git commit all base code
This commit is contained in:
@@ -0,0 +1,119 @@
|
||||
<?php
|
||||
|
||||
// =============
|
||||
// Sign In Class
|
||||
// =============
|
||||
|
||||
class SignIn extends Base {
|
||||
|
||||
// Variables
|
||||
|
||||
private $current_user_id = "";
|
||||
private $current_user_serial = "";
|
||||
private $current_user_name = "";
|
||||
private $current_user_email = "";
|
||||
|
||||
// ================================
|
||||
// __construct : Class Constructor.
|
||||
// ================================
|
||||
|
||||
public function __construct() {
|
||||
|
||||
set_error_handler(array($this, "displayError"));
|
||||
|
||||
date_default_timezone_set(self::TIMEZONE);
|
||||
|
||||
$this->current_user_id = $_SESSION[self::USER_ID] ?? "";
|
||||
$this->current_user_name = $_SESSION[self::USER_NAME] ?? "";
|
||||
$this->current_user_email = $_SESSION[self::USER_EMAIL] ?? "";
|
||||
}
|
||||
|
||||
// ========================
|
||||
// Login to the application
|
||||
// ========================
|
||||
|
||||
public function login() {
|
||||
|
||||
$step = filter_input(INPUT_POST, "step") ?: "prompt";
|
||||
|
||||
switch ($step) {
|
||||
|
||||
case "prompt":
|
||||
|
||||
$XSLParms["BTN_SUBMIT"] = "main.php?action=SignIn.login&step=authenticate";
|
||||
$XSLParms["INVALID_SIGNIN"] = "FALSE";
|
||||
|
||||
echo $this->applyXSL("", $this->getXSL("signIn"), $XSLParms);
|
||||
exit();
|
||||
|
||||
break;
|
||||
|
||||
case "authenticate":
|
||||
|
||||
$user_name = trim(filter_input(INPUT_POST, "user_name") ?: "");
|
||||
$user_password = filter_input(INPUT_POST, "user_password") ?: "";
|
||||
|
||||
$XSLParms["BTN_SUBMIT"] = "main.php?action=SignIn.login&step=authenticate";
|
||||
$XSLParms["INVALID_SIGNIN"] = "TRUE";
|
||||
|
||||
$user = (new Users())->getUserByUserName($user_name);
|
||||
|
||||
if ($user->count() == 0) {
|
||||
echo $this->applyXSL("", $this->getXSL("signIn"), $XSLParms);
|
||||
die();
|
||||
}
|
||||
|
||||
if ((integer) $user->record->user_active === 0) {
|
||||
echo $this->applyXSL("", $this->getXSL("signIn"), $XSLParms);
|
||||
die();
|
||||
}
|
||||
|
||||
$stored_hashed_password = $user->record->user_password;
|
||||
|
||||
if (!password_verify($user_password, $stored_hashed_password)) {
|
||||
|
||||
echo $this->applyXSL("", $this->getXSL("signIn"), $XSLParms);
|
||||
die();
|
||||
}
|
||||
|
||||
session_regenerate_id(true);
|
||||
|
||||
$_SESSION[self::USER_AUTHENTICATED] = true;
|
||||
$_SESSION[self::USER_SERIAL] = (integer) $user->record->user_serial;
|
||||
$_SESSION[self::USER_ID] = (string) $user->record->user_id;
|
||||
$_SESSION[self::USER_NAME] = (string) $user->record->user_name;
|
||||
$_SESSION[self::USER_EMAIL] = (string) $user->record->user_email;
|
||||
$_SESSION[self::USER_ROLE] = (string) $user->record->user_role;
|
||||
|
||||
$this->current_user_id = $_SESSION[self::USER_ID] ?? "";
|
||||
$this->current_user_serial = $_SESSION[self::USER_SERIAL] ?? 0;
|
||||
$this->current_user_name = $_SESSION[self::USER_NAME] ?? "";
|
||||
$this->current_user_email = $_SESSION[self::USER_EMAIL] ?? "";
|
||||
|
||||
$system_admins = $this->getSettings()->xpath("//SystemAdministrator");
|
||||
|
||||
foreach ($system_admins as $admin) {
|
||||
if ((string) $admin === $user_name) {
|
||||
$_SESSION[self::USER_ROLE] = "System Administrator";
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
(new Journal())->journalEntry("{$_SESSION[self::USER_NAME]} logged in ({$_SESSION[self::USER_ROLE]}).");
|
||||
|
||||
(new Users())->updateLogin();
|
||||
|
||||
header("Location: ./");
|
||||
exit();
|
||||
|
||||
break;
|
||||
|
||||
default:
|
||||
// User NOT Validated.
|
||||
header("Location: ./");
|
||||
exit();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user