function admin__check_login($username, $password) { global $lang; $pars = array(':adminname' => $username); $query = "SELECT * FROM " . table('admin') . " \n WHERE adminname= :adminname"; $admin = orsee_query($query, $pars); $continue = true; $not_allowed = false; $locked = false; if ($continue) { if (!isset($admin['admin_id'])) { $continue = false; log__admin('login_admin_wrong_username', 'used_username:'******'id'); } } if ($continue) { $admin = admin__check_has_lockout($admin); if ($admin['locked']) { $continue = false; log__admin('login_admin_locked_out', 'username:'******'locked'); } } if ($continue) { $check_pw = crypt_verify($password, $admin['password_crypt']); if (!$check_pw) { $continue = false; log__admin('login_admin_wrong_password', 'username:'******'wrong_pw'); } } if ($continue) { $expadmindata = $admin; // load admin rights $expadmindata['rights'] = admin__load_admin_rights($expadmindata['admin_type']); if (!$expadmindata['rights']['login'] || $expadmindata['disabled'] == 'y') { $continue = false; $not_allowed = true; //message('not_allowed'); } } if ($continue) { $_SESSION['expadmindata'] = $expadmindata; $done = admin__track_successful_login($admin); return true; } else { //if ($locked) message(lang('error_locked_out')); if ($not_allowed) { message(lang('error_not_allowed_to_login')); } return false; } }
if ($continue) { $caltype = substr($_REQUEST['cal'], 0, 1); $token = substr($_REQUEST['cal'], 1); if ($caltype == 'a') { $all = true; } elseif ($caltype == 'p') { $all = false; } else { $continue = false; $message = "cal type not allowed"; } } if ($continue) { $expadmindata = calendar__get_user_for_ics_token($token); if (is_array($expadmindata)) { $expadmindata['rights'] = admin__load_admin_rights($expadmindata['admin_type']); if (check_allow('login') && $expadmindata['disabled'] != 'y' && (check_allow('calendar_export_my') || check_allow('calendar_export_all'))) { if ($all == true && !check_allow('calendar_export_all')) { $all = false; } } else { $continue = false; $message = "no rights to export"; } } else { $continue = false; $message = "invalid token"; } } if ($continue) { $displayfrom_lower = time() - 60 * 60 * 24 * 31 * $settings['calendar_export_months_back'];