/** * @author goFrendiAsgard * @param string identity * @param string password * @return bool * @desc login with identity and password. Identity can be user_name or e-mail */ public function cms_do_login($identity, $password) { $query = $this->db->query("SELECT user_id, user_name, real_name, email FROM " . cms_table_name('main_user') . " WHERE\n (user_name = '" . addslashes($identity) . "' OR email = '" . addslashes($identity) . "') AND\n password = '******' AND\n active = 1"); $user_name = NULL; $user_id = NULL; $user_real_name = NULL; $user_email = NULL; $login_succeed = FALSE; if ($query->num_rows() > 0) { $row = $query->row(); $user_name = $row->user_name; $user_id = $row->user_id; $user_real_name = $row->real_name; $user_email = $row->email; $login_succeed = TRUE; } else { require_once APPPATH . 'config/cms_extended_login.php'; if (function_exists('extended_login')) { $extended_login_result = extended_login($identity, $password); if ($extended_login_result !== FALSE) { $query = $this->db->select('user_id, user_name')->from(cms_table_name('main_user'))->where('user_name', $identity)->get(); // if already exists in database if ($query->num_rows() > 0) { $row = $query->row(); $user_id = $row->user_id; $user_name = $row->user_name; $login_succeed = TRUE; } else { $data = array(); $data['user_name'] = $identity; $data['password'] = NULL; $login_succeed = $this->db->insert(cms_table_name('main_user'), $data); if ($login_succeed) { $user_id = $this->db->insert_id(); $user_name = $identity; } } if ($login_succeed && is_array($extended_login_result)) { if (count($extended_login_result) > 1) { $user_real_name = $extended_login_result[0]; $user_email = $extended_login_result[1]; } } } } } if ($login_succeed) { $this->cms_user_name($user_name); $this->cms_user_id($user_id); $this->cms_user_real_name($user_real_name); $this->cms_user_email($user_email); // save login status // needed by kcfinder if (!isset($_SESSION)) { session_start(); } if (!isset($_SESSION['__cms_user_id'])) { $_SESSION['__cms_user_id'] = $user_id; } $this->__cms_extend_user_last_active($user_id); return TRUE; } return FALSE; }
/** * @author go frendi * * @param string identity * @param string password * * @return bool * @desc login with identity and password. Identity can be user_name or e-mail */ public function cms_do_login($identity, $password) { $user_name = null; $user_id = null; $user_real_name = null; $user_email = null; $login_succeed = false; // try to login as a user of specific subsite if (CMS_SUBSITE != '') { $query = $this->db->query('SELECT user_id, user_name, real_name, email FROM '.$this->cms_user_table_name()." WHERE (user_name = '".addslashes($identity)."' OR email = '".addslashes($identity)."') AND password = '******' AND subsite = '".CMS_SUBSITE."' AND active = 1"); if ($query->num_rows() > 0) { $row = $query->row(); $user_name = $row->user_name; $user_id = $row->user_id; $user_real_name = $row->real_name; $user_email = $row->email; $login_succeed = true; } } // if login not succeed, try to login as main user if (!$login_succeed) { // do the query $query = $this->db->query('SELECT user_id, user_name, real_name, email FROM '.$this->cms_user_table_name()." WHERE (user_name = '".addslashes($identity)."' OR email = '".addslashes($identity)."') AND password = '******' AND subsite IS NULL AND active = 1"); if ($query->num_rows() > 0) { $row = $query->row(); $user_name = $row->user_name; $user_id = $row->user_id; $user_real_name = $row->real_name; $user_email = $row->email; $login_succeed = true; } } if (!$login_succeed) { $this->load->helper('cms_extended_login'); if (function_exists('extended_login')) { $extended_login_result = extended_login($identity, $password); if ($extended_login_result !== false) { $query = $this->db->select('user_id, user_name') ->from($this->cms_user_table_name()) ->where('user_name', $identity) ->get(); // if already exists in database if ($query->num_rows() > 0) { $row = $query->row(); $user_id = $row->user_id; $user_name = $row->user_name; $login_succeed = true; } else { $data = array(); $data['user_name'] = $identity; $data['password'] = null; $login_succeed = $this->db->insert($this->cms_user_table_name(), $data); if ($login_succeed) { $user_id = $this->db->insert_id(); $user_name = $identity; } } if ($login_succeed && is_array($extended_login_result)) { if (count($extended_login_result) > 1) { $user_real_name = $extended_login_result[0]; $user_email = $extended_login_result[1]; } } } } } if ($login_succeed) { $this->cms_user_name($user_name); $this->cms_user_id($user_id); $this->cms_user_real_name($user_real_name); $this->cms_user_email($user_email); $this->__cms_extend_user_last_active($user_id); return true; } return false; }