function checkUserLogin($uname, $upass, $set = true) { $uname = trim($uname); $upass = trim($upass); $_this =& Members::getInstance(); if (empty($uname) || empty($upass)) { return -1; } $sql = "SELECT m.id,m.username,m.userpass,af.first_name,af.last_name,af.expired FROM {$this->table_prefix}adminfields af LEFT JOIN {$this->table_prefix}members m ON af.member_id=m.id WHERE m.username='******'"; $tmpUser = $this->dbstuff->GetRow($sql); if (!$_this->checkUserExist($uname)) { $this->error = L("member_not_exists"); return -2; } elseif ($tmpUser['expired'] != 0 && $tmpUser['expired'] < $this->timestamp) { $this->error = L("account_expired"); return; } elseif (!pb_strcomp($tmpUser['userpass'], $_this->authPasswd($upass))) { $this->error = L("login_pwd_wrong"); return -3; } else { $this->dbstuff->Execute("UPDATE {$this->table_prefix}adminfields SET last_login="******",last_ip='" . pb_get_client_ip("str") . "' WHERE member_id=" . $tmpUser['id']); $tAuth = $tmpUser['id'] . "\n" . $tmpUser['username'] . "\n" . $tmpUser['userpass']; usetcookie("admin", authcode($tAuth, "ENCODE")); return true; } }
function putLoginStatus($user_info) { global $phpb2b_auth_key; $_SESSION["MemberID"] = $user_info['id']; $_SESSION["MemberName"] = $user_info['username']; $auth = authcode($user_info['id'] . "\t" . $user_info['username'] . "\t" . $this->authPasswd($user_info['userpass']) . "\t" . $user_info['is_admin'], 'ENCODE', $phpb2b_auth_key); if (isset($_POST['remember_pass'])) { usetcookie('auth', $auth, $this->timestamp + 86400 * 365); //default 1 year if set remember } else { usetcookie('auth', $auth); } $this->passport(array($user_info['id'], $user_info['username'], $user_info['userpass'], $user_info['useremail']), "login"); }
/** * [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved. * The contents of this file are subject to the License; you may not use this file except in compliance with the License. * * @version $Revision: 2153 $ */ session_start(); define('CURSCRIPT', 'redirect'); require "libraries/common.inc.php"; require "share.inc.php"; $sid = session_id(); //search the urls at the url table. if (!empty($_GET['url'])) { $url = htmlspecialchars(trim($_GET['url'])); if (isset($_GET['app_lang'])) { if (is_file(CACHE_ROOT . $_GET['app_lang'] . DS . "lang_site.php")) { usetcookie("lang", $_GET['app_lang']); pheader("location:" . $url); exit; } else { flash(L("file_not_exists", "msg", "lang_site.php")); } } if (strpos($url, "/") === 0) { $url = ltrim($url, "/"); } pheader("location:" . $url); exit; } else { flash(null, URL); }
* [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved. * The contents of this file are subject to the License; you may not use this file except in compliance with the License. * * @version $Revision: 2173 $ */ session_start(); require "../libraries/common.inc.php"; require CACHE_LANG_PATH . 'lang_admin.php'; require DATA_PATH . 'phpb2b_version.php'; uses("adminfield", "setting", "member"); $adminer = new Adminfields(); $member = new Members(); $setting = new Settings(); if (isset($_GET['action'])) { if ($_GET['action'] == "dereg") { usetcookie("admin", ""); unset($_SESSION['last_adminer_time']); } } capt_check("capt_login_admin"); if (isset($_POST['do'])) { $do = trim($_POST['do']); if ($do == "login") { pb_submit_check('data'); if (!empty($_POST['data']['username']) && !empty($_POST['data']['userpass'])) { $checked = false; $uname = $_POST['data']['username']; $upass = $_POST['data']['userpass']; $checked = $adminer->checkUserLogin($uname, $upass); if ($checked > 0) { pheader("Location:index.php");
define('DIRECTORY_SEPARATOR', '/'); } define('DS', DIRECTORY_SEPARATOR); require APP_ROOT . 'configs' . DS . 'config.inc.php'; /** * PHPB2B Debug Level * Myabe 0-5 */ if (!isset($debug)) { $debug = 0; } require APP_ROOT . 'libraries' . DS . 'global.func.php'; require APP_ROOT . 'configs' . DS . 'paths.php'; if (isset($_GET['app_lang']) && is_file(APP_ROOT . 'languages' . DS . $_GET['app_lang'] . DS . "template.inc.php")) { $app_lang = $_GET['app_lang']; usetcookie("lang", $app_lang); } if (isset($_COOKIE[$cookiepre . 'lang'])) { $app_lang = $_COOKIE[$cookiepre . 'lang']; } if (!isset($app_lang) || !file_exists(APP_ROOT . 'languages' . DS . $app_lang . DS . "template.inc.php")) { $app_lang = "zh-cn"; } define('CACHE_PATH', APP_ROOT . "data" . DS . "cache" . DS . $app_lang . DS); require APP_ROOT . 'languages' . DS . $app_lang . DS . 'template.inc.php'; require APP_ROOT . 'languages' . DS . $app_lang . DS . 'message.inc.php'; $msg = null; if (!defined("LOCALE_PATH")) { define("LOCALE_PATH", APP_PATH . DS . 'locale' . DS . $app_lang . DS); } $httpHost = pb_getenv('HTTP_HOST');
{ global $referer; $indexname = URL . "index.php"; $default = empty($default) ? $indexname : ''; $referer = pb_htmlspecialchar($referer); if (!preg_match("/(\\.php|[a-z]+(\\-\\d+)+\\.html)/", $referer) || strpos($referer, 'logging.php')) { $referer = $default; } return $referer; } if (isset($_GET['action']) && $_GET['action'] == "logout") { $referer = null; $referer = ua_referer(); session_destroy(); uclearcookies(); if (isset($_GET['fr'])) { if ($_GET['fr'] == "cp") { usetcookie("admin", ''); } } $member->logOut(); $gopage = $referer; if (!empty($_GET['forward'])) { pheader("location:" . $_GET['forward']); } else { pheader("location:" . $gopage); exit; } } formhash(); render("logging");
function uclearcookies() { return usetcookie('auth', '', -86400 * 365); }
function putLoginStatus($user_info) { global $phpb2b_auth_key; $_SESSION["MemberID"] = $user_info['id']; $_SESSION["MemberName"] = $user_info['username']; $auth = authcode($user_info['id'] . "\t" . $user_info['username'] . "\t" . $this->authPasswd($user_info['userpass']) . "\t" . $user_info['is_admin'], 'ENCODE', $phpb2b_auth_key); usetcookie('auth', $auth, $this->timestamp + 3600); $this->passport(array($user_info['id'], $user_info['username'], $user_info['userpass'], $user_info['useremail']), "login"); }
usetcookie("admin", ""); unset($_SESSION['last_adminer_time']); } } //for temp upgrade. if (!file_exists(CACHE_LANG_PATH . "locale.js")) { require LIB_PATH . "cache.class.php"; $cache = new Caches(); // $cache->updateLanguages(); $cache->writeCache("javascript", "javascript"); } capt_check("capt_login_admin"); if (isset($_POST['do'])) { $do = trim($_POST['do']); // if(is_file(CACHE_ROOT.$_POST['data']['language'].DS."lang_admin.php")) { usetcookie("lang", $_POST['data']['language']); // } if ($do == "login") { pb_submit_check('data'); if (!empty($_POST['data']['username']) && !empty($_POST['data']['userpass'])) { $checked = false; $uname = $_POST['data']['username']; $upass = $_POST['data']['userpass']; $checked = $adminer->checkUserLogin($uname, $upass); if ($checked > 0) { pheader("Location:index.php"); } else { setvar("LoginError", $adminer->error); } } }
function synlogin($get, $post) { global $_PB_CACHE, $phpb2b_auth_key, $pdb, $charset; session_start(); $uid = $get['uid']; $username = $get['username']; if (!API_SYNLOGIN) { return API_RETURN_FORBIDDEN; } if (!$_PB_CACHE['setting']['passport_support']) { return API_RETURN_FORBIDDEN; } header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"'); $username = trim($username); //get userinfo from phpb2b db $sql = "SELECT * FROM " . $this->tablepre . "members WHERE username='******'"; $user_info = $pdb->GetRow($sql); if ($user_info) { //update login times $loginip = pb_get_client_ip(); $pdb->Execute("UPDATE {$this->tablepre}members SET last_login="******",last_ip='" . $loginip . "' WHERE id='{$user_info['id']}'"); $_SESSION["MemberID"] = $user_info['id']; $_SESSION["MemberName"] = $user_info['username']; //synlogin to phpb2b $auth = authcode($user_info['id'] . "\t" . $user_info['username'] . "\t" . md5($user_info['userpass']) . "\t" . $user_info['is_admin'], 'ENCODE', $phpb2b_auth_key); usetcookie('auth', $auth, time() + 3600); } else { //not exists, add a new member } }