/** * Validate the User is Logged In * @param $ajax Object[optional] Indicates if this request came from an AJAX call or otherwise */ function attempt_login($ajax = false) { $db =& $this->db; $userid = Kit::GetParam('userid', _SESSION, _INT); // Referring Page is anything after the ? $requestUri = rawurlencode(Kit::GetCurrentPage()); if (!$this->checkforUserid()) { // Log out the user if ($userid != 0) { $db->query(sprintf("UPDATE user SET loggedin = 0 WHERE userid = %d ", $userid)); } // AJAX calls that fail the login test cause a page redirect if ($ajax) { //create the AJAX request object $response = new ResponseManager(); $response->Login(); $response->Respond(); } else { Theme::Set('form_meta', '<input type="hidden" name="token" value="' . CreateFormToken() . '" />'); Theme::Set('form_action', 'index.php?q=login&referingPage=' . $requestUri); Theme::Set('about_url', 'index.php?p=index&q=About'); Theme::Set('source_url', 'https://launchpad.net/xibo/1.6'); // Message (either from the URL or the session) $message = Kit::GetParam('message', _GET, _STRING, Kit::GetParam('message', _SESSION, _STRING, '')); Theme::Set('login_message', $message); Theme::Render('login_page'); // Clear the session message $_SESSION['message'] = ''; exit; } return false; } else { //write out to the db that the logged in user has accessed the page still $SQL = sprintf("UPDATE user SET lastaccessed = '" . date("Y-m-d H:i:s") . "', loggedin = 1 WHERE userid = %d ", $userid); $results = $db->query($SQL) or trigger_error("Can not write last accessed info.", E_USER_ERROR); // Load the information about this user $this->LoginServices($userid); return true; } }