/**
* Requests that the web service method requires that the user must be authenticated wth the server.
* @author Bobby Allen (ballen@bobbyallen.me)
*/
public function RequireUserAuth()
{
$ws_auth = new ctrl_auth();
$user = $ws_auth->Authenticate($this->wsdataarray['authuser'], $this->wsdataarray['authpass']);
if ($user) {
$this->authuserid = $user;
return true;
} else {
$dataobject = new runtime_dataobject();
$dataobject->addItemValue('response', '1105');
$dataobject->addItemValue('content', 'User authentication failed');
die($this->SendResponse($dataobject->getDataObject()));
}
}
$sql = $zdbh->prepare("SELECT ac_passsalt_vc FROM x_accounts WHERE ac_user_vc = :username AND ac_deleted_ts IS NULL");
$sql->bindParam(':username', $_POST['inUsername']);
$sql->execute();
$result = $sql->fetch();
$crypto = new runtime_hash();
$crypto->SetPassword($_POST['inPassword']);
$crypto->SetSalt($result['ac_passsalt_vc']);
$secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
if (!ctrl_auth::Authenticate($_POST['inUsername'], $secure_password, $rememberdetails, false, $inSessionSecuirty)) {
header("location: ./?invalidlogin");
exit;
}
}
if (isset($_COOKIE['zUser'])) {
if (isset($_COOKIE['zSec'])) {
if ($_COOKIE['zSec'] == false) {
$secure = false;
} else {
$secure = true;
}
} else {
$secure = true;
}
ctrl_auth::Authenticate($_COOKIE['zUser'], $_COOKIE['zPass'], false, true, $secure);
}
if (!isset($_SESSION['zpuid'])) {
ctrl_auth::RequireUser();
}
runtime_hook::Execute('OnBeforeControllerInit');
$controller->Init();
ui_templateparser::Generate("etc/styles/" . ui_template::GetUserTemplate());
