/** * Login * * @param string $username Username * @param string $password Password * @param bool $remember Remember me * @param string $authtype Authentication type * @return mixed An Array of user's attributes if success, otherwise Jaws_Error */ function Login($username, $password, $remember, $authtype = '') { $GLOBALS['log']->Log(JAWS_LOG_DEBUG, 'LOGGIN IN'); if ($username === '' && $password === '') { $result = Jaws_Error::raiseError(_t('GLOBAL_ERROR_LOGIN_WRONG'), __FUNCTION__, JAWS_ERROR_NOTICE); } else { if (!empty($authtype)) { $authtype = preg_replace('/[^[:alnum:]_\\-]/', '', $authtype); } else { $authtype = $this->_AuthType; } require_once JAWS_PATH . 'include/Jaws/Auth/' . $authtype . '.php'; $className = 'Jaws_Auth_' . $authtype; $this->_AuthModel = new $className(); $result = $this->_AuthModel->Auth($username, $password); if (!Jaws_Error::isError($result)) { $existSessions = 0; if (!empty($result['concurrents'])) { $existSessions = $this->GetUserSessions($result['id'], true); } if (empty($existSessions) || $result['concurrents'] > $existSessions) { // remove login trying count from session $this->DeleteAttribute('bad_login_count'); // create session & cookie $this->Create($result, $remember); // login event logging $GLOBALS['app']->Listener->Shout('Session', 'Log', array('Users', 'Login', JAWS_NOTICE)); // let everyone know a user has been logged $GLOBALS['app']->Listener->Shout('Session', 'LoginUser', $this->_Attributes); // check password age $password_max_age = (int) $GLOBALS['app']->Registry->fetch('password_max_age', 'Policy'); if ($password_max_age > 0) { $expPasswordTime = time() - 3600 * $password_max_age; if ((int) $result['last_password_update'] <= $expPasswordTime) { $this->PushResponse(_t('GLOBAL_ERROR_PASSWORD_EXPIRED'), 'Users.Account.Response', RESPONSE_WARNING); Jaws_Header::Location(jaws()->Map->GetURLFor('Users', 'Account')); } } return $result; } else { // login conflict event logging $GLOBALS['app']->Listener->Shout('Session', 'Log', array('Users', 'Login', JAWS_WARNING, null, 403, $result['id'])); $result = Jaws_Error::raiseError(_t('GLOBAL_ERROR_LOGIN_CONCURRENT_REACHED'), __FUNCTION__, JAWS_ERROR_NOTICE); } } } // increment login trying count in session $this->SetAttribute('bad_login_count', (int) $this->GetAttribute('bad_login_count') + 1); return $result; }
/** * Login * * @param string $username Username * @param string $password Password * @param bool $remember Remember me * @param string $authtype Authentication type * @return mixed An Array of user's attributes if success, otherwise Jaws_Error */ function Login($username, $password, $remember, $authtype = '') { $GLOBALS['log']->Log(JAWS_LOG_DEBUG, 'LOGGIN IN'); if ($username === '' && $password === '') { $result = Jaws_Error::raiseError(_t('GLOBAL_ERROR_LOGIN_WRONG'), __FUNCTION__, JAWS_ERROR_NOTICE); } else { if (!empty($authtype)) { $authtype = preg_replace('/[^[:alnum:]_\\-]/', '', $authtype); } else { $authtype = $this->_AuthType; } require_once JAWS_PATH . 'include/Jaws/Auth/' . $authtype . '.php'; $className = 'Jaws_Auth_' . $authtype; $this->_AuthModel = new $className(); $result = $this->_AuthModel->Auth($username, $password); if (!Jaws_Error::isError($result)) { $existSessions = 0; if (!empty($result['concurrents'])) { $existSessions = $this->GetUserSessions($result['id'], true); } if (empty($existSessions) || $result['concurrents'] > $existSessions) { // remove login trying count from session $this->DeleteAttribute('bad_login_count'); // create session & cookie $this->Create($result, $remember); // login event logging $GLOBALS['app']->Listener->Shout('Session', 'Log', array('Users', 'Login', JAWS_NOTICE)); // let everyone know a user has been logged $GLOBALS['app']->Listener->Shout('Session', 'LoginUser', $this->_Attributes); return $result; } else { // login conflict event logging $GLOBALS['app']->Listener->Shout('Session', 'Log', array('Users', 'Login', JAWS_WARNING, null, 403, $result['id'])); $result = Jaws_Error::raiseError(_t('GLOBAL_ERROR_LOGIN_CONCURRENT_REACHED'), __FUNCTION__, JAWS_ERROR_NOTICE); } } } // increment login trying count in session $this->SetAttribute('bad_login_count', (int) $this->GetAttribute('bad_login_count') + 1); return $result; }