/** * Login the user and delegate the setup if login is valid. * * @return array */ function login_user($dirty_user, $p_pass) { // Internal function due to it being insecure otherwise. if (!function_exists('_login_user')) { } $success = false; $login_error = 'That password/username combination was incorrect.'; // Just checks whether the username and password are correct. $data = authenticate($dirty_user, $p_pass); if (is_array($data)) { if ((bool) $data['authenticated'] && (bool) $data['operational']) { if ((bool) $data['confirmed']) { _login_user($data['uname'], $data['player_id'], $data['account_id']); // Block by ip list here, if necessary. // *** Set return values *** $success = true; $login_error = null; } else { // *** Account was not activated yet *** $success = false; $login_error = "You must confirm your account before logging in, check your email. <a href='/account_issues.php'>You can request another confirmation email here.</a>"; } } // The LOGIN FAILURE case occurs here, and is the default. } // *** Return array of return values *** return ['success' => $success, 'login_error' => $login_error]; }
$password = trim(@$_REQUEST['p']); $url_aastra_login = GS_PROV_SCHEME . '://' . GS_PROV_HOST . (GS_PROV_PORT ? ':' . GS_PROV_PORT : '') . GS_PROV_PATH . 'aastra/login.php'; if ($action === 'restart') { $xml = "<AastraIPPhoneExecute Beep=\"yes\">\n" . "\t<ExecuteItem URI=\"Command: FastReboot\"/>\n" . "</AastraIPPhoneExecute>\n"; aastra_transmit_str($xml); } if ($action === 'logout' && $type === 'user') { if (!_logout_user()) { aastra_textscreen('Error', __('Abmelden nicht erfolgreich!'), 0, true); } else { aastra_textscreen('Info', __('Benutzer erfolgreich abgemeldet.'), 3); } } if ($action === 'login' && $type === 'user') { if ($user && $password) { if (!_login_user($user, $password)) { aastra_textscreen('Error', __('Falsche Durchwahl oder PIN!'), 0, true); } else { aastra_textscreen('Info', __('Benutzer erfolgreich angemeldet.'), 3); } } else { if ($user) { $highlight = 3; } else { $highlight = 2; } $xml = '<AastraIPPhoneInputScreen type="string" destroyOnExit="yes" displayMode="condensed" defaultIndex="' . $highlight . '">' . "\n"; $xml .= '<Title>' . __('Login') . '</Title>' . "\n"; $xml .= '<URL>' . $url_aastra_login . '?a=' . $action . '</URL>' . "\n"; $xml .= '<Default></Default>' . "\n"; $xml .= '<InputField type="empty"></InputField>' . "\n";
/** * Login a user via a pre-authenticated oauth id. **/ function login_user_by_oauth($oauth_id, $oauth_provider) { $account_info = query_row('select players.player_id, players.uname, accounts.account_id from players left join account_players on players.player_id = account_players._player_id left join accounts on accounts.account_id = account_players._account_id where accounts.oauth_provider = :oauth_provider and accounts.oauth_id = :oauth_id and accounts.operational limit 1', array(':oauth_provider' => $oauth_provider, ':oauth_id' => $oauth_id)); $username = $account_info['uname']; $player_id = $account_info['player_id']; $account_id = $account_info['account_id']; $success = false; $login_error = 'Sorry, that ' . $oauth_provider . ' account is not yet connected to a ninjawars account.'; if ($username && $player_id && $account_id) { _login_user($username, $player_id, $account_id); $success = true; $login_error = null; } return array('success' => $success, 'login_error' => $login_error); }
session_start(); include_once $_SERVER['DOCUMENT_ROOT'] . "/app/etc/dbconfig.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/app/etc/PHPMailer_5.2.4/class.phpmailer.php"; if (isset($_POST['ssd'])) { $action = mysql_real_escape_string($_POST['ssd']); switch ($action) { case 'insert_user': if (isset($_POST['data'])) { parse_str($_POST['data'], $data); _insert_user($data); } break; case 'login_user': if (isset($_POST['data'])) { parse_str($_POST['data'], $data); _login_user($data); } break; case 'user_pwd_forget_recovery': if (isset($_POST['data'])) { parse_str($_POST['data'], $data); _user_pwd_forget_recovery($data); } break; case 'reset_user_pwd': if (isset($_POST['data'])) { parse_str($_POST['data'], $data); _reset_user_pwd($data); } break; case 'add_user_role':