<?php defined('ALT_PATH') or exit('No direct script access allowed'); // get username and password $username = $_REQUEST['username'] ? $_REQUEST['username'] : ''; $password = $_REQUEST['password'] ? $_REQUEST['password'] : ''; // user already login and token is still valid, return previous token if (System_Auth::islogin()) { $userdata = System_Auth::get_user_data(); // check if login using previous username, return token if ($userdata['username'] == $username) { return System_Auth::get_token(); } // logout $dbo = new System_Session(); $res = $dbo->delete(array('where' => 'userid = ' . $dbo->quote($userdata['userid']) . ' and token like ' . $dbo->quote(System_Auth::get_token()))); System_Auth::clear_token(); } // user not logged in but token is exist, try to force logout if (!System_Auth::islogin() && System_Auth::get_token() != '') { try { include 'logout.php'; } catch (Exception $e) { } } // validate username and password Alt_Validation::instance()->rule(Alt_Validation::not_empty($username), 'Username harus diisi!')->rule(Alt_Validation::not_empty($password), 'Password harus diisi!')->check(); // check is exist within database $user = new System_User(); $res = $user->get(array('where' => 'username = ' . $user->quote($username))); // user not found
<?php defined('ALT_PATH') or exit('No direct script access allowed'); // get from previous token $token = System_Auth::get_token($_REQUEST['token']); // validate token and get userdata $userdata = System_Auth::get_user_data($token, true); // get from session $dbo = new System_Session(); $res = $dbo->get(array('where' => 'userid = ' . $dbo->quote($userdata['userid']) . ' and token like ' . $dbo->quote($token)), true); // token already logout if (count($res) != 1) { throw new Alt_Exception('Token already logged out!'); } // try to force logout try { include 'logout.php'; } catch (Exception $e) { } // generate new token $token = System_Auth::generate_token($userdata); System_Auth::save_token($token); // save to session $session = new System_Session(); $session->insert(array('userid' => $userdata['userid'], 'token' => $token)); return $token;