function checkUserLogin($uname, $upass, $set = true)
{
$uname = trim($uname);
$upass = trim($upass);
$_this =& Members::getInstance();
if (empty($uname) || empty($upass)) {
return -1;
}
$sql = "SELECT m.id,m.username,m.userpass,af.first_name,af.last_name,af.expired FROM {$this->table_prefix}adminfields af LEFT JOIN {$this->table_prefix}members m ON af.member_id=m.id WHERE m.username='******'";
$tmpUser = $this->dbstuff->GetRow($sql);
if (!$_this->checkUserExist($uname)) {
$this->error = L("member_not_exists");
return -2;
} elseif ($tmpUser['expired'] != 0 && $tmpUser['expired'] < $this->timestamp) {
$this->error = L("account_expired");
return;
} elseif (!pb_strcomp($tmpUser['userpass'], $_this->authPasswd($upass))) {
$this->error = L("login_pwd_wrong");
return -3;
} else {
$this->dbstuff->Execute("UPDATE {$this->table_prefix}adminfields SET last_login="******",last_ip='" . pb_get_client_ip("str") . "' WHERE member_id=" . $tmpUser['id']);
$tAuth = $tmpUser['id'] . "\n" . $tmpUser['username'] . "\n" . $tmpUser['userpass'];
usetcookie("admin", authcode($tAuth, "ENCODE"));
return true;
}
}
function putLoginStatus($user_info)
{
global $phpb2b_auth_key;
$_SESSION["MemberID"] = $user_info['id'];
$_SESSION["MemberName"] = $user_info['username'];
$auth = authcode($user_info['id'] . "\t" . $user_info['username'] . "\t" . $this->authPasswd($user_info['userpass']) . "\t" . $user_info['is_admin'], 'ENCODE', $phpb2b_auth_key);
if (isset($_POST['remember_pass'])) {
usetcookie('auth', $auth, $this->timestamp + 86400 * 365);
//default 1 year if set remember
} else {
usetcookie('auth', $auth);
}
$this->passport(array($user_info['id'], $user_info['username'], $user_info['userpass'], $user_info['useremail']), "login");
}
/**
* [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved.
* The contents of this file are subject to the License; you may not use this file except in compliance with the License.
*
* @version $Revision: 2153 $
*/
session_start();
define('CURSCRIPT', 'redirect');
require "libraries/common.inc.php";
require "share.inc.php";
$sid = session_id();
//search the urls at the url table.
if (!empty($_GET['url'])) {
$url = htmlspecialchars(trim($_GET['url']));
if (isset($_GET['app_lang'])) {
if (is_file(CACHE_ROOT . $_GET['app_lang'] . DS . "lang_site.php")) {
usetcookie("lang", $_GET['app_lang']);
pheader("location:" . $url);
exit;
} else {
flash(L("file_not_exists", "msg", "lang_site.php"));
}
}
if (strpos($url, "/") === 0) {
$url = ltrim($url, "/");
}
pheader("location:" . $url);
exit;
} else {
flash(null, URL);
}
* [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved.
* The contents of this file are subject to the License; you may not use this file except in compliance with the License.
*
* @version $Revision: 2173 $
*/
session_start();
require "../libraries/common.inc.php";
require CACHE_LANG_PATH . 'lang_admin.php';
require DATA_PATH . 'phpb2b_version.php';
uses("adminfield", "setting", "member");
$adminer = new Adminfields();
$member = new Members();
$setting = new Settings();
if (isset($_GET['action'])) {
if ($_GET['action'] == "dereg") {
usetcookie("admin", "");
unset($_SESSION['last_adminer_time']);
}
}
capt_check("capt_login_admin");
if (isset($_POST['do'])) {
$do = trim($_POST['do']);
if ($do == "login") {
pb_submit_check('data');
if (!empty($_POST['data']['username']) && !empty($_POST['data']['userpass'])) {
$checked = false;
$uname = $_POST['data']['username'];
$upass = $_POST['data']['userpass'];
$checked = $adminer->checkUserLogin($uname, $upass);
if ($checked > 0) {
pheader("Location:index.php");
define('DIRECTORY_SEPARATOR', '/');
}
define('DS', DIRECTORY_SEPARATOR);
require APP_ROOT . 'configs' . DS . 'config.inc.php';
/**
* PHPB2B Debug Level
* Myabe 0-5
*/
if (!isset($debug)) {
$debug = 0;
}
require APP_ROOT . 'libraries' . DS . 'global.func.php';
require APP_ROOT . 'configs' . DS . 'paths.php';
if (isset($_GET['app_lang']) && is_file(APP_ROOT . 'languages' . DS . $_GET['app_lang'] . DS . "template.inc.php")) {
$app_lang = $_GET['app_lang'];
usetcookie("lang", $app_lang);
}
if (isset($_COOKIE[$cookiepre . 'lang'])) {
$app_lang = $_COOKIE[$cookiepre . 'lang'];
}
if (!isset($app_lang) || !file_exists(APP_ROOT . 'languages' . DS . $app_lang . DS . "template.inc.php")) {
$app_lang = "zh-cn";
}
define('CACHE_PATH', APP_ROOT . "data" . DS . "cache" . DS . $app_lang . DS);
require APP_ROOT . 'languages' . DS . $app_lang . DS . 'template.inc.php';
require APP_ROOT . 'languages' . DS . $app_lang . DS . 'message.inc.php';
$msg = null;
if (!defined("LOCALE_PATH")) {
define("LOCALE_PATH", APP_PATH . DS . 'locale' . DS . $app_lang . DS);
}
$httpHost = pb_getenv('HTTP_HOST');
{
global $referer;
$indexname = URL . "index.php";
$default = empty($default) ? $indexname : '';
$referer = pb_htmlspecialchar($referer);
if (!preg_match("/(\\.php|[a-z]+(\\-\\d+)+\\.html)/", $referer) || strpos($referer, 'logging.php')) {
$referer = $default;
}
return $referer;
}
if (isset($_GET['action']) && $_GET['action'] == "logout") {
$referer = null;
$referer = ua_referer();
session_destroy();
uclearcookies();
if (isset($_GET['fr'])) {
if ($_GET['fr'] == "cp") {
usetcookie("admin", '');
}
}
$member->logOut();
$gopage = $referer;
if (!empty($_GET['forward'])) {
pheader("location:" . $_GET['forward']);
} else {
pheader("location:" . $gopage);
exit;
}
}
formhash();
render("logging");
function uclearcookies()
{
return usetcookie('auth', '', -86400 * 365);
}
function putLoginStatus($user_info)
{
global $phpb2b_auth_key;
$_SESSION["MemberID"] = $user_info['id'];
$_SESSION["MemberName"] = $user_info['username'];
$auth = authcode($user_info['id'] . "\t" . $user_info['username'] . "\t" . $this->authPasswd($user_info['userpass']) . "\t" . $user_info['is_admin'], 'ENCODE', $phpb2b_auth_key);
usetcookie('auth', $auth, $this->timestamp + 3600);
$this->passport(array($user_info['id'], $user_info['username'], $user_info['userpass'], $user_info['useremail']), "login");
}
usetcookie("admin", "");
unset($_SESSION['last_adminer_time']);
}
}
//for temp upgrade.
if (!file_exists(CACHE_LANG_PATH . "locale.js")) {
require LIB_PATH . "cache.class.php";
$cache = new Caches();
// $cache->updateLanguages();
$cache->writeCache("javascript", "javascript");
}
capt_check("capt_login_admin");
if (isset($_POST['do'])) {
$do = trim($_POST['do']);
// if(is_file(CACHE_ROOT.$_POST['data']['language'].DS."lang_admin.php")) {
usetcookie("lang", $_POST['data']['language']);
// }
if ($do == "login") {
pb_submit_check('data');
if (!empty($_POST['data']['username']) && !empty($_POST['data']['userpass'])) {
$checked = false;
$uname = $_POST['data']['username'];
$upass = $_POST['data']['userpass'];
$checked = $adminer->checkUserLogin($uname, $upass);
if ($checked > 0) {
pheader("Location:index.php");
} else {
setvar("LoginError", $adminer->error);
}
}
}
function synlogin($get, $post)
{
global $_PB_CACHE, $phpb2b_auth_key, $pdb, $charset;
session_start();
$uid = $get['uid'];
$username = $get['username'];
if (!API_SYNLOGIN) {
return API_RETURN_FORBIDDEN;
}
if (!$_PB_CACHE['setting']['passport_support']) {
return API_RETURN_FORBIDDEN;
}
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
$username = trim($username);
//get userinfo from phpb2b db
$sql = "SELECT * FROM " . $this->tablepre . "members WHERE username='******'";
$user_info = $pdb->GetRow($sql);
if ($user_info) {
//update login times
$loginip = pb_get_client_ip();
$pdb->Execute("UPDATE {$this->tablepre}members SET last_login="******",last_ip='" . $loginip . "' WHERE id='{$user_info['id']}'");
$_SESSION["MemberID"] = $user_info['id'];
$_SESSION["MemberName"] = $user_info['username'];
//synlogin to phpb2b
$auth = authcode($user_info['id'] . "\t" . $user_info['username'] . "\t" . md5($user_info['userpass']) . "\t" . $user_info['is_admin'], 'ENCODE', $phpb2b_auth_key);
usetcookie('auth', $auth, time() + 3600);
} else {
//not exists, add a new member
}
}
