public static function TryLogin() { if (isset($_SESSION['current_user'])) { return; } // login not attempted. if (!array_key_exists('__login_u', $_POST)) { return; } if (!array_key_exists('__login_p', $_POST)) { return; } $un = $_POST['__login_u']; $pw = $_POST['__login_p']; unset($_POST['__login_p']); if (($userID = uUsersList::TestCredentials($un, $pw)) !== false) { self::SetLogin($userID); $obj = utopia::GetInstance(__CLASS__); $rec = $obj->LookupRecord($userID, true); // check if password is the most secure we can have. if ($rec && !uCrypt::IsStrongest($pw, $rec['password'])) { $pk = $rec['user_id']; $obj->UpdateField('password', uCrypt::Encrypt($pw), $pk); } $obj->UpdateFieldRaw('last_login', 'NOW()', $userID); if (isset($_REQUEST['remember_me'])) { session_set_cookie_params(604800, PATH_REL_ROOT); session_regenerate_id(true); $_SESSION['SESSION_LIFETIME'] = 604800; } uEvents::TriggerEvent('AfterLogin'); } else { uNotices::AddNotice('Username and password do not match.', NOTICE_TYPE_ERROR); } }