Ariadne-CMS /
ariadne
| @@ 91-120 (lines=30) @@ | ||
| 88 | return $ARSessionCookie; |
|
| 89 | } |
|
| 90 | ||
| 91 | function ldCheckCredentials($login) { |
|
| 92 | global $ARCurrent, $AR; |
|
| 93 | debug("ldCheckCredentials()","object"); |
|
| 94 | $result=false; |
|
| 95 | $cookie=ldGetCredentials(); |
|
| 96 | $data = ldDecodeCookie($cookie[$ARCurrent->session->id]); |
|
| 97 | if ($login === $data['login'] |
|
| 98 | && ($saved=$data['check'])) { |
|
| 99 | $check=ldGenerateSessionKeyCheck(); |
|
| 100 | if ($check === $saved && !$ARCurrent->session->get('ARSessionTimedout', 1)) { |
|
| 101 | $result=true; |
|
| 102 | } else { |
|
| 103 | debug("login check failed","all"); |
|
| 104 | } |
|
| 105 | } else { |
|
| 106 | $ARSessionKeyCheck = $_GET['ARSessionKeyCheck']; |
|
| 107 | if (!$ARSessionKeyCheck) { |
|
| 108 | $ARSessionKeyCheck = $_POST['ARSessionKeyCheck']; |
|
| 109 | } |
|
| 110 | if ($ARSessionKeyCheck) { |
|
| 111 | debug("ldCheckCredentials: trying ARSessionKeyCheck ($ARSessionKeyCheck)"); |
|
| 112 | if ($ARSessionKeyCheck == ldGenerateSessionKeyCheck()) { |
|
| 113 | $result = true; |
|
| 114 | } |
|
| 115 | } else { |
|
| 116 | debug("wrong login or corrupted cookie","all"); |
|
| 117 | } |
|
| 118 | } |
|
| 119 | return $result; |
|
| 120 | } |
|
| 121 | ||
| 122 | function ldDecodeCookie($cookie) { |
|
| 123 | global $AR; |
|
| @@ 219-248 (lines=30) @@ | ||
| 216 | return $ARSessionCookie; |
|
| 217 | } |
|
| 218 | ||
| 219 | function ldCheckCredentials($login) { |
|
| 220 | global $ARCurrent, $AR; |
|
| 221 | debug("ldCheckCredentials($login)","object"); |
|
| 222 | $result=false; |
|
| 223 | $cookie=ldGetCredentials(); |
|
| 224 | $data = ldDecodeCookie($cookie[$ARCurrent->session->id]); |
|
| 225 | if ($login === $data['login'] |
|
| 226 | && ($saved=$data['check'])) { |
|
| 227 | $check=ldGenerateSessionKeyCheck(); |
|
| 228 | if ($check === $saved && !$ARCurrent->session->get('ARSessionTimedout', 1)) { |
|
| 229 | $result=true; |
|
| 230 | } else { |
|
| 231 | debug("login check failed","all"); |
|
| 232 | } |
|
| 233 | } else { |
|
| 234 | $ARSessionKeyCheck = $_GET['ARSessionKeyCheck']; |
|
| 235 | if (!$ARSessionKeyCheck) { |
|
| 236 | $ARSessionKeyCheck = $_POST['ARSessionKeyCheck']; |
|
| 237 | } |
|
| 238 | if ($ARSessionKeyCheck) { |
|
| 239 | debug("ldCheckCredentials: trying ARSessionKeyCheck ($ARSessionKeyCheck)"); |
|
| 240 | if ($ARSessionKeyCheck == ldGenerateSessionKeyCheck()) { |
|
| 241 | $result = true; |
|
| 242 | } |
|
| 243 | } else { |
|
| 244 | debug("wrong login or corrupted cookie","all"); |
|
| 245 | } |
|
| 246 | } |
|
| 247 | return $result; |
|
| 248 | } |
|
| 249 | ||
| 250 | function ldDecodeCookie($cookie) { |
|
| 251 | global $AR; |
|
