Exemplo n.º 1
0
 if (fn_allowed_for('MULTIVENDOR')) {
     if ($user_data['user_type'] == 'V') {
         $area = $area == 'A' ? 'V' : $area;
     }
 }
 $sess_data = array('auth' => fn_fill_auth($user_data, array(), true, $area), 'last_status' => empty($_SESSION['last_status']) ? '' : $_SESSION['last_status']);
 if (Registry::get('settings.General.store_mode') == 'Y') {
     $sess_data['store_access_key'] = Registry::get('settings.General.store_access_key');
 }
 $areas = array('A' => 'admin', 'V' => 'vendor', 'C' => 'customer');
 fn_init_user_session_data($sess_data, $_REQUEST['user_id'], true);
 $old_sess_id = Session::getId();
 $redirect_url = !empty($_REQUEST['redirect_url']) ? $_REQUEST['redirect_url'] : '';
 if ($area != 'C') {
     Session::setName($areas[$area]);
     $sess_id = Session::regenerateId();
     Session::save($sess_id, $sess_data, $area);
     Session::setName(ACCOUNT_TYPE);
     Session::setId($old_sess_id, false);
 } else {
     // Save unique key for session
     $key = fn_crc32(microtime()) . fn_crc32(microtime() + 1);
     fn_set_storage_data('session_' . $key . '_data', serialize($sess_data));
     if (fn_allowed_for('ULTIMATE')) {
         $company_id_in_url = fn_get_company_id_from_uri($redirect_url);
         if (Registry::get('runtime.company_id') || !empty($user_data['company_id']) || Registry::get('runtime.simple_ultimate') || !empty($company_id_in_url)) {
             // Redirect to the personal frontend
             $company_id = !empty($user_data['company_id']) ? $user_data['company_id'] : Registry::get('runtime.company_id');
             if (!$company_id && Registry::get('runtime.simple_ultimate')) {
                 $company_id = fn_get_default_company_id();
             } elseif (!$company_id) {
Exemplo n.º 2
0
 list($status, $user_data, $user_login, $password, $salt) = fn_auth_routines($_REQUEST, $auth);
 if (!empty($_REQUEST['redirect_url'])) {
     $redirect_url = $_REQUEST['redirect_url'];
 } else {
     $redirect_url = fn_url('auth.login' . !empty($_REQUEST['return_url']) ? '?return_url=' . $_REQUEST['return_url'] : '');
 }
 if ($status === false) {
     fn_save_post_data('user_login');
     return array(CONTROLLER_STATUS_REDIRECT, $redirect_url);
 }
 //
 // Success login
 //
 if (!empty($user_data) && !empty($password) && fn_generate_salted_password($password, $salt) == $user_data['password']) {
     // Regenerate session_id for security reasons
     Session::regenerateId();
     //
     // If customer placed orders before login, assign these orders to this account
     //
     if (!empty($auth['order_ids'])) {
         foreach ($auth['order_ids'] as $k => $v) {
             db_query("UPDATE ?:orders SET ?u WHERE order_id = ?i", array('user_id' => $user_data['user_id']), $v);
         }
     }
     fn_login_user($user_data['user_id']);
     Helpdesk::auth();
     // Set system notifications
     if (Registry::get('config.demo_mode') != true && AREA == 'A') {
         // If username equals to the password
         if (!fn_is_development() && fn_compare_login_password($user_data, $password)) {
             $lang_var = 'warning_insecure_password_email';
Exemplo n.º 3
0
/**
 * @param array $auth
 */
function fn_user_logout($auth)
{
    // Regenerate session_id for security reasons
    fn_save_cart_content($_SESSION['cart'], $auth['user_id']);
    Session::regenerateId();
    fn_init_user();
    $auth = $_SESSION['auth'];
    if (!empty($auth['user_id'])) {
        fn_log_user_logout($auth);
    }
    unset($_SESSION['auth']);
    fn_clear_cart($_SESSION['cart'], false, true);
    fn_delete_session_data(AREA . '_user_id', AREA . '_password');
    unset($_SESSION['product_notifications']);
    fn_login_user();
    // need to fill $_SESSION['auth'] array for anonymous user
}