<?php
defined('ALT_PATH') or exit('No direct script access allowed');
// get from previous token
$token = System_Auth::get_token($_REQUEST['token']);
// validate token and get userdata
$userdata = System_Auth::get_user_data($token, true);
// get from session
$dbo = new System_Session();
$res = $dbo->get(array('where' => 'userid = ' . $dbo->quote($userdata['userid']) . ' and token like ' . $dbo->quote($token)), true);
// token already logout
if (count($res) != 1) {
throw new Alt_Exception('Token already logged out!');
}
// try to force logout
try {
include 'logout.php';
} catch (Exception $e) {
}
// generate new token
$token = System_Auth::generate_token($userdata);
System_Auth::save_token($token);
// save to session
$session = new System_Session();
$session->insert(array('userid' => $userdata['userid'], 'token' => $token));
return $token;
<?php
defined('ALT_PATH') or exit('No direct script access allowed');
// get username and password
$username = $_REQUEST['username'] ? $_REQUEST['username'] : '';
$password = $_REQUEST['password'] ? $_REQUEST['password'] : '';
// user already login and token is still valid, return previous token
if (System_Auth::islogin()) {
$userdata = System_Auth::get_user_data();
// check if login using previous username, return token
if ($userdata['username'] == $username) {
return System_Auth::get_token();
}
// logout
$dbo = new System_Session();
$res = $dbo->delete(array('where' => 'userid = ' . $dbo->quote($userdata['userid']) . ' and token like ' . $dbo->quote(System_Auth::get_token())));
System_Auth::clear_token();
}
// user not logged in but token is exist, try to force logout
if (!System_Auth::islogin() && System_Auth::get_token() != '') {
try {
include 'logout.php';
} catch (Exception $e) {
}
}
// validate username and password
Alt_Validation::instance()->rule(Alt_Validation::not_empty($username), 'Username harus diisi!')->rule(Alt_Validation::not_empty($password), 'Password harus diisi!')->check();
// check is exist within database
$user = new System_User();
$res = $user->get(array('where' => 'username = ' . $user->quote($username)));
// user not found
/**
* delete the data
* @return int num of deleted data
*/
public function delete($data, $returnsql = false)
{
if (isset($data[$this->pkey])) {
$data['where'] = $this->pkey . " = " . $this->quote($data[$this->pkey]);
unset($data[$this->pkey]);
} else {
if ($this->get_where($data) == ' where ' && !isset($data['where'])) {
return -1;
}
}
// add modified time and modified user if exist
$fields = $this->get_fields(false);
if ($fields['isdeleted'] !== null) {
if ($fields['deletedtime'] !== null) {
$data['deletedtime'] = $data['deletedtime'] != '' ? $data['deletedtime'] : time();
}
if ($fields['modifieduser'] !== null) {
$userdata = System_Auth::get_user_data();
$data['deleteduser'] = $data['deleteduser'] != '' ? $data['deleteduser'] : $userdata['username'];
}
if ($fields['isdeleted'] !== null) {
$data['isdeleted'] = 1;
}
return $this->update($data, $returnsql);
}
// return sql
$sql = "delete from " . $this->table_name . $this->get_where($data);
if ($returnsql) {
return $sql;
}
// execute
$res = $this->query($sql);
return $res;
}
