private function login()
{
$Auth = new cAuthentication();
/// unsuccessful login proces ///
if (!$Auth->login($_POST['login'], $_POST['password_hmac'], $_POST['challenge'])) {
$this->aErrors[] = getString("Přihlášení se nezdařilo!", 'login');
foreach ($Auth->getErrors() as $error) {
$this->aErrors[] = $error;
}
$this->db->delete('core_challenges', array('id', '=', $_POST['challenge']));
}
}
public function authenticate()
{
/// user is logged ///
if ($aUser = $this->checkLoggedUser()) {
self::$bAuthenticated = $this->update($aUser);
}
if (self::$bAuthenticated) {
cCfg::setCapability();
}
return self::$bAuthenticated;
}
$passwPat = '/^[a-zA-Z0-9_-]{1,50}$/';
if ($Check->check('password', 'strlen($test)>5 && strlen($test)<51', 'The password must have at least 6 symbols and max. 50, without diacritical marks and whitespaces!', $_POST['passw'])) {
$Check->check('password', '$test==true', 'Verification of password is not correct!', $_POST['passw'] == $_POST['passw_ver']);
}
$Logs->addLog($Check->isValid(), 'add new one valid');
if (!$Check->isValid()) {
foreach ($Check->getErrors() as $k => $error) {
$aErrors[] = admin_getErrorToPrint($k, $error);
}
} else {
try {
$aVals = array();
$aVals[] = array('name', $_POST['name']);
$aVals[] = array('surname', $_POST['surname']);
$aVals[] = array('login', $_POST['login']);
$aVals[] = array('password', cAuthentication::cyphrePassword($_POST['passw']));
$aVals[] = array('role', $_POST['role'], false);
/// insert values ///
if (!$DB->insert('core_users', $aVals)) {
throw new cException("Some error during insert operation!");
}
$aAlerts[] = "New user was added.";
} catch (cException $e) {
$msg = $e->getDbMessageError(__METHOD__ . '(line:' . __LINE__ . ')', $query);
$aErrors[] = $msg;
cLogsDb::addFileLog($msg);
}
}
}
/// end of POST data sent ///
$roles = admin_getAllRoles();
if (!session_id()) {
@session_start();
}
require_once "../core/core_defines.inc.php";
require_once ROOT_PATH . "core/global_fce.php";
requireFile("admin/admin_fce.php");
$DB = new cDb();
$DB->connect();
$CFG = new cCfg();
$Logs = new cLogs("index.php");
$Logs->on();
$Logs->addLog($_POST, "POST");
$_aErrors = array();
$_aAlerts = array();
$Authent = new cAuthentication();
$bAut = $Authent->authenticate();
if (!$bAut && ADMIN_PAGE_ACCESS_AUTHORIZIED || $bAut && !$CFG->hasCapability('superadmin')) {
header("Location: " . HTTP_PATH);
}
$_index_rights = true;
foreach ($_GET as $k => $v) {
$_GET[$k] = get_magic_quotes_gpc() ? trim($v) : trim(addslashes($v));
}
/// update capabilities ///
if (isset($_POST['update_capab'])) {
_updateCapabilities();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
if (!isset($_GET['_pageAction_'])) {
if (is_string($CFG->getDefaultPage('path'))) {
header("Location: " . $CFG->getDefaultPage('path'));
} else {
if (!ADMIN_PAGE_ACCESS_AUTHORIZIED) {
header("Location: " . HTTP_PATH . "admin");
}
}
}
$action = get_magic_quotes_gpc() ? $_GET['_pageAction_'] : addslashes($_GET['_pageAction_']);
//$Logs->addLog($action,"_pageAction_");
$CORE = new cBuildIndex($action);
if (MK_DEBUG) {
$CORE->addCssToHead("core/logs.css");
}
$Authent = new cAuthentication();
$Authent->authenticate();
/// user authenticated ///
if ($CFG->isAuthenticated()) {
$Logs->addLog("user authenticated", "authentication process");
$CFG->setUserAccount();
}
$CORE->buildPage();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
if (isset($CORE)) {
$CORE->printHead();
