XOOPS 2.5.6  Final
 All Classes Namespaces Files Functions Variables Pages
checklogin.php
Go to the documentation of this file.
1 <?php
19 defined('XOOPS_ROOT_PATH') or die('Restricted access');
20 
21 xoops_loadLanguage('user');
22 
23 $uname = !isset($_POST['uname']) ? '' : trim($_POST['uname']);
24 $pass = !isset($_POST['pass']) ? '' : trim($_POST['pass']);
25 if ($uname == '' || $pass == '') {
26  redirect_header(XOOPS_URL.'/user.php', 1, _US_INCORRECTLOGIN);
27  exit();
28 }
29 
30 $member_handler =& xoops_gethandler('member');
31 $myts =& MyTextsanitizer::getInstance();
32 
33 include_once $GLOBALS['xoops']->path('class/auth/authfactory.php');
34 
35 xoops_loadLanguage('auth');
36 
37 $xoopsAuth =& XoopsAuthFactory::getAuthConnection($myts->addSlashes($uname));
38 $user = $xoopsAuth->authenticate($myts->addSlashes($uname), $myts->addSlashes($pass));
39 
40 if (false != $user) {
41  if (0 == $user->getVar('level')) {
42  redirect_header(XOOPS_URL.'/index.php', 5, _US_NOACTTPADM);
43  exit();
44  }
45  if ($xoopsConfig['closesite'] == 1) {
46  $allowed = false;
47  foreach ($user->getGroups() as $group) {
48  if (in_array($group, $xoopsConfig['closesite_okgrp']) || XOOPS_GROUP_ADMIN == $group) {
49  $allowed = true;
50  break;
51  }
52  }
53  if (!$allowed) {
54  redirect_header(XOOPS_URL.'/index.php', 1, _NOPERM);
55  exit();
56  }
57  }
58  $user->setVar('last_login', time());
59  if (!$member_handler->insertUser($user)) {
60  }
61  // Regenrate a new session id and destroy old session
62  $GLOBALS["sess_handler"]->regenerate_id(true);
63  $_SESSION = array();
64  $_SESSION['xoopsUserId'] = $user->getVar('uid');
65  $_SESSION['xoopsUserGroups'] = $user->getGroups();
66  $user_theme = $user->getVar('theme');
67  if (in_array($user_theme, $xoopsConfig['theme_set_allowed'])) {
68  $_SESSION['xoopsUserTheme'] = $user_theme;
69  }
70 
71  // Set cookie for rememberme
72  if (!empty($xoopsConfig['usercookie'])) {
73  if (!empty($_POST["rememberme"])) {
74  setcookie($xoopsConfig['usercookie'], $_SESSION['xoopsUserId'] . '{-}' . md5($user->getVar('pass') . XOOPS_DB_NAME . XOOPS_DB_PASS . XOOPS_DB_PREFIX), time() + 31536000, '/', XOOPS_COOKIE_DOMAIN, 0);
75  } else {
76  setcookie($xoopsConfig['usercookie'], 0, -1, '/', XOOPS_COOKIE_DOMAIN, 0);
77  }
78  }
79 
80  if (!empty($_POST['xoops_redirect']) && !strpos($_POST['xoops_redirect'], 'register')) {
81  $xoops_redirect = trim(rawurldecode($_POST['xoops_redirect']));
82  $parsed = parse_url(XOOPS_URL);
83  $url = isset($parsed['scheme']) ? $parsed['scheme'].'://' : 'http://';
84  if (isset( $parsed['host'])) {
85  $url .= $parsed['host'];
86  if (isset( $parsed['port'])) {
87  $url .= ':' . $parsed['port'];
88  }
89  } else {
90  $url .= $_SERVER['HTTP_HOST'];
91  }
92  if (@$parsed['path']) {
93  if (strncmp($parsed['path'], $xoops_redirect, strlen( $parsed['path']))) {
94  $url .= $parsed['path'];
95  }
96  }
97  $url .= $xoops_redirect;
98  } else {
99  $url = XOOPS_URL . '/index.php';
100  }
101 
102  // RMV-NOTIFY
103  // Perform some maintenance of notification records
104  $notification_handler =& xoops_gethandler('notification');
105  $notification_handler->doLoginMaintenance($user->getVar('uid'));
106 
107  redirect_header($url, 1, sprintf(_US_LOGGINGU, $user->getVar('uname')), false);
108 } else if (empty($_POST['xoops_redirect'])) {
109  redirect_header(XOOPS_URL . '/user.php', 5, $xoopsAuth->getHtmlErrors());
110 } else {
111  redirect_header(XOOPS_URL . '/user.php?xoops_redirect=' . urlencode(trim($_POST['xoops_redirect'])), 5, $xoopsAuth->getHtmlErrors(), false);
112 }
113 exit();
114 
115 ?>