<?php
// check duplicate logins to see if another person (with same user/pass) has access then undeny access
if (is_array($rs_logins)) {
foreach ($rs_logins as $person) {
if (auth_person($access_groups, $person['person_id'])) {
$access_denied = false;
$o = new Login();
$o->person = new person($person['person_id']);
$o->post_password = $_POST['login_password'];
$o->post_remember_me = $_POST['remember_me'];
if ($o->_checkLogin()) {
$o->doLogin();
break;
}
}
}
}
/**
* Determines if the current Identity has the specified permission
* @param string $permission the permission string in the format of
* key_table:permission
* @return bool
*/
public function auth($permission)
{
return \auth_person($permission, $this->person_id());
}
public function checkLogin()
{
global $access_groups, $access_denied, $rs_logins;
if ($this->login_path) {
$this->checkLoginPath();
}
if (!$this->post_password) {
$this->_errors[] = 'You need to enter a password.';
}
if (!$this->post_username) {
$this->_errors[] = 'You need to enter a username or email address';
}
if ($this->_errors) {
return $this->r();
}
$username = trim(strtolower($this->post_username));
$aql = "\n\t\t\t\t\tperson {\n\t\t\t\t\t\twhere (\n\t\t\t\t\t\t\tlower(email_address) like '{$username}' or lower(username) like '{$username}'\n\t\t\t\t\t\t\tand password_hash is not null\n\t\t\t\t\t\t)\n\t\t\t\t\t\torder by id desc\n\t\t\t\t\t}\n\t\t\t\t";
$rs_logins = aql::select($aql);
if ($this->post_password) {
$granted = false;
foreach ($rs_logins as $p) {
$this->person = new person($p['person_id'], null, true);
if (!$this->person->person_id) {
continue;
}
if ($this->_checkLogin($this->post_password)) {
if (auth_person($access_groups, $this->person->person_id) || !$access_groups) {
$access_denied = false;
return $this->r(array('person_ide' => $this->person->person_ide));
}
}
}
}
$this->_errors[] = 'Invalid Login';
return $this->r();
}
$o = new Login($_POST['login_username'], $_POST['login_password'], array('remember_me' => $_POST['remember_me'], 'login_path' => $_POST['login_referer']));
$re = $o->checkLogin();
if ($re['status'] == 'OK') {
$o->doLogin();
}
}
if (!Login::isLoggedIn()) {
$o_cookie = person_cookie::getByCookie();
if ($o_cookie) {
if ($o_cookie->checkToken()) {
$o = new Login();
$o->person = new person($o_cookie->person_id);
$o->doLogin();
}
}
}
if (Login::isLoggedIn()) {
if ($access_groups) {
if (auth_person($access_groups, $_SESSION['login']['person_id'])) {
$access_denied = false;
}
}
Login::setConstants();
}
if (!$access_denied) {
return;
}
if (file_exists_incpath($access_denied_output_file)) {
include $access_denied_output_file;
}
exit;
