/** * Log into Bronto using an array of login parameters. * @param $params An array containing the login information. * @return An array containing the SOAP binding, Bronto sessionID, and other information on successful login, * false if login is unsuccesfful, and null if no connection to the Bronto API server can be established. */ function bronto_login($params) { $destination_url = BRONTO_API_URL . "/?q=mail_3"; $bronto_wsdl = $destination_url . "&wsdl"; try { $binding = new SoapClient($bronto_wsdl, array('trace' => true)); if ($binding) { $binding->__setLocation($destination_url); $result = $binding->login($params); if ($result->return->success) { $session_id = $result->return->sessionId; $service_url = $result->return->serviceURL; $session_header = new SoapHeader(BRONTO_API_URL, 'sessionHeader', array('sessionId' => $session_id)); $binding->__setSoapHeaders($session_header); //$binding->__setLocation($service_url); $accounts = get_all_accounts($binding); sort_accounts_by_name($accounts); // This is a crude method for determining whether or not the current user is an Agency account user. if (count($accounts) > 1) { $is_agency_account = true; $account_id = null; } else { $is_agency_account = false; $account_id = $accounts[0]->id; } $res = array("binding" => $binding, "sessionID" => $session_id, "serviceURL" => $service_url, "accountID" => $account_id, "isAgency" => $is_agency_account); if ($is_agency_account) { $res["accounts"] = $accounts; } return $res; } else { return false; } } else { return null; } } catch (SoapFault $ex) { if (isset($binding) && $binding) { print_exception($binding, $ex); } return null; } }
print_request_login_form($fm_username, $fm_password, $fm_sitename); } else { $login_info = bronto_user_login($fm_username, $fm_password, $fm_sitename, $fm_siteid); process_login($login_info, $fm_username, $fm_password, $fm_sitename); } } else { if ($fm_stage == "suauth") { if (empty($fm_sessionid) || empty($fm_username) || empty($fm_sitename)) { display_errorbox("Must have a valid user session."); print_request_login_form($fm_username, $fm_password, $fm_sitename); } else { if (empty($fm_password) || empty($fm_siteid)) { display_errorbox("Must select the target sub-account."); $bapi = connect_bronto_session($fm_sessionid); $accounts = get_all_accounts($bapi); sort_accounts_by_name($accounts); print_agency_login_form($fm_username, $fm_password, $fm_sitename, $fm_siteid, $fm_sessionid, $accounts); } else { $login_info = bronto_user_login($fm_username, $fm_password, $fm_sitename, $fm_siteid); process_login($login_info, $fm_username, $fm_password, $fm_sitename); } } } else { if ($fm_stage == "userinfo") { $dbh = open_db(); // we could obtain the username from the userinfo form itself, but this could allow a malicious user to // change the user information for a user other than him/herself; a DB lookup is used instead $username = db_get_session_user($dbh, $fm_sessionid); if ($username) { $got_error = false; $userinfo = array('firstname' => $fm_firstname, 'lastname' => $fm_lastname, 'email' => $fm_email, 'phone' => $fm_phone);