public function login()
{
require 'camfoxconfig.php';
$username = $_REQUEST['username'];
$password = $_REQUEST['userpassword'];
$id = isUser($username, $password);
if ($id > 0) {
$last_login = get_last_login($id);
$_SESSION['user_id'] = $id;
//$_SESSION['last_login'] = $last_login;
update_last_login_date($id);
$user = checkUserAvailableEvents($_SESSION['user_id']);
if ($user == 0) {
insertUserintoEvents($_SESSION['user_id']);
} else {
updateUserinEvents($_SESSION['user_id']);
}
$_SESSION['new_event_count'] = $user[3];
$_SESSION['last_login'] = $user[2];
/* $email_id=getUserEmailById($id);
//echo $email_id;
$_SESSION['email_id'] = $email_id;
$_SESSION['user_id'] = $id;
$username = $_SESSION['email_id'];
/* if(in_array($email_id,$hr_email))
header("Location:hr_panel.php");
else
header("Location:home.php"); */
/* $pending_requests=get_my_pending_requests($_SESSION['email_id']);
if((isset($_SESSION['first_time']) && $_SESSION['first_time'] =='yes') || $pending_requests == null || !is_approver($_SESSION['email_id']))
{
$status=0;
}
else
{
$status=1;
$_SESSION['first_time']='yes';
}
if(in_array($email_id,$hr_email))
$this->http_response(2,200);
else
$this->http_response(1,200);
*/
$this->http_response($id, 200);
} else {
$message = "Incorrect Credentials";
$username = $_POST['username'];
$password = $_POST['password'];
// header("Location:index.php?error=$message&username=$username&password=$password");
$this->http_response(0, 200);
}
}
check_throttle_all();
if (get_failed_login_attempts_by_username($safe_username) > 3) {
$time_left = username_throttle_time_left($safe_username, 10 * 60);
if ($time_left > 0) {
$wait_time = format_time_since_in_words($time_left);
set_error_output("You have used too many login attempts. Please wait {$wait_time} and try again. ");
}
}
$found_user = attempt_user_login($username, $password);
// Test if there was a query error
if ($found_user) {
// Success
// Mark user as logged in.
$_SESSION["user_id"] = $found_user["id"];
$_SESSION["username"] = $found_user["username"];
update_last_login_date($found_user["id"]);
redirect_to("index.php");
} else {
// Failure
$safe_username = mysql_prep($username);
add_failed_attempt($safe_username);
// if more then 10 in the last 15 minutes, this will happen
throttle_all_logins();
// in last 15 minutes by default
if (get_failed_login_attempts_by_username($safe_username) >= 3) {
set_error_output("You have used too many login attempts. Please wait 10 minutes and try again. ");
}
set_error_output("Username or password not found. ", "log_in.php");
}
} else {
// this is probably a get request
