/** * Immediately (no redirect required) logs the user in. * @param string $name * @param string $password * @param bool $set_cookie * @return bool */ public static function login($name, $password, $set_cookie = false) { foreach (PicoraEvent::getObserverList('PicoraUser.beforeLogin') as $callback) { if (call_user_func($callback, $name, $password, $set_cookie) === false) { return false; } } self::logout(); $user = PicoraActiveRecord::find('PicoraUser', array('where' => self::ALLOW_LOGIN_WITH_EMAIL ? self::NAME_KEY . ' = "' . PicoraActiveRecord::escape($name) . '" OR ' . self::EMAIL_KEY . ' = "' . PicoraActiveRecord::escape($name) . '" AND ' . self::PASSWORD_KEY . ' = "' . PicoraActiveRecord::escape($password) . '"' : array(self::NAME_KEY => $name, self::PASSWORD_KEY => $password))); if (!$user) { if (self::DELAY_ON_INVALID_LOGIN) { if (!isset($_SESSION[self::SESSION_KEY . '.invalid_logins'])) { $_SESSION[self::SESSION_KEY . '.invalid_logins'] = 1; } else { ++$_SESSION[self::SESSION_KEY . '.invalid_logins']; } sleep(max(0, min($_SESSION[self::SESSION_KEY . '.invalid_logins'], ini_get('max_execution_time') - 1))); } PicoraEvent::notify('PicoraUser.afterLogin', false); return false; } else { if (isset($user->last_login)) { $user->updateAttribute(self::LAST_LOGIN_KEY, date('Y-m-d H:i:s', time())); } if ($set_cookie) { $time = time() + self::COOKIE_LIFE; $bool = setcookie(self::COOKIE_KEY, self::bakeUserCookie($time, $user->id, $user->name), $time, '/', null, isset($_ENV['SERVER_PROTOCOL']) && (strpos($_ENV['SERVER_PROTOCOL'], 'https') || strpos($_ENV['SERVER_PROTOCOL'], 'HTTPS'))); } self::setLoggedInStateFromRecord($user); PicoraEvent::notify('PicoraUser.afterLogin', true); return true; } }
public static function findAllByLocal($local) { return PicoraActiveRecord::findAll('PicoraPing', array('where' => 'local = \'' . PicoraActiveRecord::escape($local) . '\' OR local = \'' . PicoraActiveRecord::escape($local) . '/\'')); }