function ProcessSignOn() { /*///////////////////////////////////////////////////////////// Author: Plottery Corp. Created: v1.0.0 - 2010-12-14 Revisions: None Purpose: Verifies user submitted login data Returns: Nothing */ ///////////////////////////////////////////////////////////// global $UserID; global $UserFlags; global $LanguageID; global $Response; $Strings = GSA('1090,1091,1092,1093,1429'); list($OK, $Msgs) = ValidateForm(array(array(TypePOST, 'DPUsername', MustExist, ValidateString, null, null, 1603), array(TypePOST, 'DPPassword', MustExist, ValidateString, null, null, 1603), array(TypePOST, 'DPSave', CanExist, ValidateRange, 1, 1, 1603))); if ($OK) { list($QR, $DR, $T) = QuerySingle("SELECT U.UserID, U.UserFlags, U.UserPassSalt, U.UserPassHash, L.LanguageID\n FROM 1000_Users U\n LEFT JOIN 0000_Languages L ON U.LanguageID = L.LanguageID\n WHERE U.UserUsername = '******'DPUsername']) . "';"); if ($QR < 0) { SysLogIt('Error looking up user login. Requested username and password were: ' . $_POST['DPUsername'] . ', ' . $_POST['DPPassword'] . '.', StatusError, ActionSelect); } elseif ($QR == 0) { ReturnResponse(false, $Strings[1090] . ' <BR /><DIV CLASS="nbutt ebutt" onClick="ForPwd();">' . $Strings[1429] . '</DIV>', 'errmsg', "Foc('DPUsername');"); } else { if (md5($DR['UserPassSalt'] . $_POST['DPPassword']) != $DR['UserPassHash']) { return ReturnResponse(false, $Strings[1090] . ' <DIV CLASS="nbutt ebutt" onClick="ForPwd();">' . $Strings[1429] . '</DIV>', 'errmsg', "Foc('DPUsername');"); } $UserID = $DR['UserID']; $UserFlags = $DR['UserFlags']; if (!is_null($DR['LanguageID'])) { $LanguageID = $DR['LanguageID']; } $Portable = 0; if (isset($_POST['DPSave'])) { //CHANGEBACK: if ((int)$_POST['DPSave'] == 1 && $DR['UserFlags'] < UserCanEditStrings) $Portable = 1; if ((int) $_POST['DPSave'] == 1) { $Portable = 1; } } if ($UserFlags & UserActive) { if (CreateSession($UserID, $LanguageID, $Portable)) { $Response->S = true; $Response->J = 'F5();'; //$Response->J = ((stripos($_SERVER['HTTP_USER_AGENT'], 'msie') === false)?'F5();':'SF5();'); //$Response->J = ((stripos($_SERVER['HTTP_USER_AGENT'], 'msie') === false)?"F5();":"self.location = 'http://".SiteAddress."';"); $Response->Send(); } } else { //Disabled user FlushSession($UserID); ReturnResponse(false, $Strings[1091], 'errmsg'); } } ReturnResponse(false, $Strings[1092], 'errmsg', "Foc('DPUsername');"); } else { $Errors = ''; foreach ($Msgs as $Msg) { $Errors .= GS($Msg) . ', '; } SysLogIt('Invalid login data received. Errors returned were: ' . $Errors, StatusSecurity); ReturnResponse(false, $Strings[1093], 'errmsg', "Foc('DPUsername');"); } }
function SignOut() { global $UserID; global $Response; $Response->S = FlushSession(); $Response->J = 'RstVar(); F5();'; //$Response->J = 'RstVar(); '.((stripos($_SERVER['HTTP_USER_AGENT'], 'msie') === false)?'F5();':'SF5();'); $Response->Send(); }