/**
* authenticate
* @param $user
* @param $pass
*/
function login($user, $pass)
{
$ulogin = new uLogin('', '');
$ulogin->Authenticate($user, $pass);
return $ulogin->IsAuthSuccess();
}
// used to create the nonce, but otherwise it can be anything
// as long as they match.
if (isset($_POST['nonce']) && ulNonce::Verify('login', $_POST['nonce'])) {
// We store it in the session if the user wants to be remembered. This is because
// some auth backends redirect the user and we will need it after the user
// arrives back.
if (isset($_POST['autologin'])) {
$_SESSION['appRememberMeRequested'] = true;
} else {
unset($_SESSION['appRememberMeRequested']);
}
// This is the line where we actually try to authenticate against some kind
// of user database. Note that depending on the auth backend, this function might
// redirect the user to a different page, in which case it does not return.
$ulogin->Authenticate($_POST['user'], $_POST['pwd']);
if ($ulogin->IsAuthSuccess()) {
// Since we have specified callback functions to uLogin,
// we don't have to do anything here.
}
} else {
$msg = 'invalid nonce';
}
} else {
if ($action == 'autologin') {
// We were requested to use the remember-me function for logging in.
// Note, there is no username or password for autologin ('remember me')
$ulogin->Autologin();
if (!$ulogin->IsAuthSuccess()) {
$msg = 'autologin failure';
} else {
$msg = 'autologin ok';
