function ProcessSignOn()
{
/*/////////////////////////////////////////////////////////////
Author: Plottery Corp.
Created: v1.0.0 - 2010-12-14
Revisions: None
Purpose: Verifies user submitted login data
Returns: Nothing
*/
/////////////////////////////////////////////////////////////
global $UserID;
global $UserFlags;
global $LanguageID;
global $Response;
$Strings = GSA('1090,1091,1092,1093,1429');
list($OK, $Msgs) = ValidateForm(array(array(TypePOST, 'DPUsername', MustExist, ValidateString, null, null, 1603), array(TypePOST, 'DPPassword', MustExist, ValidateString, null, null, 1603), array(TypePOST, 'DPSave', CanExist, ValidateRange, 1, 1, 1603)));
if ($OK) {
list($QR, $DR, $T) = QuerySingle("SELECT U.UserID, U.UserFlags, U.UserPassSalt, U.UserPassHash, L.LanguageID\n FROM 1000_Users U\n LEFT JOIN 0000_Languages L ON U.LanguageID = L.LanguageID\n WHERE U.UserUsername = '******'DPUsername']) . "';");
if ($QR < 0) {
SysLogIt('Error looking up user login. Requested username and password were: ' . $_POST['DPUsername'] . ', ' . $_POST['DPPassword'] . '.', StatusError, ActionSelect);
} elseif ($QR == 0) {
ReturnResponse(false, $Strings[1090] . ' <BR /><DIV CLASS="nbutt ebutt" onClick="ForPwd();">' . $Strings[1429] . '</DIV>', 'errmsg', "Foc('DPUsername');");
} else {
if (md5($DR['UserPassSalt'] . $_POST['DPPassword']) != $DR['UserPassHash']) {
return ReturnResponse(false, $Strings[1090] . ' <DIV CLASS="nbutt ebutt" onClick="ForPwd();">' . $Strings[1429] . '</DIV>', 'errmsg', "Foc('DPUsername');");
}
$UserID = $DR['UserID'];
$UserFlags = $DR['UserFlags'];
if (!is_null($DR['LanguageID'])) {
$LanguageID = $DR['LanguageID'];
}
$Portable = 0;
if (isset($_POST['DPSave'])) {
//CHANGEBACK: if ((int)$_POST['DPSave'] == 1 && $DR['UserFlags'] < UserCanEditStrings) $Portable = 1;
if ((int) $_POST['DPSave'] == 1) {
$Portable = 1;
}
}
if ($UserFlags & UserActive) {
if (CreateSession($UserID, $LanguageID, $Portable)) {
$Response->S = true;
$Response->J = 'F5();';
//$Response->J = ((stripos($_SERVER['HTTP_USER_AGENT'], 'msie') === false)?'F5();':'SF5();');
//$Response->J = ((stripos($_SERVER['HTTP_USER_AGENT'], 'msie') === false)?"F5();":"self.location = 'http://".SiteAddress."';");
$Response->Send();
}
} else {
//Disabled user
FlushSession($UserID);
ReturnResponse(false, $Strings[1091], 'errmsg');
}
}
ReturnResponse(false, $Strings[1092], 'errmsg', "Foc('DPUsername');");
} else {
$Errors = '';
foreach ($Msgs as $Msg) {
$Errors .= GS($Msg) . ', ';
}
SysLogIt('Invalid login data received. Errors returned were: ' . $Errors, StatusSecurity);
ReturnResponse(false, $Strings[1093], 'errmsg', "Foc('DPUsername');");
}
}
function SignOut()
{
global $UserID;
global $Response;
$Response->S = FlushSession();
$Response->J = 'RstVar(); F5();';
//$Response->J = 'RstVar(); '.((stripos($_SERVER['HTTP_USER_AGENT'], 'msie') === false)?'F5();':'SF5();');
$Response->Send();
}
