/** * Login method * */ function LogIn($pUsername, $pPassword) { // username and password are hardcoded $cUserName = "******"; $cPassword = "******"; if (!strcmp($cPassword, $pPassword) && !strcmp($this->pSet->getCaseSensitiveUsername($cUserName), $this->pSet->getCaseSensitiveUsername($pUsername))) { $_SESSION["UserID"] = $pUsername; $_SESSION["UserName"] = $pUsername; $_SESSION["AccessLevel"] = ACCESS_LEVEL_USER; if ($this->auditObj) { $this->auditObj->LogLogin($pUsername); $this->auditObj->LoginSuccessful(); } if ($this->isCaptchaOk) { $dummy = array(); SetAuthSessionData($pUsername, $dummy, false, $pPassword); return true; } } else { if ($this->auditObj) { $this->auditObj->LogLoginFailed($pUsername); $this->auditObj->LoginUnsuccessful($pUsername); } return false; } }
/** * Set session variables and permissions after login via Facebook * */ function AfterFBLogIn($pUsername, $pPassword) { global $conn, $cUserNameFieldType, $cPasswordFieldType, $cUserNameField, $cDisplayNameField, $globalEvents; $logged = false; $strUsername = (string) $pUsername; $sUsername = $strUsername; if (NeedQuotes($cUserNameFieldType)) { $strUsername = db_prepare_string($strUsername); } else { $strUsername = 0 + $strUsername; } $strSQL = "select * from " . AddTableWrappers("") . " where " . AddFieldWrappers($cUserNameField) . "=" . $strUsername . ""; $rs = db_query($strSQL, $conn); $data = db_fetch_array($rs); if ($data) { $logged = true; $pDisplayUsername = $data[$cDisplayNameField] != '' ? $data[$cDisplayNameField] : $sUsername; DoLogin(false, $pUsername, $pDisplayUsername, "", ACCESS_LEVEL_USER, $pPassword); SetAuthSessionData($pUsername, $data, true, $pPassword); } }
/** * Login method * @param String pUsername * @param String pPassword */ function LogIn($pUsername, $pPassword) { // username and password are stored in the database global $cUserNameFieldType, $cPasswordFieldType, $cUserNameField, $cPasswordField, $cDisplayNameField; $logged = false; $strUsername = (string) $pUsername; $strPassword = (string) $pPassword; $loginSet = ProjectSettings::getForLogin(); $cipherer = RunnerCipherer::getForLogin($loginSet); $sUsername = $strUsername; $sPassword = $strPassword; if ($cipherer->isFieldEncrypted($cUserNameField)) { $strUsername = $cipherer->MakeDBValue($cUserNameField, $strUsername, "", true); } else { if (NeedQuotes($cUserNameFieldType)) { $strUsername = $this->connection->prepareString($strUsername); } else { $strUsername = 0 + $strUsername; } } if ($cipherer->isFieldEncrypted($cPasswordField)) { $strPassword = $cipherer->MakeDBValue($cPasswordField, $strPassword, "", true); } else { if (NeedQuotes($cPasswordFieldType)) { $strPassword = $this->connection->prepareString($strPassword); } else { $strPassword = 0 + $strPassword; } } if ($loginSet) { if (!$this->pSet->isCaseInsensitiveUsername()) { $where = $this->getFieldSQLDecrypt($cUserNameField) . "=" . $strUsername . " and " . $this->getFieldSQLDecrypt($cPasswordField) . "=" . $strPassword; } else { $where = $this->connection->upper($this->getFieldSQLDecrypt($cUserNameField)) . "=" . $this->pSet->getCaseSensitiveUsername($strUsername) . " and " . $this->getFieldSQLDecrypt($cPasswordField) . "=" . $strPassword; } $tempSQLQuery = $loginSet->GetTableData(".sqlquery"); $tempSQLQuery->addWhere($where); $tempSQLQuery->addWhere($this->connection->addFieldWrappers("active1") . "=1"); $strSQL = $tempSQLQuery->toSql(); } else { $strSQL = "select * from " . $this->connection->addTableWrappers("ConsolidatedStockEnquiry_users") . " where " . $this->connection->addFieldWrappers($cUserNameField) . "=" . $strUsername . " and " . $this->connection->addFieldWrappers($cPasswordField) . "=" . $strPassword; $strSQL .= " and " . $this->connection->addFieldWrappers("active1") . "=1"; } $data = $cipherer->DecryptFetchedArray($this->connection->query($strSQL)->fetchAssoc()); if ($data) { if ($this->pSet->getCaseSensitiveUsername(@$data[$cUserNameField]) == $this->pSet->getCaseSensitiveUsername($sUsername) && @$data[$cPasswordField] == $sPassword) { $logged = true; $pDisplayUsername = $data[$cDisplayNameField] != '' ? $data[$cDisplayNameField] : $sUsername; } } if ($logged && $this->isCaptchaOk) { DoLogin(false, $pUsername, $pDisplayUsername, "", ACCESS_LEVEL_USER, $pPassword, $this); SetAuthSessionData($pUsername, $data, $this->fromFacebook, $pPassword, $this); return true; } if ($this->auditObj) { $this->auditObj->LogLoginFailed($pUsername); $this->auditObj->LoginUnsuccessful($pUsername); } return false; }
/** * Set session variables and permissions after login via Facebook * @intellisense */ function AfterFBLogIn($pUsername, $pPassword, &$pageObject = null) { global $cman, $cUserNameFieldType, $cPasswordFieldType, $cUserNameField, $cDisplayNameField, $globalEvents; $logged = false; $strUsername = (string) $pUsername; $sUsername = $strUsername; $connection = $cman->getForLogin(); if (NeedQuotes($cUserNameFieldType)) { $strUsername = $connection->prepareString($strUsername); } else { $strUsername = 0 + $strUsername; } $strSQL = "select * from " . $connection->addTableWrappers("ConsolidatedStockEnquiry_users") . " where " . $connection->addFieldWrappers($cUserNameField) . "=" . $strUsername . ""; $data = $connection->query($strSQL)->fetchAssoc(); if (count($data)) { $logged = true; $pDisplayUsername = $data[$cDisplayNameField] != '' ? $data[$cDisplayNameField] : $sUsername; DoLogin(false, $pUsername, $pDisplayUsername, "", ACCESS_LEVEL_USER, $pPassword, $pageObject); SetAuthSessionData($pUsername, $data, true, $pPassword, $pageObject); } }
/** * Login method * */ function LogIn($pUsername,$pPassword){ // username and password are stored in the database global $conn, $cUserNameFieldType, $cPasswordFieldType, $cUserNameField, $cPasswordField, $cDisplayNameField; $logged = false; $strUsername = (string)$pUsername; $strPassword = (string)$pPassword; $cipherer = new RunnerCipherer("webreport_users"); $sUsername = $strUsername; $sPassword = $strPassword; if($cipherer->isFieldEncrypted($cUserNameField)) $strUsername = $cipherer->MakeDBValue($cUserNameField,$strUsername,"","",true); else { if(NeedQuotes($cUserNameFieldType)) $strUsername = db_prepare_string($strUsername); else $strUsername = (0+$strUsername); } if($cipherer->isFieldEncrypted($cPasswordField)) $strPassword = $cipherer->MakeDBValue($cPasswordField,$strPassword,"","",true); else { if(NeedQuotes($cPasswordFieldType)) $strPassword = db_prepare_string($strPassword); else $strPassword = (0+$strPassword); } $fieldList = ""; $lSet = new ProjectSettings("webreport_users", PAGE_LIST); if($lSet->GetTableData(".sqlquery")) $fieldList = $lSet->GetTableData(".sqlquery")->toSql(); if($fieldList) { if(!$this->pSet->isCaseInsensitiveUsername()) { $where = AddTableWrappers(GetFullFieldName($cUserNameField,"webreport_users",false)). "=".$strUsername." and ".AddTableWrappers(GetFullFieldName($cPasswordField,"webreport_users",false))."=".$strPassword; } else { $where = db_upper(getFullFieldName($cUserNameField,"webreport_users",false)). "=".$this->pSet->getCaseSensitiveUsername($strUsername)." and ".GetFullFieldName($cPasswordField,"webreport_users",false). "=".$strPassword; } $tempSQLQuery = $lSet->GetTableData(".sqlquery"); $tempSQLQuery->addWhere($where); $strSQL = $tempSQLQuery->toSql(); } else { $strSQL = "select * from ".AddTableWrappers("webreport_users")." where ".AddFieldWrappers($cUserNameField)."=".$strUsername." and ".AddFieldWrappers($cPasswordField)."=".$strPassword; } $rs = db_query($strSQL,$conn); $data = $cipherer->DecryptFetchedArray($rs); if($data){ if($this->pSet->getCaseSensitiveUsername(@$data[$cUserNameField])==$this->pSet->getCaseSensitiveUsername($sUsername) && @$data[$cPasswordField]==$sPassword){ $logged=true; $pDisplayUsername = $data[$cDisplayNameField]!='' ? $data[$cDisplayNameField] : $sUsername; } } if($logged && $this->isCaptchaOk) { DoLogin(false, $pUsername, $pDisplayUsername, "", ACCESS_LEVEL_USER, $pPassword); SetAuthSessionData($pUsername, $data, $this->fromFacebook, $pPassword); return true; } else { if($this->auditObj) { $this->auditObj->LogLoginFailed($pUsername); $this->auditObj->LoginUnsuccessful($pUsername); } return false; } }