {
        printf("Error: %s\n", $db->error);
        return false;
    }
    //Set cookie
    set_login_cookie($salt, $ip);
    return true;
}
Example #6
0
    $sql = "select id,username,admin from user where username = '******' and password = '******' and deleted = 0";
    $rs = mysqli_query(db(), $sql);
    diesql($rs, $sql);
    $found = false;
    while ($row = mysqli_fetch_array($rs)) {
        $found = true;
        $username = $row['username'];
        $id = $row['id'];
        $admin = $row['admin'];
        $_SESSION[SESSION_LOGGED_IN_KEY] = $id;
        $_SESSION[SESSION_ADMIN_KEY] = $admin;
        $_SESSION[SESSION_BUDGET_ID] = Budgets::budget_for_user_id($id);
        if (!isset($_SESSION[SESSION_MONTH_ID])) {
            $month = Months::current_month();
            $_SESSION[SESSION_MONTH_ID] = $month->id;
            $_SESSION[SESSION_MONTH_NAME] = $month->name;
        }
        if (!$admin) {
            set_login_cookie($id);
        }
    }
    if (!$found) {
        header("location: profile.php");
        die;
    }
}
header("location: index.php");
die;
?>
Example #7
0
 public function sign_in_code()
 {
     if (empty($_POST)) {
         exit(json_encode(array('code' => -1, 'msg' => 'post required')));
     }
     if (!($phone = $this->input->post('phone'))) {
         exit(json_encode(array('code' => -2, 'msg' => 'phone required')));
     }
     if (!($code = $this->input->post('code'))) {
         exit(json_encode(array('code' => -3, 'msg' => 'code required')));
     }
     if (!check_phone($phone)) {
         exit(json_encode(array('code' => -4, 'msg' => 'phone invalid')));
     }
     $this->load->library('session');
     /*
     if(!isset($_SESSION['phone_verify_number'])){
         exit(json_encode(array(
                         'code' => -5,
                         'msg' => '验证码已过期',
                         )
                     ));
     }
     
     if($code != $_SESSION['phone_verify_number']){
         exit(json_encode(array(
                         'code' => -6,
                         'msg' => '验证码不正确',
                         )
                     ));
     }
     */
     unset($_SESSION['phone_verify_number']);
     if (check_login()) {
         exit(json_encode(array('code' => -7, 'msg' => '已登录')));
     }
     $this->load->model('user_model', 'user');
     if ($user = $this->user->get_user($phone)) {
         set_login_cookie($user->user_id);
         exit(json_encode(array('code' => 0, 'msg' => 'succ', 'ret' => array('user_id' => $user->user_id, 'phone' => $user->phone))));
     } else {
         if (($user_id = $this->user->insert_user($phone)) > 0) {
             set_login_cookie($user_id);
             exit(json_encode(array('code' => 0, 'msg' => 'succ', 'ret' => array('user_id' => $user_id, 'phone' => $phone))));
         } else {
             exit(json_encode(array('code' => -10, 'msg' => 'insert user fail')));
         }
     }
 }