예제 #1
0
function webauthenticate()
{
    global $u_cookieid, $phpenv, $setctl, $cfg, $u_id;
    $status = 0;
    if (!$cfg['disablelogin']) {
        if (frm_isset('l_username') && frm_isset('l_password')) {
            $user = frm_get('l_username');
            $pass = frm_get('l_password');
            if (strlen($user) > 0 && strlen($pass) > 0) {
                $kpu = new kpuser();
                if ($kpu->loadbyuserpass($user, $pass)) {
                    $u_id = $kpu->getid();
                    $kpdb = new kpdbconnection();
                    $kpdb->preparestmt('INSERT INTO ' . TBL_SESSION . ' SET u_id = ?, login = ?, refreshed = ?, ip = ?', $kpu->getid(), time(), time(), ip2long($phpenv['remote']));
                    if ($kpdb->query()) {
                        $u_cookieid = $kpdb->getautoid();
                        if ($kpu->get('u_access') != 2) {
                            if ($cfg['numberlogins'] > 0) {
                                $kpdb->preparestmt('SELECT sessionid FROM ' . TBL_SESSION . ' WHERE u_id = ? AND logout = 0 ORDER BY sessionid DESC', $kpu->getid());
                                if ($kpdb->query()) {
                                    $cnt = 0;
                                    while ($row = $kpdb->nextrow()) {
                                        if ($cnt >= $cfg['numberlogins']) {
                                            db_execquery('UPDATE ' . TBL_SESSION . ' SET logout = ' . time() . ' WHERE sessionid = ' . $row['sessionid']);
                                        }
                                        $cnt++;
                                    }
                                }
                            }
                        }
                        if ($setctl->get('timeout') > 0 && frm_get('l_rememberme', 2)) {
                            $expiration = time() + $setctl->get('timeout');
                        } else {
                            $expiration = 0;
                        }
                        switch ($cfg['authtype']) {
                            case 2:
                                if (strlen(session_id()) > 0) {
                                    $_SESSION[$cfg['cookie']] = $u_id . '-' . $u_cookieid;
                                    $status = 1;
                                } else {
                                    $status = 2;
                                }
                                break;
                            default:
                                if (setcookie($cfg['cookie'], $u_id . '-' . $u_cookieid, $expiration)) {
                                    $status = 1;
                                } else {
                                    $status = 2;
                                }
                                break;
                        }
                    } else {
                        $status = 2;
                    }
                }
            }
        }
    } else {
        $status = 1;
    }
    return $status;
}
예제 #2
0
파일: index.php 프로젝트: Git-Host/AMPPS
function webauthenticate()
{
    global $_POST, $u_cookieid, $phpenv, $setctl, $cfg, $u_id;
    $status = 0;
    if (!$cfg['disablelogin']) {
        if (isset($_POST['user']) && isset($_POST['password'])) {
            $user = myescstr($_POST['user']);
            $pass = myescstr($_POST['password']);
            if (!empty($user) && !empty($pass)) {
                $kpu = new kpuser();
                if ($kpu->loadbyuserpass($user, $pass)) {
                    $u_id = $kpu->getid();
                    db_execquery('INSERT INTO ' . TBL_SESSION . ' SET u_id = ' . $kpu->getid() . ', login = '******', refreshed = ' . time() . ', ip = ' . ip2long($phpenv['remote']));
                    $u_cookieid = mysql_insert_id();
                    if ($kpu->get('u_access') != 2) {
                        if ($cfg['numberlogins'] > 0) {
                            $res = db_execquery('SELECT sessionid FROM ' . TBL_SESSION . ' WHERE u_id = ' . $kpu->getid() . ' AND logout = 0 ORDER BY sessionid DESC');
                            $cnt = 0;
                            while ($row = mysql_fetch_row($res)) {
                                if ($cnt >= $cfg['numberlogins']) {
                                    db_execquery('UPDATE ' . TBL_SESSION . ' SET logout = ' . time() . ' WHERE sessionid = ' . $row[0]);
                                }
                                $cnt++;
                            }
                        }
                    }
                    if ($setctl->get('timeout') > 0 && isset($_POST['rememberme'])) {
                        $expiration = time() + $setctl->get('timeout');
                    } else {
                        $expiration = 0;
                    }
                    switch ($cfg['authtype']) {
                        case 2:
                            if (strlen(session_id()) > 0) {
                                $_SESSION[$cfg['cookie']] = $u_id . '-' . $u_cookieid;
                                $status = 1;
                            } else {
                                $status = 2;
                            }
                            break;
                        default:
                            if (setcookie($cfg['cookie'], $u_id . '-' . $u_cookieid, $expiration)) {
                                $status = 1;
                            } else {
                                $status = 2;
                            }
                            break;
                    }
                }
            }
        }
    } else {
        $status = 1;
    }
    return $status;
}