function webauthenticate()
{
global $u_cookieid, $phpenv, $setctl, $cfg, $u_id;
$status = 0;
if (!$cfg['disablelogin']) {
if (frm_isset('l_username') && frm_isset('l_password')) {
$user = frm_get('l_username');
$pass = frm_get('l_password');
if (strlen($user) > 0 && strlen($pass) > 0) {
$kpu = new kpuser();
if ($kpu->loadbyuserpass($user, $pass)) {
$u_id = $kpu->getid();
$kpdb = new kpdbconnection();
$kpdb->preparestmt('INSERT INTO ' . TBL_SESSION . ' SET u_id = ?, login = ?, refreshed = ?, ip = ?', $kpu->getid(), time(), time(), ip2long($phpenv['remote']));
if ($kpdb->query()) {
$u_cookieid = $kpdb->getautoid();
if ($kpu->get('u_access') != 2) {
if ($cfg['numberlogins'] > 0) {
$kpdb->preparestmt('SELECT sessionid FROM ' . TBL_SESSION . ' WHERE u_id = ? AND logout = 0 ORDER BY sessionid DESC', $kpu->getid());
if ($kpdb->query()) {
$cnt = 0;
while ($row = $kpdb->nextrow()) {
if ($cnt >= $cfg['numberlogins']) {
db_execquery('UPDATE ' . TBL_SESSION . ' SET logout = ' . time() . ' WHERE sessionid = ' . $row['sessionid']);
}
$cnt++;
}
}
}
}
if ($setctl->get('timeout') > 0 && frm_get('l_rememberme', 2)) {
$expiration = time() + $setctl->get('timeout');
} else {
$expiration = 0;
}
switch ($cfg['authtype']) {
case 2:
if (strlen(session_id()) > 0) {
$_SESSION[$cfg['cookie']] = $u_id . '-' . $u_cookieid;
$status = 1;
} else {
$status = 2;
}
break;
default:
if (setcookie($cfg['cookie'], $u_id . '-' . $u_cookieid, $expiration)) {
$status = 1;
} else {
$status = 2;
}
break;
}
} else {
$status = 2;
}
}
}
}
} else {
$status = 1;
}
return $status;
}
function webauthenticate()
{
global $_POST, $u_cookieid, $phpenv, $setctl, $cfg, $u_id;
$status = 0;
if (!$cfg['disablelogin']) {
if (isset($_POST['user']) && isset($_POST['password'])) {
$user = myescstr($_POST['user']);
$pass = myescstr($_POST['password']);
if (!empty($user) && !empty($pass)) {
$kpu = new kpuser();
if ($kpu->loadbyuserpass($user, $pass)) {
$u_id = $kpu->getid();
db_execquery('INSERT INTO ' . TBL_SESSION . ' SET u_id = ' . $kpu->getid() . ', login = '******', refreshed = ' . time() . ', ip = ' . ip2long($phpenv['remote']));
$u_cookieid = mysql_insert_id();
if ($kpu->get('u_access') != 2) {
if ($cfg['numberlogins'] > 0) {
$res = db_execquery('SELECT sessionid FROM ' . TBL_SESSION . ' WHERE u_id = ' . $kpu->getid() . ' AND logout = 0 ORDER BY sessionid DESC');
$cnt = 0;
while ($row = mysql_fetch_row($res)) {
if ($cnt >= $cfg['numberlogins']) {
db_execquery('UPDATE ' . TBL_SESSION . ' SET logout = ' . time() . ' WHERE sessionid = ' . $row[0]);
}
$cnt++;
}
}
}
if ($setctl->get('timeout') > 0 && isset($_POST['rememberme'])) {
$expiration = time() + $setctl->get('timeout');
} else {
$expiration = 0;
}
switch ($cfg['authtype']) {
case 2:
if (strlen(session_id()) > 0) {
$_SESSION[$cfg['cookie']] = $u_id . '-' . $u_cookieid;
$status = 1;
} else {
$status = 2;
}
break;
default:
if (setcookie($cfg['cookie'], $u_id . '-' . $u_cookieid, $expiration)) {
$status = 1;
} else {
$status = 2;
}
break;
}
}
}
}
} else {
$status = 1;
}
return $status;
}
