} catch (Exception $ex) { } // Confirm that we were able to add the row successfully. $kmlis = $__loginAppuserpersistentloginDAO->findByKeep_me_logged_in_uniqid($kmli->keep_me_logged_in_uniqid); if (count($kmlis) == 1 && $kmlis[0]->user_id == $loggedInUser->id) { // Success. Set the cookie and stop trying new unique Ids. setcookie('kmliuid', $kmli->keep_me_logged_in_uniqid, time() + $KEEP_ME_LOGGED_IN_TIME, '/'); return true; } } return false; } $__loginErrorMsg = ''; $__loginDB = ConnectionFactory::getConnection(); $__loginAppuserDAO = new AppuserDAO($__loginDB); $__loginAppuserpersistentloginDAO = new AppuserpersistentloginDAO($__loginDB); $loggedInUser = null; // Try logging in with username and password from a login form POST. if ($loggedInUser === null && $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['loginUserName']) && isset($_POST['loginPassword'])) { $__loginUsers = $__loginAppuserDAO->findByUser_name(trim($_POST['loginUserName'])); if (empty($__loginUsers)) { $__loginUsers = $__loginAppuserDAO->findByEmail_addr(trim($_POST['loginUserName'])); } if (count($__loginUsers) == 1 && $__loginUsers[0] && $__loginUsers[0]->is_active) { if ($__loginUsers[0]->login_failures >= $MAX_LOGIN_FAILURES && strtotime($__loginUsers[0]->last_login_failure) >= time() - $LOGIN_FAILURE_LOCKOUT_TIME) { __accountLocked(); } $loggedInUser = $__loginUsers[0]; $saltidx = strrpos($loggedInUser->password_hash, '{'); $saltendidx = $saltidx !== false ? strpos($loggedInUser->password_hash, '}', $saltidx) : false; if ($saltidx !== false && $saltendidx !== false && $saltendidx > $saltidx) {
<?php // Copyright (c) 2010-2014 Ronald B. Cemer // All rights reserved. // This software is released under the BSD license. // Please see the accompanying LICENSE.txt for details. include './jax/include/autoload.include.php'; if (!defined('APP_ROOT_DIR') || !defined('APP_ROOT_URL') || !defined('APP_ROOT_URI')) { include dirname(__FILE__) . '/jax/include/appRoot.include.php'; } // If we have a "keep me logged in" cookie, remove that cookie's // unique Id from the user, and then unset the cookie. // This will disable "keep me logged in" before we log out. if (isset($_COOKIE['kmliuid']) && trim($_COOKIE['kmliuid']) != '') { $db = ConnectionFactory::getConnection(); $persistentloginDAO = new AppuserpersistentloginDAO($db); $kmlis = $persistentloginDAO->findByKeep_me_logged_in_uniqid(trim($_COOKIE['kmliuid'])); foreach ($kmlis as $kmli) { try { $persistentloginDAO->delete($kmli->id); } catch (Exception $ex) { } } $db->close(); setcookie('kmliuid', '', 0, '/'); } // Wipe out the session cookie. @session_start(); $_SESSION = array(); if (ini_get("session.use_cookies")) { $params = session_get_cookie_params();