$log_this = TRUE;
break;
case "GET_CONTACT_GROUP":
if ($u = webservices_validate($h, $u)) {
$c_uid = user_username2uid($u);
$json = webservices_get_contact_group($c_uid, $kwd, $c);
} else {
$json['status'] = 'ERR';
$json['error'] = '100';
}
$log_this = TRUE;
break;
case "GET_TOKEN":
$user = array();
if (preg_match('/^(.+)@(.+)\\.(.+)$/', $u)) {
if (auth_validate_email($u, $p)) {
$u = user_email2username($u);
$user = user_getdatabyusername($u);
}
} else {
if (auth_validate_login($u, $p)) {
$user = user_getdatabyusername($u);
}
}
if ($user['uid']) {
$continue = false;
$json['status'] = 'ERR';
$json['error'] = '106';
$ip = explode(',', $user['webservices_ip']);
if (is_array($ip)) {
foreach ($ip as $key => $net) {
<?php
defined('_SECURE_') or die('Forbidden');
if (_OP_ == 'login') {
$username_or_email = trim($_REQUEST['username']);
$password = trim($_REQUEST['password']);
if ($username_or_email && $password) {
$username = '';
$validated = FALSE;
if (preg_match('/^(.+)@(.+)\\.(.+)$/', $username_or_email)) {
if (auth_validate_email($username_or_email, $password)) {
$username = user_email2username($username_or_email);
$validated = TRUE;
}
} else {
if (auth_validate_login($username_or_email, $password)) {
$username = $username_or_email;
$validated = TRUE;
}
}
if ($validated) {
$uid = user_username2uid($username);
auth_session_setup($uid);
if (auth_isvalid()) {
logger_print("u:" . $_SESSION['username'] . " uid:" . $uid . " status:" . $_SESSION['status'] . " sid:" . $_SESSION['sid'] . " ip:" . $_SERVER['REMOTE_ADDR'], 2, "login");
} else {
logger_print("unable to setup session u:" . $_SESSION['username'] . " status:" . $_SESSION['status'] . " sid:" . $_SESSION['sid'] . " ip:" . $_SERVER['REMOTE_ADDR'], 2, "login");
$_SESSION['error_string'] = _('Unable to login');
}
} else {
$_SESSION['error_string'] = _('Invalid username or password');