/**
* Validate the User is Logged In
* @param $ajax Object[optional] Indicates if this request came from an AJAX call or otherwise
*/
function attempt_login($ajax = false)
{
$db =& $this->db;
$userid = Kit::GetParam('userid', _SESSION, _INT);
// Referring Page is anything after the ?
$requestUri = rawurlencode(Kit::GetCurrentPage());
if (!$this->checkforUserid()) {
// Log out the user
if ($userid != 0) {
$db->query(sprintf("UPDATE user SET loggedin = 0 WHERE userid = %d ", $userid));
}
// AJAX calls that fail the login test cause a page redirect
if ($ajax) {
//create the AJAX request object
$response = new ResponseManager();
$response->Login();
$response->Respond();
} else {
Theme::Set('form_meta', '<input type="hidden" name="token" value="' . CreateFormToken() . '" />');
Theme::Set('form_action', 'index.php?q=login&referingPage=' . $requestUri);
Theme::Set('about_url', 'index.php?p=index&q=About');
Theme::Set('source_url', 'https://launchpad.net/xibo/1.6');
// Message (either from the URL or the session)
$message = Kit::GetParam('message', _GET, _STRING, Kit::GetParam('message', _SESSION, _STRING, ''));
Theme::Set('login_message', $message);
Theme::Render('login_page');
// Clear the session message
$_SESSION['message'] = '';
exit;
}
return false;
} else {
//write out to the db that the logged in user has accessed the page still
$SQL = sprintf("UPDATE user SET lastaccessed = '" . date("Y-m-d H:i:s") . "', loggedin = 1 WHERE userid = %d ", $userid);
$results = $db->query($SQL) or trigger_error("Can not write last accessed info.", E_USER_ERROR);
// Load the information about this user
$this->LoginServices($userid);
return true;
}
}
