function login_user($name)
{
global $phpcdb;
// Regenerate the session in case our non-logged in version was
// snooped
// TODO: Verify that this is needed, and make sure it's called in setup
// so it doesn't create issues for embedded users
// session_regenerate_id();
$user = $phpcdb->get_user_by_name($name);
phpc_do_login($user);
return true;
}
}
exit;
}
if (empty($_SESSION["{$phpc_prefix}uid"])) {
if (!empty($_COOKIE["{$phpc_prefix}login"]) && !empty($_COOKIE["{$phpc_prefix}uid"]) && !empty($_COOKIE["{$phpc_prefix}login_series"])) {
// Cleanup before we check their token so they can't login with
// an ancient token
$phpcdb->cleanup_login_tokens();
// FIXME should this be _SESSION below?
$phpc_uid = $_COOKIE["{$phpc_prefix}uid"];
$phpc_login_series = $_COOKIE["{$phpc_prefix}login_series"];
$phpc_token = $phpcdb->get_login_token($phpc_uid, $phpc_login_series);
if ($phpc_token) {
if ($phpc_token == $_COOKIE["{$phpc_prefix}login"]) {
$user = $phpcdb->get_user($phpc_uid);
phpc_do_login($user, $phpc_login_series);
} else {
$phpcdb->remove_login_tokens($phpc_uid);
soft_error(__("Possible hacking attempt on your account."));
}
} else {
$phpc_uid = 0;
}
}
} else {
$phpc_token = $_SESSION["{$phpc_prefix}login"];
}
if (empty($phpc_token)) {
$phpc_token = '';
}
// Create vars
