<?php
require_once dirname(__FILE__) . '/animatedcaptcha.class.php';
$img = new animated_captcha();
$img->session_name = 'my_session';
$img->magic_words('secret');
$img->grid_color(array('#63A595', '#8FD67F'));
$img->text_color(array('#CD1B2D', '#950FC8', '#660033', '#006633', '#0D47B3', '#6600CC', '#000099'));
$img->frame_number(2);
$img->frame_delay(80);
$img->use_background(true);
$img->use_distortion(true);
$img->distortion_type('normal');
$img->use_grid(true);
$img->generate();
<?php
require_once dirname(__FILE__) . '/animatedcaptcha.class.php';
require_once "../../zig-api/zigbin.php";
$user_guess = "";
$user_guess = $_POST['user_guess'];
$img = new animated_captcha();
$img->session_name = 'my_session';
$img->magic_words('secret');
$valid = $img->validate($user_guess);
if ($user_guess == "") {
print "<table align='center'><tr><td align='center'><p>Invalid!</p> <a href='../index.php'>please try again<a></td></tr></table>";
} else {
if ($valid) {
$session = session_id();
$sql = "DELETE FROM zig_session WHERE session='{$session}'";
zig("query", $sql, "redirect.php");
header("Location: ../index.php");
} else {
print "<table align='center'><tr><td align='center'><p>Invalid!</p> <a href='../index.php'>please try again<a></td></tr></table>";
}
}
function login()
{
$zig_passed_hash = isset($_GET['zig_hash']) ? $_GET['zig_hash'] : (isset($_POST['zig_hash']) ? $_POST['zig_hash'] : NULL);
$zig_hash_decrypted_link = zig("hash", "decrypt", $zig_passed_hash);
if (!session_id()) {
session_start();
}
if (array_key_exists("zig_hash", $_SESSION)) {
if ($_SESSION['zig_hash'] != "") {
$zig_hash_vars = zig("hash", "vars_decode", $_SESSION['zig_hash']);
if (session_id() == $zig_hash_vars['session_id']) {
$module = zig("config", "module");
$return_url = $zig_passed_hash ? "http://" . $_SERVER['HTTP_HOST'] . $zig_hash_decrypted_link : "../" . $module;
header("Location: {$return_url}");
exit;
}
}
}
$login = isset($_GET['login']) ? $_GET['login'] : (isset($_POST['login']) ? $_POST['login'] : '');
$session = session_id();
$pre = $GLOBALS['zig']['sql']['pre'];
$zig_global_database = $GLOBALS['zig']['sql']['global_database'];
$mod = $GLOBALS['zig']['current']['module'];
$GLOBALS[$mod]['current']['method'] = "login";
$buffer = $this->gate_template("login");
$action = $zig_passed_hash ? "index.php?zig_hash={$zig_passed_hash}" : "index.php";
$buffer = str_replace("{action}", $action, $buffer);
$sql = "SELECT id FROM `{$zig_global_database}`.`{$pre}session` WHERE `session`='{$session}' AND `event`='logged in' AND `zig_status`<>'deleted' ORDER BY `id` DESC LIMIT 1";
$result = zig("query", $sql);
if ($result->RecordCount()) {
$fetch = $result->fetchRow();
$id_where = " AND `id`>{$fetch['id']}";
} else {
$id_where = "";
}
if ($login) {
$username = isset($_POST['username']) ? $_POST['username'] : NULL;
$password = isset($_POST['password']) ? $_POST['password'] : NULL;
$captcha_flag = isset($_POST['captcha_flag']) ? $_POST['captcha_flag'] : NULL;
$user_guess = isset($_POST['user_guess']) ? $_POST['user_guess'] : NULL;
$zig_authentication = zig("config", "authentication");
$authentication = zig("authenticate", $zig_authentication, $username, $password);
if ($captcha_flag and $user_guess) {
require_once "../zig-api/plugins/captcha/animatedcaptcha.class.php";
$user_guess = $_POST['user_guess'];
$img = new animated_captcha();
$img->session_name = "my_session";
$img->magic_words("secret");
$valid = $img->validate($user_guess);
if ($valid and $authentication) {
$session = session_id();
}
}
if ($authentication and ($valid and $user_guess or !$captcha_flag)) {
$zig_hash_decrypted_link = $zig_passed_hash ? "http://" . $_SERVER['HTTP_HOST'] . $zig_hash_decrypted_link : NULL;
$this->gate_login("gate_login", $username, $zig_hash_decrypted_link, NULL);
exit;
} else {
$sql = "SELECT count(session) as rowcount FROM `{$zig_global_database}`.`{$pre}session` WHERE `session`='{$session}' AND `event`='login failed' AND `zig_status`<>'deleted' {$id_where} ORDER BY `id` DESC LIMIT 3";
$result = zig("query", $sql);
$fetch = $result->fetchRow();
$count = $fetch["rowcount"];
if ($count < 3) {
$sql = "INSERT INTO `{$zig_global_database}`.`{$pre}session` (`zig_created`,`zig_user`,`username`,`session`,`ip`,`event`) VALUES (NOW(),'gate.lib.php','{$username}','{$session}','{$_SERVER['REMOTE_ADDR']}','login failed')";
zig("query", $sql);
$count++;
}
$message = "authentication failed!";
if ($count >= 3) {
$captcha_template = zig("template", "file", "captcha");
$buffer = str_replace("{captcha}", $captcha_template, $buffer);
$buffer = str_replace("{captcha_image}", "<img alt='loading...' id='ci' src='../zig-api/plugins/captcha/animatedcaptcha_generate.php?i=md5(microtime()) ;' />", $buffer);
}
}
}
$username = isset($username) ? $username : NULL;
if (!$username) {
if (array_key_exists("current", $GLOBALS['zig'])) {
$username = array_key_exists("user", $GLOBALS['zig']['current']) ? $GLOBALS['zig']['current']['user'] : NULL;
}
}
$buffer = str_replace("{username}", $username, $buffer);
$buffer = str_replace("{captcha}", "", $buffer);
$message = isset($message) ? $message : NULL;
$message .= substr($_SERVER['HTTP_HOST'], 0, 5) == "demo." ? "<br />username: <strong>demo</strong> <br />password: <strong>demo</strong>" : NULL;
$buffer = str_replace("{message}", $message, $buffer);
$buffer = str_replace("{tabs}", zig(array("function" => "tabs", "permit" => false, "new_tab" => false)), $buffer);
$zig_result['value'] = $buffer;
$zig_result['topmenu'] = 0;
$zig_result['applications'] = 0;
$zig_result['actions'] = 0;
$zig_result['return'] = 1;
return $zig_result;
}
