return selection($entries, $name, q($GLOBALS[$name]), "class='form-control'");
}
$all_vars = array('dbHostForm', 'dbUsernameForm', 'dbNameForm', 'dbMyAdmin',
'dbPassForm', 'urlForm', 'nameForm', 'emailForm', 'loginForm', 'lang',
'passForm', 'campusForm', 'helpdeskForm', 'helpdeskmail', 'eclass_stud_reg', 'eclass_prof_reg',
'institutionForm', 'institutionUrlForm', 'faxForm', 'postaddressForm');
// Check for db connection after settings submission
$GLOBALS['mysqlServer'] = $dbHostForm;
$GLOBALS['mysqlUser'] = $dbUsernameForm;
$GLOBALS['mysqlPassword'] = $dbPassForm;
if (isset($_POST['install4'])) {
try {
Debug::setLevel(Debug::ALWAYS);
Database::core();
if (!check_engine()) {
$tool_content .= "<div class='alert alert-warning'>$langInnoDBMissing</div>";
unset($_POST['install4']);
$_POST['install3'] = true;
} else {
$GLOBALS['mysqlMainDb'] = $dbNameForm;
try {
Database::get();
$tool_content .= "<div class='alert alert-info'>" .
sprintf($langDatabaseExists, '<b>' . q($dbNameForm) . '</b>') .
"</div>";
} catch (Exception $e) {
// no problem, database doesn't exist
}
}
/**
* @file install_db.php
* @brief installation data base queries
*/
require_once '../include/phpass/PasswordHash.php';
require_once '../modules/db/database.php';
require_once '../modules/admin/debug.php';
if (!defined('ECLASS_VERSION')) {
exit;
}
set_time_limit(0);
Database::core()->query("DROP DATABASE IF EXISTS `{$mysqlMainDb}`");
// set default storage engine
Database::core()->query("SET storage_engine = InnoDB");
// create eclass database
Database::core()->query("CREATE DATABASE `{$mysqlMainDb}` CHARACTER SET utf8");
$db = Database::get();
// drop old tables if they exist
$db->query("DROP TABLE IF EXISTS admin");
$db->query("DROP TABLE IF EXISTS admin_announcements");
$db->query("DROP TABLE IF EXISTS agenda");
$db->query("DROP TABLE IF EXISTS announcements");
$db->query("DROP TABLE IF EXISTS auth");
$db->query("DROP TABLE IF EXISTS course");
$db->query("DROP TABLE IF EXISTS course_user");
$db->query("DROP TABLE IF EXISTS course_description");
$db->query("DROP TABLE IF EXISTS course_review");
$db->query("DROP TABLE IF EXISTS faculte");
$db->query("DROP TABLE IF EXISTS institution");
$db->query("DROP TABLE IF EXISTS loginout");
$db->query("DROP TABLE IF EXISTS loginout_summary");
function login($user_info_object, $posted_uname, $pass)
{
$pass_match = false;
$hasher = new PasswordHash(8, false);
if (check_username_sensitivity($posted_uname, $user_info_object->username)) {
if ($hasher->CheckPassword($pass, $user_info_object->password)) {
$pass_match = true;
} else {
if (strlen($user_info_object->password) < 60 && md5($pass) == $user_info_object->password) {
$pass_match = true;
// password is in old md5 format, update transparently
$password_encrypted = $hasher->HashPassword($pass);
$user_info_object->password = $password_encrypted;
Database::core()->query("SET sql_mode = TRADITIONAL");
Database::get()->query("UPDATE user SET password = ?s WHERE id = ?d", $password_encrypted, $user_info_object->id);
}
}
}
if ($pass_match) {
// check if account is active
$is_active = check_activity($user_info_object->id);
// check for admin privileges
$admin_rights = get_admin_rights($user_info_object->id);
if ($admin_rights == ADMIN_USER) {
$is_active = 1;
// admin user is always active
$_SESSION['is_admin'] = 1;
} elseif ($admin_rights == POWER_USER) {
$_SESSION['is_power_user'] = 1;
} elseif ($admin_rights == USERMANAGE_USER) {
$_SESSION['is_usermanage_user'] = 1;
} elseif ($admin_rights == DEPARTMENTMANAGE_USER) {
$_SESSION['is_departmentmanage_user'] = 1;
}
if ($is_active) {
$_SESSION['uid'] = $user_info_object->id;
$_SESSION['uname'] = $user_info_object->username;
$_SESSION['surname'] = $user_info_object->surname;
$_SESSION['givenname'] = $user_info_object->givenname;
$_SESSION['status'] = $user_info_object->status;
$_SESSION['email'] = $user_info_object->email;
$GLOBALS['language'] = $_SESSION['langswitch'] = $user_info_object->lang;
$auth_allow = 1;
} else {
$auth_allow = 3;
$GLOBALS['inactive_uid'] = $user_info_object->id;
}
} else {
$auth_allow = 4;
// means wrong password
Log::record(0, 0, LOG_LOGIN_FAILURE, array('uname' => $posted_uname, 'pass' => $pass));
}
return $auth_allow;
}
