// and if we only allow username/passsword, send to login page if (isset($mobile) && $mobile) { redirect("public/participant_login_mob.php"); } else { redirect("public/participant_login.php"); } } } else { } } if ($proceed) { // do some other checks when we are logged in $statuses = participant_status__get_statuses(); $statuses_profile = participant_status__get("access_to_profile"); if (isset($participant) && !in_array($participant['status_id'], $statuses_profile)) { message($statuses[$participant['status_id']]['error'] . " " . lang('if_you_have_questions_write_to') . " " . support_mail_link()); redirect("public/"); } } } } if ($proceed) { $pagetitle = $settings['default_area']; if (!isset($title)) { $title = ""; } if ($title) { $title = lang($title); } $pagetitle = $pagetitle . ': ' . $title; if (!isset($suppress_html_header) || !$suppress_html_header) {
function participant__check_login($email, $password) { global $lang; $pars = array(':email' => $email); $query = "SELECT * FROM " . table('participants') . "\n WHERE email= :email"; $participant = orsee_query($query, $pars); $continue = true; if ($continue) { if (!isset($participant['participant_id'])) { $continue = false; log__participant('login_participant_wrong_username', 0, 'used_username:'******'error_password_or_username')); } } if ($continue) { $participant = participant__check_has_lockout($participant); if ($participant['locked']) { $continue = false; log__participant('login_participant_locked_out', $participant['participant_id'], 'username:'******'error_password_or_username')); } } if ($continue) { $check_pw = crypt_verify($password, $participant['password_crypted']); if (!$check_pw) { $continue = false; log__participant('login_participant_wrong_password', $participant['participant_id'], 'username:'******'error_password_or_username')); } } if ($continue) { $statuses = participant_status__get_statuses(); $statuses_profile = participant_status__get("access_to_profile"); if (!in_array($participant['status_id'], $statuses_profile)) { log__participant('login_participant_not_active_anymore', $participant['participant_id'], 'username:'******'status_id']]['error'] . " " . lang('if_you_have_questions_write_to') . " " . support_mail_link()); $continue = false; } } if ($continue) { $_SESSION['pauthdata']['user_logged_in'] = true; $_SESSION['pauthdata']['participant_id'] = $participant['participant_id']; $done = participant__track_successful_login($participant); return true; } else { if (isset($locked) && $locked) { message(lang('error_locked_out')); } return false; } }