function Login($username, $password) { $login = new Login(); $login->SetUsername($username); $login->SetPassword($password); $result = $login->DoLogin(); return new soapval("return", "xsd:boolean", $result); }
<?php // Page Logic // Make sure that the session variables are set if (!Value::SetAndNotNull($_SESSION, LOGIN_USERID)) { Login::SetId(-1); } if (!Value::SetAndNotNull($_SESSION, LOGIN_USERNAME)) { Login::SetUsername(EMPTYSTRING); } if (!Value::SetAndNotNull($_SESSION, LOGIN_PRIVILEGE)) { Login::SetPrivilege(0); } if (!Value::SetAndNotNull($_SESSION, LOGIN_ATTEMPTS)) { Login::SetAttempts(0); } if (!Value::SetAndNotNull($GLOBALS, LOGIN_ERROR)) { Login::SetError(EMPTYSTRING); } // Handle the login if (!Login::IsLoggedIn() && Site::CheckSecurityToken()) { if (Login::TryToLogin()) { Site::BackToHome(); } } // Page Output include_once 'Pages/OnAllPages.php'; $RTK->AddJavascript('/jquery-2.1.4.min.js'); $RTK->AddJavascript('/login.js'); if (Login::GetError() != EMPTYSTRING) { $RTK->AddElement(new RTK_Textview(Login::GetError()));
/** * Tries to login, given that all the requirements are met. **/ public static function TryToLogin() { $result = false; // Check if the site is connected to via https, and if there is input from the login form if (Site::HasHttps() && Login::HasLoginInput()) { $username = hash('sha512', $_POST['loginname']); $password = $_POST['loginpass']; $salt1 = STATIC_SALT; // Static salt $salt2 = Login::FetchUserSalt($username); // Dynamic salt if ($salt2 != EMPTYSTRING) { $password = hash('sha512', $salt1 . $password . $salt2 . $username); if ($password != EMPTYSTRING) { $id = Login::FetchUserId($username, $password); if ($id > 0) { Login::SetId($id); Login::SetUsername(Login::FetchUsername($id)); Login::SetAttempts(0); $result = true; } } } Login::LogAttempt($username, $result); } return $result; }