/** * A callback function which checks the validity of passwords on the form. * It checks to ensure that the right user is logging in with the right * password. * * @param $data * @param $form * @param $callback_pass * @return unknown_type */ public static function callback($data, $form, $callback_pass = null) { $user = Model::load(".users"); $userData = $user->get(array("conditions" => "user_name='{$data["username"]}'"), Model::MODE_ASSOC, false, false); if (count($userData) == 0) { $form->addError("Please check your username or password"); return true; } else { if ($userData[0]["role_id"] == null) { $form->addError("Sorry! your account has no role attached!"); return true; } else { if (User::getPermission("can_log_in_to_web", $userData[0]["role_id"])) { $home = Application::getLink("/"); /* Verify the password of the user or check if the user is logging in * for the first time. */ if ($userData[0]["password"] == md5($data["password"]) || $userData[0]["user_status"] == 2) { switch ($userData[0]["user_status"]) { case "0": $form->addError("Your account is currently inactive" . "please contact the system administrator."); return true; break; case "1": $_SESSION["logged_in"] = true; $_SESSION["user_id"] = $userData[0]["user_id"]; $_SESSION["user_name"] = $userData[0]["user_name"]; $_SESSION["user_firstname"] = $userData[0]["first_name"]; $_SESSION["user_lastname"] = $userData[0]["last_name"]; $_SESSION["read_only"] = $userData[0]['read_only']; $_SESSION["role_id"] = $userData[0]["role_id"]; $_SESSION['branch_id'] = $userData[0]['branch_id']; $_SESSION["department_id"] = $userData[0]['department_id']; Sessions::bindUser($userData[0]['user_id']); User::log("Logged in"); Application::redirect($home); break; case "2": $_SESSION["logged_in"] = true; $_SESSION["user_id"] = $userData[0]["user_id"]; $_SESSION["user_name"] = $userData[0]["user_name"]; $_SESSION["role_id"] = $userData[0]["role_id"]; $_SESSION["department_id"] = $userData[0]['department_id']; $_SESSION["user_firstname"] = $userData[0]["first_name"]; $_SESSION["user_lastname"] = $userData[0]["last_name"]; $_SESSION['branch_id'] = $userData[0]['branch_id']; $_SESSION["user_mode"] = "2"; Sessions::bindUser($userData[0]['user_id']); User::log("Logged in for first time"); Application::redirect($home); break; } } else { $form->addError("Please check your username or password"); return true; } } else { $form->addError("You are not allowed to log in from this terminal"); return true; } } } }
public function auth() { $user = Model::load("system.users"); $userData = $user->get(array("filter" => "user_name = ?", "bind" => [$_REQUEST['username']])); /* Verify the password of the user or check if the user is logging in * for the first time. */ if ($userData[0]["password"] == md5($_REQUEST["password"]) || $userData[0]["user_status"] == 2) { switch ($userData[0]["user_status"]) { case "0": http_response_code(403); $this->error('This account has been disabled'); break; case "2": http_response_code(403); $this->error('Please login through the web ui to setup your account'); break; case "1": http_response_code(200); $_SESSION["logged_in"] = true; $_SESSION["user_id"] = $userData[0]["user_id"]; $_SESSION["user_name"] = $userData[0]["user_name"]; $_SESSION["user_firstname"] = $userData[0]["first_name"]; $_SESSION["user_lastname"] = $userData[0]["last_name"]; $_SESSION["role_id"] = $userData[0]["role_id"]; $_SESSION['branch_id'] = $userData[0]['branch_id']; Sessions::bindUser($userData[0]['user_id']); User::log("Logged in through API"); $this->output(array('session_id' => session_id())); break; } } else { http_response_code(403); $this->error('Invalid username or password'); } }
private static function redirectToChangePassword($data) { $_SESSION["logged_in"] = true; $_SESSION["user_id"] = $data[0]["user_id"]; $_SESSION["user_name"] = $data[0]["user_name"]; $_SESSION["role_id"] = $data[0]["role_id"]; $_SESSION["department_id"] = $data[0]['department_id']; $_SESSION["user_firstname"] = $data[0]["first_name"]; $_SESSION["user_lastname"] = $data[0]["last_name"]; $_SESSION['branch_id'] = $data[0]['branch_id']; $_SESSION["user_mode"] = "2"; $_SESSION["user_status"] = $data[0]['user_status']; //this is added to pass the user status as wyf hard codes the "2" to redirect Sessions::bindUser($data[0]['user_id']); User::log("Logged in for first time"); Application::redirect(self::getHomeRedirect()); }
public function login() { if (preg_match("/(0100)(?<user_id>[0-9]*)/", $_REQUEST["username"], $matches) > 0) { $conditions = "user_id='{$matches['user_id']}'"; } else { $conditions = "user_name='{$_REQUEST['username']}'"; } $user = Model::load("system.users"); $userData = $user->get(array("fields" => null, "conditions" => $conditions), Model::MODE_ASSOC, false, false); /* Verify the password of the user or check if the user is logging in * for the first time. */ if ($userData[0]["password"] == md5($_REQUEST["password"]) || $userData[0]["user_status"] == 2) { switch ($userData[0]["user_status"]) { case "0": $return = array("success" => false, "status" => 101, "message" => "Account is inactive please contact system administrator"); break; case "1": $return = array("success" => true, "status" => 100, "message" => "Logged in.", 'user_id' => $userData[0]['user_id'], "session_id" => session_id()); $_SESSION["logged_in"] = true; $_SESSION["user_id"] = $userData[0]["user_id"]; $_SESSION["user_name"] = $userData[0]["user_name"]; $_SESSION["user_firstname"] = $userData[0]["first_name"]; $_SESSION["user_lastname"] = $userData[0]["last_name"]; $_SESSION["role_id"] = $userData[0]["role_id"]; $_SESSION['branch_id'] = $userData[0]['branch_id']; Sessions::bindUser($userData[0]['user_id']); User::log("Logged in through API"); break; case "2": $return = array("success" => false, "status" => 102, "message" => "New account. Please log in through the web interface to setup password."); break; } } else { $return = array("success" => false, "status" => 101, "message" => "Invalid username or password"); } return $this->format($return); }