$errorFound = true;
$formError["login_session"] = _("Login unknown.");
$sessLoginAttempts = 1;
$_SESSION['auth']['last_login'] = '';
} else {
if (!$userQ->isActivated($loginSession)) {
$userQ->close();
$_SESSION = array();
// deregister all current session variables
FlashMsg::add(_("Your user account has been suspended. Contact with administrator to resolve this problem."));
header("Location: ../home/index.php");
exit;
}
$formSession = Form::getSession();
$lastLogin = isset($_SESSION['auth']['last_login']) ? $_SESSION['auth']['last_login'] : '';
if (!$userQ->verifySignOn($loginSession, $pwdSession)) {
$userQ->close();
Error::query($userQ);
}
$user = $userQ->fetch();
if (!$user) {
/**
* Invalid password. Add one to login attempts.
*/
$errorFound = true;
$formError["pwd_session"] = _("Invalid sign on.");
if (!isset($_SESSION['auth']['login_attempts']) || $_SESSION['auth']['login_attempts'] == "") {
$sessLoginAttempts = 1;
} else {
if ($loginSession == $lastLogin) {
$sessLoginAttempts = $_SESSION['auth']['login_attempts'] + 1;
if ($userQ->existLogin($user->getLogin(), $user->getIdMember())) {
$loginUsed = true;
FlashMsg::add(sprintf(_("Login, %s, already exists. The changes have no effect."), $user->getLogin()), OPEN_MSG_WARNING);
} else {
$userQ->update($user);
FlashMsg::add(sprintf(_("User, %s, has been updated."), $user->getLogin()));
/**
* updating session variables if user is current user
*/
if (isset($_POST["all"])) {
$_SESSION['auth']['login_session'] = $user->getLogin();
$_SESSION['auth']['user_theme'] = $user->getIdTheme();
}
}
if ($changePwd && !$loginUsed) {
if (!$userQ->verifySignOn($_POST["login"], $_POST["md5_old"], true)) {
$userQ->close();
unset($formError);
$formError["old_pwd"] = trim($_POST["md5_old"]) == "" ? _("This is a required field.") : _("This field is not correct.");
Form::setSession($_POST, $formError);
header("Location: " . $errorLocation);
exit;
}
$userQ->resetPwd($user);
}
$userQ->close();
unset($userQ);
unset($user);
/**
* Destroy form values and errors
*/
