Esempio n. 1
0
 function logout()
 {
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     $this->user1->log_access_trail($this->session->userdata('username'), 'Success', 'logout');
     $this->session->set_userdata('lmsg', 'You have logged out.');
     #Clear/reset tracking cookies if present
     setcookie(get_user_cookie_name($this), "", time() + 0);
     setcookie("loggedin", "false", time() + $this->config->item('sess_time_to_update'));
     # Clear key session variables
     $this->session->unset_userdata(array('alluserdata' => '', 'isadmin' => '', 'trackerids' => '', 'fwdurl' => '', 'userid' => '', 'isadmin' => ''));
     if (empty($data['m'])) {
         $data['m'] = "lmsg";
     }
     $this->session->sess_destroy();
     redirect(base_url() . 'admin/login/m/' . $data['m']);
 }
Esempio n. 2
0
function access_control($obj, $usertypes = array())
{
    #Check if the user has an active [remember me] cookie
    #If so, log them in remotely.
    $cookie_name = get_user_cookie_name($obj);
    if (!$obj->session->userdata('userid') && isset($_COOKIE[$cookie_name])) {
        #get the stored cookie value with the login details
        $login_details = explode("||", decryptValue($_COOKIE[$cookie_name]));
        $chk_user = $obj->Users->validate_login_user(array('username' => $login_details[0], 'password' => $login_details[1]));
        if (count($chk_user) > 0) {
            $obj->Users->populate_user_details($chk_user);
        }
        #TODO: THIS LINE IS FOR TESTING. REMOVE ON ACTIVE VERSION
        $obj->session->set_userdata('refreshed_session', "YES");
    }
    #By default, this function checks that the user is logged in
    if ($obj->session->userdata('userid')) {
        if ($obj->session->userdata('isadmin') == 'Y') {
            $usertype = 'admin';
        } else {
            $usertype = $obj->session->userdata('usertype');
        }
        #If logged in, check if the user is allowed to access the given page
        if (!empty($usertypes) && !in_array($usertype, $usertypes)) {
            $qmsg = 'WARNING: You do not have the priviledges to access this function.';
        }
    } else {
        $qmsg = 'WARNING: You are not logged in. Please login to continue.';
    }
    #Redirect if the user has no access to the given page
    if (!empty($qmsg)) {
        $obj->session->set_userdata('qmsg', $qmsg);
        redirect(base_url() . "admin/logout/m/qmsg");
    }
}