/** * Login validation function * * Username and encoded password is compare to db entries in the jos_users * table. A successful validation updates the current session record with * the users details. */ function login($username = null, $passwd = null, $remember = 0, $userid = NULL) { global $acl, $_VERSION; $bypost = 0; $valid_remember = false; // if no username and password passed from function, then function is being called from login module/component if (!$username || !$passwd) { $username = stripslashes(strval(mosGetParam($_POST, 'username', ''))); $passwd = stripslashes(strval(mosGetParam($_POST, 'passwd', ''))); $bypost = 1; // extra check to ensure that Joomla! sessioncookie exists if (!$this->_session->session_id) { mosErrorAlert(_ALERT_ENABLED); return; } josSpoofCheck(NULL, 1); } $row = null; if (!$username || !$passwd) { mosErrorAlert(_LOGIN_INCOMPLETE); exit; } else { if ($remember && strlen($username) == 32 && $userid) { // query used for remember me cookie $harden = mosHash(@$_SERVER['HTTP_USER_AGENT']); $query = "SELECT id, name, username, password, usertype, block, gid" . "\n FROM #__users" . "\n WHERE id = " . (int) $userid; $this->_db->setQuery($query); $this->_db->loadObject($user); list($hash, $salt) = explode(':', $user->password); $check_username = md5($user->username . $harden); $check_password = md5($hash . $harden); if ($check_username == $username && $check_password == $passwd) { $row = $user; $valid_remember = true; } } else { // query used for login via login module $query = "SELECT id, name, username, password, usertype, block, gid" . "\n FROM #__users" . "\n WHERE username = "******"DELETE FROM #__session" . "\n WHERE session_id != " . $this->_db->Quote($session->session_id) . "\n AND username = "******"\n AND userid = " . (int) $row->id . "\n AND gid = " . (int) $row->gid . "\n AND guest = 0"; $this->_db->setQuery($query); $this->_db->query(); } // update user visit data $currentDate = date("Y-m-d\\TH:i:s"); $query = "UPDATE #__users" . "\n SET lastvisitDate = " . $this->_db->Quote($currentDate) . "\n WHERE id = " . (int) $session->userid; $this->_db->setQuery($query); if (!$this->_db->query()) { die($this->_db->stderr(true)); } // set remember me cookie if selected $remember = strval(mosGetParam($_POST, 'remember', '')); if ($remember == 'yes') { // cookie lifetime of 365 days $lifetime = time() + 365 * 24 * 60 * 60; $remCookieName = mosMainFrame::remCookieName_User(); $remCookieValue = mosMainFrame::remCookieValue_User($row->username) . mosMainFrame::remCookieValue_Pass($hash) . $row->id; setcookie($remCookieName, $remCookieValue, $lifetime, '/'); } mosCache::cleanCache(); } else { if ($bypost) { mosErrorAlert(_LOGIN_INCORRECT); } else { $this->logout(); mosRedirect('index.php'); } exit; } } }
* @subpackage themes * @copyright Copyright (C) 2007-2009 soeren - All rights reserved. * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php * VirtueMart is free software. This version may have been modified pursuant * to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details. * * http://virtuemart.net */ mm_showMyFileName( __FILE__ ); if ( $set == 0 ) { // This is the enquiry form! $validate = vmIsJoomla( '1.5' ) ? JUtility::getHash( $mainframe->getCfg( 'db' ) ) : mosHash( $mainframe->getCfg( 'db' ) ); ?> <br /> <a class="button" href="<?php echo $product_link ?>"><?php echo $VM_LANG->_('VM_RETURN_TO_PRODUCT') ?></a> <br /><br /> <form action="<?php echo $mm_action_url ?>index.php" method="post" name="emailForm" id="emailForm"> <label for="contact_name"><?php echo $VM_LANG->_('NAME_PROMPT') ?></label> <br /><input type="text" name="name" id="contact_name" size="80" class="inputbox" value="<?php echo $name ?>"><br /><br /> <label for="contact_mail"><?php echo $VM_LANG->_('EMAIL_PROMPT') ?></label> <br /><input type="text" id="contact_mail" name="email" size="80" label="Your email" class="inputbox" value="<?php echo $email ?>"><br /><br /> <label for="contact_text"><?php echo $VM_LANG->_('MESSAGE_PROMPT') ?></label><br /> <textarea rows="10" cols="60" name="text" id="contact_text" class="inputbox"><?php echo utf8_decode($subject) ?></textarea><br /> <input type="button" name="send" value="<?php echo $VM_LANG->_('SEND_BUTTON') ?>" class="button" onclick="validateEnquiryForm()" />