public static function employee_login() { $params = $_POST; $employee = Employee::authenticate($params['username'], $params['password']); if (!$employee) { View::make('login/index.html', array('error' => 'Väärä käyttäjätunnus tai salasana!', 'username' => $params['username'])); } else { $_SESSION['employee'] = $employee->id; Redirect::to("/employee/login"); } }
public function runEmployee($username, $password) { global $session; $userReg = Employee::authenticate($username, $password); if ($userReg) { $session->Employeelogin($userReg); return true; } else { return false; } }
<?php $_SESSION['direct_to'] = BASE_URL . "account/change_password/"; include_once 'sessioninc.php'; $username = $session->get_username(); if (isset($_POST['bt_submit'])) { $error = array(); $old_pass = $_POST['txt_old_pass']; $new_pass = $_POST['txt_new_pass']; $new_pass_try = $_POST['txt_new_pass_retry']; $correct_user = Employee::authenticate($username, $old_pass); /* check old password**/ if (!$correct_user) { $error[] = format_lang('errormsg', 44); } /**new password*/ if (strlen($new_pass) != strlen($new_pass_try)) { $error[] = format_lang('errormsg', 45); } if (strlen($new_pass) < 6 || strlen($new_pass) > 20) { $error[] = format_lang('errormsg', 46); } if (sizeof($error) == 0) { //if everything ok $pass_change = Employee::change_password($username, $new_pass); if ($pass_change) { $session->message("<div class='success'>" . format_lang('success', 'pass_chg_success') . "</div>"); } else { $session->message("<div class='error'>" . format_lang('errormsg', 47) . "</div>"); } } else {
/** login */ if (isset($_POST['bt_login'])) { $username = trim($_POST['useranme_txt']); $pass = trim($_POST['pass_txt']); $smarty->assign('username', $username); $errors = array(); if ($username == "" || $pass == "") { $errors[] = format_lang('error', 'empty_user_pass'); } if (ENABLE_SPAM_LOGIN && ENABLE_SPAM_LOGIN == 'Y') { if (strtolower($_POST['spam_code']) != strtolower($_SESSION['spam_code']) || (!isset($_SESSION['spam_code']) || $_SESSION['spam_code'] == NULL)) { $errors[] = format_lang('error', 'spam_wrong_word'); } } if (sizeof($errors) == 0) { $user_found = Employee::authenticate($username, $pass); if ($user_found) { //check employee status if ($user_found->employee_status == 'pending') { $message = "<div class='error'>" . format_lang('error', 'approve_account') . "</div>"; } elseif ($user_found->employee_status == 'deleted') { $message = "<div class='error'>" . format_lang('error', 'status_deleted_account') . "</div>"; } elseif ($user_found->employee_status == 'suspended') { $message = "<div class='error'>" . format_lang('error', 'status_suspended_account') . "</div>"; } elseif ($user_found->employee_status == 'declined') { $message = "<div class='error'>" . format_lang('error', 'status_declined_account') . "</div>"; } else { $access = "User"; $session->login($user_found, $access); if (isset($_SESSION['direct_to'])) { $page = $_SESSION['direct_to'];