public function block_login($block) { $objTPL = Core_Classes_coreObj::getTPL(); $objForm = Core_Classes_coreObj::getForm(); $objSession = Core_Classes_coreObj::getSession(); $objPage = Core_Classes_coreObj::getPage(); if (Core_Classes_User::$IS_ONLINE) { $objPage->redirect('/' . root()); } $objTPL->set_filenames(array('block_login' => cmsROOT . 'modules/core/views/module/login_form/block.tpl')); $form = array('FORM_START' => $objForm->start('login', array('method' => 'POST', 'action' => '/' . root() . 'login?')), 'FORM_END' => $objForm->finish(), 'HIDDEN' => $objForm->inputbox('hash', 'hidden', $objSession->getFormToken(true)), 'L_USERNAME' => langVar('L_USERNAME'), 'F_USERNAME' => $objForm->inputbox('username', 'text', '', array('class' => 'icon username', 'required' => true)), 'L_PASSWORD' => langVar('L_PASSWORD'), 'F_PASSWORD' => $objForm->inputbox('password', 'password', '', array('class' => 'icon password', 'required' => true)), 'L_REMME' => langVar('L_REMME'), 'F_REMME' => $objForm->select('remember', array('0' => 'No Thanks', '1' => 'Forever'), array('selected' => 0)), 'SUBMIT' => $objForm->button('submit', 'Login', array('class' => 'btn btn-success'))); $objTPL->reset_block_vars('login'); $objTPL->assign_block_vars('login', $form); $objTPL->assign_vars(array('TITLE' => $block['title'])); if (isset($_SESSION['login']['errors']) && count($_SESSION['login']['errors'])) { foreach ($_SESSION['login']['errors'] as $error) { $objTPL->assign_block_vars('login.errors', array('ERROR' => $error)); } unset($_SESSION['login']); } return $objTPL->get_html('block_login'); }
// AUTOLOADER, I Choose You! // directories to use for the autoloading, these get glob'd over after // $dirs = Core_Classes_coreObj::addClassDirs(array( // 'classes' => cmsROOT.'core/classes/*.php', // 'libs' => cmsROOT.'core/libs/*/class.*.php', // 'drivers' => cmsROOT.'core/drivers/driver.*.php', // 'admin_panels' => cmsROOT.'modules/*/admin.*.php', // 'modules' => cmsROOT.'modules/*/class.*.php', // 'module_overrides' => cmsROOT.'themes/*/override/*/*.php', // )); spl_autoload_extensions('.php'); spl_autoload_register(array('Core_Classes_coreObj', 'loadClass')); // echo dump($dirs, 'Loading Classes From', 'orange');exit; $objCore = new Core_Classes_coreObj(); $objCore->addConfig($config); // Instance plugins so we can add hooks as early as possible. $objPlugin = Core_Classes_coreObj::getPlugins(); $objPlugin->hook('CMS_PRE_SETUP_COMPLETE'); $objCache = Core_Classes_coreObj::getCache(); $confCache = $objCache->load('config'); $objCore->addConfig($confCache); $objSession = Core_Classes_coreObj::getSession(); $objSession->trackerInit(); $objDebug = Core_Classes_coreObj::getDebug(); $objRoute = Core_Classes_coreObj::getRoute(); $objRoute->modifyGET(); if (is_object($objDebug)) { set_error_handler(array($objDebug, 'errorHandler')); } cmsDEBUG ? memoryUsage('Core: Loaded..') : ''; $objPlugin->hook('CMS_SETUP_COMPLETE');
/** * Tests the remember me cookie for valid details * * @version 1.0 * @since 1.0 * @author Daniel Noel-Davies * * @todo Test this func, new port from old sys :P */ public function rememberMe() { // site setting needs to be enabled for one if ($this->config('login', 'remember_me', 'false')) { return false; } // make sure we have the cookie to begin with if (is_empty(doArgs('login', null, $_COOKIE))) { return false; } // should be non-empty $cookie = unserialize($_COOKIE['login']); if (is_empty($cookie)) { return false; } // check for the expected keys in the array $values = array('uData', 'uIP', 'uAgent'); foreach ($values as $v) { if (!isset($cookie[$v]) && !is_empty($cookie[$v])) { return false; } } // uData should be 5 chars in length if (strlen($cookie['uData']) != 5) { return false; } // IP lock active, does the IP match what we have on file? if ($this->config('login', 'ip_lock', false) && $cookie['uIP'] !== Core_Classes_User::getIP()) { return false; } // make sure the useragent matches too if ($cookie['uAgent'] != md5($_SERVER['HTTP_USER_AGENT'] . $this->config('db', 'ckeauth'))) { return false; } // query for the userkey $objSQL = Core_Classes_coreObj::getDBO(); $query = $objSQL->queryBuilder()->select('uData')->from('#__userkeys')->where(sprintf('uData LIKE "%s"', '%' . secureMe($cookie['uData'], 'sql') . '%'))->andWhere('uAgent', '=', $objSQL->quote(secureMe($cookie['uAgent'], 'sql'))); if ($this->config('login', 'ip_lock', false)) { $query = $query->andWhere('uIP', '=', $objSQL->quote(secureMe($cookie['uIP'], 'sql'))); } $query = $query->limit(1); // check to see if we have anything $query = $objSQL->fetchRow($query->build()); if ($query === fales) { return false; } // untangle the ID & check for it $query['uData'] = explode(':', $query['uData']); if (!isset($query['uData'][1]) || is_empty($query['uData'][1])) { return false; } // grab the user data if we can $this->userData = $objUser->get('*', $query['uData'][1]); if (!is_array($this->userData) || is_empty($query['uData'][1])) { return false; } // now run some checks make sure they are able to login etc if (!doArgs('autologin', false, $this->userData)) { return false; } if (!$this->activeCheck()) { return false; } if (!$this->banCheck()) { return false; } if (!$this->whitelistCheck()) { return false; } // everything seems fine, gogogo! $objSessions = Core_Classes_coreObj::getSession(); $objSessions->setSessions($this->userData['uid'], true); $objSessions->newSession(); return true; }