/**
* Set script language
* @param $language Language that should be set
*/
public static function setLanguage($language)
{
// check if language is valid
if (self::isValidLanguage($language)) {
//set language cookie to 1 year
setcookie('as_lang', $language, time() * 60 * 60 * 24 * 365, '/');
// update session
ASSession::set('as_lang', $language);
//refresh the page
header('Location: ' . $_SERVER['PHP_SELF']);
}
}
/**
* Login user with given username and password.
* @param string $username User's username.
* @param string $password User's password.
* @return boolean TRUE if login is successful, FALSE otherwise
*/
public function userLogin($username, $password)
{
//validation
$errors = $this->_validateLoginFields($username, $password);
if (count($errors) != 0) {
$result = implode("<br />", $errors);
echo $result;
}
//protect from brute force attack
if ($this->_isBruteForce()) {
echo ASLang::get('brute_force');
return;
}
//hash password and get data from db
$password = $this->_hashPassword($password);
$result = $this->db->select("SELECT * FROM `as_users`\n WHERE `username` = :u AND `password` = :p", array("u" => $username, "p" => $password));
if (count($result) == 1) {
// check if user is confirmed
if ($result[0]['confirmed'] == "N") {
echo ASLang::get('user_not_confirmed');
return false;
}
// check if user is banned
if ($result[0]['banned'] == "Y") {
// increase attempts to prevent touching the DB every time
$this->increaseLoginAttempts();
// return message that user is banned
echo ASLang::get('user_banned');
return false;
}
//user exist, log him in if he is confirmed
$this->_updateLoginDate($result[0]['user_id']);
ASSession::set("user_id", $result[0]['user_id']);
if (LOGIN_FINGERPRINT == true) {
ASSession::set("login_fingerprint", $this->_generateLoginString());
}
return true;
} else {
//wrong username/password combination
$this->increaseLoginAttempts();
echo ASLang::get('wrong_username_password');
return false;
}
}
<?php
include "ASEngine/AS.php";
if ($login->isLoggedIn()) {
header("Location: index.php");
}
$token = $register->socialToken();
ASSession::set('as_social_token', $token);
$register->botProtection();
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="BMOC">
<meta name="author" content="BMOC">
<title>Registration | BMOC</title>
<script type="text/javascript" src="assets/js/jquery.min.js"></script>
<link rel='stylesheet' href='assets/css/bootstrap.min3.css' type='text/css' media='all' />
<script type="text/javascript" src="assets/js/bootstrap.min3.js"></script>
<link rel='stylesheet' href='ASLibrary/css/style3.css' type='text/css' media='all' />
<link href="assets/css/bootstrap-responsive.min.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="ASLibrary/js/bootstrap-fileinput/bootstrap-fileinput.css"/>
<script type="text/javascript" src="assets/js/respond.min.js"></script>
<script type="text/javascript">
var SUCCESS_LOGIN_REDIRECT = "<?php
echo SUCCESS_LOGIN_REDIRECT;
?>
";
/**
* Generate two random numbers and store them into $_SESSION variable.
* Numbers are used during the registration to prevent bots to register.
*/
public function botProtection()
{
ASSession::set("bot_first_number", rand(1, 9));
ASSession::set("bot_second_number", rand(1, 9));
}
