function mx_cksignin($page, $option, $action) { global $me, $mxuser, $mxsession, $signerrors; /*if ($mxuser->id) { //die(); header('Location: '.mx_actionurl($page,$option,'ok')); }*/ //die('page='.$page.' option='.$option.' action='.$action.'<br/>REQUESTS: '.print_r($_REQUEST,true)); $signerrors = array(); $redir = mx_secureredir(urldecode($_REQUEST['r'])); //error_log('signin: action='.$action); //mx_checkfblogin(false); if ($action == 'register') { mx_ckregister($page, 'register', $action); return; } else { if ($action == 'signin') { // check login data $login = $_POST['email']; $pwd = $_POST['password']; if ($_POST['captcha']) { require_once 'ext_includes/recaptchalib.php'; $resp = recaptcha_check_answer(MX_RECAPTCHA_PRIVATE, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { // What happens when the CAPTCHA was entered incorrectly $signerrors['captcha'] = _("ReCaptcha incorrect.<br/>Please try again"); } } if (!$signerrors['captcha'] && $mxuser->checklogin($login, $pwd)) { mx_setsession($mxuser, time()); header('Location: ' . mx_actionurl_normal($page, $option, 'ok', '', $redir)); } else { if (!$signerrors['captcha']) { $signerrors = array('email' => _('Wrong credentials...'), 'password' => _('...or wrong password.')); } } } else { if ($action == 'fb') { mx_checkfblogin(false); $cruser = mx_checkfbuser(false); if ($cruser == 1) { $mxuser = new MXUser(); } else { header('Location: ' . mx_actionurl_normal('account', 'register', 'fb')); } /*else if (mx_checkfbuser(true)==2) { error_log(print_r($mxuser,true)); header('Location: '.mx_actionurl('account','setup','setup_0')); } */ /* else { header('Location: '.mx_actionurl_normal('account','register','','',($redir?(':'.$redir):''))); }*/ } else { if ($action == 'forgot') { $login = $_POST['email']; if (!$login) { $signerrors = array('email' => _('Please inform your email or username' . ' (Have you tried signing in using Facebook?)')); } else { $signerrors = $mxuser->lostpassword($login); } } else { if ($action == 'confirmation') { $confirmcode = mx_secureword($_REQUEST['c']); $mxuser->checkconfirm($confirmcode); if ($mxuser->id) { mx_setsession($mxuser, time()); } else { $signerrors = array('email' => _('The password recovery link you\'re using is no more valid.' . ' If you requested twice, check the most recent email you received.')); } return; } else { if ($action == 'update') { $postfld = $_POST['new_password']; $chkconf = $_POST['conf_password']; if ($chkconf != $postfld) { $signerrors = array('password' => _('Password confirmation does not match new password.')); } else { if (!$postfld) { $signerrors = array('password' => _('Password cannot be left blank.')); } else { $signerrors = array(); $mxuser->setoption('pwdhash', hash('sha256', $_POST['new_password'])); mx_setsession($mxuser, time()); } } return; } } } } } } /* else { mx_checkfblogin(false); if (mx_checkfbuser(false)==1) { $mxuser=new MXUser(); } else $me=null; //if ($me) die('FB logged'); }*/ if ($mxuser->id) { mx_fbaction('use?website=' . mx_pageurl('main')); } if ($mxuser->id && $redir) { //$action=='redirect') { preg_match_all('%([^,]*),?%', $redir, $aredir); //error_log('signin/redir: '.$redir.' - '.print_r($aredir,true)); if ($aredir && $aredir[1][0]) { header('location: ' . mx_actionurl($aredir[1][0], $aredir[1][1], $aredir[1][2], $aredir[1][3], '', $_SERVER['HTTPS'] ? 'secure' : 'normal', $aredir[1][4])); } return; } /*if ($mxuser->id && array_key_exists('HTTPS',$_SERVER)) { header('Location: '.mx_actionurl_normal($page,$option,'ok'.($redir?(':'.$redir):''))); return; }*/ // define account if not done... if ($mxuser->id) { if (!$mxuser->acctype) { header('location: ' . mx_optionurl('account', 'setup')); } header('location: ' . mx_actionurl('main', '', 'signed')); } //error_log('hello!'); //die(phpinfo()); }