Esempio n. 1
0
 public static function construct($called_from = "")
 {
     if (self::$constructed === false) {
         self::config(null, false);
         self::$constructed = true;
         if (self::$config['features']['start_session'] === true) {
             session_start();
         }
         /**
          * Try connecting to Database Server
          */
         try {
             /**
              * Add the login page to the array of pages that doesn't need logging in
              */
             array_push(self::$config['pages']['no_login'], self::$config['pages']['login_page']);
             self::$dbh = new \logSysLobbyDB();
             self::$db = true;
             self::$cookie = isset($_COOKIE['logSyslogin']) ? $_COOKIE['logSyslogin'] : false;
             self::$session = isset($_SESSION['logSyscuruser']) ? $_SESSION['logSyscuruser'] : false;
             self::$remember_cookie = isset($_COOKIE['logSysrememberMe']) ? $_COOKIE['logSysrememberMe'] : false;
             $encUserID = hash("sha256", self::$config['keys']['cookie'] . self::$session . self::$config['keys']['cookie']);
             if (self::$cookie == $encUserID) {
                 self::$loggedIn = true;
             } else {
                 self::$loggedIn = false;
             }
             /**
              * If there is a Remember Me Cookie and the user is not logged in,
              * then log in the user with the ID in the remember cookie, if it
              * matches with the decrypted value in `logSyslogin` cookie
              */
             if (self::$config['features']['remember_me'] === true && self::$remember_cookie !== false && self::$loggedIn === false) {
                 $encUserID = hash("sha256", self::$config['keys']['cookie'] . self::$remember_cookie . self::$config['keys']['cookie']);
                 if (self::$cookie == $encUserID) {
                     self::$loggedIn = true;
                 } else {
                     self::$loggedIn = false;
                 }
                 if (self::$loggedIn === true) {
                     $_SESSION['logSyscuruser'] = self::$remember_cookie;
                     self::$session = self::$remember_cookie;
                 }
             }
             self::$user = self::$session;
             /**
              * Check if devices is authorized to use the account
              */
             if (self::$config['features']['two_step_login'] === true && self::$loggedIn) {
                 $login_page = self::curPage() === self::$config['pages']['login_page'];
                 if (!isset($_COOKIE['logSysdevice']) && $login_page === false) {
                     /**
                      * The device cookie is not even set. So, logout
                      */
                     self::logout();
                     $called_from = "login";
                 } else {
                     if (self::$config['two_step_login']['first_check_only'] === false || self::$config['two_step_login']['first_check_only'] === true && !isset($_SESSION['device_check'])) {
                         $sql = self::$dbh->prepare("SELECT '1' FROM `" . self::$config['two_step_login']['devices_table'] . "` WHERE `uid` = ? AND `token` = ?");
                         $sql->execute(array(self::$user, $_COOKIE['logSysdevice']));
                         /**
                          * Device not authorized, so remove device cookie & logout
                          */
                         if ($sql->fetchColumn() !== '1' && $login_page === false) {
                             setcookie("logSysdevice", "", time() - 10);
                             self::logout();
                             $called_from = "login";
                         } else {
                             $_SESSION['device_check'] = 1;
                         }
                     }
                 }
             }
             if (self::$config['features']['auto_init'] === true && $called_from != "logout" && $called_from != "login") {
                 self::init();
             }
             return true;
         } catch (\PDOException $e) {
             /**
              * Couldn't connect to Database
              */
             self::log('Couldn\'t connect to database. Check \\Fr\\LS::$config["db"] credentials');
             return false;
         }
     }
 }
Esempio n. 2
0
 public static function construct($called_from = "")
 {
     if (self::$constructed === false) {
         self::config(null, false);
         self::$constructed = true;
         if (self::$config['features']['start_session'] === true) {
             session_start();
         }
         /**
          * Try connecting to Database Server
          */
         try {
             /**
              * Add the login page to the array of pages that doesn't need logging in
              */
             array_push(self::$config['pages']['no_login'], self::$config['pages']['login_page']);
             self::$dbh = new \PDO("mysql:dbname=" . self::$config['db']['name'] . ";host=" . self::$config['db']['host'] . ";port=" . self::$config['db']['port'], self::$config['db']['username'], self::$config['db']['password']);
             self::$db = true;
             self::$cookie = isset($_COOKIE['logSyslogin']) ? $_COOKIE['logSyslogin'] : false;
             self::$session = isset($_SESSION['logSyscuruser']) ? $_SESSION['logSyscuruser'] : false;
             self::$remember_cookie = isset($_COOKIE['logSysrememberMe']) ? $_COOKIE['logSysrememberMe'] : false;
             $encUserID = hash("sha256", self::$config['keys']['cookie'] . self::$session . self::$config['keys']['cookie']);
             if (self::$cookie == $encUserID) {
                 self::$loggedIn = true;
             } else {
                 self::$loggedIn = false;
             }
             /**
              * If there is a Remember Me Cookie and the user is not logged in,
              * then log in the user with the ID in the remember cookie, if it
              * matches with the decrypted value in `logSyslogin` cookie
              */
             if (self::$config['features']['remember_me'] === true && self::$remember_cookie !== false && self::$loggedIn === false) {
                 $encUserID = hash("sha256", self::$config['keys']['cookie'] . self::$remember_cookie . self::$config['keys']['cookie']);
                 if (self::$cookie == $encUserID) {
                     self::$loggedIn = true;
                 } else {
                     self::$loggedIn = false;
                 }
                 if (self::$loggedIn === true) {
                     $_SESSION['logSyscuruser'] = self::$remember_cookie;
                     self::$session = self::$remember_cookie;
                 }
             }
             self::$user = self::$session;
             if (self::$config['features']['auto_init'] === true && $called_from != "logout" && $called_from != "login") {
                 self::init();
             }
             return true;
         } catch (\PDOException $e) {
             /**
              * Couldn't connect to Database
              */
             self::log('Couldn\'t connect to database. Check \\Fr\\LS::$config["db"] credentials');
             return false;
         }
     }
 }