unset($_SESSION[$key]);
}
$sqlLogin = (get_config('case_insensitive_usernames')) ? "COLLATE utf8_general_ci = ?s" : "COLLATE utf8_bin = ?s";
$myrow = Database::get()->querySingle("SELECT * FROM user WHERE username $sqlLogin", $uname);
if (get_config('login_fail_check')) {
$r = Database::get()->querySingle("SELECT 1 FROM login_failure WHERE ip = '" . $_SERVER['REMOTE_ADDR'] . "'
AND COUNT > " . intval(get_config('login_fail_threshold')) . "
AND DATE_SUB(CURRENT_TIMESTAMP, interval " . intval(get_config('login_fail_deny_interval')) . " minute) < last_fail");
}
if (get_config('login_fail_check') && $r) {
$ok = 8;
} else {
if (in_array($myrow->password, $auth_ids)) {
$ok = alt_login($myrow, $uname, $pass);
} else {
$ok = login($myrow, $uname, $pass);
}
}
if (isset($_SESSION['uid']) && $ok === 1) {
Database::get()->query("INSERT INTO loginout (loginout.id_user, loginout.ip, loginout.when, loginout.action)
VALUES (?d, ?s, NOW(), 'LOGIN')", intval($_SESSION['uid']), $_SERVER['REMOTE_ADDR']);
resetLoginFailure();
session_regenerate_id();
set_session_mvars();
echo session_id();
} else {
if ($ok === 4) {
increaseLoginFailure();
function process_login()
{
global $warning, $surname, $givenname, $email, $status, $is_admin, $language, $langInvalidId, $langAccountInactive1, $langAccountInactive2, $langNoCookies, $langEnterPlatform, $urlServer, $langHere, $auth_ids, $inactive_uid, $langTooManyFails;
if (isset($_POST['uname'])) {
$posted_uname = canonicalize_whitespace($_POST['uname']);
} else {
$posted_uname = '';
}
$pass = isset($_POST['pass']) ? $_POST['pass'] : '';
$auth = get_auth_active_methods();
$is_eclass_unique = is_eclass_unique();
if (isset($_POST['submit'])) {
unset($_SESSION['uid']);
$auth_allow = 0;
if (get_config('login_fail_check')) {
$r = Database::get()->querySingle("SELECT 1 FROM login_failure WHERE ip = '" . $_SERVER['REMOTE_ADDR'] . "' \n AND COUNT > " . intval(get_config('login_fail_threshold')) . " \n AND DATE_SUB(CURRENT_TIMESTAMP, interval " . intval(get_config('login_fail_deny_interval')) . " minute) < last_fail");
}
if (get_config('login_fail_check') && $r) {
$auth_allow = 8;
} else {
$sqlLogin = "******";
if (get_config('case_insensitive_usernames')) {
$sqlLogin = "******";
} else {
$sqlLogin = "******";
}
$myrow = Database::get()->querySingle("SELECT id, surname, givenname, password, username, status, email, lang, verified_mail\n FROM user WHERE username {$sqlLogin}", $posted_uname);
//print_r($result);
// cas might have alternative authentication defined
$exists = 0;
if (!isset($_COOKIE) or count($_COOKIE) == 0) {
// Disallow login when cookies are disabled
$auth_allow = 5;
} elseif ($pass === '') {
// Disallow login with empty password
$auth_allow = 4;
} else {
if ($myrow) {
$exists = 1;
if (!empty($auth)) {
if (in_array($myrow->password, $auth_ids)) {
// alternate methods login
$auth_allow = alt_login($myrow, $posted_uname, $pass);
} else {
// eclass login
$auth_allow = login($myrow, $posted_uname, $pass);
}
} else {
$tool_content .= "<br>{$langInvalidAuth}<br>";
}
}
}
if (!$exists and !$auth_allow) {
Log::record(0, 0, LOG_LOGIN_FAILURE, array('uname' => $posted_uname, 'pass' => $pass));
$auth_allow = 4;
}
}
if (!isset($_SESSION['uid'])) {
switch ($auth_allow) {
case 1:
$warning .= "";
session_regenerate_id();
break;
case 2:
$warning .= "<div class='alert alert-warning'>{$langInvalidId}</div>";
break;
case 3:
$warning .= "<div class='alert alert-warning'>{$langAccountInactive1} " . "<a href='modules/auth/contactadmin.php?userid={$inactive_uid}&h=" . token_generate("userid={$inactive_uid}") . "'>{$langAccountInactive2}</a></div>";
break;
case 4:
$warning .= "<div class='alert alert-warning'>{$langInvalidId}</div>";
increaseLoginFailure();
break;
case 5:
$warning .= "<div class='alert alert-warning'>{$langNoCookies}</div>";
break;
case 6:
$warning .= "<div class='alert alert-warning'>{$langEnterPlatform} <a href='{$urlServer}secure/index.php'>{$langHere}</a></div>";
break;
case 7:
$warning .= "<div class='alert alert-warning'>{$langEnterPlatform} <a href='{$urlServer}secure/cas.php'>{$langHere}</a></div>";
break;
case 8:
$warning .= "<div class='alert alert-warning'>{$langTooManyFails}</div>";
break;
default:
break;
}
} else {
Database::get()->query("INSERT INTO loginout (loginout.id_user, loginout.ip, loginout.when, loginout.action) " . "VALUES ({$_SESSION['uid']}, '{$_SERVER['REMOTE_ADDR']}', NOW(), 'LOGIN')");
if (get_config('email_verification_required') and get_mail_ver_status($_SESSION['uid']) == EMAIL_VERIFICATION_REQUIRED) {
$_SESSION['mail_verification_required'] = 1;
$next = "modules/auth/mail_verify_change.php";
} elseif (isset($_POST['next'])) {
$next = $_POST['next'];
} else {
$next = '';
}
resetLoginFailure();
redirect_to_home_page($next);
}
}
// end of user authentication
}
function process_login() {
global $warning, $surname, $givenname, $email, $status, $is_admin,
$language, $session, $langInvalidId, $langAccountInactive1,
$langAccountInactive2, $langNoCookies, $langEnterPlatform, $urlServer,
$langHere, $auth_ids, $inactive_uid, $langTooManyFails, $urlAppend;
if (isset($_POST['uname'])) {
$posted_uname = canonicalize_whitespace($_POST['uname']);
} else {
$posted_uname = '';
}
$pass = isset($_POST['pass']) ? trim($_POST['pass']): '';
$auth = get_auth_active_methods();
if (isset($_POST['submit'])) {
unset($_SESSION['uid']);
$auth_allow = 0;
if (get_config('login_fail_check')) {
$r = Database::get()->querySingle("SELECT 1 FROM login_failure WHERE ip = '" . $_SERVER['REMOTE_ADDR'] . "'
AND COUNT > " . intval(get_config('login_fail_threshold')) . "
AND DATE_SUB(CURRENT_TIMESTAMP, interval " . intval(get_config('login_fail_deny_interval')) . " minute) < last_fail");
}
if (get_config('login_fail_check') && $r) {
$auth_allow = 8;
} else {
$sqlLogin = "******";
if (get_config('case_insensitive_usernames')) {
$sqlLogin = "******";
} else {
$sqlLogin = "******";
}
$myrow = Database::get()->querySingle("SELECT id, surname, givenname, password, username, status, email, lang, verified_mail
FROM user WHERE username $sqlLogin", $posted_uname);
$guest_user = get_config('course_guest') != 'off' && $myrow && $myrow->status == USER_GUEST;
// cas might have alternative authentication defined
$exists = 0;
if (!isset($_COOKIE) or count($_COOKIE) == 0) {
// Disallow login when cookies are disabled
$auth_allow = 5;
} elseif ($pass === '' and !$guest_user) {
// Disallow login with empty password except for course guest users
$auth_allow = 4;
} else {
if ($myrow) {
$exists = 1;
if (!empty($auth)) {
if (in_array($myrow->password, $auth_ids)) {
// alternate methods login
$auth_allow = alt_login($myrow, $posted_uname, $pass);
} else {
// eclass login
$auth_allow = login($myrow, $posted_uname, $pass);
}
} else {
$tool_content .= "<br>$langInvalidAuth<br>";
}
}
}
if (!$exists and !$auth_allow) {
Log::record(0, 0, LOG_LOGIN_FAILURE, array('uname' => $posted_uname));
$auth_allow = 4;
}
}
$invalidIdMessage = sprintf($langInvalidId, $urlAppend . 'modules/auth/registration.php');
if (!isset($_SESSION['uid'])) {
switch ($auth_allow) {
case 1:
session_regenerate_id();
break;
case 2:
if (isset($_GET['login_page'])) {
Session::flash('login_error', $invalidIdMessage);
redirect_to_home_page('main/login_form.php');
} else {
$warning .= "<div class='alert alert-warning'>$invalidIdMessage</div>";
}
break;
case 3: $warning .= "<div class='alert alert-warning'>$langAccountInactive1 " .
"<a href='modules/auth/contactadmin.php?userid=$inactive_uid&h=" .
token_generate("userid=$inactive_uid") . "'>$langAccountInactive2</a></div>";
break;
case 4:
if (isset($_GET['login_page'])) {
Session::flash('login_error', $invalidIdMessage);
redirect_to_home_page('main/login_form.php');
} else {
$warning .= "<div class='alert alert-warning'>$invalidIdMessage</div>";
increaseLoginFailure();
}
break;
case 5: $warning .= "<div class='alert alert-warning'>$langNoCookies</div>";
break;
case 6: $warning .= "<div class='alert alert-warning'>$langEnterPlatform <a href='{$urlServer}secure/index.php'>$langHere</a></div>";
break;
case 7: $warning .= "<div class='alert alert-warning'>$langEnterPlatform <a href='{$urlServer}modules/auth/cas.php'>$langHere</a></div>";
break;
case 8: $warning .= "<div class='alert alert-warning'>$langTooManyFails</div>";
break;
default:
break;
}
} else {
Database::get()->query("INSERT INTO loginout (loginout.id_user, loginout.ip, loginout.when, loginout.action) "
. "VALUES ($_SESSION[uid], '$_SERVER[REMOTE_ADDR]', NOW(), 'LOGIN')");
$session->setLoginTimestamp();
if (get_config('email_verification_required') and
get_mail_ver_status($_SESSION['uid']) == EMAIL_VERIFICATION_REQUIRED) {
$_SESSION['mail_verification_required'] = 1;
$next = 'modules/auth/mail_verify_change.php';
} elseif (isset($_POST['next'])) {
$next = $_POST['next'];
} else {
$next = '';
}
resetLoginFailure();
redirect_to_home_page($next);
}
} // end of user authentication
}
