/**
* Log into Bronto using an array of login parameters.
* @param $params An array containing the login information.
* @return An array containing the SOAP binding, Bronto sessionID, and other information on successful login,
* false if login is unsuccesfful, and null if no connection to the Bronto API server can be established.
*/
function bronto_login($params)
{
$destination_url = BRONTO_API_URL . "/?q=mail_3";
$bronto_wsdl = $destination_url . "&wsdl";
try {
$binding = new SoapClient($bronto_wsdl, array('trace' => true));
if ($binding) {
$binding->__setLocation($destination_url);
$result = $binding->login($params);
if ($result->return->success) {
$session_id = $result->return->sessionId;
$service_url = $result->return->serviceURL;
$session_header = new SoapHeader(BRONTO_API_URL, 'sessionHeader', array('sessionId' => $session_id));
$binding->__setSoapHeaders($session_header);
//$binding->__setLocation($service_url);
$accounts = get_all_accounts($binding);
sort_accounts_by_name($accounts);
// This is a crude method for determining whether or not the current user is an Agency account user.
if (count($accounts) > 1) {
$is_agency_account = true;
$account_id = null;
} else {
$is_agency_account = false;
$account_id = $accounts[0]->id;
}
$res = array("binding" => $binding, "sessionID" => $session_id, "serviceURL" => $service_url, "accountID" => $account_id, "isAgency" => $is_agency_account);
if ($is_agency_account) {
$res["accounts"] = $accounts;
}
return $res;
} else {
return false;
}
} else {
return null;
}
} catch (SoapFault $ex) {
if (isset($binding) && $binding) {
print_exception($binding, $ex);
}
return null;
}
}
print_request_login_form($fm_username, $fm_password, $fm_sitename);
} else {
$login_info = bronto_user_login($fm_username, $fm_password, $fm_sitename, $fm_siteid);
process_login($login_info, $fm_username, $fm_password, $fm_sitename);
}
} else {
if ($fm_stage == "suauth") {
if (empty($fm_sessionid) || empty($fm_username) || empty($fm_sitename)) {
display_errorbox("Must have a valid user session.");
print_request_login_form($fm_username, $fm_password, $fm_sitename);
} else {
if (empty($fm_password) || empty($fm_siteid)) {
display_errorbox("Must select the target sub-account.");
$bapi = connect_bronto_session($fm_sessionid);
$accounts = get_all_accounts($bapi);
sort_accounts_by_name($accounts);
print_agency_login_form($fm_username, $fm_password, $fm_sitename, $fm_siteid, $fm_sessionid, $accounts);
} else {
$login_info = bronto_user_login($fm_username, $fm_password, $fm_sitename, $fm_siteid);
process_login($login_info, $fm_username, $fm_password, $fm_sitename);
}
}
} else {
if ($fm_stage == "userinfo") {
$dbh = open_db();
// we could obtain the username from the userinfo form itself, but this could allow a malicious user to
// change the user information for a user other than him/herself; a DB lookup is used instead
$username = db_get_session_user($dbh, $fm_sessionid);
if ($username) {
$got_error = false;
$userinfo = array('firstname' => $fm_firstname, 'lastname' => $fm_lastname, 'email' => $fm_email, 'phone' => $fm_phone);
