<?php
session_start();
require_once "../../jcryption.php";
$keyLength = 256;
$jCryption = new jCryption();
if (isset($_GET["generateKeypair"])) {
$keys = $jCryption->generateKeypair($keyLength);
$_SESSION["e"] = array("int" => $keys["e"], "hex" => $jCryption->dec2string($keys["e"], 16));
$_SESSION["d"] = array("int" => $keys["d"], "hex" => $jCryption->dec2string($keys["d"], 16));
$_SESSION["n"] = array("int" => $keys["n"], "hex" => $jCryption->dec2string($keys["n"], 16));
echo '{"e":"' . $_SESSION["e"]["hex"] . '","n":"' . $_SESSION["n"]["hex"] . '","maxdigits":"' . intval($keyLength * 2 / 16 + 3) . '"}';
} else {
$var = $jCryption->decrypt($_POST['jCryption'], $_SESSION["d"]["int"], $_SESSION["n"]["int"]);
echo $var;
}
private function getAuthCustom()
{
$server = $this->getDefaultServer();
$username = $password = '';
if (secureLoginPage() && isset($_POST['mywebsql_auth'])) {
$enc_lib = BASE_PATH . (extension_loaded('openssl') && extension_loaded('gmp') ? "/lib/external/jcryption.php" : "/lib/external/jcryption-legacy.php");
require_once $enc_lib;
$jCryption = new jCryption();
$d = Session::get('auth_enc', 'd');
$n = Session::get('auth_enc', 'n');
if (!isset($d['int']) || !isset($n['int'])) {
return $this->setError('Invalid Credentials');
}
$decoded = $jCryption->decrypt($_POST['mywebsql_auth'], $d['int'], $n['int']);
if (!$decoded) {
return $this->setError('Invalid Credentials');
}
parse_str($decoded, $info);
$server = $this->getServer(v($info['server']));
$username = v($info['auth_user']);
$password = v($info['auth_pwd']);
} else {
if (isset($_POST['auth_user']) && isset($_POST['auth_pwd'])) {
$server = $this->getServer(v($_POST['server']));
$username = v($_POST['auth_user']);
$password = v($_POST['auth_pwd']);
}
}
return $this->custom_auth->authenticate($username, $password, $server);
return false;
}
$config = new config();
$con = mysql_connect($config->getUserManagerDomain(), $config->getUserManagerUser(), $config->getUserManagerPass());
//checking to see if connection exists
if (!$con) {
die('Could not connect:' . mysql_error());
}
//connect to database
mysql_select_db($config->getUserManagerDB(), $con);
//querying the table and setting it to a variable
$result = mysql_query("SELECT * FROM UserInfo WHERE Email = '{$user}'");
if ($result) {
$row = mysql_fetch_array($result);
}
if ($row['Email'] == $user && $row['Email'] != '') {
$jCryption = new jCryption();
$var = $jCryption->decrypt($password, $_SESSION["d"]["int"], $_SESSION["n"]["int"]);
if ($row['Password'] == $var) {
//$sessionid = uniqid();
//$UserId = $row['UserId'];
//$clientIp = $_SERVER['REMOTE_ADDR'];
//mysql_query("DELETE FROM Session WHERE UserId='$UserId' AND ClientIp='$clientIp'");
//mysql_query("INSERT INTO Session (UserId, ClientIp, SessionKey) VALUES ('$UserId', '$clientIp', '$sessionid')");
echo 'Logged in!';
//create session here
} else {
echo "User found but password incorrect.";
}
} else {
echo "User not found.";
}
//echo "encrypted: " . $password . " decrypted: " . $var;
public function ShowLogin($is_https, &$msg)
{
$timedout = UIBase::GrabInput('get', 'timedout', 'int');
$logoff = UIBase::GrabInput('get', 'logoff', 'int');
$msg = '';
if ($timedout == 1 || $logoff == 1) {
$this->clear();
if ($timedout == 1) {
$msg = DMsg::Err('err_sessiontimeout');
} else {
$msg = DMsg::Err('err_loggedoff');
}
} else {
if ($this->IsValid()) {
return FALSE;
}
}
$userid = NULL;
$pass = NULL;
if (isset($_POST['jCryption'])) {
$jCryption = new jCryption();
$var = $jCryption->decrypt($_POST['jCryption'], $_SESSION['d_int'], $_SESSION['n_int']);
unset($_SESSION['d_int']);
unset($_SESSION['n_int']);
parse_str($var, $result);
$userid = $result['userid'];
$pass = $result['pass'];
} else {
if ($is_https && isset($_POST['userid'])) {
$userid = UIBase::GrabGoodInput('POST', 'userid');
$pass = UIBase::GrabInput('POST', 'pass');
}
}
if ($userid != NULL) {
if ($this->authenticate($userid, $pass) === TRUE) {
return FALSE;
} else {
$msg = DMsg::Err('err_login');
}
}
return TRUE;
}
