/** * checks if the user is logged in * * @return true if there's a valid login, otherwise false */ static function check_login() { $return = FALSE; if (isset($_SESSION[CFG_SESSION]['login'])) { if ($_SESSION[CFG_SESSION]['login']['GENNUMBER'] != '' && $_SESSION[CFG_SESSION]['login']['PASSWORD'] != '') { $return = session::login($_SESSION[CFG_SESSION]['login']['GENNUMBER'], $_SESSION[CFG_SESSION]['login']['PASSWORD']) == 'ok'; } } return $return; }
} // Handle logins if (isset($_GET['login'])) { if ($_GET['login'] == "guest" && $enable_guest_mode == 1) { $_SESSION['guest'] = 1; } if ($_GET['login'] == "guest" && $enable_guest_mode != 1) { $_SESSION['guest'] = 0; } if ($enable_user_login != 1) { $login = $_POST['login']; $password = $_POST['password']; logSQL("POSSIBLE HACK ATTEMPT. Person was from IP: '" . getIP() . "'. and used Username: '******' Password: '******'."); $_SESSION['error'] = 1; } else { session::login($_POST['login'], $_POST['password']); } header('Location: index.php'); exit; } // Verify user is logged in if (session::logged_in() != TRUE) { $body = new Template("templates/login.tmpl.php"); $error = isset($_SESSION['error']) ? 1 : 0; $body->set('enable_guest_mode', $enable_guest_mode); $body->set('enable_user_login', $enable_user_login); $body->set('error', $error); $body->set('login', $login); $body->set('password', $password); $tmpl->set('body', $body); echo $tmpl->fetch('templates/index.tmpl.php');
$return = ""; //------------- register ------------------ if (isset($_POST["email"])) { require_once getenv("DOCUMENT_ROOT") . '/framework/person/persons.class.php'; $user = $_POST["UserName"]; $pass = $_POST["md5Pass"]; $return = session::register($user, $pass); if ($return === true) { $result = session::login($user, $pass); header("location: index.php"); } } else { if (isset($_POST["UserName"])) { $user = $_POST["UserName"]; $pass = $_POST["md5Pass"]; $result = session::login($user, $pass); if ($result !== true) { echo $return; $return = $result; } else { unset($_SESSION['USER']["framework"]); $_SESSION['USER']["portal"] = true; header("location: index.php"); die; } } else { if (isset($_REQUEST["forgetStep1"])) { if (!empty($_POST["ForgetUserName"])) { echo session::getEmail($_POST["ForgetUserName"], true); die; }