function check_login_success($cgi_classname, $cgi_clientname, $cgi_password, $cgi_key)
{
global $gbl, $sgbl, $login, $ghtml;
if ($cgi_password) {
if (check_raw_password($cgi_classname, $cgi_clientname, $cgi_password)) {
return true;
} else {
log_log("error", "Failed Login attempt to {$cgi_clientname} from " . $_SERVER['REMOTE_ADDR']);
$ghtml->print_redirect("/login/?frm_emessage=login_error");
return false;
}
}
return false;
if ($cgi_key) {
$list = lscandir_without_dot_or_underscore("../etc/publickey");
openssl_private_encrypt("string", $encstring, $cgi_key);
foreach ($list as $k) {
$publickey = lfile_get_contents("../etc/publickey/{$k}");
openssl_public_decrypt($encstring, $rstring, $publickey);
if ($rstring === 'string') {
return true;
}
}
$ghtml->print_redirect("/login/?frm_emessage=login_error_key");
return false;
}
return false;
}
function webcommandline_main()
{
global $gbl, $sgbl, $login, $ghtml;
global $argv;
ob_start();
$opt = $_REQUEST;
if ($opt['login-class'] !== 'client' && $opt['login-class'] !== 'auxiliary') {
json_print("error", $opt, "__error_only_clients_and_auxiliary_allowed_to_login");
log_log("web_command", "__error_only_clients_and_auxiliary_allowed_to_login");
exit;
}
log_log("web_command", var_export($opt, true));
//initProgram('admin');
if (!check_raw_password($opt['login-class'], $opt['login-name'], $opt['login-password'])) {
json_print("error", $opt, "_error_login_error");
log_log("web_command", "__error_login_error");
exit;
}
if (check_disable_admin($opt['login-name'])) {
json_print("error", $opt, "_error_login_error");
log_log("web_command", "__error_admin_is_disabled");
exit;
}
$classname = $opt['login-class'];
$lobject = new $classname(null, 'localhost', $opt['login-name']);
$lobject->get();
if ($lobject->dbaction === 'add') {
json_print("error", $opt, "__error_login_error\n");
log_log("web_command", "__error_login_error");
exit;
}
if ($classname === 'auxiliary') {
$login = $lobject->getParentO();
$login->__auxiliary_object = $lobject;
} else {
$login = $lobject;
}
if ($opt['action'] === 'simplelist') {
$must = array('action', 'resource');
} else {
if ($opt['action'] === 'getproperty') {
$must = array('action');
} else {
$must = array('action', 'class');
}
}
$pk = array_keys($opt);
foreach ($must as $m) {
if (!array_search_bool($m, $pk)) {
$string = implode("_", $must);
json_print("error", $opt, "__error_need_{$string}\n");
log_log("web_command", "__error_need_{$string}");
exit;
}
}
$func = "__cmd_desc_{$opt['action']}";
try {
$list = $func($opt);
} catch (exception $e) {
while (@ob_end_clean()) {
}
json_print("error", $opt, "__error_{$e->getMessage()}");
log_log("web_command", "__error_{$e->getMessage()}");
exit;
}
if ($opt['action'] === 'simplelist') {
json_print_result($opt, $list);
} else {
if ($opt['action'] === 'getproperty') {
json_print_result($opt, $list);
} else {
$out = "__success_{$opt['action']}_successful_on_{$opt['class']}_{$opt['name']}";
json_print("success", $opt, $out);
}
}
log_log("web_command", "__success_{$opt['action']}");
exit;
}
<?php
chdir("../../");
include_once "htmllib/lib/include.php";
if ($ghtml->frm_clientname !== 'admin') {
print "__error_clientname_has_to_be_admin\n";
exit;
}
if (!check_raw_password('client', 'admin', $ghtml->frm_password)) {
print "__error_wrong_password\n";
exit;
}
try {
rl_exec_get(null, 'localhost', 'update_self', null);
} catch (Exception $e) {
print "__error_{$e->getMessage()}\n";
exit;
}
print "__success_upgrade\n";
function password_contact_check()
{
global $gbl, $sgbl, $login, $ghtml;
if (!$login->isAdmin()) {
return;
}
/*
if ($sgbl->dbg > 0) {
return;
}
*/
if (csb($ghtml->frm_action, 'update') && $ghtml->frm_subaction === 'password') {
return;
}
if (if_demo()) {
return;
}
if (check_raw_password('client', 'admin', 'admin')) {
print "<br> <br> <br> ";
if (!isset($ghtml->__http_vars['frm_emessage'])) {
$ghtml->__http_vars['frm_emessage'] = 'security_warning';
}
$ghtml->print_message();
$gbl->frm_ev_list = "old_password_f";
do_updateform($login, 'password');
exit;
}
}
function check_login_success($cgi_classname, $cgi_clientname, $cgi_password, $cgi_key)
{
global $gbl, $sgbl, $login, $ghtml;
if ($cgi_password) {
if (check_raw_password($cgi_classname, $cgi_clientname, $cgi_password)) {
return true;
} else {
log_log("error", "Failed Login attempt to {$cgi_clientname} from " . $_SERVER['REMOTE_ADDR']);
$ghtml->print_redirect("/login/?frm_emessage=login_error");
return false;
}
}
return false;
}
