// // ------------------------------------------------------------------------ // // This program is free software; you can redistribute it and/or modify // // it under the terms of the GNU General Public License as published by // // the Free Software Foundation; either version 2 of the License, or // // (at your option) any later version. // // // // You may not change or alter any portion of this comment or credits // // of supporting developers from this source code or any supporting // // source code which is considered copyrighted (c) material of the // // original comment or credit authors. // // // // This program is distributed in the hope that it will be useful, // // but WITHOUT ANY WARRANTY; without even the implied warranty of // // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // // GNU General Public License for more details. // // // // You should have received a copy of the GNU General Public License // // along with this program; if not, write to the Free Software // // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // // ------------------------------------------------------------------------ // // Author: Kazumi Ono (AKA onokazu) // // URL: http://www.xoops.org/ http://jp.xoops.org/ http://www.myweb.ne.jp/ // // Project: The XOOPS Project (http://www.xoops.org/) // // ------------------------------------------------------------------------- // if (!defined('XOOPS_ROOT_PATH')) { exit(); } include_once XOOPS_ROOT_PATH.'/language/'.$xoopsConfig['language'].'/user.php'; $uname = !isset($_POST['uname']) ? '' : trim($_POST['uname']); $pass = !isset($_POST['pass']) ? '' : trim($_POST['pass']); if ($uname == '' || $pass == '') { redirect_header(XOOPS_URL.'/user.php', 1, _US_INCORRECTLOGIN); exit(); } $member_handler =& xoops_gethandler('member'); $myts =& MyTextsanitizer::getInstance(); //$user =& $member_handler->loginUser(addslashes($myts->stripSlashesGPC($uname)), $myts->stripSlashesGPC($pass)); // uname&email hack GIJ $uname4sql = addslashes( $myts->stripSlashesGPC($uname) ) ; $pass = $myts->stripSlashesGPC($pass) ; if( strstr( $uname , '@' ) ) { // check by email if uname includes '@' $criteria = new CriteriaCompo(new Criteria('email', $uname4sql )); $criteria->add(new Criteria('pass', md5( $pass ))); $user_handler =& xoops_gethandler('user'); $users =& $user_handler->getObjects($criteria, false); if( empty( $users ) || count( $users ) != 1 ) $user = false ; else $user = $users[0] ; unset( $users ) ; } if( empty( $user ) || ! is_object( $user ) ) { $user =& $member_handler->loginUser($uname4sql,$pass); } // end of uname&email hack GIJ if (false != $user) { if (0 == $user->getVar('level')) { redirect_header(XOOPS_URL.'/index.php', 5, _US_NOACTTPADM); exit(); } if ($xoopsConfig['closesite'] == 1) { $allowed = false; foreach ($user->getGroups() as $group) { if (in_array($group, $xoopsConfig['closesite_okgrp']) || XOOPS_GROUP_ADMIN == $group) { $allowed = true; break; } } if (!$allowed) { redirect_header(XOOPS_URL.'/index.php', 1, _NOPERM); exit(); } } $user->setVar('last_login', time()); if (!$member_handler->insertUser($user)) { } require_once XOOPS_ROOT_PATH . '/include/session.php'; xoops_session_regenerate(); $_SESSION = array(); $_SESSION['xoopsUserId'] = $user->getVar('uid'); $_SESSION['xoopsUserGroups'] = $user->getGroups(); if ($xoopsConfig['use_mysession'] && $xoopsConfig['session_name'] != '') { setcookie($xoopsConfig['session_name'], session_id(), time()+(60 * $xoopsConfig['session_expire']), '/', '', 0); } $user_theme = $user->getVar('theme'); if (in_array($user_theme, $xoopsConfig['theme_set_allowed'])) { $_SESSION['xoopsUserTheme'] = $user_theme; } if (!empty($_POST['xoops_redirect']) && !strpos($_POST['xoops_redirect'], 'register')) { $parsed = parse_url(XOOPS_URL); $url = isset($parsed['scheme']) ? $parsed['scheme'].'://' : 'http://'; if (isset($parsed['host'])) { $url .= isset($parsed['port']) ?$parsed['host'].':'.$parsed['port'].trim($_POST['xoops_redirect']): $parsed['host'].trim($_POST['xoops_redirect']); } else { $url .= xoops_getenv('HTTP_HOST').trim($_POST['xoops_redirect']); } } else { $url = XOOPS_URL.'/index.php'; } // autologin hack V3.1 GIJ (set cookie) $xoops_cookie_path = defined('XOOPS_COOKIE_PATH') ? XOOPS_COOKIE_PATH : preg_replace( '?http://[^/]+(/.*)$?' , "$1" , XOOPS_URL ) ; if( $xoops_cookie_path == XOOPS_URL ) $xoops_cookie_path = '/' ; if (!empty($_POST['rememberme'])) { $expire = time() + ( defined('XOOPS_AUTOLOGIN_LIFETIME') ? XOOPS_AUTOLOGIN_LIFETIME : 604800 ) ; // 1 week default setcookie('autologin_uname', $user->getVar('uname'), $expire, $xoops_cookie_path, '', 0); $Ynj = date( 'Y-n-j' ) ; setcookie('autologin_pass', $Ynj . ':' . md5( $user->getVar('pass') . XOOPS_DB_PASS . XOOPS_DB_PREFIX . $Ynj ) , $expire, $xoops_cookie_path, '', 0); } // end of autologin hack V3.1 GIJ // RMV-NOTIFY // Perform some maintenance of notification records $notification_handler =& xoops_gethandler('notification'); $notification_handler->doLoginMaintenance($user->getVar('uid')); redirect_header($url, 1, sprintf(_US_LOGGINGU, $user->getVar('uname'))); } else { redirect_header(XOOPS_URL.'/user.php',1,_US_INCORRECTLOGIN); } exit(); ?>