PHP mosMainFrame::remCookieValue_Pass Examples

Example #1

File: joomla.php Project: patricmutwiri/joomlaclube

 /**
  * Login validation function
  *
  * Username and encoded password is compare to db entries in the jos_users
  * table. A successful validation updates the current session record with
  * the users details.
  */
 function login($username = null, $passwd = null, $remember = 0, $userid = NULL)
 {
     global $acl, $_VERSION;
     $bypost = 0;
     $valid_remember = false;
     // if no username and password passed from function, then function is being called from login module/component
     if (!$username || !$passwd) {
         $username = stripslashes(strval(mosGetParam($_POST, 'username', '')));
         $passwd = stripslashes(strval(mosGetParam($_POST, 'passwd', '')));
         $bypost = 1;
         // extra check to ensure that Joomla! sessioncookie exists
         if (!$this->_session->session_id) {
             mosErrorAlert(_ALERT_ENABLED);
             return;
         }
         josSpoofCheck(NULL, 1);
     }
     $row = null;
     if (!$username || !$passwd) {
         mosErrorAlert(_LOGIN_INCOMPLETE);
         exit;
     } else {
         if ($remember && strlen($username) == 32 && $userid) {
             // query used for remember me cookie
             $harden = mosHash(@$_SERVER['HTTP_USER_AGENT']);
             $query = "SELECT id, name, username, password, usertype, block, gid" . "\n FROM #__users" . "\n WHERE id = " . (int) $userid;
             $this->_db->setQuery($query);
             $this->_db->loadObject($user);
             list($hash, $salt) = explode(':', $user->password);
             $check_username = md5($user->username . $harden);
             $check_password = md5($hash . $harden);
             if ($check_username == $username && $check_password == $passwd) {
                 $row = $user;
                 $valid_remember = true;
             }
         } else {
             // query used for login via login module
             $query = "SELECT id, name, username, password, usertype, block, gid" . "\n FROM #__users" . "\n WHERE username = "******"DELETE FROM #__session" . "\n WHERE session_id != " . $this->_db->Quote($session->session_id) . "\n AND username = "******"\n AND userid = " . (int) $row->id . "\n AND gid = " . (int) $row->gid . "\n AND guest = 0";
                 $this->_db->setQuery($query);
                 $this->_db->query();
             }
             // update user visit data
             $currentDate = date("Y-m-d\\TH:i:s");
             $query = "UPDATE #__users" . "\n SET lastvisitDate = " . $this->_db->Quote($currentDate) . "\n WHERE id = " . (int) $session->userid;
             $this->_db->setQuery($query);
             if (!$this->_db->query()) {
                 die($this->_db->stderr(true));
             }
             // set remember me cookie if selected
             $remember = strval(mosGetParam($_POST, 'remember', ''));
             if ($remember == 'yes') {
                 // cookie lifetime of 365 days
                 $lifetime = time() + 365 * 24 * 60 * 60;
                 $remCookieName = mosMainFrame::remCookieName_User();
                 $remCookieValue = mosMainFrame::remCookieValue_User($row->username) . mosMainFrame::remCookieValue_Pass($hash) . $row->id;
                 setcookie($remCookieName, $remCookieValue, $lifetime, '/');
             }
             mosCache::cleanCache();
         } else {
             if ($bypost) {
                 mosErrorAlert(_LOGIN_INCORRECT);
             } else {
                 $this->logout();
                 mosRedirect('index.php');
             }
             exit;
         }
     }
 }