function logon_perform() { // Check to see if the user is logging in as a guest or a normal user. if (isset($_POST['guest_logon'])) { // Check the Guest account is enabled. if (!user_guest_enabled()) { return false; } // Initialise Guest user session. session::start(0); // Generate new CSRF token session::refresh_csrf_token(); // Update the visitor log session::update_visitor_log(0, true); // Success return true; } else { if (isset($_POST['user_logon']) && isset($_POST['user_password'])) { // Extract the submitted username $user_logon = $_POST['user_logon']; // Extract the submitted password $user_password = $_POST['user_password']; // Try and login the user. if (($uid = user_logon($user_logon, $user_password)) !== false) { // Initialise a user session. session::start($uid); // Generate new CSRF token session::refresh_csrf_token(); // Update User's last forum visit forum_update_last_visit($uid); // Update the visitor log session::update_visitor_log($uid, true); // Check if we should save a token to allow auto logon, if (isset($_POST['user_remember']) && $_POST['user_remember'] == 'Y') { // Get a token for the entered password. $user_token = user_generate_token($uid); // Set a cookie with the logon and the token. html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS); html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS); } else { // Remove the cookie. html_set_cookie('user_logon', '', time() - YEAR_IN_SECONDS); html_set_cookie('user_token', '', time() - YEAR_IN_SECONDS); } // Success return true; } } } // Failed return false; }
function logon_perform() { $webtag = get_webtag(); // Check to see if the user is logging in as a guest or a normal user. if (isset($_POST['guest_logon'])) { // Check the Guest account is enabled. if (!user_guest_enabled()) { return false; } // Initialise Guest user session. session::create(0); // Success return true; } else { if (isset($_POST['user_logon']) && isset($_POST['user_password'])) { // Extract the submitted username $user_logon = $_POST['user_logon']; // Extract the submitted password $user_password = $_POST['user_password']; // Try and login the user. if ($uid = user_logon($user_logon, $user_password)) { // Initialise a user session. session::create($uid); // Check if we should save a token to allow auto logon, if (isset($_POST['user_remember']) && $_POST['user_remember'] == 'Y') { // Get a token for the entered password. $user_token = user_generate_token($uid); // Set a cookie with the logon and the token. html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS); html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS); } else { // Remove the cookie. html_set_cookie('user_logon', '', time() - YEAR_IN_SECONDS); html_set_cookie('user_token', '', time() - YEAR_IN_SECONDS); } // Success return true; } } } // Failed return false; }
<?php session_start(); include 'Services/Twilio.php'; include 'config.php'; include "functions.php"; $username = cleanVar('username'); $password = cleanVar('password'); $phoneNum = cleanVar('phone_number'); if (isset($_POST['action'])) { if (isset($_POST['username']) && isset($_POST['phone_number'])) { $message = user_generate_token($username, $phoneNum); } else { if (isset($_POST['username']) && isset($_POST['password'])) { $message = user_login($username, $password); } } header("Location: two-factor-voice.php?message=" . urlencode($message)); exit; } ?> <html> <body> <p>Please enter a username, and a phone number you can be reached at, we will then call you with your one-time password</p> <span id="message"> <?php echo cleanVar('message'); $action = isset($_SESSION['password']) ? 'login' : 'token'; ?> </span> <form id="reset-form" method="POST" class="center">
<?php session_start(); include 'Services/Twilio.php'; include 'config.php'; include 'functions.php'; $username = cleanVar('username'); $password = cleanVar('password'); $phoneNum = cleanVar('phone_number'); if (isset($_POST['action'])) { if (isset($_POST['username']) && isset($_POST['phone_number'])) { $message = user_generate_token($username, $phoneNum, 'calls'); } else { if (isset($_POST['username']) && isset($_POST['password'])) { $message = user_login($username, $password); } } header("Location: two-factor-voice.php?message=" . urlencode($message)); exit; } ?> <html> <body> <p>Please enter a username, and a phone number you can be reached at, we will then call you with your one-time password</p> <span id="message"> <?php echo cleanVar('message'); $action = isset($_SESSION['password']) ? 'login' : 'token'; ?>