function main()
{
global $redirect_url, $base_url;
$uuid = getUUID();
$tip = show_QRImage($uuid);
while (($code = wait_for_login($tip, $uuid)) != '200') {
if ($code == '201') {
$tip = 0;
}
}
echo $redirect_url;
if (login()) {
printf('login fail');
}
$base_url = 'http://wx.qq.com/cgi-bin/mmwebwx-bin';
if (!webwxinit()) {
printf('init fail');
}
// getcontact();
}
/** Write a concept mapping to db
* supply mapping as a valid
* array("dataset_prefix"=>defined_meaning_id,...)
* @returns: assoc array of uuids used for mapping. (typically you can just
* discard this, but it is used in copy.php for objects table support
* array values set to -1 were not mapped.
*/
function createConceptMapping( $concepts, $override_transaction = null ) {
$uuid_map = getUUID( $concepts );
foreach ( $concepts as $dc => $dm_id ) {
$collid = getCollectionIdForDC( $dc );
if ( $uuid_map[$dc] != - 1 ) {
writeDmToCollection( $dc, $collid, $uuid_map[$dc], $dm_id, $override_transaction );
}
}
return $uuid_map;
}
/**
* log in with post data
*/
private function dologinWithPostData()
{
require_once "config/gv.php";
// check login form contents
if (empty($_POST['user_name'])) {
$this->errors[] = "Username field was empty.";
} elseif (empty($_POST['user_password'])) {
$this->errors[] = "Password field was empty.";
} elseif (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {
// create a database connection, using the constants from config/db.php (which we loaded in index.php)
$this->db_connection = new mysqli(DBHOST, DBUSER, DBPASS, DBNAME);
// change character set to utf8 and check it
if (!$this->db_connection->set_charset("utf8")) {
$this->errors[] = $this->db_connection->error;
}
// if no connection errors (= working database connection)
if (!$this->db_connection->connect_errno) {
// escape the POST stuff
$user_name = $this->db_connection->real_escape_string($_POST['user_name']);
$sql = mysqli_prepare($this->db_connection, "SELECT * FROM members WHERE username = ? OR email = ?");
$result_of_login_check = bindFetch($sql, [$user_name, $user_name]);
// if this user exists
if (count($result_of_login_check) == 1) {
// get result row (as an object)
$result_row = $result_of_login_check[0];
$loginCount = $result_row['loginCount'];
if ($loginCount < MAX_PASS_LOGIN) {
$conn = mysqli_connect(DBHOST, DBUSER, DBPASS, DBNAME);
// using PHP 5.5's password_verify() function to check if the provided password fits
// the hash of that user's password
if (password_verify($_POST['user_password'], $result_row['pwHash'])) {
$globalVars = new stdClass();
$globalVars->user_name = $result_row['username'];
$globalVars->timeStamp = time();
$globalVars->user_email = $result_row['email'];
$globalVars->user_login_status = 1;
$globalVars->user_id = $result_row['id'];
$globalVars->firstName = $result_row['firstName'];
$globalVars->lastName = $result_row['lastName'];
foreach ($globalVars as $key => $val) {
$GLOBALS[$key] = $val;
}
$cook = getUUID();
setcookie("UUID", $cook, time() + TIMEOUT);
$updateLoginQuery = mysqli_prepare($conn, "UPDATE `members` SET `loginCount`=0, `timeStamp`=now(), `gv`=?, `uuid`=? WHERE `username`=?");
$resultUpdate = bindExecute($updateLoginQuery, [json_encode($globalVars), $cook, $user_name]);
mysqli_stmt_close($updateLoginQuery);
header("Location: index.php");
} else {
// Increment the login_count
$loginCount++;
$updateLoginQuery = mysqli_prepare($conn, "UPDATE `members` SET `loginCount`=? WHERE `username`=?");
$resultUpdate = bindExecute($updateLoginQuery, [$loginCount, $user_name]);
mysqli_stmt_close($updateLoginQuery);
if ($loginCount == MAX_PASS_LOGIN) {
$this->errors[] = "Account locked, too many attempts. Contact support for assitance";
} else {
$this->errors[] = "Wrong username or password.";
}
}
} else {
// Log the attempt, account is locked out due to many attempts
$this->errors[] = "Account locked, too many attempts. Press the help button for assistance";
}
} else {
$this->errors[] = "Wrong username or password.";
}
} else {
$this->errors[] = "Database connection problem.";
}
}
}
