<?php defined('ALT_PATH') or exit('No direct script access allowed'); // get from previous token $token = System_Auth::get_token($_REQUEST['token']); // validate token and get userdata $userdata = System_Auth::get_user_data($token, true); // get from session $dbo = new System_Session(); $res = $dbo->get(array('where' => 'userid = ' . $dbo->quote($userdata['userid']) . ' and token like ' . $dbo->quote($token)), true); // token already logout if (count($res) != 1) { throw new Alt_Exception('Token already logged out!'); } // try to force logout try { include 'logout.php'; } catch (Exception $e) { } // generate new token $token = System_Auth::generate_token($userdata); System_Auth::save_token($token); // save to session $session = new System_Session(); $session->insert(array('userid' => $userdata['userid'], 'token' => $token)); return $token;
<?php defined('ALT_PATH') or exit('No direct script access allowed'); // get username and password $username = $_REQUEST['username'] ? $_REQUEST['username'] : ''; $password = $_REQUEST['password'] ? $_REQUEST['password'] : ''; // user already login and token is still valid, return previous token if (System_Auth::islogin()) { $userdata = System_Auth::get_user_data(); // check if login using previous username, return token if ($userdata['username'] == $username) { return System_Auth::get_token(); } // logout $dbo = new System_Session(); $res = $dbo->delete(array('where' => 'userid = ' . $dbo->quote($userdata['userid']) . ' and token like ' . $dbo->quote(System_Auth::get_token()))); System_Auth::clear_token(); } // user not logged in but token is exist, try to force logout if (!System_Auth::islogin() && System_Auth::get_token() != '') { try { include 'logout.php'; } catch (Exception $e) { } } // validate username and password Alt_Validation::instance()->rule(Alt_Validation::not_empty($username), 'Username harus diisi!')->rule(Alt_Validation::not_empty($password), 'Password harus diisi!')->check(); // check is exist within database $user = new System_User(); $res = $user->get(array('where' => 'username = ' . $user->quote($username))); // user not found
/** * delete the data * @return int num of deleted data */ public function delete($data, $returnsql = false) { if (isset($data[$this->pkey])) { $data['where'] = $this->pkey . " = " . $this->quote($data[$this->pkey]); unset($data[$this->pkey]); } else { if ($this->get_where($data) == ' where ' && !isset($data['where'])) { return -1; } } // add modified time and modified user if exist $fields = $this->get_fields(false); if ($fields['isdeleted'] !== null) { if ($fields['deletedtime'] !== null) { $data['deletedtime'] = $data['deletedtime'] != '' ? $data['deletedtime'] : time(); } if ($fields['modifieduser'] !== null) { $userdata = System_Auth::get_user_data(); $data['deleteduser'] = $data['deleteduser'] != '' ? $data['deleteduser'] : $userdata['username']; } if ($fields['isdeleted'] !== null) { $data['isdeleted'] = 1; } return $this->update($data, $returnsql); } // return sql $sql = "delete from " . $this->table_name . $this->get_where($data); if ($returnsql) { return $sql; } // execute $res = $this->query($sql); return $res; }