if (ACTIVATE_DEBUG_MODE === TRUE) { ini_set("display_errors", 1); ERROR_REPORTING(E_ALL); FB::setEnabled(TRUE); FB::warn("FirePHP logging is enabled! Sensitive data may be exposed."); } else { ini_set("display_errors", 0); error_reporting(0); FB::setEnabled(FALSE); } // Creates the database tables if set to true if (BUILD_DATABASE === TRUE) { DB_Actions::build_database(); } // Check for a valid session AdminUtilities::check_session(); /******************************************************************************* * Break apart the URL and determine what data needs to be loaded *******************************************************************************/ // URL Parsing - Read the URL and break it apart for processing $url_array = Utilities::read_url(); // Load the menu $menu = new Menu($url_array); // Load the page attributes from the menu array $menu_page = DB_Actions::get_page_data_by_slug($url_array[0]); // Check if the page should actually be shown as main content if (property_exists($menu_page, 'show_full') && $menu_page->show_full != 1) { header("Location: /" . DB_Actions::get_default_page()); exit; } else { if ($menu_page === FALSE) {
public function login() { // Sanitize the username and store the password for hashing if (SIV::validate($_POST['username'], SIV::USERNAME) === TRUE) { $username = $_POST['username']; $password = $_POST['password']; } else { return FALSE; } FB::log($username, "Username"); // Load user data that matches the supplied username $userdata = $this->get_user_data($username); FB::log($userdata); // Make sure a user was loaded before continuing if (array_key_exists('email', $userdata) || array_key_exists('password', $userdata) || array_key_exists('username', $userdata) || array_key_exists('display', $userdata) || array_key_exists('clearance', $userdata)) { // Extract password hash $db_pass = $userdata['password']; FB::log($this->createSaltedHash($password, $db_pass), "Password Hash"); FB::log($db_pass === $this->createSaltedHash($password, $db_pass), "Passwords Match"); // Make sure the passwords match if ($db_pass === $this->createSaltedHash($password, $db_pass) && AdminUtilities::check_session()) { // Save the user data in a session variable $_SESSION['user'] = array('name' => $userdata['display'], 'email' => $userdata['email'], 'clearance' => $userdata['clearance']); FB::log($_SESSION, "Session"); // Set a cookie to store the username that expires in 30 days setcookie('username', $username, time() + 2592000, '/'); return TRUE; } else { return FALSE; } } else { return FALSE; } }
public static function is_form_submission_valid() { return isset($_REQUEST['page']) && (isset($_POST['token']) || isset($_GET['action'])) && AdminUtilities::check_session(); }