/**
* LOGIN User
*
* @global resource $SUMO
* @author Alberto Basso <*****@*****.**>
*/
function sumo_user_login()
{
global $SUMO;
$_SESSION['security_string'] = $SUMO['connection']['security_string'];
$_SESSION['user']['password'] = '******';
$_SESSION['loggedin'] = true;
sumo_delete_old_sessions();
// Delete old sessions
sumo_delete_old_connections();
// Delete old connections
sumo_delete_connection();
// Delete user connection
// Create session
$query = "INSERT INTO " . SUMO_TABLE_SESSIONS . "\n\t\t (node, id_user, username, connected, expire, ip, hostname, country_name, url, client, session_id)\n\t\t VALUES (\n\t\t '" . $SUMO['server']['name'] . "',\n\t\t " . $SUMO['user']['id'] . ",\n\t\t '" . $SUMO['user']['user'] . "',\n\t\t " . $SUMO['server']['time'] . ",\n\t\t " . ($SUMO['config']['sessions']['timeout'] + $SUMO['server']['time']) . ",\n\t\t '" . $SUMO['client']['ip'] . "',\n\t\t '" . $SUMO['client']['name'] . "',\n\t\t '" . $SUMO['client']['country'] . " - " . $SUMO['client']['country_code'] . "',\n\t\t '" . $SUMO['page']['url'] . "',\n\t\t '" . $SUMO['client']['platform'] . " - " . $SUMO['client']['browser'] . "',\n\t\t '" . $SUMO['client']['session_id'] . "'\n\t\t )";
$SUMO['DB']->Execute($query);
// Update last login for current user
$query = "UPDATE " . SUMO_TABLE_USERS . "\n\t\t SET last_login="******"\n\t\t WHERE id=" . $SUMO['user']['id'];
$SUMO['DB']->Execute($query);
// Create cookie language (store for 90 days)
if (!$_COOKIE['language']) {
setcookie('language', $SUMO['user']['language'], $SUMO['server']['time'] + 7776000);
}
// Cookie to use iframe for login
$expire = $SUMO['server']['time'] + $SUMO['config']['sessions']['timeout'];
setcookie('loggedin', 1, $expire);
setcookie('user', $SUMO['user']['user'], $expire);
sumo_write_log('I00200X', array($SUMO['user']['user'], $SUMO['client']['ip'], $SUMO['client']['country'], sumo_get_accesspoint_name($SUMO['page']['name'], $SUMO['config']['server']['language']), $SUMO['page']['url']), '0,1', 3, 'access', FALSE);
}
// Update request and create connection
if ($update_req) {
$SUMO['connection'] = sumo_get_connection_info();
if (!$SUMO['connection']) {
sumo_create_connection();
} else {
// Count errors requests
if ($SUMO['connection']['requests'] < $SUMO['config']['security']['max_login_attempts']) {
sumo_update_security_string();
//...for refresh page
if ($_SESSION['user']['password'] && $_SESSION['user']['user']) {
sumo_update_request();
}
} else {
// ...too much attempts
sumo_delete_connection();
sumo_delete_session();
sumo_add_banned();
}
}
}
// Create SSO
if ($sumo_access == 'LOGIN' && SUMO_SESSIONS_REPLICA) {
sumo_create_session_id();
}
// Display Login or Message box
if ($sumo_access != 'CONTINUE' && $sumo_access != 'LOGIN') {
$SUMO['connection'] = sumo_get_connection_info();
// HTTP Basic Authentication
if (!empty($SUMO['page']['http_auth'])) {
$sumo_template = 'message';
