Context Navigation

source: temp/test-xoops.ec-cube.net/html/include/checklogin.php @ 405

Visit:

Revision 405, 6.3 KB checked in by root, 20 years ago (diff)

Line
1	<?php
2	// $Id: checklogin.php,v 1.6.2.1 2006/07/27 00:34:59 onokazu Exp $
3	// ------------------------------------------------------------------------ //
4	// XOOPS - PHP Content Management System //
5	// Copyright (c) 2000 XOOPS.org //
6	// <http://www.xoops.org/> //
7	// ------------------------------------------------------------------------ //
8	// This program is free software; you can redistribute it and/or modify //
9	// it under the terms of the GNU General Public License as published by //
10	// the Free Software Foundation; either version 2 of the License, or //
11	// (at your option) any later version. //
12	// //
13	// You may not change or alter any portion of this comment or credits //
14	// of supporting developers from this source code or any supporting //
15	// source code which is considered copyrighted (c) material of the //
16	// original comment or credit authors. //
17	// //
18	// This program is distributed in the hope that it will be useful, //
19	// but WITHOUT ANY WARRANTY; without even the implied warranty of //
20	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
21	// GNU General Public License for more details. //
22	// //
23	// You should have received a copy of the GNU General Public License //
24	// along with this program; if not, write to the Free Software //
25	// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
26	// ------------------------------------------------------------------------ //
27	// Author: Kazumi Ono (AKA onokazu) //
28	// URL: http://www.xoops.org/ http://jp.xoops.org/ http://www.myweb.ne.jp/ //
29	// Project: The XOOPS Project (http://www.xoops.org/) //
30	// ------------------------------------------------------------------------- //
31
32	if (!defined('XOOPS_ROOT_PATH')) {
33	exit();
34	}
35	include_once XOOPS_ROOT_PATH.'/language/'.$xoopsConfig['language'].'/user.php';
36	$uname = !isset($_POST['uname']) ? '' : trim($_POST['uname']);
37	$pass = !isset($_POST['pass']) ? '' : trim($_POST['pass']);
38	if ($uname == '' \|\| $pass == '') {
39	redirect_header(XOOPS_URL.'/user.php', 1, _US_INCORRECTLOGIN);
40	exit();
41	}
42	$member_handler =& xoops_gethandler('member');
43	$myts =& MyTextsanitizer::getInstance();
44	//$user =& $member_handler->loginUser(addslashes($myts->stripSlashesGPC($uname)), $myts->stripSlashesGPC($pass));
45	// uname&email hack GIJ
46	$uname4sql = addslashes( $myts->stripSlashesGPC($uname) ) ;
47	$pass = $myts->stripSlashesGPC($pass) ;
48	if( strstr( $uname , '@' ) ) {
49	// check by email if uname includes '@'
50	$criteria = new CriteriaCompo(new Criteria('email', $uname4sql ));
51	$criteria->add(new Criteria('pass', md5( $pass )));
52	$user_handler =& xoops_gethandler('user');
53	$users =& $user_handler->getObjects($criteria, false);
54	if( empty( $users ) \|\| count( $users ) != 1 ) $user = false ;
55	else $user = $users[0] ;
56	unset( $users ) ;
57	}
58	if( empty( $user ) \|\| ! is_object( $user ) ) {
59	$user =& $member_handler->loginUser($uname4sql,$pass);
60	}
61	// end of uname&email hack GIJ
62
63	if (false != $user) {
64	if (0 == $user->getVar('level')) {
65	redirect_header(XOOPS_URL.'/index.php', 5, _US_NOACTTPADM);
66	exit();
67	}
68	if ($xoopsConfig['closesite'] == 1) {
69	$allowed = false;
70	foreach ($user->getGroups() as $group) {
71	if (in_array($group, $xoopsConfig['closesite_okgrp']) \|\| XOOPS_GROUP_ADMIN == $group) {
72	$allowed = true;
73	break;
74	}
75	}
76	if (!$allowed) {
77	redirect_header(XOOPS_URL.'/index.php', 1, _NOPERM);
78	exit();
79	}
80	}
81	$user->setVar('last_login', time());
82	if (!$member_handler->insertUser($user)) {
83	}
84	require_once XOOPS_ROOT_PATH . '/include/session.php';
85	xoops_session_regenerate();
86	$_SESSION = array();
87	$_SESSION['xoopsUserId'] = $user->getVar('uid');
88	$_SESSION['xoopsUserGroups'] = $user->getGroups();
89	if ($xoopsConfig['use_mysession'] && $xoopsConfig['session_name'] != '') {
90	setcookie($xoopsConfig['session_name'], session_id(), time()+(60 * $xoopsConfig['session_expire']), '/', '', 0);
91	}
92	$user_theme = $user->getVar('theme');
93	if (in_array($user_theme, $xoopsConfig['theme_set_allowed'])) {
94	$_SESSION['xoopsUserTheme'] = $user_theme;
95	}
96	if (!empty($_POST['xoops_redirect']) && !strpos($_POST['xoops_redirect'], 'register')) {
97	$parsed = parse_url(XOOPS_URL);
98	$url = isset($parsed['scheme']) ? $parsed['scheme'].'://' : 'http://';
99	if (isset($parsed['host'])) {
100	$url .= isset($parsed['port']) ?$parsed['host'].':'.$parsed['port'].trim($_POST['xoops_redirect']): $parsed['host'].trim($_POST['xoops_redirect']);
101	} else {
102	$url .= xoops_getenv('HTTP_HOST').trim($_POST['xoops_redirect']);
103	}
104	} else {
105	$url = XOOPS_URL.'/index.php';
106	}
107
108	// autologin hack V3.1 GIJ (set cookie)
109	$xoops_cookie_path = defined('XOOPS_COOKIE_PATH') ? XOOPS_COOKIE_PATH : preg_replace( '?http://[^/]+(/.*)$?' , "$1" , XOOPS_URL ) ;
110	if( $xoops_cookie_path == XOOPS_URL ) $xoops_cookie_path = '/' ;
111	if (!empty($_POST['rememberme'])) {
112	$expire = time() + ( defined('XOOPS_AUTOLOGIN_LIFETIME') ? XOOPS_AUTOLOGIN_LIFETIME : 604800 ) ; // 1 week default
113	setcookie('autologin_uname', $user->getVar('uname'), $expire, $xoops_cookie_path, '', 0);
114	$Ynj = date( 'Y-n-j' ) ;
115	setcookie('autologin_pass', $Ynj . ':' . md5( $user->getVar('pass') . XOOPS_DB_PASS . XOOPS_DB_PREFIX . $Ynj ) , $expire, $xoops_cookie_path, '', 0);
116	}
117	// end of autologin hack V3.1 GIJ
118
119	// RMV-NOTIFY
120	// Perform some maintenance of notification records
121	$notification_handler =& xoops_gethandler('notification');
122	$notification_handler->doLoginMaintenance($user->getVar('uid'));
123
124	redirect_header($url, 1, sprintf(_US_LOGGINGU, $user->getVar('uname')));
125	} else {
126
127	redirect_header(XOOPS_URL.'/user.php',1,_US_INCORRECTLOGIN);
128	}
129	exit();
130	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: