function populate_user_details($userdata) { $userdetails['userid'] = empty($userdata[0]['userid']) && !empty($userdata[0]['id']) ? $userdata[0]['id'] : $userdata[0]['userid']; $userdetails['username'] = $userdata[0]['username']; $userdetails['isadmin'] = $userdata[0]['isadmin']; $userdetails['usertype'] = $userdata[0]['usertype']; $userdetails['emailaddress'] = $userdata[0]['emailaddress']; $userdetails['userexpirydate'] = $userdata[0]['enddate']; $userdetails['names'] = $userdata[0]['firstname'] . " " . $userdata[0]['middlename'] . " " . $userdata[0]['lastname']; $userdetails['firstname'] = $userdata[0]['firstname']; $userdetails['lastname'] = $userdata[0]['lastname']; $userdetails['speciality'] = $userdata[0]['speciality']; $userdetails['changedpassword'] = $userdata[0]['changedpassword']; $this->log_access_trail(replace_bad_chars($userdetails['username']), 'Success'); $this->session->set_userdata($userdetails); $this->session->set_userdata('alluserdata', $userdetails); setcookie("loggedin", "true", time() + $this->config->item('sess_time_to_update')); }
function format_inline_edit($category, $string, $id) { $matches = array(); preg_match_all("^\\[(.*?)\\]^", $string, $matches, PREG_PATTERN_ORDER); foreach ($matches[1] as $key => $phrase) { $keyValue = explode('=', $phrase); $keyArray = explode('|', $keyValue[0]); $valueArray = explode('|', $keyValue[1]); $fieldHTML = "<a href='javascript:;' data-id='edit_" . $keyArray[0] . "_" . $id . "' class='edit-in-line' data-actionurl='" . $category . "/update_list_value/t/" . $keyArray[0] . "/v/" . replace_bad_chars($valueArray[0]) . "/d/" . $id . (!empty($valueArray[1]) ? "/h/" . replace_bad_chars($valueArray[0]) : '') . (!empty($keyArray[1]) ? '/w/' . $keyArray[1] : '') . "' title='Click to edit'>" . str_replace(',', ', ', $valueArray[0]) . "</a>"; $string = str_replace($matches[0][$key], $fieldHTML, $string); } return $string; }
function login() { # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m')); # Pick all assigned data $data = assign_to_data($urldata); $data['status'] = ''; # If user has clicked login button if ($this->input->post('login')) { $required_fields = array('username', 'password'); $_POST = clean_form_data($_POST); $validation_results = validate_form('', $_POST, $required_fields); $username = trim($this->input->post('username')); $password = trim($this->input->post('password')); # print_r($_POST); $data['status'] = ""; # Enters here if there were no errors during validation. if ($validation_results['bool']) { # print_r($validation_results); # exit(); # Run the login details against the user's details stored in the database # Returns an array with the user details $chk_user = $this->user1->validate_login_user(array('username' => trim($username), 'password' => trim(sha1($password)))); # No matching user details if (count($chk_user) == 0) { $data['status'] = "ajax_response"; $data['mysgtype'] = "WARNING"; $data['msg'] = " THE LOGIN CREDENTIALS ARE INCORRECT "; $this->user1->log_access_trail(replace_bad_chars($username), 'Fail'); } else { if (count($chk_user) > 0) { $data['status'] = "pass"; # add session attributes # get the user id from the query results, since this is the unique ID for # the user $userdetails['userid'] = $chk_user[0]['id']; $userdetails['username'] = $chk_user[0]['login_name']; $userdetails['isadmin'] = !empty($chk_user[0]['groupid']) && $chk_user[0]['groupid'] == 1 ? 'Y' : 'N'; #$userdetails['pdeid'] = $chk_user[0]['pde']; #$userdetails['usertype'] = $chk_user[0]['usertype']; $userdetails['usergroup'] = $chk_user[0]['groupid']; $userdetails['usergroupname'] = $chk_user[0]['groupname']; $userdetails['emailaddress'] = $chk_user[0]['email']; $userdetails['names'] = $chk_user[0]['firstname'] . " " . $chk_user[0]['othernames'] . " " . $chk_user[0]['lastname']; $userdetails['firstname'] = $chk_user[0]['firstname']; $userdetails['lastname'] = $chk_user[0]['lastname']; $userdetails['photo'] = $chk_user[0]['imageurl']; $this->user1->log_access_trail(replace_bad_chars($username), 'Success'); $this->session->set_userdata($userdetails); $this->session->set_userdata('alluserdata', $userdetails); setcookie("loggedin", "true", time() + $this->config->item('sess_time_to_update')); #Determine if the user needs to change the password, then overide the redirection to the dashboard if (!empty($userdetails['changedpassword']) && $userdetails['changedpassword'] == "N") { redirect('admin/change_password'); } else { # print_r($userdetails); #exit(); #Persist user details if specified "remember me" for future login if (!empty($_POST['rememberme'])) { #Create cookie for the user details if (SECURE_MODE) { /* * setcookie() variables * ----------------------- * name #Cookie Name * value #Cookie value * expire #Keep active for only 1 week (7 x 24 x 60 x 60 seconds) * domain #Domain * secure #Whether it requires to be secure cookie - set if operating in secure mode (with HTTPS) */ setcookie(get_user_cookie_name($this), encryptValue($this->session->userdata('username') . "||" . sha1($password)), time() + 604800, "." . $_SERVER['HTTP_HOST'], TRUE); } else { setcookie(get_user_cookie_name($this), encryptValue($this->session->userdata('username') . "||" . sha1($password)), time() + 604800, "." . $_SERVER['HTTP_HOST']); } } redirect('admin/load_dashboard'); } } } #check user } else { $data['status'] = "ajax_response"; $data['mysgtype'] = "WARNING"; $data['msg'] = "WARNING: Please enter the fields highlighted to continue."; $this->user1->log_access_trail(replace_bad_chars($username), 'Fail'); } $data['formdata'] = $_POST; $data['requiredfields'] = $validation_results['requiredfields']; } $data = add_msg_if_any($this, $data); #load Admin Data $data['main_content'] = 'admin/login/login_v'; $data['page_title'] = 'User Login'; if ($data['status'] == "ajax_response") { echo json_encode($data); } else { $this->load->view('admin/includes/login/login_template', $data); } //pass to view /* $this->load->view('admin/includes/login/login_template', $data); $data['view_to_load'] = 'public/includes/login'; $this->load->view('public/home_v', $data); */ }
function get_user_cookie_name($obj = '') { return replace_bad_chars(encryptValue("user_" . $obj->input->ip_address())); }
function log_access_trail($username, $logresult, $action='login') { $browser = getBrowser(); $country_code = ''; $country_name = ''; $flag = ''; $city = ''; $region = ''; $isp = ''; $latitude = ''; $longitude = ''; if(!$this->session->userdata('logstamp')) { $this->session->set_userdata('logstamp', strtotime('now').'-'.$this->session->userdata('userid')); } #If the user is logging in, save more data about the location if($action == 'login') { $ip = $this->input->ip_address(); #Use backup server if cannot make a connection if (stripos(BASE_URL, '/localhost') === FALSE) { $location = $this->get_ip_location($ip); $country_code = $location['countrycode']; $country_name = $location['country']; $flag = ''; $city = $location['city']; $region = $location['region']; $isp = $location['isp']; $latitude = $location['latitude']; $longitude = $location['longitude']; } } $query = $this->db->query($this->Query_reader->get_query_by_code('save_access_trail', array('url' => current_url(), 'username' => replace_bad_chars($username), 'logresult' => $logresult, 'emailaddress' => replace_bad_chars($username), 'ipaddress' => $this->input->ip_address(), 'browser' => $browser['name'] . ',' . $browser['version'] . ',' . $browser['platform'], 'action' => $action, 'logstamp' => $this->session->userdata('logstamp'), 'countrycode' => $country_code, 'countryname' => $country_name, 'flag' => $flag, 'city' => $city, 'region' => $region, 'isp' => $isp, 'latitude' => $latitude, 'longitude' => $longitude))); }
function login() { # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m')); # Pick all assigned data $data = assign_to_data($urldata); # If user has clicked login button if (isset($_POST['login'])) { $required_fields = array('acadusername', 'acadpassword'); $_POST = clean_form_data($_POST); #print_r($_POST); $validation_results = validate_form('', $_POST, $required_fields); $username = trim($this->input->post('acadusername')); $password = trim($this->input->post('acadpassword')); # Enters here if there were no errors during validation. if ($validation_results['bool']) { # Run the login details against the user's details stored in the database # Returns an array with the user details $chk_user = $this->user1->validate_login_user(array('username' => $username, 'password' => sha1($password))); # No matching user details if (count($chk_user) == 0) { $data['msg'] = "WARNING: <b>Please re-enter your password.</b><br><br>The password entered is incorrect. Please try again (make sure your caps lock is off).<br><br>Forgot your password? <a href='" . base_url() . "admin/forgot_password' style='text-decoration:underline;font-size:17px;'>Request a new one.</a>"; $this->user1->log_access_trail(replace_bad_chars($username), 'Fail'); } else { if (count($chk_user) > 0) { # add session attributes # get the user id from the query results, since this is the unique ID for # the user $userdetails['userid'] = $chk_user[0]['userid']; $userdetails['username'] = $chk_user[0]['username']; $userdetails['isadmin'] = $chk_user[0]['isadmin']; $userdetails['usertype'] = $chk_user[0]['usertype']; //$userdetails['accessgroup'] = $chk_user[0]['accessgroup']; $userdetails['emailaddress'] = $chk_user[0]['emailaddress']; $userdetails['names'] = $chk_user[0]['firstname'] . " " . $chk_user[0]['middlename'] . " " . $chk_user[0]['lastname']; $userdetails['firstname'] = $chk_user[0]['firstname']; $userdetails['lastname'] = $chk_user[0]['lastname']; $userdetails['photo'] = $chk_user[0]['photo']; # get details for a school user if ($userdetails['usertype'] == 'SCHOOL') { # Get the school details $userdetails['schoolinfo'] = $this->Query_reader->get_row_as_array('get_school_by_id', array('id' => $chk_user[0]['school'])); $userdetails['usergroup'] = $chk_user[0]['accessgroup']; $usergroupdetails = $this->Query_reader->get_row_as_array('get_group_by_id', array('id' => $chk_user[0]['accessgroup'])); $userdetails['usergroupname'] = !empty($usergroupdetails) ? $usergroupdetails['groupname'] : ''; $userdetails['accessgroup'] = !empty($usergroupdetails) ? $usergroupdetails['id'] : ''; $userdetails['isschooladmin'] = $chk_user[0]['isschooladmin']; } $this->user1->log_access_trail(replace_bad_chars($username), 'Success'); //print_r($userdetails); $this->session->set_userdata($userdetails); $this->session->set_userdata('alluserdata', $userdetails); setcookie("loggedin", "true", time() + $this->config->item('sess_time_to_update')); #Determine if the user needs to change the password, then overide the redirection to the dashboard if (!empty($userdetails['changedpassword']) && $userdetails['changedpassword'] == "N") { redirect('admin/change_password'); } else { #Persist user details if specified "remember me" for future login if (!empty($_POST['rememberme'])) { #Create cookie for the user details if (SECURE_MODE) { /* * setcookie() variables * ----------------------- * name #Cookie Name * value #Cookie value * expire #Keep active for only 1 week (7 x 24 x 60 x 60 seconds) * domain #Domain * secure #Whether it requires to be secure cookie - set if operating in secure mode (with HTTPS) */ setcookie(get_user_cookie_name($this), encryptValue($this->session->userdata('username') . "||" . sha1($password)), time() + 604800, "." . $_SERVER['HTTP_HOST'], TRUE); } else { setcookie(get_user_cookie_name($this), encryptValue($this->session->userdata('username') . "||" . sha1($password)), time() + 604800, "." . $_SERVER['HTTP_HOST']); } } redirect('admin/load_dashboard'); } } } #check user } else { $data['msg'] = "WARNING: Please enter the fields highlighted to continue."; $this->user1->log_access_trail(replace_bad_chars($username), 'Fail'); } $data['formdata'] = $_POST; $data['requiredfields'] = $validation_results['requiredfields']; } exit("pass"); $data = add_msg_if_any($this, $data); $this->load->view('login_view', $data); }