<?php
@session_start();
// Redirect user back to index page if post body is empty
if (!isset($POST['usermail']) || !isset($POST['password'])) {
header("location:index.html");
}
require_once 'Auth.php';
$authObject = new Auth();
$email = $authObject->sanitizeString($_POST['usermail']);
$password = sha1(md5($authObject->sanitizeString($_POST['password'])) . $authObject->salt);
// echo $email." ".$password;
// sleep(1000);
$result = $authObject->checkPassword($email, $password);
$rows = mysql_fetch_assoc($result);
if ($rows['result'] == 1) {
$seconds = 3600 + time();
$value = "profile";
setcookie(loggedin, $value, $seconds, "/");
$id = $rows['id'];
$user_result = $authObject->getUserDetails($id);
$userDetails = mysql_fetch_assoc($user_result);
$user_type = $rows['user_type'];
$user_family = $authObject->getFamily($id);
$family = array();
//$userFamily = (mysql_fetch_assoc($user_family);
while ($child = mysql_fetch_assoc($user_family)) {
array_push($family, $child);
}
$_SESSION["user_id"] = $id;
$_SESSION["first_name"] = $userDetails['first_name'];
/**
* Check if default passwords always used
*
* @return array of login using default passwords
**/
static function checkDefaultPasswords()
{
global $DB;
$passwords = array('glpi' => 'glpi', 'tech' => 'tech', 'normal' => 'normal', 'post-only' => 'postonly');
$default_password_set = array();
$crit = array('FIELDS' => array('name', 'password'), 'is_active' => 1, 'name' => array_keys($passwords));
foreach ($DB->request('glpi_users', $crit) as $data) {
if (Auth::checkPassword($passwords[$data['name']], $data['password'])) {
$default_password_set[] = $data['name'];
}
}
return $default_password_set;
}
/**
* Check password
*
* @param $password string The password to check
* @param $token string The token
*/
protected function checkPassword($password, $token)
{
if ($this->enable && $this->login) {
$this->passwdOk = 1;
} else {
/* local connect (when sso not enabled and 'sso_mode' == 1 */
parent::checkPassword($password, $token);
}
}
