function autologin() { if (auth_is_user_authenticated()) { return; } $t_login_method = config_get('login_method'); if ($t_login_method != BASIC_AUTH) { trigger_error("Invalid login method. ({$t_login_method})", ERROR); } $t_user_id = user_get_id_by_name($_SERVER['REMOTE_USER']); if (!$t_user_id) { trigger_error('Invalid user.', ERROR); } user_increment_login_count($t_user_id); user_reset_failed_login_count_to_zero($t_user_id); user_reset_lost_password_in_progress_count_to_zero($t_user_id); auth_set_cookies($t_user_id, true); auth_set_tokens($t_user_id); }
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) { $client->setAccessToken($_SESSION['access_token']); } if ($client->getAccessToken()) { $userData = $objOAuthService->userinfo->get(); $data['userData'] = $userData; $_SESSION['access_token'] = $client->getAccessToken(); } $user_id = user_get_id_by_email($userData->email); # check for disabled account if (!user_is_enabled($user_id)) { echo "<p>Your email didn't to registration on this web site. Please register new account first. "; return false; } # max. failed login attempts achieved... if (!user_is_login_request_allowed($user_id)) { echo "<p>Your email didn't to registration on this web site. Please register new account first. "; return false; } # check for anonymous login if (user_is_anonymous($user_id)) { echo "<p>Your email didn't to registration on this web site. Please register new account first. "; return false; } user_increment_login_count($user_id); user_reset_failed_login_count_to_zero($user_id); user_reset_lost_password_in_progress_count_to_zero($user_id); # set the cookies auth_set_cookies($user_id, false); auth_set_tokens($user_id); print_header_redirect('../../../my_view_page.php');
/** * Generate the intermediate authentication page. * @param integer User ID * @param string Username * @return bool * @access public */ function auth_reauthenticate_page($p_user_id, $p_username) { $t_error = false; if (true == gpc_get_bool('_authenticate')) { $f_password = gpc_get_string('password', ''); if (auth_attempt_login($p_username, $f_password)) { auth_set_tokens($p_user_id); return true; } else { $t_error = true; } } html_page_top(); ?> <div align="center"> <p> <?php echo lang_get('reauthenticate_message'); if ($t_error != false) { echo '<br/><font color="red">', lang_get('login_error'), '</font>'; } ?> </p> <form name="reauth_form" method="post" action="<?php echo form_action_self(); ?> "> <?php # CSRF protection not required here - user needs to enter password # (confirmation step) before the form is accepted. print_hidden_inputs(gpc_strip_slashes($_POST)); print_hidden_inputs(gpc_strip_slashes($_GET)); ?> <input type="hidden" name="_authenticate" value="1" /> <table class="width50 center"> <tr> <td class="form-title" colspan="2"><?php echo lang_get('reauthenticate_title'); ?> </td> </tr> <tr class="row-1"> <th class="category"><?php echo lang_get('username'); ?> </th> <td><input type="text" disabled="disabled" size="32" maxlength="<?php echo USERLEN; ?> " value="<?php echo string_attribute($p_username); ?> " /></td> </tr> <tr class="row-2"> <th class="category"><?php echo lang_get('password'); ?> </th> <td><input type="password" name="password" size="16" maxlength="<?php echo PASSLEN; ?> " class="autofocus" /></td> </tr> <tr> <td class="center" colspan="2"><input type="submit" class="button" value="<?php echo lang_get('login_button'); ?> " /></td> </tr> </table> </form> </div> <?php html_page_bottom(); exit; }
/** * Generate the intermediate authentication page. * @param integer $p_user_id User ID. * @param string $p_username Username. * @return boolean * @access public */ function auth_reauthenticate_page($p_user_id, $p_username) { $t_error = false; if (true == gpc_get_bool('_authenticate')) { $f_password = gpc_get_string('password', ''); if (auth_attempt_login($p_username, $f_password)) { auth_set_tokens($p_user_id); return true; } else { $t_error = true; } } html_page_top(); ?> <div class="important-msg"> <?php echo lang_get('reauthenticate_message'); if ($t_error != false) { echo '<br /><span class="error-msg">', lang_get('login_error'), '</span>'; } ?> </div> <div id="reauth-div" class="form-container"> <form id="reauth-form" method="post" action=""> <fieldset> <legend><span><?php echo lang_get('reauthenticate_title'); ?> </span></legend> <?php # CSRF protection not required here - user needs to enter password # (confirmation step) before the form is accepted. print_hidden_inputs($_POST); print_hidden_inputs($_GET); ?> <input type="hidden" name="_authenticate" value="1" /> <div class="field-container"> <label for="username"><span><?php echo lang_get('username'); ?> </span></label> <span class="input"><input id="username" type="text" disabled="disabled" size="32" maxlength="<?php echo DB_FIELD_SIZE_USERNAME; ?> " value="<?php echo string_attribute($p_username); ?> " /></span> <span class="label-style"></span> </div> <div class="field-container"> <label for="password"><span><?php echo lang_get('password'); ?> </span></label> <span class="input"><input id="password" type="password" name="password" size="32" maxlength="<?php echo auth_get_password_max_size(); ?> " class="autofocus" /></span> <span class="label-style"></span> </div> <span class="submit-button"><input type="submit" class="button" value="<?php echo lang_get('login_button'); ?> " /></span> </fieldset> </form> </div> <?php html_page_bottom(); exit; }
/** * Generate the intermediate authentication page. * @param integer User ID * @param string Username */ function auth_reauthenticate_page($p_user_id, $p_username) { $t_error = false; if (true == gpc_get_bool('_authenticate')) { $f_password = gpc_get_string('password', ''); if (auth_attempt_login($p_username, $f_password)) { auth_set_tokens($p_user_id); return true; } else { $t_error = true; } } html_page_top1(); html_page_top2(); ?> <div align="center"> <p> <?php echo lang_get('reauthenticate_message'); if ($t_error != false) { echo '<br/><font color="red">', lang_get('login_error'), '</font>'; } ?> </p> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?> "> <?php print_hidden_inputs(gpc_strip_slashes($_POST)); print_hidden_inputs(gpc_strip_slashes($_GET)); ?> <input type="hidden" name="_authenticate" value="1" /> <table class="width50 center"> <tr> <td class="form-title"><?php echo lang_get('reauthenticate_title'); ?> </td> </tr> <tr class="row-1"> <td class="category"><?php echo lang_get('username'); ?> </td> <td><input type="text" disabled="disabled" size="32" maxlength="32" value="<?php echo $p_username; ?> " /></td> </tr> <tr class="row-2"> <td class="category"><?php echo lang_get('password'); ?> </td> <td><input type="password" name="password" size="16" maxlength="32" /></td> </tr> <tr> <td class="center" colspan="2"><input type="submit" class="button" value="<?php echo lang_get('login_button'); ?> " /></td> </tr> </table> </form> </div> <?php html_page_bottom1(); exit; }