Example #1
0
             $cookiePath = $config["cookie"]["cookiepath"];
             $cookieDomain = $config["cookie"]["cookiedomain"];
             $secure = $_SERVER["SERVER_PORT"] == 443 ? 1 : 0;
             @setcookie($k, "", time() - 86400, $cookiePath, $cookieDomain, $secure, false);
         }
         $account = Ibos::app()->setting->get("setting/account");
         $user = Ibos::app()->user;
         if ($account["allowshare"] != 1) {
             $user->setStateKeyPrefix(Ibos::app()->setting->get("sid"));
         }
         $user->login($identity);
         $log = array("terminal" => "bqqsso", "password" => "", "ip" => $ip, "user" => $curUser["username"], "loginType" => $identity::LOGIN_BY_USERNAME, "address" => "", "gps" => "");
         Log::write($log, "login", sprintf("module.user.%d", $uid));
         $rule = UserUtil::updateCreditByAction("daylogin", $uid);
         if (!$rule["updateCredit"]) {
             UserUtil::checkUserGroup($uid);
         }
         if ($returnurl == "index") {
             header("Location: ../../index.php", true);
         } else {
             $url = parse_url($returnurl);
             if (isset($url["scheme"])) {
                 header("Location:" . $returnurl, true);
             } else {
                 header("Location:../../" . $returnurl, true);
             }
         }
     }
 } else {
     EnvUtil::iExit($status["msg"]);
 }
Example #2
0
 protected function doLogin($userName, $passWord, $loginType, $account, $autoLogin = 1, $cookieTime = 0, $inajax = 0)
 {
     if (!$passWord || $passWord != addslashes($passWord)) {
         $this->error(Ibos::lang("Passwd illegal"));
     }
     $errornum = $this->loginCheck($account);
     $ip = Ibos::app()->setting->get("clientip");
     $identity = new ICUserIdentity($userName, $passWord, $loginType);
     $result = $identity->authenticate();
     if (0 < $result) {
         $user = Ibos::app()->user;
         if (empty($autoLogin)) {
             $user->setState($user::AUTH_TIMEOUT_VAR, TIMESTAMP + $account["timeout"]);
         } else {
             MainUtil::setCookie("autologin", 1, $cookieTime);
         }
         $user->login($identity, $cookieTime);
         if ($user->uid != 1) {
             MainUtil::checkLicenseLimit(true);
         }
         if (!$inajax) {
             $urlForward = EnvUtil::referer();
             $log = array("terminal" => "web", "password" => StringUtil::passwordMask($passWord), "ip" => $ip, "user" => $userName, "loginType" => $loginType, "address" => "", "gps" => "");
             Log::write($log, "login", sprintf("module.user.%d", $user->uid));
             $rule = UserUtil::updateCreditByAction("daylogin", $user->uid);
             if (!$rule["updateCredit"]) {
                 UserUtil::checkUserGroup($user->uid);
             }
             $this->success(Ibos::lang("Login succeed", "", array("{username}" => $user->realname)), $urlForward);
         } else {
             $this->ajaxReturn(array("isSuccess" => true));
         }
     } elseif ($result === 0) {
         $this->error(Ibos::lang("User not fount", "", array("{username}" => $userName)), "", array(), array("error" => $result));
     } elseif ($result === -1) {
         $this->error(Ibos::lang("User lock", "", array("{username}" => $userName)), "", array(), array("error" => $result));
     } elseif ($result === -2) {
         $this->error(Ibos::lang("User disabled", "", array("{username}" => $userName)), "", array(), array("error" => $result));
     } elseif ($result === -3) {
         FailedLogin::model()->updateFailed($ip);
         list($ip1, $ip2) = explode(".", $ip);
         $newIp = $ip1 . "." . $ip2;
         FailedIp::model()->insertIp($newIp);
         $log = array("user" => $userName, "password" => StringUtil::passwordMask($passWord), "ip" => $ip);
         Log::write($log, "illegal", "module.user.login");
         if ($errornum) {
             $this->error("登录失败,您还可以尝试" . ($errornum - 1) . "次");
         } else {
             $this->error(Ibos::lang("User name or password is not correct"), "", array(), array("error" => $result));
         }
     }
 }