/** * Start the "auth engine", see if anyone is logged in and grab their info * * @return mixed This is the return value description * */ public static function StartAuth() { self::$init = true; self::$session_id = SessionManager::Get('session_id'); $assign_id = false; if (self::$session_id == '') { if ($_COOKIE[VMS_AUTH_COOKIE] != '') { $data = explode('|', $_COOKIE[VMS_AUTH_COOKIE]); $session_id = $data[0]; $pilot_id = $data[1]; $ip_address = $data[2]; // TODO: Determine data reliability from IP addresses marked $session_info = self::get_session($session_id, $pilot_id, $ip_address); if ($session_info) { /* Populate session info */ $userinfo = PilotData::GetPilotData($pilot_id); if (!$userinfo) { self::$loggedin = false; return false; } self::$loggedin = true; self::$userinfo = $userinfo; self::$pilot = $userinfo; self::$pilotid = self::$userinfo->pilotid; self::$usergroups = SessionManager::Get('usergroups'); self::$session_id = $session_id; if (self::$usergroups == '') { self::$usergroups = PilotGroups::GetUserGroups($userinfo->pilotid); } SessionManager::Set('loggedin', true); SessionManager::Set('userinfo', $userinfo); SessionManager::Set('usergroups', self::$usergroups); PilotData::UpdateLogin($userinfo->pilotid); self::update_session(self::$session_id, self::$userinfo->pilotid); return true; } } // Look for an existing session based on ID // No session ID was found anywhere so assign one $assign_id = true; self::$session_id = self::start_session(0); SessionManager::Set('session_id', self::$session_id); } else { // There's a session ID, so double check that they're logged in if (SessionManager::Get('loggedin') == true) { self::$loggedin = true; self::$userinfo = SessionManager::Get('userinfo'); self::$pilot = self::$userinfo; self::$usergroups = PilotGroups::GetUserGroups(self::$userinfo->pilotid); self::$pilotid = self::$userinfo->pilotid; # Bugfix, in case user updates their profile info, grab the latest self::$userinfo = PilotData::GetPilotData(self::$pilotid); self::$pilot = self::$userinfo; self::update_session(self::$session_id, self::$userinfo->pilotid); return true; } else { // Already been assigned a session ID, and not signed in... self::$loggedin = false; self::update_session(self::$session_id, 0); $assign_id = false; } } // Empty session so start one up, and they're not logged in if ($assign_id == true) { } return true; }
public function ProcessLogin() { $email = $this->post->email; $password = $this->post->password; if ($email == '' || $password == '') { $this->set('message', 'You must fill out both your username and password'); $this->render('login_form.tpl'); return false; } if (!Auth::ProcessLogin($email, $password)) { $this->set('message', Auth::$error_message); $this->render('login_form.tpl'); return false; } else { if (Auth::$userinfo->confirmed == PILOT_PENDING) { $this->render('login_unconfirmed.tpl'); Auth::LogOut(); // show error } elseif (Auth::$userinfo->confirmed == PILOT_REJECTED) { $this->render('login_rejected.tpl'); Auth::LogOut(); } else { $pilotid = Auth::$userinfo->pilotid; $session_id = Auth::$session_id; # If they choose to be "remembered", then assign a cookie if ($this->post->remember == 'on') { $cookie = "{$session_id}|{$pilotid}|{$_SERVER['REMOTE_ADDR']}"; $res = setrawcookie(VMS_AUTH_COOKIE, $cookie, time() + Config::Get('SESSION_LOGIN_TIME'), '/'); } PilotData::UpdateLogin($pilotid); #$this->set('redir', SITE_URL . '/' . $this->post->redir); #$this->render('login_complete.tpl'); CodonEvent::Dispatch('login_success', 'Login'); $this->post->redir = str_replace('index.php/', '', $this->post->redir); header('Location: ' . url('/' . $this->post->redir)); } return; } }