} # get latest version $fp = fopen('http://agileco.com/Version.txt', "r"); $abv = fread($fp, 255); fclose($fp); # get encoding version require_once 'includes/pear/Compat/Function/file_get_contents.php'; $tmp = file_get_contents(PATH_AGILE . 'index.php'); if (eregi('ioncube', $tmp)) { $enc = 'ioncube'; } elseif (eregi('zend', $tmp)) { $enc = 'zend'; } else { $enc = 'ioncube'; } # get installed optional modules: $modules = array('affiliate' => array('affiliate', 'campaign', 'affiliate_commission', 'affiliate_template'), 'charge' => array('charge'), 'db_mapping' => array('db_mapping'), 'email_queue' => array('email_queue'), 'file' => array('file', 'file_category'), 'faq' => array('faq', 'faq_translate', 'faq_category'), 'htaccess' => array('htaccess', 'htaccess_dir', 'htaccess_exclude'), 'import' => array('import'), 'hosting' => array('host_server', 'host_registrar_plugin', 'host_tld'), 'ticket' => array('ticket', 'ticket_department', 'ticket_message'), 'login_share' => array('login_share'), 'static_page' => array('static_page', 'static_page_category', 'static_page_translate')); foreach ($modules as $name => $m) { foreach ($m as $module) { if (empty($avail["{$name}"]) && $list->is_installed($module)) { $avail["{$name}"] = true; $module_arr[] = $name; } } } # set smarty vars global $smarty; $smarty->assign('version', $ver); $smarty->assign('ab_version', $abv); $smarty->assign('encoding_version', $enc); $smarty->assign('modules', @$module_arr);
function login($VAR, $md5 = true) { global $C_translate, $C_debug; # check that the username/password are both set if ($VAR['_username'] == '' || $VAR['_password'] == '') { $C_debug->alert($C_translate->translate('login_enter_both', '', '')); return; } # md5 the password if ($md5) { $pass = md5($VAR['_password']); } else { $pass = $VAR['_password']; } # check the database for a match $db =& DB(); $q = "SELECT id,status,username,password,date_expire FROM " . AGILE_DB_PREFIX . "account WHERE\n\t\t\t\tpassword = '******' AND\n\t\t\t\tusername = '******'_username'] . "' AND\n\t\t\t\tsite_id = '" . DEFAULT_SITE . "'"; $result = $db->Execute($q); # get the account id $id = $result->fields['id']; # check that their is no lock on this account id or IP address: if ($this->locked($id)) { $C_debug->alert($C_translate->translate('login_locked', '', '')); return; } # verify the username/password match. if ($result->fields['username'] == $VAR['_username']) { if ($result->fields['password'] !== $VAR['_password'] && $result->fields['password'] != $pass) { # no match $C_debug->alert($C_translate->translate('login_pw_failed', '', '')); # log as a failed login $this->lock_check($VAR, "0", $id); return; } } else { # no username match $C_debug->alert($C_translate->translate('login_un_pw_failed', '', '')); # reload the login page $VAR["_page"] = 'account:login'; # log as a failed login $this->lock_check($VAR, "0", $VAR['_username']); return; } if ($result->fields['date_expire'] == "0" || $result->fields['date_expire'] == "") { $date_expire = time() + 99; } else { $date_expire = $result->fields['date_expire']; } # check that it is an active account if ($result->fields['status'] != "1" || $date_expire <= time()) { # inactive account $C_debug->alert($C_translate->translate('login_inactive', '', '')); # log as failed login $this->lock_check($VAR, "0", $id); return; } else { # active account - check for password sharing if login_share module is installed include_once PATH_CORE . 'list.inc.php'; $C_list = new CORE_list(); if ($C_list->is_installed('login_share')) { include_once PATH_MODULES . 'login_share/login_share.inc.php'; $share = new login_share(); if (!$share->login($id, $VAR['_username'])) { # shared account alert $C_debug->alert($C_translate->translate('shared_account', 'login_share', '')); # log as failed login $this->lock_check($VAR, "0", $id); return; } } } # set the expiry date of the login session $date_expire = time() + SESSION_EXPIRE * 60; # update the DB $db =& DB(); $q = "UPDATE " . AGILE_DB_PREFIX . "session\n\t\t\t\tSET\n\t\t\t\tip= '" . USER_IP . "',\n\t\t\t\tdate_expire = '{$date_expire}',\n\t\t\t\tlogged = '1',\n\t\t\t\taccount_id = '{$id}'\n\t\t\t\tWHERE\n\t\t\t\tid = '" . SESS . "'\n\t\t\t\tAND\n\t\t\t\tsite_id = '" . DEFAULT_SITE . "'"; $result = $db->Execute($q); # delete any old sessions for this account $db =& DB(); $q = "DELETE FROM " . AGILE_DB_PREFIX . "session WHERE\n\t\t\t\taccount_id = '{$id}' \tAND\n\t\t\t\tid != '" . SESS . "' AND\n\t\t\t\tsite_id = '" . DEFAULT_SITE . "'"; $result = $db->Execute($q); #return logged in message $C_debug->alert($C_translate->translate('login_success', '', '')); # Get the last successful login: $db =& DB(); $q = "SELECT * FROM " . AGILE_DB_PREFIX . "login_log WHERE\n\t\t\t account_id = " . $db->qstr($id) . " \tAND\n\t\t\t status = " . $db->qstr(1) . " AND\n\t\t\t site_id = " . $db->qstr(DEFAULT_SITE) . "\n\t\t\t ORDER BY date_orig DESC LIMIT 1"; $result = $db->Execute($q); if ($result->RecordCount() != 0) { $ip = $result->fields["ip"]; $date = $result->fields["date_orig"]; $date1 = date(UNIX_DATE_FORMAT, $date); $date1 .= " " . date(DEFAULT_TIME_FORMAT, $date); $message = $C_translate->translate('login_log_success', '', ''); $message = ereg_replace('%date%', $date1, $message); $message = ereg_replace('%ip%', $ip, $message); $C_debug->alert($message); } # log the successful login $this->lock_check($VAR, "1", $id); #################################################################### ### Do any db_mapping #################################################################### $sql = 'SELECT id FROM ' . AGILE_DB_PREFIX . 'module WHERE site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND name = ' . $db->qstr('db_mapping') . ' AND status = ' . $db->qstr("1"); $result = $db->Execute($sql); if ($result->RecordCount() > 0) { include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php'; $db_map = new db_mapping(); $db_map->login($id); } }
function dbmap() { global $C_list; if (!is_object($C_list)) { include_once PATH_CORE . 'list.inc.php'; $C_list = new CORE_list(); } if ($C_list->is_installed('db_mapping')) { # Update the db_mapping accounts include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php'; $db_map = new db_mapping(); $db_map->account_group_sync($this->rs['account_id']); } }