private function _authorize()
{
$this->startHook('phpCoreBeforeAuth');
$authorized = 0;
if (isset($_POST['register'])) {
$login = '';
} elseif (isset($_POST['username'])) {
$login = $_POST['username'];
$authorized++;
} else {
$login = '';
}
$iaUsers = $this->factory('users');
if (isset($_POST['register'])) {
$pass = '';
} elseif (isset($_POST['password'])) {
$pass = $_POST['password'];
$authorized++;
} else {
$pass = '';
}
$isBackend = self::ACCESS_ADMIN == $this->getAccessType();
if (IA_EXIT && $authorized != 2) {
// use this hook to logout
$this->startHook('phpUserLogout', array('userInfo' => iaUsers::getIdentity(true)));
iaUsers::clearIdentity();
unset($_SESSION['_achkych']);
if (strpos($_SERVER['HTTP_REFERER'], $this->iaView->domainUrl) === 0) {
if ($isBackend) {
$_SESSION['IA_EXIT'] = true;
}
$url = $isBackend ? IA_ADMIN_URL : IA_URL;
header('Location: ' . $url);
} else {
header('Location: ' . $this->iaView->domainUrl . ($isBackend ? $this->get('admin_page') . IA_URL_DELIMITER : ''));
}
exit;
} elseif ($authorized == 2 && $login && $pass) {
$auth = (bool) $iaUsers->getAuth(0, $login, $pass);
$this->startHook('phpUserLogin', array('userInfo' => iaUsers::getIdentity(true), 'password' => $pass));
if (!$auth) {
if ($isBackend) {
$this->iaView->assign('error_login', true);
} else {
$this->iaView->setMessages(iaLanguage::get('error_login'));
$this->iaView->name('login');
}
} else {
unset($_SESSION['_achkych']);
if (isset($_SESSION['referrer'])) {
header('Location: ' . $_SESSION['referrer']);
unset($_SESSION['referrer']);
exit;
} else {
if ($isBackend) {
$this->factory('log')->write(iaLog::ACTION_LOGIN, array('ip' => $this->util()->getIp(false)));
}
}
}
} elseif (2 == $authorized) {
if ($isBackend) {
$this->iaView->assign('empty_login', true);
} else {
$this->iaView->setMessages(iaLanguage::get('empty_login'));
$this->iaView->name('login');
}
}
$this->getSecurityToken() || ($_SESSION[self::SECURITY_TOKEN_MEMORY_KEY] = $this->factory('util')->generateToken(92));
}
