function checkLogin() { if (isset($_POST['email_address']) && isset($_POST['password'])) { $login_details = AdminHelper::doLogin($_POST['email_address'], $_POST['password']); if ($login_details !== false) { return true; } else { return false; } } else { return false; } }
* USER LOGIN * * check for logged-in status and try to handle any login attempt BEFORE we deal with rendering the * page so we show the proper status, etc. * ***************************************************************************************************/ $logged_in = $admin_primary_cash_request->sessionGet('cash_actual_user'); if (!$logged_in) { // check for signup $cash_admin->page_data['allow_signups'] = defined('ALLOW_SIGNUPS') ? ALLOW_SIGNUPS : true; // delete/clear sessions $admin_primary_cash_request->sessionClearAll(); $cash_admin->page_data['loginstatus'] = ' login'; $cash_admin->page_data['login_message'] = 'OK'; if (isset($_POST['login'])) { $login_details = AdminHelper::doLogin($_POST['address'], $_POST['password'], true, false); if ($login_details !== false) { $admin_primary_cash_request->startSession(); $admin_primary_cash_request->sessionSet('cash_actual_user', $login_details); $admin_primary_cash_request->sessionSet('cash_effective_user', $login_details); $cash_admin->effective_user_id = $login_details; $address = $_POST['address']; $admin_primary_cash_request->sessionSet('cash_effective_user_email', $address); $cash_admin->page_data['initiallogin'] = true; $logged_in = $login_details; // handle initial login chores $cash_admin->runAtLogin(); } else { $admin_primary_cash_request->sessionClearAll(); $cash_admin->page_data['login_message'] = 'Try Again.'; $cash_admin->page_data['login_error'] = true;
$include_filename = 'mainpage.php'; } $run_login_scripts = false; // make an object to use throughout the pages $cash_admin = new AdminCore($admin_primary_cash_request->sessionGet('cash_effective_user')); $cash_admin->page_data['www_path'] = ADMIN_WWW_BASE_PATH; // if a login needs doing, do it $cash_admin->page_data['login_message'] = 'Log In'; if (isset($_POST['login'])) { $browseridassertion = false; if (isset($_POST['browseridassertion'])) { if ($_POST['browseridassertion'] != -1) { $browseridassertion = $_POST['browseridassertion']; } } $login_details = AdminHelper::doLogin($_POST['address'], $_POST['password'], true, $browseridassertion); if ($login_details !== false) { $admin_primary_cash_request->sessionSet('cash_actual_user', $login_details); $admin_primary_cash_request->sessionSet('cash_effective_user', $login_details); if ($browseridassertion) { $address = CASHSystem::getBrowserIdStatus($browseridassertion); } else { $address = $_POST['address']; } $admin_primary_cash_request->sessionSet('cash_effective_user_email', $address); $run_login_scripts = true; if ($include_filename == 'logout.php') { header('Location: ' . ADMIN_WWW_BASE_PATH); exit; } } else {