function Main() { global $TPLV, $bottom, $db, $migalha, $usuario; $TPLV = new TemplatePower(TEMPLATE_PATH . "login.tpl"); $TPLV->assignGlobal("uploadPath", UPLOAD_PATH); $TPLV->assignGlobal("imagePath", IMAGE_PATH); $TPLV->assignGlobal("swfPath", SWF_PATH); $TPLV->assignGlobal("localPath", LOCAL_PATH); $TPLV->assignGlobal('navBottom', $bottom); $TPLV->prepare(); $in = $_GET['in']; switch ($in) { default: case 'restrito': if ($usuario->isLogado()) { inicio(); } else { restrito(); } break; case 'inicio': inicio(); break; case 'logout': logout(); break; } }
static function logout($input) { $result = logout(); if (!$result) { throw new Exception("could_not_logout"); } }
function LoginUser($tool_provider) { // Clear any existing sessions if (elgg_is_logged_in()) { logout(); } $values = GetPluginSettings(); $userprovision = $values['userprovision']; $user_id = $tool_provider->user->getID(BasicLTI_Tool_Provider::ID_SCOPE_GLOBAL); $consumer_key = $tool_provider->consumer->guid; $context_id = $tool_provider->user->context->id; // Does user exist $user = CheckLTIUser($user_id); // Provision user, if on and needed if (empty($user)) { if ($userprovision) { $user = CreateLTIUser($consumer_key, $context_id, $tool_provider->user); if (empty($user)) { forward(); } } else { system_message(elgg_echo('LTI:info:noprovision')); forward(); exit; } } // Set up current context id $user->context_id = $context_id; $user->email = $tool_provider->user->email; $user->name = $tool_provider->user->fullname; $user->save(); // Login $result = login($user, false); return $result; }
function check_login() { // If session does not exist on server side, or IP address has changed, or session has expired, show login screen. if (!isset($_SESSION['uid']) || !$_SESSION['uid'] || $_SESSION['ip'] != allIPs() || time() >= $_SESSION['expires_on']) { logout(); } $_SESSION['expires_on'] = time() + INACTIVITY_TIMEOUT; // User accessed a page : Update his/her session expiration date. // Tracabilité LOG $dbconn = pg_connect(CONFIG_DB) or die('Connexion impossible : ' . pg_last_error()); $numero_ID = $_SESSION['numero_abo']; if ($_SESSION['username'] != 'beprev') { $today = new DateTime('now'); $horodate = date_format($today, 'Y-m-d H:i:s'); $req = 'SELECT MAX("ID") from user_log;'; $result = pg_query($req) or die('Échec de la requête : ' . pg_last_error()); $table = pg_fetch_row($result); $Id = $table[0]; if (strlen($Id) == 0) { $Id = 0; } $Id = $Id + 1; $page = $_SESSION["ipFrontOffice"] . $_SERVER['PHP_SELF']; $req = "INSERT INTO user_log (\"ID\", id_user,page,horodate) VALUES ('{$Id}','{$numero_ID}','{$page}','{$horodate}');"; $result = pg_query($req) or die('Échec de la requête : ' . pg_last_error()); } pg_close($dbconn); }
function reset_db() { global $dbname; global $dblocation; global $dbpassword; global $dbuser; global $reset_complete; global $error_message; $db_connected = false; try { $mysqli = new mysqli($dblocation, $dbuser, $dbpassword, $dbname); if ($mysqli->connect_errno) { $error_message = "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") Check your setting in the Config.php file. " . $mysqli->connect_error; } $db_connected = True; } catch (mysqli_sql_exception $e) { $error_message = "Check your settings in the Config.php file.<br /><br /> Failed to connect to MySQL. " . $e; } if ($db_connected) { $command = "mysql --user="******" --password="******" --database=" . $dbname . " < ./db-scripts/ResetDB.sql"; $output = shell_exec($command); echo $output; $reset_complete = True; logout(); } }
function onPost() { if (!isset($_POST['method'])) { http_response_code(HTTP_BAD_REQUEST); echo 'method field reuired'; return; } switch ($_POST['method']) { case METHOD_LOGIN: login(); break; case METHOD_LOGOUT: logout(); break; case METHOD_CREATE_ACCOUNT: createAccount(); break; case METHOD_USER_INFO: userInfo(); break; default: http_response_code(HTTP_BAD_REQUEST); echo 'invalid method name: ' . $_POST['method']; return; } }
function main() { global $auth; if ($_REQUEST['action'] == 'delete' && $auth){ delete(); } elseif ($_REQUEST['action'] == 'list' && $auth){ view_list(); } elseif ($_REQUEST['action'] == 'banip' && $auth){ banip(); } elseif ($_REQUEST['action'] == 'search' && $auth){ search(); } elseif ($_REQUEST['action'] == 'bannedlist' && $auth){ bannedlist(); } elseif ($_REQUEST['action'] == 'unbanip' && $auth){ unbanip(); } elseif ($_REQUEST['action'] == 'logout'){ logout(); } elseif (1) { login_screen(); } }
/** * routing * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Center * @author Henry Ruhs */ function routing() { /* check token */ if ($_POST && $_POST['token'] != TOKEN) { notification(l('error_occurred'), l('token_incorrect'), l('home'), ROOT); return; } /* call default post */ $post_list = array('comment', 'login', 'password_reset', 'registration', 'reminder', 'search'); foreach ($post_list as $value) { if ($_POST[$value . '_post'] && function_exists($value . '_post')) { call_user_func($value . '_post'); return; } } /* general routing */ switch (FIRST_PARAMETER) { case 'admin': if (LOGGED_IN == TOKEN) { admin_routing(); } else { notification(l('error_occurred'), l('access_no'), l('login'), 'login'); } return; case 'login': login_form(); return; case 'logout': if (LOGGED_IN == TOKEN) { logout(); } else { notification(l('error_occurred'), l('access_no'), l('login'), 'login'); } return; case 'password_reset': if (s('reminder') == 1 && FIRST_SUB_PARAMETER && THIRD_PARAMETER) { password_reset_form(); } else { notification(l('error_occurred'), l('access_no'), l('home'), ROOT); } return; case 'registration': if (s('registration')) { registration_form(); } else { notification(l('error_occurred'), l('access_no'), l('home'), ROOT); } return; case 'reminder': if (s('reminder') == 1) { reminder_form(); } else { notification(l('error_occurred'), l('access_no'), l('home'), ROOT); } return; default: contents(); return; } }
function user_delete($username_to_delete) { if (!$username_to_delete) { redirect('/'); } if (($username_to_delete == $_SERVER['USER'] || user_is_administrator()) && user_is_valid($_SERVER['USERINFO_ARRAY']['username'], $_SERVER['USERINFO_ARRAY']['userpass'])) { $userdir = "{$_SERVER['PWUSERS_DIR']}/{$username_to_delete}"; exec("rm -fR {$userdir}", $delresults); exec("grep -rli {$username_to_delete} {$_SERVER['PWUSERS_DIR']}/*/watchedlist.txt", $watchedlists); foreach ($watchedlists as $watched) { $data = file_get_contents($watched); if (strstr($data, "!{$planowner}")) { preg_match("|(!{$planowner}.*!)|", $data, $matches); $remove = $matches[0]; } else { $remove = "\n{$planowner}\n"; } // remove whatever we found $data = str_replace($remove, '', $data); // break down multiple linebreaks so the list doesn't look weird in the edit view $data = str_replace("\n\n", "\n", $data); file_put_contents($watched, $data); } } else { output("Error deleting {$username_to_delete}", "\n\t<div class='alert'>\n\tYou can't delete {$username_to_delete}. Talk to an\n\t<a href='mailto:help@planwatch.org'>admin</a>.\n\tClick <a href='{$_SERVER['WEB_ROOT']}/'>here</a> to go back to the main page.\n\t</div>\n\t"); } if ($username_to_delete == $user) { logout("{$username_to_delete} has been deleted."); } else { redirect('/'); } }
function page_protect() { session_start(); global $db; if (isset($_SESSION['HTTP_USER_AGENT'])) { if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) { logout(); exit; } } if (!isset($_SESSION['user_id']) && !isset($_SESSION['user_name'])) { if (isset($_COOKIE['user_id']) && isset($_COOKIE['user_key'])) { $cookie_user_id = filter($_COOKIE['user_id']); $rs_ctime = mysql_query("select `ckey`,`ctime` from `users` where `id` ='{$cookie_user_id}'") or die(mysql_error()); list($ckey, $ctime) = mysql_fetch_row($rs_ctime); if (time() - $ctime > 60 * 60 * 24 * COOKIE_TIME_OUT) { logout(); } if (!empty($ckey) && is_numeric($_COOKIE['user_id']) && isUserID($_COOKIE['user_name']) && $_COOKIE['user_key'] == sha1($ckey)) { session_regenerate_id(); //against session fixation attacks. $_SESSION['user_id'] = $_COOKIE['user_id']; $_SESSION['user_name'] = $_COOKIE['user_name']; list($user_level) = mysql_fetch_row(mysql_query("select user_level from users where id='{$_SESSION['user_id']}'")); $_SESSION['user_level'] = $user_level; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); } else { logout(); } } else { header("Location: login.php"); exit; } } }
public function loginOut() { //退出时清除session logout(); savePermissionIDEliminate(); savePermissionURLEliminate(); $this->success('退出成功!', U('checkLogin')); }
function checkAccess() { if (!isUserAuth()) { logout(); //Ensure user does not receive sensitive content 4.4.3 die("Unauthorized access"); } }
function exec($args, $stdin, &$stdout, &$stderr, &$system) { logout(); $system->triggerEventIntern("logout", array()); $stdout = ucf(i18n("logout successfull")); return true; }
function deleteUser() { $user = new User(); $user->deleteUser($_POST['usr_id']); if (isset($_SESSION['id']) && $_SESSION['id'] == $_POST['usr_id']) { logout(); } }
function validate_xsrf_token($token) { if ($token != $_SESSION[CONST_XSRF_TOKEN_KEY]) { log_exception(new Exception('Invalid XSRF token. Was: "' . $token . '". Wanted: "' . $_SESSION[CONST_XSRF_TOKEN_KEY] . '"')); logout(); exit; } }
function check_logon() { $fingerprint = md5($_SERVER['REMOTE_ADDR'] . 'dh(6Km4$X*' . $_SERVER['HTTP_USER_AGENT']); session_start(); if (!isset($_SESSION['log_user']) || $_SESSION['log_fingerprint'] != $fingerprint) { logout(); } session_regenerate_id(); }
function change_password($users, $passwords, $user, $old, $new) { if (verify_password($users, $passwords, $user, $old)) { $new_salt = generate_random_string(20); $passwords[array_keys($users, $user)][0] = hash_password($new, $new_salt); $passwords[array_keys($users, $user)][1] = $new_salt; logout(); } }
function login() { if (isset($_SESSION["s_user"])) { _debug("login(): session detected"); //if ( ! user_activate( $_SESSION["s_user"], $_SESSION["s_pass"] )) if (!user_activate($_SESSION["s_user"], base64_decode($_SESSION["s_pass"]))) { _debug("Failed to activate user " . $_SESSION['s_user']); logout(); } } else { if (isset($_POST["p_pass"])) { $p_pass = $_POST["p_pass"]; } else { $p_pass = ""; } if (isset($_POST["p_user"])) { _debug("login(): login authentication"); // Check Login //if ( ! user_activate( stripslashes( $_POST["p_user"] ), md5( stripslashes( $p_pass ) ) ) ) if (!user_activate(stripslashes($_POST["p_user"]), $p_pass)) { global $error_msg; show_error($error_msg["login_failed"] . ": " . $_POST["p_user"]); } // authentication sucessfull _debug("user '" . $_POST["p_user"] . "' successfully authenticated"); // set language $_SESSION['language'] = qx_request("lang", "en"); return; } else { // Ask for Login show_header($GLOBALS["messages"]["actlogin"]); echo "<CENTER><BR><TABLE width=\"300\"><TR><TD colspan=\"2\" class=\"header\" nowrap><B>"; echo $GLOBALS["messages"]["actloginheader"] . "</B></TD></TR>\n<FORM name=\"login\" action=\""; echo make_link("login", NULL, NULL) . "\" method=\"post\">\n"; echo "<TR><TD>" . $GLOBALS["messages"]["miscusername"] . ":</TD><TD align=\"right\">"; echo "<INPUT name=\"p_user\" type=\"text\" size=\"25\"></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["miscpassword"] . ":</TD><TD align=\"right\">"; echo "<INPUT name=\"p_pass\" type=\"password\" size=\"25\"></TD></TR>\n"; // NAS4Free Code //Select box and auto language detection array echo "<TR><TD>" . gettext("Detected Language:<br />(Change if needed)") . "</TD><TD align=\"right\">"; @(include "./_lang/_info.php"); // End NAS4Free Code echo "<TR><TD colspan=\"2\" align=\"right\"><INPUT type=\"submit\" value=\""; echo $GLOBALS["messages"]["btnlogin"] . "\"></TD></TR>\n</FORM></TABLE><BR></CENTER>\n"; ?> <script language="JavaScript1.2" type="text/javascript"> <!-- if(document.login) document.login.p_user.focus(); // --> </script><?php show_footer(); exit; } } }
function checkAuth($request) { if ($request['logout']) { $UID = logout(); } elseif ($request['u']) { $UID = login($request['u'], $request['p']); } else { $UID = checkAuthToken(); } return $UID; }
function timeoutExpired() { global $gorumuser, $gorumroll, $gorumauthlevel, $gorumrecognised; global $autoLogout, $autoLogoutTime, $scriptName; if ($autoLogout && time() - $gorumuser->lastClickTime > $autoLogoutTime * 60 && ($gorumroll->list != "user" || $gorumroll->method != "create_form" && $gorumroll->method != "create" && $gorumroll->method != "login_form" && $gorumroll->method != "login")) { logout(); $s = "Timeout expired. Please, log in!"; $s .= "<p><a href='{$scriptName}'>Click here to return to the application!</a>"; echo $s; die; } return FALSE; }
function login() { //print_r($GLOBALS['__SESSION']); if (isset($GLOBALS['__SESSION']["s_user"])) { if (!activate_user($GLOBALS['__SESSION']["s_user"], $GLOBALS['__SESSION']["s_pass"])) { logout(); } $GLOBALS["lang"] = $GLOBALS['__SESSION']["s_lang"]; $GLOBALS["language"] = $GLOBALS['__SESSION']["s_lang"]; require "./_lang/" . $GLOBALS["language"] . ".php"; require "./_lang/" . $GLOBALS["language"] . "_mimes.php"; } else { if (isset($GLOBALS['__POST']["p_pass"])) { $p_pass = $GLOBALS['__POST']["p_pass"]; } else { $p_pass = ""; } if (isset($GLOBALS['__POST']["p_user"])) { // Check Login if (!activate_user(stripslashes($GLOBALS['__POST']["p_user"]), md5(stripslashes($p_pass)))) { logout(); } $GLOBALS['__SESSION']["s_lang"] = $GLOBALS['__POST']["lang"]; return; } else { // Ask for Login show_header($GLOBALS["messages"]["actlogin"]); echo "<BR><TABLE width=\"300\"><TR><TD colspan=\"2\" class=\"header\" nowrap><B>"; echo $GLOBALS["messages"]["actloginheader"] . "</B></TD></TR>\n<FORM name=\"login\" action=\""; echo make_link("login", NULL, NULL) . "\" method=\"post\">\n"; echo "<TR><TD>" . $GLOBALS["messages"]["miscusername"] . ":</TD><TD align=\"right\">"; echo "<INPUT name=\"p_user\" type=\"text\" size=\"25\"></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["miscpassword"] . ":</TD><TD align=\"right\">"; echo "<INPUT name=\"p_pass\" type=\"password\" size=\"25\"></TD></TR>\n"; echo "<TR><TD>" . $GLOBALS["messages"]["misclang"] . ":</TD><TD align=\"right\">"; echo "<SELECT name=\"lang\">\n"; @(include "./_lang/_info.php"); echo "</SELECT></TD></TR>\n"; echo "<TR><TD colspan=\"2\" align=\"right\"><INPUT type=\"submit\" value=\""; echo $GLOBALS["messages"]["btnlogin"] . "\"></TD></TR>\n</FORM></TABLE><BR>\n"; ?> <script language="JavaScript1.2" type="text/javascript"> <!-- if(document.login) document.login.p_user.focus(); // --> </script><?php show_footer(); exit; } } }
public static function show() { if ($_GET['action'] == 'logout') { logout(); header('Location: login.php'); } include SYSTEM_ROOT . '/templates/header.php'; $file = SYSTEM_ROOT . '/templates/' . $_GET['action'] . '.php'; if (file_exists($file)) { include $file; } else { include SYSTEM_ROOT . '/templates/index.php'; } include SYSTEM_ROOT . '/templates/footer.php'; }
function login($user = FALSE, $pass = FALSE) { $CI =& get_instance(); $CI->load->model('auth_model'); $query = $CI->auth_model->login(array($user, $pass)); if ($query->num_rows() == 1) { $query = $query->row_array(); $CI->session->set_userdata('login', $CI->encrypt->encode(md5($query['id_user'] . $query['email']))); $CI->session->set_userdata('id_user', $CI->encrypt->encode($query['id_user'])); return TRUE; } else { logout(); return FALSE; } }
function page_protect() { session_start(); global $db; if (isset($_SESSION['HTTP_USER_AGENT'])) { if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) { logout(); exit; } } if (!isset($_SESSION['user_id']) && !isset($_SESSION['user_name']) ) { if(isset($_COOKIE['user_id']) && isset($_COOKIE['user_key'])){ $cookie_user_id = filter($_COOKIE['user_id']); $rs_ctime = mysql_query("select `ckey`,`ctime` from `users` where `id` ='$cookie_user_id'") or die(mysql_error()); list($ckey,$ctime) = mysql_fetch_row($rs_ctime); // coookie expiry if( (time() - $ctime) > 60*60*24*COOKIE_TIME_OUT) { logout(); } if( !empty($ckey) && is_numeric($_COOKIE['user_id']) && isUserID($_COOKIE['user_name']) && $_COOKIE['user_key'] == sha1($ckey) ) { session_regenerate_id(); $_SESSION['user_id'] = $_COOKIE['user_id']; $_SESSION['user_name'] = $_COOKIE['user_name']; $_SESSION['user_firstname'] = $first_name; $_SESSION['user_lastname'] = $last_name; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); } else { logout(); } } else { header("Location: index.php"); exit(); } } }
function page_protect() { session_start(); global $db; /* Secure against Session Hijacking by checking user agent */ if (isset($_SESSION['HTTP_USER_AGENT'])) { if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) { logout(); exit; } } /* If session not set, check for cookies set by Remember me */ if (!isset($_SESSION['user_id']) && !isset($_SESSION['user_name'])) { header("Location: index.php"); exit; } }
function page_protect() { session_start(); global $mysql_hostname, $mysql_username, $mysql_password, $mysql_dbname; /* Secure against Session Hijacking by checking user agent */ if (isset($_SESSION['HTTP_USER_AGENT'])) { if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) { logout(); exit; } } // before we allow sessions, we need to check authentication key - ckey and ctime stored in database /* If session not set, check for cookies set by Remember me */ if (!isset($_SESSION['username'])) { if (isset($_COOKIE['username']) && isset($_COOKIE['userkey'])) { /* we double check cookie expiry time against stored in database */ $conn = mysql_connect($mysql_hostname, $mysql_username, $mysql_password); if (!$conn) { die('Could not connect: ' . mysql_error()); } mysql_select_db($mysql_dbname); $qry = "SELECT ckey,ctime FROM users where username='******'"; $cookie_username = filter($_COOKIE['username']); $rs_ctime = mysql_query($qry, $conn); list($ckey, $ctime) = mysql_fetch_row($rs_ctime); mysql_close($conn); // coookie expiry if (time() - $ctime > 60 * 60 * 24 * COOKIE_TIME_OUT) { logout(); } /* Security check with untrusted cookies - dont trust value stored in cookie. /* We also do authentication check of the `ckey` stored in cookie matches that stored in database during login*/ if (!empty($ckey) && isUserID($_COOKIE['username']) && $_COOKIE['userkey'] == sha1($ckey)) { session_regenerate_id(); //against session fixation attacks. $_SESSION['username'] = $_COOKIE['username']; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); } else { logout(); } } else { header("Location: index.php"); exit; } } }
function login() { global $my; if (isset($GLOBALS['__SESSION']["s_user"])) { if (!activate_user($GLOBALS['__SESSION']["s_user"], $GLOBALS['__SESSION']["s_pass"])) { logout(); } } else { if (isset($GLOBALS['__POST']["p_pass"])) { $p_pass = $GLOBALS['__POST']["p_pass"]; } else { $p_pass = ""; } if (isset($GLOBALS['__POST']["p_user"])) { // Check Login if (!activate_user(stripslashes($GLOBALS['__POST']["p_user"]), md5(stripslashes($p_pass)))) { logout(); } return; } else { // Ask for Login show_header($GLOBALS["messages"]["actlogin"]); echo "<br><table width=\"300\"><tr><td colspan=\"2\" class=\"header\" nowrap><b>"; echo $GLOBALS["messages"]["actloginheader"] . "</b></td></tr>\n<form name=\"login\" action=\""; echo make_link("login", null, null) . "\" method=\"post\">\n"; echo "<tr><td>" . $GLOBALS["messages"]["miscusername"] . ":</td><td align=\"right\">"; echo "<input name=\"p_user\" type=\"text\" value=\"" . $my->username . "\" size=\"25\"></td></tr>\n"; echo "<tr><td>" . $GLOBALS["messages"]["miscpassword"] . ":</td><td align=\"right\">"; echo "<input name=\"p_pass\" type=\"password\" size=\"25\"></td></tr>\n"; echo "<tr><td>" . $GLOBALS["messages"]["misclang"] . ":</td><td align=\"right\">"; echo "<select name=\"lang\">\n"; @(include _QUIXPLORER_PATH . "/languages/_info.php"); echo "</select></td></tr>\n"; echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" value=\""; echo $GLOBALS["messages"]["btnlogin"] . "\"></td></tr>\n</form></table><br>\n"; ?> <script language="JavaScript1.2" type="text/javascript"> <!-- if(document.login) document.login.p_user.focus(); // --> </script><?php show_footer(); exit; } } }
function page_protect() { session_start(); global $link, $linkopd; /* Secure against Session Hijacking by checking user agent */ if (isset($_SESSION['HTTP_USER_AGENT'])) { if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) { logout(); exit; } } // before we allow sessions, we need to check authentication key - ckey and ctime stored in database /* If session not set, check for cookies set by Remember me */ if (!isset($_SESSION['user_id']) && !isset($_SESSION['user_name'])) { if (isset($_COOKIE['user_id']) && isset($_COOKIE['user_key'])) { /* we double check cookie expiry time against stored in database */ $cookie_user_id = filter($_COOKIE['user_id']); $rs_ctime = mysqli_query($link, "select `ckey`,`ctime` from `users` where `id` ='{$cookie_user_id}'") or die(mysqli_error($link)); list($ckey, $ctime) = mysqli_fetch_row($rs_ctime); // coookie expiry if (time() - $ctime > 60 * 60 * 24 * COOKIE_TIME_OUT) { logout(); } /* Security check with untrusted cookies - dont trust value stored in cookie. /* We also do authentication check of the `ckey` stored in cookie matches that stored in database during login*/ if (!empty($ckey) && is_numeric($_COOKIE['user_id']) && isUserID($_COOKIE['user_name']) && $_COOKIE['user_key'] == sha1($ckey)) { session_regenerate_id(); //against session fixation attacks. $_SESSION['user_id'] = $_COOKIE['user_id']; $_SESSION['user_name'] = $_COOKIE['user_name']; /* query user level from database instead of storing in cookies */ list($user_level) = mysqli_fetch_row(mysqli_query($link, "select user_level from users where id='{$_SESSION['user_id']}'")); list($accode) = mysqli_fetch_row(mysqli_query($link, "select user_level from users where id='{$_SESSION['user_id']}'")); $_SESSION['user_level'] = $user_level; $_SESSION['user_accode'] = $accode; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); } else { logout(); } } else { header("Location: ../login/login.php"); exit; } } }
function exclui_conta_usuario() { // dados de formulario ------------------------------ $email = remove_html($_POST['email']); // email $senha = remove_html($_POST['senha']); // senha // --------------------------------------------------------- // valida email e senha ------------------------------ if ($email == null or $senha == null or retorne_esta_logado() == false or retorne_super_usuario() == true) { return null; // retorno nulo } // --------------------------------------------------------- // cifra a senha --------------------------------------- $senha = cifra_senha_md5($senha); // senha // --------------------------------------------------------- // informa se login existe --------------------------- $login_existe = retorne_usuario_existe($email, $senha); // informa se login existe // --------------------------------------------------------- // valida existencia de usuario -------------------- if ($login_existe == false or $email != email_cookie() or $senha != senha_cookie() or retorne_esta_logado() == false) { return null; // retorno } // --------------------------------------------------------- // id de usuario logado ------------------------------ $idusuario = retorne_idusuario_logado(); // id de usuario logado // --------------------------------------------------------- // exclui pasta pessoal ------------------------------ excluir_pastas_subpastas(retorne_pasta_pessoal_usuario_logado()); // exclui pasta pessoal // --------------------------------------------------------- // remove referencia em todas as tabelas ------ remove_referencia_tabelas(); // remove referencia em todas as tabelas // --------------------------------------------------------- // logout ------------------------------------------------ logout(null); // logout // --------------------------------------------------------- }
function auto_login() { if (is_user_logged_in()) { if (!defined_session_cookie()) { logout(); } else { //logout if the logged user is different from the one in the session $session_id = get_session_id(); $username = get_username($session_id); $current_user = wp_get_current_user(); if ($username != $current_user->user_login) { logout(); } } } else { check_and_login(); } }