public function actionLogin()
{
$this->_assertPostOnly();
$data = $this->_input->filter(array('login' => XenForo_Input::STRING, 'password' => XenForo_Input::STRING, 'redirect' => XenForo_Input::STRING, 'cookie_check' => XenForo_Input::UINT));
$redirect = $data['redirect'] ? $data['redirect'] : XenForo_Link::buildAdminLink('index');
$loginModel = $this->_getLoginModel();
if ($data['cookie_check'] && count($_COOKIE) == 0) {
// login came from a page, so we should at least have a session cookie.
// if we don't, assume that cookies are disabled
return $this->responseError(new XenForo_Phrase('cookies_required_to_log_in_to_site'));
}
$needCaptcha = $loginModel->requireLoginCaptcha($data['login']);
if ($needCaptcha) {
// just block logins here instead of using the captcha
return $this->responseError(new XenForo_Phrase('your_account_has_temporarily_been_locked_due_to_failed_login_attempts'));
}
$userModel = $this->_getUserModel();
$userId = $userModel->validateAuthentication($data['login'], $data['password'], $error);
if (!$userId) {
$loginModel->logLoginAttempt($data['login']);
if ($loginModel->requireLoginCaptcha($data['login'])) {
return $this->responseError(new XenForo_Phrase('your_account_has_temporarily_been_locked_due_to_failed_login_attempts'));
}
if ($this->_input->filterSingle('upgrade', XenForo_Input::UINT)) {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $redirect);
} else {
// note - JSON view will return responseError($text)
return $this->responseView('XenForo_ViewAdmin_Login_Error', 'login_form', array('text' => $error, 'defaultLogin' => $data['login'], 'redirect' => $redirect), array('containerTemplate' => 'LOGIN_PAGE'));
}
}
$loginModel->clearLoginAttempts($data['login']);
XenForo_Model_Ip::log($userId, 'user', $userId, 'login_admin');
XenForo_Application::get('session')->changeUserId($userId);
XenForo_Visitor::setup($userId);
// if guest on front-end, login there too
$publicSession = new XenForo_Session();
$publicSession->start();
if (!$publicSession->get('user_id')) {
$publicSession->changeUserId($userId);
$publicSession->save();
}
$visitor = XenForo_Visitor::getInstance();
// now check that the user will be able to get into the ACP (is_admin)
if (!$visitor->is_admin) {
return $this->responseError(new XenForo_Phrase('your_account_does_not_have_admin_privileges'));
}
if ($this->_input->filterSingle('repost', XenForo_Input::UINT)) {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $redirect, '', array('repost' => 1, 'postVars' => $this->_input->filterSingle('postVars', XenForo_Input::JSON_ARRAY)));
} else {
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $redirect);
}
}
/**
* Single-stage logout procedure
*/
public function actionIndex()
{
$this->_checkCsrfFromToken($this->_input->filterSingle('_xfToken', XenForo_Input::STRING));
// remove an admin session if we're logged in as the same person
if (XenForo_Visitor::getInstance()->get('is_admin')) {
$adminSession = new XenForo_Session(array('admin' => true));
$adminSession->start();
if ($adminSession->get('user_id') == XenForo_Visitor::getUserId()) {
$adminSession->delete();
}
}
$this->getModelFromCache('XenForo_Model_Session')->processLastActivityUpdateForLogOut(XenForo_Visitor::getUserId());
XenForo_Application::get('session')->delete();
XenForo_Helper_Cookie::deleteAllCookies(array('session'), array('user' => array('httpOnly' => false)));
XenForo_Visitor::setup(0);
$redirect = $this->_input->filterSingle('redirect', XenForo_Input::STRING);
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, $redirect ? $redirect : XenForo_Link::buildPublicLink('index'));
}
public static function logout()
{
self::start();
if (!self::userLoad()) {
return;
}
if (XenForo_Visitor::getInstance()->get('is_admin')) {
$adminSession = new XenForo_Session(array('admin' => true));
$adminSession->start();
if ($adminSession->get('user_id') == XenForo_Visitor::getUserId()) {
$adminSession->delete();
}
}
XenForo_Model::create('XenForo_Model_Session')->processLastActivityUpdateForLogOut(XenForo_Visitor::getUserId());
XenForo_Application::get('session')->delete();
XenForo_Helper_Cookie::deleteAllCookies(array('session'), array('user' => array('httpOnly' => false)));
XenForo_Visitor::setup(0);
}
public function actionTest()
{
$this->assertAdminPermission('user');
$publicSession = new XenForo_Session();
$publicSession->start();
if ($publicSession->get('user_id') != XenForo_Visitor::getUserId()) {
return $this->responseError(new XenForo_Phrase('please_login_via_public_login_page_before_testing_permissions'));
}
if ($this->_request->isPost()) {
$username = $this->_input->filterSingle('username', XenForo_Input::STRING);
/* @var $userModel XenForo_Model_User */
$userModel = $this->getModelFromCache('XenForo_Model_User');
$user = $userModel->getUserByName($username);
if (!$user) {
return $this->responseError(new XenForo_Phrase('requested_user_not_found'), 404);
}
$publicSession->set('permissionTest', array('user_id' => $user['user_id'], 'username' => $user['username']));
$publicSession->save();
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildPublicLink('index'));
} else {
return $this->responseView('XenForo_ViewAdmin_Permission_Test', 'permission_test');
}
}
public function adminLogout()
{
$session = new XenForo_Session(array('admin' => true));
$session->start();
if ($session->get('user_id') == $this->getVisitor()->getUserId()) {
return $session->delete();
}
return true;
}
public function actionLogout()
{
$fr_username = $this->_input->filterSingle('fr_username', XenForo_Input::STRING);
if (XenForo_Visitor::getInstance()->get('is_admin')) {
$admin = new XenForo_Session(array('admin' => true));
$admin->start();
if ($admin->get('user_id') == XenForo_Visitor::getUserId()) {
$admin->delete();
}
}
fr_remove_push_user();
$this->getModelFromCache('XenForo_Model_Session')->processLastActivityUpdateForLogOut(XenForo_Visitor::getUserId());
XenForo_Application::get('session')->delete();
XenForo_Helper_Cookie::deleteAllCookies(array('session'), array('user' => array('httpOnly' => false)));
XenForo_Visitor::setup(0);
$requires_authentication = false;
if (!XenForo_Visitor::getInstance()->hasPermission('general', 'view')) {
$requires_authentication = true;
}
$options = XenForo_Application::get('options');
if (!$options->boardActive) {
$requires_authentication = true;
}
return array('success' => true, 'requires_authentication' => $requires_authentication);
}
public function actionReveal()
{
$publicSession = new XenForo_Session();
$publicSession->start();
if ($publicSession->get('user_id') != XenForo_Visitor::getUserId()) {
return $this->responseError(new XenForo_Phrase('please_login_via_public_login_page_before_testing_permissions'));
}
$publicSession->set('_WidgetFramework_reveal', true);
$publicSession->save();
return $this->responseRedirect(XenForo_ControllerResponse_Redirect::SUCCESS, XenForo_Link::buildPublicLink('index'));
}
