/** * @param cbautoactionsActionTable $trigger * @param UserTable $user */ public function execute( $trigger, $user ) { $params = $trigger->getParams()->subTree( 'loginlogout' ); cbimport( 'cb.authentication' ); $cbAuthenticate = new CBAuthentication(); $isHttps = ( isset( $_SERVER['HTTPS'] ) && ( ! empty( $_SERVER['HTTPS'] ) ) && ( $_SERVER['HTTPS'] != 'off' ) ); $returnUrl = 'http' . ( $isHttps ? 's' : '' ) . '://' . $_SERVER['HTTP_HOST']; if ( ( ! empty( $_SERVER['PHP_SELF'] ) ) && ( ! empty( $_SERVER['REQUEST_URI'] ) ) ) { $returnUrl .= $_SERVER['REQUEST_URI']; } else { $returnUrl .= $_SERVER['SCRIPT_NAME']; if ( isset( $_SERVER['QUERY_STRING'] ) && ( ! empty( $_SERVER['QUERY_STRING'] ) ) ) { $returnUrl .= '?' . $_SERVER['QUERY_STRING']; } } $returnUrl = cbUnHtmlspecialchars( preg_replace( '/[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']/', '""', preg_replace( '/eval\((.*)\)/', '', htmlspecialchars( urldecode( $returnUrl ) ) ) ) ); if ( preg_match( '/index.php\?option=com_comprofiler&task=confirm&confirmCode=|index.php\?option=com_comprofiler&view=confirm&confirmCode=|index.php\?option=com_comprofiler&task=login|index.php\?option=com_comprofiler&view=login/', $returnUrl ) ) { $returnUrl = 'index.php'; } $redirect = $trigger->getSubstituteString( $params->get( 'redirect', null, GetterInterface::STRING ), array( 'cbautoactionsClass', 'escapeURL' ) ); if ( $redirect ) { $returnUrl = $redirect; } $message = $trigger->getSubstituteString( CBTxt::T( $params->get( 'message', null, GetterInterface::RAW ) ), false ); if ( $params->get( 'mode', 1, GetterInterface::BOOLEAN ) ) { $messagesToUser = array(); $alertMessages = array(); if ( $params->get( 'method', 1, GetterInterface::BOOLEAN ) ) { $credentials = $trigger->getSubstituteString( $params->get( 'username', null, GetterInterface::STRING ) ); $method = 0; } else { $credentials = $trigger->getSubstituteString( $params->get( 'email', null, GetterInterface::STRING ) ); $method = 1; } $resultError = $cbAuthenticate->login( $credentials, false, 0, 1, $returnUrl, $messagesToUser, $alertMessages, $method ); if ( $redirect ) { cbRedirect( $redirect, ( $resultError ? $resultError : ( $message ? $message : ( $alertMessages ? stripslashes( implode( '<br />', $alertMessages ) ) : null ) ) ), ( $resultError ? 'error' : 'message' ) ); } } else { $resultError = $cbAuthenticate->logout( $returnUrl ); if ( $redirect ) { cbRedirect( $redirect, ( $resultError ? $resultError : ( $message ? $message : CBTxt::T( 'LOGOUT_SUCCESS', 'You have successfully logged out' ) ) ), ( $resultError ? 'error' : 'message' ) ); } } }
public function loginUser($username, $password, $rememberme) { cbimport('cb.authentication'); global $ueConfig; $cbAuthenticate = new CBAuthentication(); $messagesToUser = array(); $alertmessages = array(); $redirect_url = KunenaRoute::current(); $loginType = isset($ueConfig['login_type']) ? $ueConfig['login_type'] : 0; $resultError = $cbAuthenticate->login($username, $password, $rememberme, 1, $redirect_url, $messagesToUser, $alertmessages, $loginType); return $resultError ? $resultError : null; }
/** * Logs in a user * * @param UserTable $user */ private function login( $user ) { $cbAuthenticate = new CBAuthentication(); $messagesToUser = array(); $alertMessages = array(); $redirectUrl = null; $resultError = $cbAuthenticate->login( $user->get( 'username' ), false, 0, 1, $redirectUrl, $messagesToUser, $alertMessages, 1 ); if ( $resultError || ( count( $messagesToUser ) > 0 ) ) { $error = null; if ( $resultError ) { $error .= $resultError; } if ( count( $messagesToUser ) > 0 ) { if ( $resultError ) { $error .= '<br />'; } $error .= stripslashes( implode( '<br />', $messagesToUser ) ); } cbRedirect( $this->_returnUrl, CBTxt::T( 'FAILED_TO_LOGIN_PROVIDER_ACCOUNT', 'Failed to login with [provider] account. Error: [error]', array( '[provider]' => $this->_providerName, '[error]' => $error ) ), 'error' ); return; } else { $redirect = null; if ( ( ! $user->get( 'lastvisitDate' ) ) || ( $user->get( 'lastvisitDate' ) == '0000-00-00 00:00:00' ) ) { $redirect = $this->params->get( $this->_provider . '_firstlogin', true, GetterInterface::STRING ); } if ( ! $redirect ) { $redirect = $this->params->get( $this->_provider . '_login', true, GetterInterface::STRING ); } if ( ! $redirect ) { $redirect = $this->_returnUrl; } $message = ( count( $alertMessages ) > 0 ? stripslashes( implode( '<br />', $alertMessages ) ) : null ); cbRedirect( $redirect, $message, 'message' ); } }
function login( $username=null, $passwd2=null ) { global $_POST, $_CB_framework, $ueConfig; if ( count( $_POST ) == 0 ) { HTML_comprofiler::loginForm( 'com_comprofiler', $_POST, null ); return; } $spoofCheckOk = false; if ( cbSpoofCheck( 'login', 'POST', 2 ) ) { $spoofCheckOk = true; } else { if ( is_callable("josSpoofCheck") && is_callable("josSpoofValue") ) { $validate = josSpoofValue(); if ( cbGetParam( $_POST, $validate ) ) { josSpoofCheck(1); $spoofCheckOk = true; } } } if ( ! $spoofCheckOk ) { echo _UE_SESSION_EXPIRED . ' ' . _UE_PLEASE_REFRESH; return; } $messagesToUser = array(); $alertmessages = array(); if ( !$username || !$passwd2 ) { $username = trim( cbGetParam( $_POST, 'username', '' ) ); $passwd2 = trim( cbGetParam( $_POST, 'passwd', '', _CB_ALLOWRAW ) ); } $rememberMe = cbGetParam( $_POST, 'remember' ); $return = trim( stripslashes( cbGetParam( $_POST, 'return', null ) ) ); if ( cbStartOfStringMatch( $return, 'B:' ) ) { $return = base64_decode( substr( $return, 2 ) ); $arrToClean = array( 'B' => get_magic_quotes_gpc() ? addslashes( $return ) : $return ); $return = cbGetParam( $arrToClean, 'B', '' ); } if ( ! ( ( cbStartOfStringMatch( $return, $_CB_framework->getCfg( 'live_site' ) ) || cbStartOfStringMatch( $return, 'index.php' ) ) ) ) { $return = ''; } $message = trim( cbGetParam( $_POST, 'message', 0 ) ); $loginType = ( isset( $ueConfig['login_type'] ) ? $ueConfig['login_type'] : 0 ); // Do the login including all authentications and event firing: cbimport( 'cb.authentication' ); $cbAuthenticate = new CBAuthentication(); $resultError = $cbAuthenticate->login( $username, $passwd2, $rememberMe, $message, $return, $messagesToUser, $alertmessages, $loginType ); if ( count( $messagesToUser ) > 0 ) { if ( $resultError ) { echo "<div class=\"message\">".$resultError."</div>"; } echo "\n<div>" . stripslashes( implode( "</div>\n<div>", $messagesToUser ) ) . "</div>\n"; if ( in_array( cbGetParam( $_POST, 'loginfrom' ), array( 'loginform', 'regform', 'loginmodule' ) ) ) { HTML_comprofiler::loginForm( 'com_comprofiler', $_POST, $resultError ); } } elseif ($resultError) { if ( in_array( cbGetParam( $_POST, 'loginfrom' ), array( 'loginform', 'regform', 'loginmodule' ) ) ) { HTML_comprofiler::loginForm( 'com_comprofiler', $_POST, $resultError ); } else { echo "<div class=\"message\">".$resultError."</div>"; } } else { cbRedirect( cbSef( $return, false ), ( count( $alertmessages ) > 0 ? stripslashes( implode( '\n', $alertmessages ) ) : '' ) ); } }
function login($username = null, $password = null, $secretKey = null) { global $_POST, $_CB_framework, $_PLUGINS, $ueConfig; checkCBPostIsHTTPS(); $_PLUGINS->loadPluginGroup('user'); if (count($_POST) == 0) { HTML_comprofiler::loginForm('com_comprofiler', $_POST); return; } $loginType = isset($ueConfig['login_type']) ? (int) $ueConfig['login_type'] : 0; if ($loginType == 4) { $_CB_framework->enqueueMessage(CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!'), 'error'); return; } $spoofCheckOk = false; if (cbSpoofCheck('login', 'POST', 2)) { $spoofCheckOk = true; } if (!$spoofCheckOk) { $_CB_framework->enqueueMessage(CBTxt::Th('UE_SESSION_EXPIRED', 'Session expired or cookies are not enabled in your browser. Please press "reload page" in your browser, and enable cookies in your browser.') . ' ' . CBTxt::Th('UE_PLEASE_REFRESH', 'Please refresh/reload page before filling-in.'), 'error'); return; } $messagesToUser = array(); $alertmessages = array(); if (!$username || !$password || !$secretKey) { $username = trim(cbGetParam($_POST, 'username', '')); $password = trim(cbGetParam($_POST, 'passwd', '', _CB_ALLOWRAW)); $secretKey = trim(cbGetParam($_POST, 'secretkey', '')); if (checkJversion() >= 1) { $username = stripslashes($username); $password = stripslashes($password); $secretKey = stripslashes($secretKey); } } $rememberMe = cbGetParam($_POST, 'remember'); $return = trim(stripslashes(cbGetParam($_POST, 'return', null))); if (cbStartOfStringMatch($return, 'B:')) { $return = base64_decode(substr($return, 2)); $arrToClean = array('B' => get_magic_quotes_gpc() ? addslashes($return) : $return); $return = cbGetParam($arrToClean, 'B', ''); } if (!(cbStartOfStringMatch($return, $_CB_framework->getCfg('live_site')) || cbStartOfStringMatch($return, 'index.php'))) { $return = ''; } $message = trim(cbGetParam($_POST, 'message', 0)); // Do the login including all authentications and event firing: cbimport('cb.authentication'); $cbAuthenticate = new CBAuthentication(); $resultError = $cbAuthenticate->login($username, $password, $rememberMe, $message, $return, $messagesToUser, $alertmessages, $loginType, $secretKey); if (count($messagesToUser) > 0) { $_PLUGINS->trigger('onAfterUserLoginFailed', array($username, $password, $rememberMe, $secretKey, &$return, &$alertmessages, &$messagesToUser, &$resultError)); if (in_array(cbGetParam($_POST, 'loginfrom'), array('loginform', 'regform', 'loginmodule'))) { HTML_comprofiler::loginForm('com_comprofiler', $_POST, $resultError, $messagesToUser, $alertmessages); } else { $_CB_framework->enqueueMessage($resultError, 'error'); if (is_array($messagesToUser) && $messagesToUser) { $return = '<div class="cb_template cb_template_' . selectTemplate('dir') . '">' . '<div>' . implode('</div><div>', $messagesToUser) . '</div>' . '</div>'; echo $return; } } } elseif ($resultError) { $_PLUGINS->trigger('onAfterUserLoginFailed', array($username, $password, $rememberMe, $secretKey, &$return, &$alertmessages, &$messagesToUser, &$resultError)); if (in_array(cbGetParam($_POST, 'loginfrom'), array('loginform', 'regform', 'loginmodule'))) { HTML_comprofiler::loginForm('com_comprofiler', $_POST, $resultError, $messagesToUser, $alertmessages); } else { $_CB_framework->enqueueMessage($resultError, 'error'); } } else { $_PLUGINS->trigger('onAfterUserLoginSuccess', array($username, $password, $rememberMe, $secretKey, &$return, &$alertmessages, &$messagesToUser, &$resultError)); cbRedirect(cbSef($return, false), count($alertmessages) > 0 ? stripslashes(implode('\\n', $alertmessages)) : ''); } }