/**
* User Login
*/
public function loginAction()
{
$username = $this->getRequest()->getParam('username');
$password = $this->getRequest()->getParam('password');
if (strlen(trim($username)) and strlen(trim($password))) {
$WeTransfer_Users = new WeTransfer_Users();
$loggedIn = $WeTransfer_Users->login($username, $password);
if ($loggedIn == 'LOGIN_OK') {
$_SESSION['user']['login_attempted'] = false;
$_SESSION['user']['login_error'] = false;
$returnTo = strlen(@$_GET['returnTo']) ? $returnTo : SITE_DEFAULT_LANDING_PAGE_AFTER_LOGIN;
header('Location: ' . BASEURL . '/' . $returnTo);
} else {
$_SESSION['user']['login_attempted'] = true;
$_SESSION['user']['login_error'] = true;
$this->_forward(null, 'accounts');
}
} else {
$_SESSION['user']['login_attempted'] = true;
$_SESSION['user']['login_error'] = true;
$this->_forward(null, 'accounts');
}
}
public function fetchAllFiles($limit = null, $offset = null, $orderBy = 'upload_date', $sortOrder = 'DESC')
{
if (is_null($limit)) {
$limit = 60;
}
if (is_null($offset)) {
$offset = 0;
}
$sql = "SELECT * FROM `" . DB_TABLE_PREFIX . "uploads` ";
$sql .= "ORDER BY `" . mysql_real_escape_string($orderBy) . "` " . mysql_real_escape_string($sortOrder) . " ";
$sql .= "LIMIT " . mysql_real_escape_string((int) $offset) . ", " . mysql_real_escape_string((int) $limit);
$res = mysql_query($sql) or die(mysql_error() . '<br>' . $sql);
if (mysql_num_rows($res) > 0) {
while ($row = mysql_fetch_assoc($res)) {
$WeTransfer_Users = new WeTransfer_Users();
$row['owner_name'] = $WeTransfer_Users->fetchUsernameById($row['owner_id']);
$data[] = $row;
}
return $data;
} else {
return array();
}
}
protected function _updateUserSession()
{
if (IS_MOBILE) {
exit('Mobile devices are not yet supported');
}
// we want to update the user session on every page hit
$WeTransfer_Users = new WeTransfer_Users();
$WeTransfer_Users->updateUserSession();
if (@$_SESSION['user']['logged_in']) {
if (empty($_SESSION['site']['permissions'])) {
$this->noPerms();
}
}
$siteStatus = @$_SESSION['user']['site_status'];
switch ($siteStatus) {
case 'banned':
$html = file_get_contents(VIEWS_DIR . '/error/static/error.phtml');
$html = str_replace('__SITE_NAME__', SITE_NAME, $html);
$html = str_replace('__ERROR_MESSAGE__', 'Your user account is banned', $html);
$html = str_replace('__THEME_PATH__', PROTOCOL_RELATIVE_URL . '/' . SITE_LOCAL_THEME_URL_ROOT . '/' . SITE_DEFAULT_TEMPLATE, $html);
$html = str_replace('__JS_PATH__', PROTOCOL_RELATIVE_URL . '/js', $html);
exit($html);
break;
case 'pending':
$html = file_get_contents(VIEWS_DIR . '/error/static/error.phtml');
$html = str_replace('__SITE_NAME__', SITE_NAME, $html);
$html = str_replace('__ERROR_MESSAGE__', 'Please check your e-mail for information on how to activate your account', $html);
$html = str_replace('__THEME_PATH__', PROTOCOL_RELATIVE_URL . '/' . SITE_LOCAL_THEME_URL_ROOT . '/' . SITE_DEFAULT_TEMPLATE, $html);
$html = str_replace('__JS_PATH__', PROTOCOL_RELATIVE_URL . '/js', $html);
exit($html);
break;
}
}