/** * Set script language * @param $language Language that should be set */ public static function setLanguage($language) { // check if language is valid if (self::isValidLanguage($language)) { //set language cookie to 1 year setcookie('as_lang', $language, time() * 60 * 60 * 24 * 365, '/'); // update session ASSession::set('as_lang', $language); //refresh the page header('Location: ' . $_SERVER['PHP_SELF']); } }
/** * Login user with given username and password. * @param string $username User's username. * @param string $password User's password. * @return boolean TRUE if login is successful, FALSE otherwise */ public function userLogin($username, $password) { //validation $errors = $this->_validateLoginFields($username, $password); if (count($errors) != 0) { $result = implode("<br />", $errors); echo $result; } //protect from brute force attack if ($this->_isBruteForce()) { echo ASLang::get('brute_force'); return; } //hash password and get data from db $password = $this->_hashPassword($password); $result = $this->db->select("SELECT * FROM `as_users`\n WHERE `username` = :u AND `password` = :p", array("u" => $username, "p" => $password)); if (count($result) == 1) { // check if user is confirmed if ($result[0]['confirmed'] == "N") { echo ASLang::get('user_not_confirmed'); return false; } // check if user is banned if ($result[0]['banned'] == "Y") { // increase attempts to prevent touching the DB every time $this->increaseLoginAttempts(); // return message that user is banned echo ASLang::get('user_banned'); return false; } //user exist, log him in if he is confirmed $this->_updateLoginDate($result[0]['user_id']); ASSession::set("user_id", $result[0]['user_id']); if (LOGIN_FINGERPRINT == true) { ASSession::set("login_fingerprint", $this->_generateLoginString()); } return true; } else { //wrong username/password combination $this->increaseLoginAttempts(); echo ASLang::get('wrong_username_password'); return false; } }
<?php include "ASEngine/AS.php"; if ($login->isLoggedIn()) { header("Location: index.php"); } $token = $register->socialToken(); ASSession::set('as_social_token', $token); $register->botProtection(); ?> <!doctype html> <html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content="BMOC"> <meta name="author" content="BMOC"> <title>Registration | BMOC</title> <script type="text/javascript" src="assets/js/jquery.min.js"></script> <link rel='stylesheet' href='assets/css/bootstrap.min3.css' type='text/css' media='all' /> <script type="text/javascript" src="assets/js/bootstrap.min3.js"></script> <link rel='stylesheet' href='ASLibrary/css/style3.css' type='text/css' media='all' /> <link href="assets/css/bootstrap-responsive.min.css" rel="stylesheet"> <link rel="stylesheet" type="text/css" href="ASLibrary/js/bootstrap-fileinput/bootstrap-fileinput.css"/> <script type="text/javascript" src="assets/js/respond.min.js"></script> <script type="text/javascript"> var SUCCESS_LOGIN_REDIRECT = "<?php echo SUCCESS_LOGIN_REDIRECT; ?> ";
/** * Generate two random numbers and store them into $_SESSION variable. * Numbers are used during the registration to prevent bots to register. */ public function botProtection() { ASSession::set("bot_first_number", rand(1, 9)); ASSession::set("bot_second_number", rand(1, 9)); }