header("Location: login.php?origin=" . urlencode('account.php')); } if ($common->postBack()) { // Check that the user supplied a password matching the one currently stored in administrators.xml. $authenticated = $account->authenticate($_SESSION['login'], $_POST['password'], FALSE, FALSE); if (!$authenticated) { $passwordIncorrect = TRUE; } if ($_POST['password1'] != $_POST['password2']) { $didNotMatch = TRUE; } if ($authenticated && $_POST['password1'] == $_POST['password2']) { // Change the password stored in administrators.xml related to this users login. $account->changePassword($_SESSION['login'], $_POST['password1']); // Since the password has changed we will log the user out to clear older session variables. $account->logout(); } } require_once 'includes/header.inc.php'; ///////////////////// // BEGIN HTML BODY // if ($_SESSION['firstLogin'] && !$common->postBack()) { ?> <div id="first-login-modal" class="modal fade in" role="dialog"> <div class="modal-dialog"> <div class="modal-content"> <div class="modal-body"> <strong>First time login detected.</strong><br /> You must change the default password before continuing. </div> </div>
* * http://ifsoft.com.ua, http://ifsoft.co.uk * qascript@ifsoft.co.uk * * Copyright 2012-2015 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk) */ include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php"; if (!empty($_POST)) { $clientId = isset($_POST['clientId']) ? $_POST['clientId'] : 0; $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0; $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : ''; $clientId = helper::clearInt($clientId); $accountId = helper::clearInt($accountId); $accessToken = helper::clearText($accessToken); $accessToken = helper::escapeText($accessToken); $result = array("error" => true); if ($clientId != CLIENT_ID) { api::printError(ERROR_UNKNOWN, "Error client Id."); } $auth = new auth($dbo); if (!$auth->authorize($accountId, $accessToken)) { api::printError(ERROR_ACCESS_TOKEN, "Error authorization."); } $account = new account($dbo, $accountId); $account->setLastActive(); $account->logout($accountId, $accessToken); $result = array("error" => false, "error_code" => ERROR_SUCCESS); echo json_encode($result); exit; }