/** * LOGIN User * * @global resource $SUMO * @author Alberto Basso <*****@*****.**> */ function sumo_user_login() { global $SUMO; $_SESSION['security_string'] = $SUMO['connection']['security_string']; $_SESSION['user']['password'] = '******'; $_SESSION['loggedin'] = true; sumo_delete_old_sessions(); // Delete old sessions sumo_delete_old_connections(); // Delete old connections sumo_delete_connection(); // Delete user connection // Create session $query = "INSERT INTO " . SUMO_TABLE_SESSIONS . "\n\t\t (node, id_user, username, connected, expire, ip, hostname, country_name, url, client, session_id)\n\t\t VALUES (\n\t\t '" . $SUMO['server']['name'] . "',\n\t\t " . $SUMO['user']['id'] . ",\n\t\t '" . $SUMO['user']['user'] . "',\n\t\t " . $SUMO['server']['time'] . ",\n\t\t " . ($SUMO['config']['sessions']['timeout'] + $SUMO['server']['time']) . ",\n\t\t '" . $SUMO['client']['ip'] . "',\n\t\t '" . $SUMO['client']['name'] . "',\n\t\t '" . $SUMO['client']['country'] . " - " . $SUMO['client']['country_code'] . "',\n\t\t '" . $SUMO['page']['url'] . "',\n\t\t '" . $SUMO['client']['platform'] . " - " . $SUMO['client']['browser'] . "',\n\t\t '" . $SUMO['client']['session_id'] . "'\n\t\t )"; $SUMO['DB']->Execute($query); // Update last login for current user $query = "UPDATE " . SUMO_TABLE_USERS . "\n\t\t SET last_login="******"\n\t\t WHERE id=" . $SUMO['user']['id']; $SUMO['DB']->Execute($query); // Create cookie language (store for 90 days) if (!$_COOKIE['language']) { setcookie('language', $SUMO['user']['language'], $SUMO['server']['time'] + 7776000); } // Cookie to use iframe for login $expire = $SUMO['server']['time'] + $SUMO['config']['sessions']['timeout']; setcookie('loggedin', 1, $expire); setcookie('user', $SUMO['user']['user'], $expire); sumo_write_log('I00200X', array($SUMO['user']['user'], $SUMO['client']['ip'], $SUMO['client']['country'], sumo_get_accesspoint_name($SUMO['page']['name'], $SUMO['config']['server']['language']), $SUMO['page']['url']), '0,1', 3, 'access', FALSE); }
// Update request and create connection if ($update_req) { $SUMO['connection'] = sumo_get_connection_info(); if (!$SUMO['connection']) { sumo_create_connection(); } else { // Count errors requests if ($SUMO['connection']['requests'] < $SUMO['config']['security']['max_login_attempts']) { sumo_update_security_string(); //...for refresh page if ($_SESSION['user']['password'] && $_SESSION['user']['user']) { sumo_update_request(); } } else { // ...too much attempts sumo_delete_connection(); sumo_delete_session(); sumo_add_banned(); } } } // Create SSO if ($sumo_access == 'LOGIN' && SUMO_SESSIONS_REPLICA) { sumo_create_session_id(); } // Display Login or Message box if ($sumo_access != 'CONTINUE' && $sumo_access != 'LOGIN') { $SUMO['connection'] = sumo_get_connection_info(); // HTTP Basic Authentication if (!empty($SUMO['page']['http_auth'])) { $sumo_template = 'message';