/** Assumes op=login and login params have been provided if(strlen($HTTP_VARS['uid'])>0 && strlen($HTTP_VARS['passwd'])>0) returns: SITE_IS_DISABLED - if user is not admin and site is diabled FALSE - if login failure TRUE - if login successful Does not perform any redirects */ function perform_login($HTTP_VARS) { $HTTP_VARS['uid'] = strtolower($HTTP_VARS['uid']); // make lowercase if (is_user_active($HTTP_VARS['uid']) && validate_user_passwd($HTTP_VARS['uid'], $HTTP_VARS['passwd'])) { if (get_opendb_config_var('site', 'enable') !== FALSE || is_user_granted_permission(PERM_ADMIN_LOGIN)) { register_user_login($HTTP_VARS['uid'], $HTTP_VARS['remember'] == 'true'); opendb_logger(OPENDB_LOG_INFO, __FILE__, __FUNCTION__, 'User logged in', array($HTTP_VARS['uid'])); return TRUE; } else { opendb_logger(OPENDB_LOG_WARN, __FILE__, __FUNCTION__, 'User tried to log in while site is disabled', array($HTTP_VARS['uid'])); return "SITE_IS_DISABLED"; } } else { //if(is_user_active($HTTP_VARS['uid']) && validate_user_passwd($HTTP_VARS['uid'], $HTTP_VARS['passwd'])) opendb_logger(OPENDB_LOG_WARN, __FILE__, __FUNCTION__, 'User failed to login', array($HTTP_VARS['uid'])); return FALSE; } }
function handle_opendb_remember_me() { global $PHP_SELF; // do nothing for these pages, if any more, should add to array and do !in_array check $page = basename($PHP_SELF, '.php'); if ($page != 'install' && $page != 'url' && $page != 'logout' && $page != 'login') { if (isset($_SESSION['remember_me']) && isset($_SESSION['user_id'])) { $doRememberMe = TRUE; } else { $doRememberMe = FALSE; } $oldCookie = $_COOKIE[get_opendb_remember_me_cookie_name()]; if (!empty($oldCookie)) { $remember_me_r = get_remember_me_r($oldCookie); if ($remember_me_r !== FALSE) { // no need to register if already logged in if ($remember_me_r['valid'] === TRUE && !$doRememberMe) { // the second TRUE, flags the current user login as being enabled by a remember me cookie register_user_login($remember_me_r['user_id'], TRUE, TRUE); $doRememberMe = TRUE; } delete_remember_me($remember_me_r['id']); } } if ($doRememberMe) { $cookie = generate_opendb_cookie(); $site_r = get_opendb_config_var('site'); $login_timeout = (int) ifempty(ifempty($site_r['login_timeout'], $site_r['idle_timeout']), 3600); if (insert_remember_me($_SESSION['user_id'], $cookie)) { setcookie(get_opendb_remember_me_cookie_name(), $cookie, time() + $login_timeout); } } } }