function autologin()
{
if (auth_is_user_authenticated()) {
return;
}
$t_login_method = config_get('login_method');
if ($t_login_method != BASIC_AUTH) {
trigger_error("Invalid login method. ({$t_login_method})", ERROR);
}
$t_user_id = user_get_id_by_name($_SERVER['REMOTE_USER']);
if (!$t_user_id) {
trigger_error('Invalid user.', ERROR);
}
user_increment_login_count($t_user_id);
user_reset_failed_login_count_to_zero($t_user_id);
user_reset_lost_password_in_progress_count_to_zero($t_user_id);
auth_set_cookies($t_user_id, true);
auth_set_tokens($t_user_id);
}
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
}
if ($client->getAccessToken()) {
$userData = $objOAuthService->userinfo->get();
$data['userData'] = $userData;
$_SESSION['access_token'] = $client->getAccessToken();
}
$user_id = user_get_id_by_email($userData->email);
# check for disabled account
if (!user_is_enabled($user_id)) {
echo "<p>Your email didn't to registration on this web site. Please register new account first. ";
return false;
}
# max. failed login attempts achieved...
if (!user_is_login_request_allowed($user_id)) {
echo "<p>Your email didn't to registration on this web site. Please register new account first. ";
return false;
}
# check for anonymous login
if (user_is_anonymous($user_id)) {
echo "<p>Your email didn't to registration on this web site. Please register new account first. ";
return false;
}
user_increment_login_count($user_id);
user_reset_failed_login_count_to_zero($user_id);
user_reset_lost_password_in_progress_count_to_zero($user_id);
# set the cookies
auth_set_cookies($user_id, false);
auth_set_tokens($user_id);
print_header_redirect('../../../my_view_page.php');
/**
* Generate the intermediate authentication page.
* @param integer User ID
* @param string Username
* @return bool
* @access public
*/
function auth_reauthenticate_page($p_user_id, $p_username)
{
$t_error = false;
if (true == gpc_get_bool('_authenticate')) {
$f_password = gpc_get_string('password', '');
if (auth_attempt_login($p_username, $f_password)) {
auth_set_tokens($p_user_id);
return true;
} else {
$t_error = true;
}
}
html_page_top();
?>
<div align="center">
<p>
<?php
echo lang_get('reauthenticate_message');
if ($t_error != false) {
echo '<br/><font color="red">', lang_get('login_error'), '</font>';
}
?>
</p>
<form name="reauth_form" method="post" action="<?php
echo form_action_self();
?>
">
<?php
# CSRF protection not required here - user needs to enter password
# (confirmation step) before the form is accepted.
print_hidden_inputs(gpc_strip_slashes($_POST));
print_hidden_inputs(gpc_strip_slashes($_GET));
?>
<input type="hidden" name="_authenticate" value="1" />
<table class="width50 center">
<tr>
<td class="form-title" colspan="2"><?php
echo lang_get('reauthenticate_title');
?>
</td>
</tr>
<tr class="row-1">
<th class="category"><?php
echo lang_get('username');
?>
</th>
<td><input type="text" disabled="disabled" size="32" maxlength="<?php
echo USERLEN;
?>
" value="<?php
echo string_attribute($p_username);
?>
" /></td>
</tr>
<tr class="row-2">
<th class="category"><?php
echo lang_get('password');
?>
</th>
<td><input type="password" name="password" size="16" maxlength="<?php
echo PASSLEN;
?>
" class="autofocus" /></td>
</tr>
<tr>
<td class="center" colspan="2"><input type="submit" class="button" value="<?php
echo lang_get('login_button');
?>
" /></td>
</tr>
</table>
</form>
</div>
<?php
html_page_bottom();
exit;
}
/**
* Generate the intermediate authentication page.
* @param integer $p_user_id User ID.
* @param string $p_username Username.
* @return boolean
* @access public
*/
function auth_reauthenticate_page($p_user_id, $p_username)
{
$t_error = false;
if (true == gpc_get_bool('_authenticate')) {
$f_password = gpc_get_string('password', '');
if (auth_attempt_login($p_username, $f_password)) {
auth_set_tokens($p_user_id);
return true;
} else {
$t_error = true;
}
}
html_page_top();
?>
<div class="important-msg">
<?php
echo lang_get('reauthenticate_message');
if ($t_error != false) {
echo '<br /><span class="error-msg">', lang_get('login_error'), '</span>';
}
?>
</div>
<div id="reauth-div" class="form-container">
<form id="reauth-form" method="post" action="">
<fieldset>
<legend><span><?php
echo lang_get('reauthenticate_title');
?>
</span></legend>
<?php
# CSRF protection not required here - user needs to enter password
# (confirmation step) before the form is accepted.
print_hidden_inputs($_POST);
print_hidden_inputs($_GET);
?>
<input type="hidden" name="_authenticate" value="1" />
<div class="field-container">
<label for="username"><span><?php
echo lang_get('username');
?>
</span></label>
<span class="input"><input id="username" type="text" disabled="disabled" size="32" maxlength="<?php
echo DB_FIELD_SIZE_USERNAME;
?>
" value="<?php
echo string_attribute($p_username);
?>
" /></span>
<span class="label-style"></span>
</div>
<div class="field-container">
<label for="password"><span><?php
echo lang_get('password');
?>
</span></label>
<span class="input"><input id="password" type="password" name="password" size="32" maxlength="<?php
echo auth_get_password_max_size();
?>
" class="autofocus" /></span>
<span class="label-style"></span>
</div>
<span class="submit-button"><input type="submit" class="button" value="<?php
echo lang_get('login_button');
?>
" /></span>
</fieldset>
</form>
</div>
<?php
html_page_bottom();
exit;
}
/**
* Generate the intermediate authentication page.
* @param integer User ID
* @param string Username
*/
function auth_reauthenticate_page($p_user_id, $p_username)
{
$t_error = false;
if (true == gpc_get_bool('_authenticate')) {
$f_password = gpc_get_string('password', '');
if (auth_attempt_login($p_username, $f_password)) {
auth_set_tokens($p_user_id);
return true;
} else {
$t_error = true;
}
}
html_page_top1();
html_page_top2();
?>
<div align="center">
<p>
<?php
echo lang_get('reauthenticate_message');
if ($t_error != false) {
echo '<br/><font color="red">', lang_get('login_error'), '</font>';
}
?>
</p>
<form method="post" action="<?php
echo $_SERVER['PHP_SELF'];
?>
">
<?php
print_hidden_inputs(gpc_strip_slashes($_POST));
print_hidden_inputs(gpc_strip_slashes($_GET));
?>
<input type="hidden" name="_authenticate" value="1" />
<table class="width50 center">
<tr>
<td class="form-title"><?php
echo lang_get('reauthenticate_title');
?>
</td>
</tr>
<tr class="row-1">
<td class="category"><?php
echo lang_get('username');
?>
</td>
<td><input type="text" disabled="disabled" size="32" maxlength="32" value="<?php
echo $p_username;
?>
" /></td>
</tr>
<tr class="row-2">
<td class="category"><?php
echo lang_get('password');
?>
</td>
<td><input type="password" name="password" size="16" maxlength="32" /></td>
</tr>
<tr>
<td class="center" colspan="2"><input type="submit" class="button" value="<?php
echo lang_get('login_button');
?>
" /></td>
</tr>
</table>
</form>
</div>
<?php
html_page_bottom1();
exit;
}
