return selection($entries, $name, q($GLOBALS[$name]), "class='form-control'"); } $all_vars = array('dbHostForm', 'dbUsernameForm', 'dbNameForm', 'dbMyAdmin', 'dbPassForm', 'urlForm', 'nameForm', 'emailForm', 'loginForm', 'lang', 'passForm', 'campusForm', 'helpdeskForm', 'helpdeskmail', 'eclass_stud_reg', 'eclass_prof_reg', 'institutionForm', 'institutionUrlForm', 'faxForm', 'postaddressForm'); // Check for db connection after settings submission $GLOBALS['mysqlServer'] = $dbHostForm; $GLOBALS['mysqlUser'] = $dbUsernameForm; $GLOBALS['mysqlPassword'] = $dbPassForm; if (isset($_POST['install4'])) { try { Debug::setLevel(Debug::ALWAYS); Database::core(); if (!check_engine()) { $tool_content .= "<div class='alert alert-warning'>$langInnoDBMissing</div>"; unset($_POST['install4']); $_POST['install3'] = true; } else { $GLOBALS['mysqlMainDb'] = $dbNameForm; try { Database::get(); $tool_content .= "<div class='alert alert-info'>" . sprintf($langDatabaseExists, '<b>' . q($dbNameForm) . '</b>') . "</div>"; } catch (Exception $e) { // no problem, database doesn't exist } }
/** * @file install_db.php * @brief installation data base queries */ require_once '../include/phpass/PasswordHash.php'; require_once '../modules/db/database.php'; require_once '../modules/admin/debug.php'; if (!defined('ECLASS_VERSION')) { exit; } set_time_limit(0); Database::core()->query("DROP DATABASE IF EXISTS `{$mysqlMainDb}`"); // set default storage engine Database::core()->query("SET storage_engine = InnoDB"); // create eclass database Database::core()->query("CREATE DATABASE `{$mysqlMainDb}` CHARACTER SET utf8"); $db = Database::get(); // drop old tables if they exist $db->query("DROP TABLE IF EXISTS admin"); $db->query("DROP TABLE IF EXISTS admin_announcements"); $db->query("DROP TABLE IF EXISTS agenda"); $db->query("DROP TABLE IF EXISTS announcements"); $db->query("DROP TABLE IF EXISTS auth"); $db->query("DROP TABLE IF EXISTS course"); $db->query("DROP TABLE IF EXISTS course_user"); $db->query("DROP TABLE IF EXISTS course_description"); $db->query("DROP TABLE IF EXISTS course_review"); $db->query("DROP TABLE IF EXISTS faculte"); $db->query("DROP TABLE IF EXISTS institution"); $db->query("DROP TABLE IF EXISTS loginout"); $db->query("DROP TABLE IF EXISTS loginout_summary");
function login($user_info_object, $posted_uname, $pass) { $pass_match = false; $hasher = new PasswordHash(8, false); if (check_username_sensitivity($posted_uname, $user_info_object->username)) { if ($hasher->CheckPassword($pass, $user_info_object->password)) { $pass_match = true; } else { if (strlen($user_info_object->password) < 60 && md5($pass) == $user_info_object->password) { $pass_match = true; // password is in old md5 format, update transparently $password_encrypted = $hasher->HashPassword($pass); $user_info_object->password = $password_encrypted; Database::core()->query("SET sql_mode = TRADITIONAL"); Database::get()->query("UPDATE user SET password = ?s WHERE id = ?d", $password_encrypted, $user_info_object->id); } } } if ($pass_match) { // check if account is active $is_active = check_activity($user_info_object->id); // check for admin privileges $admin_rights = get_admin_rights($user_info_object->id); if ($admin_rights == ADMIN_USER) { $is_active = 1; // admin user is always active $_SESSION['is_admin'] = 1; } elseif ($admin_rights == POWER_USER) { $_SESSION['is_power_user'] = 1; } elseif ($admin_rights == USERMANAGE_USER) { $_SESSION['is_usermanage_user'] = 1; } elseif ($admin_rights == DEPARTMENTMANAGE_USER) { $_SESSION['is_departmentmanage_user'] = 1; } if ($is_active) { $_SESSION['uid'] = $user_info_object->id; $_SESSION['uname'] = $user_info_object->username; $_SESSION['surname'] = $user_info_object->surname; $_SESSION['givenname'] = $user_info_object->givenname; $_SESSION['status'] = $user_info_object->status; $_SESSION['email'] = $user_info_object->email; $GLOBALS['language'] = $_SESSION['langswitch'] = $user_info_object->lang; $auth_allow = 1; } else { $auth_allow = 3; $GLOBALS['inactive_uid'] = $user_info_object->id; } } else { $auth_allow = 4; // means wrong password Log::record(0, 0, LOG_LOGIN_FAILURE, array('uname' => $posted_uname, 'pass' => $pass)); } return $auth_allow; }