public function block_login($block)
{
$objTPL = Core_Classes_coreObj::getTPL();
$objForm = Core_Classes_coreObj::getForm();
$objSession = Core_Classes_coreObj::getSession();
$objPage = Core_Classes_coreObj::getPage();
if (Core_Classes_User::$IS_ONLINE) {
$objPage->redirect('/' . root());
}
$objTPL->set_filenames(array('block_login' => cmsROOT . 'modules/core/views/module/login_form/block.tpl'));
$form = array('FORM_START' => $objForm->start('login', array('method' => 'POST', 'action' => '/' . root() . 'login?')), 'FORM_END' => $objForm->finish(), 'HIDDEN' => $objForm->inputbox('hash', 'hidden', $objSession->getFormToken(true)), 'L_USERNAME' => langVar('L_USERNAME'), 'F_USERNAME' => $objForm->inputbox('username', 'text', '', array('class' => 'icon username', 'required' => true)), 'L_PASSWORD' => langVar('L_PASSWORD'), 'F_PASSWORD' => $objForm->inputbox('password', 'password', '', array('class' => 'icon password', 'required' => true)), 'L_REMME' => langVar('L_REMME'), 'F_REMME' => $objForm->select('remember', array('0' => 'No Thanks', '1' => 'Forever'), array('selected' => 0)), 'SUBMIT' => $objForm->button('submit', 'Login', array('class' => 'btn btn-success')));
$objTPL->reset_block_vars('login');
$objTPL->assign_block_vars('login', $form);
$objTPL->assign_vars(array('TITLE' => $block['title']));
if (isset($_SESSION['login']['errors']) && count($_SESSION['login']['errors'])) {
foreach ($_SESSION['login']['errors'] as $error) {
$objTPL->assign_block_vars('login.errors', array('ERROR' => $error));
}
unset($_SESSION['login']);
}
return $objTPL->get_html('block_login');
}
// AUTOLOADER, I Choose You!
// directories to use for the autoloading, these get glob'd over after
// $dirs = Core_Classes_coreObj::addClassDirs(array(
// 'classes' => cmsROOT.'core/classes/*.php',
// 'libs' => cmsROOT.'core/libs/*/class.*.php',
// 'drivers' => cmsROOT.'core/drivers/driver.*.php',
// 'admin_panels' => cmsROOT.'modules/*/admin.*.php',
// 'modules' => cmsROOT.'modules/*/class.*.php',
// 'module_overrides' => cmsROOT.'themes/*/override/*/*.php',
// ));
spl_autoload_extensions('.php');
spl_autoload_register(array('Core_Classes_coreObj', 'loadClass'));
// echo dump($dirs, 'Loading Classes From', 'orange');exit;
$objCore = new Core_Classes_coreObj();
$objCore->addConfig($config);
// Instance plugins so we can add hooks as early as possible.
$objPlugin = Core_Classes_coreObj::getPlugins();
$objPlugin->hook('CMS_PRE_SETUP_COMPLETE');
$objCache = Core_Classes_coreObj::getCache();
$confCache = $objCache->load('config');
$objCore->addConfig($confCache);
$objSession = Core_Classes_coreObj::getSession();
$objSession->trackerInit();
$objDebug = Core_Classes_coreObj::getDebug();
$objRoute = Core_Classes_coreObj::getRoute();
$objRoute->modifyGET();
if (is_object($objDebug)) {
set_error_handler(array($objDebug, 'errorHandler'));
}
cmsDEBUG ? memoryUsage('Core: Loaded..') : '';
$objPlugin->hook('CMS_SETUP_COMPLETE');
/**
* Tests the remember me cookie for valid details
*
* @version 1.0
* @since 1.0
* @author Daniel Noel-Davies
*
* @todo Test this func, new port from old sys :P
*/
public function rememberMe()
{
// site setting needs to be enabled for one
if ($this->config('login', 'remember_me', 'false')) {
return false;
}
// make sure we have the cookie to begin with
if (is_empty(doArgs('login', null, $_COOKIE))) {
return false;
}
// should be non-empty
$cookie = unserialize($_COOKIE['login']);
if (is_empty($cookie)) {
return false;
}
// check for the expected keys in the array
$values = array('uData', 'uIP', 'uAgent');
foreach ($values as $v) {
if (!isset($cookie[$v]) && !is_empty($cookie[$v])) {
return false;
}
}
// uData should be 5 chars in length
if (strlen($cookie['uData']) != 5) {
return false;
}
// IP lock active, does the IP match what we have on file?
if ($this->config('login', 'ip_lock', false) && $cookie['uIP'] !== Core_Classes_User::getIP()) {
return false;
}
// make sure the useragent matches too
if ($cookie['uAgent'] != md5($_SERVER['HTTP_USER_AGENT'] . $this->config('db', 'ckeauth'))) {
return false;
}
// query for the userkey
$objSQL = Core_Classes_coreObj::getDBO();
$query = $objSQL->queryBuilder()->select('uData')->from('#__userkeys')->where(sprintf('uData LIKE "%s"', '%' . secureMe($cookie['uData'], 'sql') . '%'))->andWhere('uAgent', '=', $objSQL->quote(secureMe($cookie['uAgent'], 'sql')));
if ($this->config('login', 'ip_lock', false)) {
$query = $query->andWhere('uIP', '=', $objSQL->quote(secureMe($cookie['uIP'], 'sql')));
}
$query = $query->limit(1);
// check to see if we have anything
$query = $objSQL->fetchRow($query->build());
if ($query === fales) {
return false;
}
// untangle the ID & check for it
$query['uData'] = explode(':', $query['uData']);
if (!isset($query['uData'][1]) || is_empty($query['uData'][1])) {
return false;
}
// grab the user data if we can
$this->userData = $objUser->get('*', $query['uData'][1]);
if (!is_array($this->userData) || is_empty($query['uData'][1])) {
return false;
}
// now run some checks make sure they are able to login etc
if (!doArgs('autologin', false, $this->userData)) {
return false;
}
if (!$this->activeCheck()) {
return false;
}
if (!$this->banCheck()) {
return false;
}
if (!$this->whitelistCheck()) {
return false;
}
// everything seems fine, gogogo!
$objSessions = Core_Classes_coreObj::getSession();
$objSessions->setSessions($this->userData['uid'], true);
$objSessions->newSession();
return true;
}
