/**
* Log a user in
*
* @param string $user User name
* @param string $pass Password
* @return bool
*/
function openIdLogin($url)
{
/* here the openid auth should take place */
try {
$openid = new LightOpenID($_SERVER['HTTP_HOST']);
if (!$openid->mode) {
$openid->identity = $url;
header('Location: ' . $openid->authUrl());
} elseif ($openid->mode == 'cancel') {
return false;
} else {
$identity = $openid->data['openid_identity'];
$sel1 = $conn->query("SELECT ID from openids WHERE identity='{$identity}'");
if ($row = $sel1->fetch()) {
$id = $row['ID'];
} else {
return false;
}
// die("SELECT ID,name,locale,lastlogin,gender FROM user WHERE ID=$id");
$sel1 = $conn->query("SELECT ID,name,locale,lastlogin,gender FROM user WHERE ID={$id}");
$chk = $sel1->fetch();
if ($chk["ID"] != "") {
$rolesobj = new roles();
$now = time();
$_SESSION['userid'] = $chk['ID'];
$_SESSION['username'] = stripslashes($chk['name']);
$_SESSION['lastlogin'] = $now;
$_SESSION['userlocale'] = $chk['locale'];
$_SESSION['usergender'] = $chk['gender'];
$_SESSION["userpermissions"] = $rolesobj->getUserRole($chk["ID"]);
$userid = $_SESSION['userid'];
$seid = session_id();
$staylogged = getArrayVal($_POST, 'staylogged');
if ($staylogged == 1) {
setcookie("PHPSESSID", "{$seid}", time() + 14 * 24 * 3600);
}
$upd1 = $conn->prepare("UPDATE user SET lastlogin = ? WHERE ID = ?");
$upd1Stmt = $upd1->execute(array($now, $userid));
return true;
} else {
return false;
}
}
} catch (ErrorException $e) {
return false;
}
}
/**
* Log a user in
*
* @param string $user User name
* @param string $pass Password
* @return bool
*/
function login($user, $pass)
{
global $conn;
if (!$user) {
return false;
}
$user = $conn->quote($user);
$pass = sha1($pass);
$sel1 = $conn->query("SELECT ID,name,locale,lastlogin,gender FROM user WHERE (name = {$user} OR email = {$user}) AND pass = '******'");
$chk = $sel1->fetch();
if ($chk["ID"] != "") {
$rolesobj = new roles();
$now = time();
$_SESSION['userid'] = $chk['ID'];
$_SESSION['username'] = stripslashes($chk['name']);
$_SESSION['lastlogin'] = $now;
$_SESSION['userlocale'] = $chk['locale'];
$_SESSION['usergender'] = $chk['gender'];
$_SESSION["userpermissions"] = $rolesobj->getUserRole($chk["ID"]);
$userid = $_SESSION['userid'];
$seid = session_id();
$staylogged = getArrayVal($_POST, 'staylogged');
if ($staylogged == 1) {
setcookie("PHPSESSID", "{$seid}", time() + 14 * 24 * 3600);
}
$upd1 = $conn->query("UPDATE user SET lastlogin = '******' WHERE ID = {$userid}");
return true;
} else {
return false;
}
}
/**
* Log a user in
*
* @param string $user User name
* @param string $pass Password
* @return bool
*/
function login($user, $pass)
{
if (!$user) {
return false;
}
//fixed by for CS 577 Lab 6 using `prepare` statement
//note conn is defined in class.datenbank.php assuming we have access to that we can do this:
$stmnt = $conn->prepare("SELECT ID,name,locale,lastlogin,gender FROMuser WHERE (name=? OR email=?) AND pass=?");
$stmnt->bind_param("sss", $user, $user, sha1($pass));
$stmnt->execute();
$stmnt->bind_result($bind_ID, $bind_name, $bind_locale, $bind_lastlogin, $bind_gender);
$chk = $stmnt->fetch();
if ($bind_ID != "") {
$rolesobj = new roles();
$now = time();
$_SESSION['userid'] = $bind_ID;
$_SESSION['username'] = stripslashes($bind_name);
$_SESSION['lastlogin'] = $now;
$_SESSION['userlocale'] = $bind_locale;
$_SESSION['usergender'] = $bind_gender;
$_SESSION["userpermissions"] = $rolesobj->getUserRole($bind_ID);
$userid = $_SESSION['userid'];
$seid = session_id();
$staylogged = getArrayVal($_POST, 'staylogged');
if ($staylogged == 1) {
setcookie("PHPSESSID", "{$seid}", time() + 14 * 24 * 3600);
}
$upd1 = mysql_query("UPDATE user SET lastlogin = '******' WHERE ID = {$userid}");
return true;
} else {
return false;
}
}
/**
* Log a user in
*
* @param string $user User name
* @param string $pass Password
* @return bool
*/
function login($user, $pass)
{
if (!$user)
{
return false;
}
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
$pass = sha1($pass);
$sel1 = mysql_query("SELECT ID,name,locale,lastlogin,gender FROM user WHERE (name = '$user' OR email = '$user') AND pass = '******'");
$chk = mysql_fetch_array($sel1);
if ($chk["ID"] != "")
{
$rolesobj = new roles();
$now = time();
$_SESSION['userid'] = $chk['ID'];
$_SESSION['username'] = stripslashes($chk['name']);
$_SESSION['lastlogin'] = $now;
$_SESSION['userlocale'] = $chk['locale'];
$_SESSION['usergender'] = $chk['gender'];
$_SESSION["userpermissions"] = $rolesobj->getUserRole($chk["ID"]);
$userid = $_SESSION['userid'];
$seid = session_id();
$staylogged = getArrayVal($_POST, 'staylogged');
if ($staylogged == 1)
{
setcookie("PHPSESSID", "$seid", time() + 14 * 24 * 3600);
}
$upd1 = mysql_query("UPDATE user SET lastlogin = '******' WHERE ID = $userid");
return true;
}
else
{
return false;
}
}
