/**
  * @param array admin_lang
  * @access private
  */
 function saveUser($admin_lang)
 {
     $user_id = GetPostOrGet('user_id');
     if (is_numeric($user_id)) {
         $auth = new Auth_User($user_id);
         if (!$auth->is_admin) {
             $auth_view = GetPostOrGet('auth_view');
             $auth_edit = GetPostOrGet('auth_edit');
             $auth_delete = GetPostOrGet('auth_delete');
             $auth_new_sub = GetPostOrGet('auth_new_sub');
             $auth->view = $auth_view == 'true';
             $auth->edit = $auth_edit == 'true';
             $auth->delete = $auth_delete == 'true';
             $auth->new_sub = $auth_new_sub == 'true';
             $auth->Save();
         }
     }
     header('Location: admin.php?page=rights');
     die;
 }
Esempio n. 2
0
File: Auth.php Progetto: jasny/Q
 /**
  * Auth and start user session.
  *
  * @param string $username
  * @param string $password
  * @return int
  * 
  * @throws Auth_LoginException if login fails
  */
 public function login($username = null, $password = null)
 {
     if (!$this->canStoreInfo()) {
         throw new Exception("Logging in through PHP is not supported with store option '{$this->store['driver']}'.");
     }
     $this->loggedIn = false;
     $this->user = null;
     $this->storeInfo(null);
     if ($this->isBlocked(null, true)) {
         $result = self::HOST_BLOCKED;
     } elseif (!isset($username)) {
         $result = self::NO_USERNAME;
     } elseif (!isset($password)) {
         $result = self::NO_PASSWORD;
     } else {
         $result = $this->authUser($username, $password);
     }
     if (is_object($result)) {
         $this->user = $result;
         if (!$this->user->isActive()) {
             $result = self::INACTIVE_USER;
         } elseif ($this->user->getExpires() < time()) {
             $result = self::PASSWORD_EXPIRED;
         } else {
             $result = self::OK;
         }
     }
     $this->status = $result;
     $this->logEvent('login', $result);
     if ($result == self::PASSWORD_EXPIRED) {
         throw new Auth_ExpiredException();
     } elseif ($result != self::OK) {
         throw new Auth_LoginException($result == self::INCORRECT_PASSWORD ? self::UNKNOWN_USER : $result);
     }
     // Never output incorrect password, to prevent dictionary attacks
     $this->storeInfo();
     $this->isBlocked(null, 0);
     $this->onLogin();
 }