function login( $username=null, $passwd2=null ) { global $_POST, $_CB_framework, $ueConfig; if ( count( $_POST ) == 0 ) { HTML_comprofiler::loginForm( 'com_comprofiler', $_POST, null ); return; } $spoofCheckOk = false; if ( cbSpoofCheck( 'login', 'POST', 2 ) ) { $spoofCheckOk = true; } else { if ( is_callable("josSpoofCheck") && is_callable("josSpoofValue") ) { $validate = josSpoofValue(); if ( cbGetParam( $_POST, $validate ) ) { josSpoofCheck(1); $spoofCheckOk = true; } } } if ( ! $spoofCheckOk ) { echo _UE_SESSION_EXPIRED . ' ' . _UE_PLEASE_REFRESH; return; } $messagesToUser = array(); $alertmessages = array(); if ( !$username || !$passwd2 ) { $username = trim( cbGetParam( $_POST, 'username', '' ) ); $passwd2 = trim( cbGetParam( $_POST, 'passwd', '', _CB_ALLOWRAW ) ); } $rememberMe = cbGetParam( $_POST, 'remember' ); $return = trim( stripslashes( cbGetParam( $_POST, 'return', null ) ) ); if ( cbStartOfStringMatch( $return, 'B:' ) ) { $return = base64_decode( substr( $return, 2 ) ); $arrToClean = array( 'B' => get_magic_quotes_gpc() ? addslashes( $return ) : $return ); $return = cbGetParam( $arrToClean, 'B', '' ); } if ( ! ( ( cbStartOfStringMatch( $return, $_CB_framework->getCfg( 'live_site' ) ) || cbStartOfStringMatch( $return, 'index.php' ) ) ) ) { $return = ''; } $message = trim( cbGetParam( $_POST, 'message', 0 ) ); $loginType = ( isset( $ueConfig['login_type'] ) ? $ueConfig['login_type'] : 0 ); // Do the login including all authentications and event firing: cbimport( 'cb.authentication' ); $cbAuthenticate = new CBAuthentication(); $resultError = $cbAuthenticate->login( $username, $passwd2, $rememberMe, $message, $return, $messagesToUser, $alertmessages, $loginType ); if ( count( $messagesToUser ) > 0 ) { if ( $resultError ) { echo "<div class=\"message\">".$resultError."</div>"; } echo "\n<div>" . stripslashes( implode( "</div>\n<div>", $messagesToUser ) ) . "</div>\n"; if ( in_array( cbGetParam( $_POST, 'loginfrom' ), array( 'loginform', 'regform', 'loginmodule' ) ) ) { HTML_comprofiler::loginForm( 'com_comprofiler', $_POST, $resultError ); } } elseif ($resultError) { if ( in_array( cbGetParam( $_POST, 'loginfrom' ), array( 'loginform', 'regform', 'loginmodule' ) ) ) { HTML_comprofiler::loginForm( 'com_comprofiler', $_POST, $resultError ); } else { echo "<div class=\"message\">".$resultError."</div>"; } } else { cbRedirect( cbSef( $return, false ), ( count( $alertmessages ) > 0 ? stripslashes( implode( '\n', $alertmessages ) ) : '' ) ); } }
function login($username = null, $password = null, $secretKey = null) { global $_POST, $_CB_framework, $_PLUGINS, $ueConfig; checkCBPostIsHTTPS(); $_PLUGINS->loadPluginGroup('user'); if (count($_POST) == 0) { HTML_comprofiler::loginForm('com_comprofiler', $_POST); return; } $loginType = isset($ueConfig['login_type']) ? (int) $ueConfig['login_type'] : 0; if ($loginType == 4) { $_CB_framework->enqueueMessage(CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!'), 'error'); return; } $spoofCheckOk = false; if (cbSpoofCheck('login', 'POST', 2)) { $spoofCheckOk = true; } if (!$spoofCheckOk) { $_CB_framework->enqueueMessage(CBTxt::Th('UE_SESSION_EXPIRED', 'Session expired or cookies are not enabled in your browser. Please press "reload page" in your browser, and enable cookies in your browser.') . ' ' . CBTxt::Th('UE_PLEASE_REFRESH', 'Please refresh/reload page before filling-in.'), 'error'); return; } $messagesToUser = array(); $alertmessages = array(); if (!$username || !$password || !$secretKey) { $username = trim(cbGetParam($_POST, 'username', '')); $password = trim(cbGetParam($_POST, 'passwd', '', _CB_ALLOWRAW)); $secretKey = trim(cbGetParam($_POST, 'secretkey', '')); if (checkJversion() >= 1) { $username = stripslashes($username); $password = stripslashes($password); $secretKey = stripslashes($secretKey); } } $rememberMe = cbGetParam($_POST, 'remember'); $return = trim(stripslashes(cbGetParam($_POST, 'return', null))); if (cbStartOfStringMatch($return, 'B:')) { $return = base64_decode(substr($return, 2)); $arrToClean = array('B' => get_magic_quotes_gpc() ? addslashes($return) : $return); $return = cbGetParam($arrToClean, 'B', ''); } if (!(cbStartOfStringMatch($return, $_CB_framework->getCfg('live_site')) || cbStartOfStringMatch($return, 'index.php'))) { $return = ''; } $message = trim(cbGetParam($_POST, 'message', 0)); // Do the login including all authentications and event firing: cbimport('cb.authentication'); $cbAuthenticate = new CBAuthentication(); $resultError = $cbAuthenticate->login($username, $password, $rememberMe, $message, $return, $messagesToUser, $alertmessages, $loginType, $secretKey); if (count($messagesToUser) > 0) { $_PLUGINS->trigger('onAfterUserLoginFailed', array($username, $password, $rememberMe, $secretKey, &$return, &$alertmessages, &$messagesToUser, &$resultError)); if (in_array(cbGetParam($_POST, 'loginfrom'), array('loginform', 'regform', 'loginmodule'))) { HTML_comprofiler::loginForm('com_comprofiler', $_POST, $resultError, $messagesToUser, $alertmessages); } else { $_CB_framework->enqueueMessage($resultError, 'error'); if (is_array($messagesToUser) && $messagesToUser) { $return = '<div class="cb_template cb_template_' . selectTemplate('dir') . '">' . '<div>' . implode('</div><div>', $messagesToUser) . '</div>' . '</div>'; echo $return; } } } elseif ($resultError) { $_PLUGINS->trigger('onAfterUserLoginFailed', array($username, $password, $rememberMe, $secretKey, &$return, &$alertmessages, &$messagesToUser, &$resultError)); if (in_array(cbGetParam($_POST, 'loginfrom'), array('loginform', 'regform', 'loginmodule'))) { HTML_comprofiler::loginForm('com_comprofiler', $_POST, $resultError, $messagesToUser, $alertmessages); } else { $_CB_framework->enqueueMessage($resultError, 'error'); } } else { $_PLUGINS->trigger('onAfterUserLoginSuccess', array($username, $password, $rememberMe, $secretKey, &$return, &$alertmessages, &$messagesToUser, &$resultError)); cbRedirect(cbSef($return, false), count($alertmessages) > 0 ? stripslashes(implode('\\n', $alertmessages)) : ''); } }