$cookiePath = $config["cookie"]["cookiepath"];
$cookieDomain = $config["cookie"]["cookiedomain"];
$secure = $_SERVER["SERVER_PORT"] == 443 ? 1 : 0;
@setcookie($k, "", time() - 86400, $cookiePath, $cookieDomain, $secure, false);
}
$account = Ibos::app()->setting->get("setting/account");
$user = Ibos::app()->user;
if ($account["allowshare"] != 1) {
$user->setStateKeyPrefix(Ibos::app()->setting->get("sid"));
}
$user->login($identity);
$log = array("terminal" => "bqqsso", "password" => "", "ip" => $ip, "user" => $curUser["username"], "loginType" => $identity::LOGIN_BY_USERNAME, "address" => "", "gps" => "");
Log::write($log, "login", sprintf("module.user.%d", $uid));
$rule = UserUtil::updateCreditByAction("daylogin", $uid);
if (!$rule["updateCredit"]) {
UserUtil::checkUserGroup($uid);
}
if ($returnurl == "index") {
header("Location: ../../index.php", true);
} else {
$url = parse_url($returnurl);
if (isset($url["scheme"])) {
header("Location:" . $returnurl, true);
} else {
header("Location:../../" . $returnurl, true);
}
}
}
} else {
EnvUtil::iExit($status["msg"]);
}
protected function doLogin($userName, $passWord, $loginType, $account, $autoLogin = 1, $cookieTime = 0, $inajax = 0)
{
if (!$passWord || $passWord != addslashes($passWord)) {
$this->error(Ibos::lang("Passwd illegal"));
}
$errornum = $this->loginCheck($account);
$ip = Ibos::app()->setting->get("clientip");
$identity = new ICUserIdentity($userName, $passWord, $loginType);
$result = $identity->authenticate();
if (0 < $result) {
$user = Ibos::app()->user;
if (empty($autoLogin)) {
$user->setState($user::AUTH_TIMEOUT_VAR, TIMESTAMP + $account["timeout"]);
} else {
MainUtil::setCookie("autologin", 1, $cookieTime);
}
$user->login($identity, $cookieTime);
if ($user->uid != 1) {
MainUtil::checkLicenseLimit(true);
}
if (!$inajax) {
$urlForward = EnvUtil::referer();
$log = array("terminal" => "web", "password" => StringUtil::passwordMask($passWord), "ip" => $ip, "user" => $userName, "loginType" => $loginType, "address" => "", "gps" => "");
Log::write($log, "login", sprintf("module.user.%d", $user->uid));
$rule = UserUtil::updateCreditByAction("daylogin", $user->uid);
if (!$rule["updateCredit"]) {
UserUtil::checkUserGroup($user->uid);
}
$this->success(Ibos::lang("Login succeed", "", array("{username}" => $user->realname)), $urlForward);
} else {
$this->ajaxReturn(array("isSuccess" => true));
}
} elseif ($result === 0) {
$this->error(Ibos::lang("User not fount", "", array("{username}" => $userName)), "", array(), array("error" => $result));
} elseif ($result === -1) {
$this->error(Ibos::lang("User lock", "", array("{username}" => $userName)), "", array(), array("error" => $result));
} elseif ($result === -2) {
$this->error(Ibos::lang("User disabled", "", array("{username}" => $userName)), "", array(), array("error" => $result));
} elseif ($result === -3) {
FailedLogin::model()->updateFailed($ip);
list($ip1, $ip2) = explode(".", $ip);
$newIp = $ip1 . "." . $ip2;
FailedIp::model()->insertIp($newIp);
$log = array("user" => $userName, "password" => StringUtil::passwordMask($passWord), "ip" => $ip);
Log::write($log, "illegal", "module.user.login");
if ($errornum) {
$this->error("登录失败,您还可以尝试" . ($errornum - 1) . "次");
} else {
$this->error(Ibos::lang("User name or password is not correct"), "", array(), array("error" => $result));
}
}
}
