getSession('user', null); if (!empty($user)) { self::$instance = $user; } else { self::$instance = new self; } } return self::$instance; } public function saveLogin () { if ($this->logged) { $system = System::getInstance(); $system->setSession('user', $this); if (!$this->needDoubleAuth) { //hack to compatibility with pandora global $config; $config['id_user'] = $this->user; $system->setSessionBase('id_usuario', $this->user); } } } public function isLogged () { $system = System::getInstance(); $autologin = $system->getRequest('autologin', false); if ($autologin) { $user = $system->getRequest('user', null); $password = $system->getRequest('password', null); $this->login($user, $password); } return $this->logged; } public function login ($user = null, $password = null) { $system = System::getInstance(); if (($user == null) && ($password == null)) { $user = $system->getRequest('user', null); $user = $system->safeInput($user); $password = $system->getRequest('password', null); } if (!empty($user) && !empty($password)) { $user_in_db = process_user_login($user, $password); if ($user_in_db !== false) { $this->logged = true; $this->user = $user_in_db; $this->loginTime = time(); $this->errorLogin = false; // The user login was successful, but the second step is not completed if ($this->isDobleAuthRequired()) { $this->needDoubleAuth = true; } } else { $this->logged = false; $this->loginTime = false; $this->errorLogin = true; $this->needDoubleAuth = false; $this->errorDoubleAuth = false; } } $this->saveLogin(); return $this->logged; } public function getLoginTime () { return $this->loginTime; } public function isWaitingDoubleAuth () { return $this->needDoubleAuth; } public function isDobleAuthRequired ($user = false) { if (empty($user) && !empty($this->user)) $user = $this->user; if (!empty($user)) return (bool) db_get_value('id', 'tuser_double_auth', 'id_user', $user); else return false; } public function validateDoubleAuthCode ($user = null, $code = null) { if (!$this->needDoubleAuth) { return true; } $system = System::getInstance(); require_once ($system->getConfig('homedir').'/include/auth/GAuth/Auth.php'); $result = false; if (empty($user)) { $user = $this->user; } if (empty($code)) { $code = $system->getRequest('auth_code', null); } if (!empty($user) && !empty($code)) { $secret = db_get_value('secret', 'tuser_double_auth', 'id_user', $user); if ($secret === false) { $result = false; $this->errorDoubleAuth = array( 'title_text' => __('Double authentication failed'), 'content_text' => __('Secret code not found') .". " .__('Please contact the administrator to reset your double authentication') ); } else if (!empty($secret)) { try { $gAuth = new \GAuth\Auth($secret); $result = $gAuth->validateCode($code); // Double auth success if ($result) { $this->needDoubleAuth = false; $this->saveLogin(); } else { $result = false; $this->errorDoubleAuth = array( 'title_text' => __('Double authentication failed'), 'content_text' => __('Invalid code') ); } } catch (Exception $e) { $result = false; $this->errorDoubleAuth = array( 'title_text' => __('Double authentication failed'), 'content_text' => __('There was an error checking the code') ); } } } return $result; } public function logout () { $this->user = null; $this->logged = false; $this->loginTime = false; $this->errorLogin = false; $this->logout_action = true; $this->needDoubleAuth = false; $this->errorDoubleAuth = false; $system = System::getInstance(); $system->setSession('user', null); $system->sessionDestroy(); } public function showLoginPage () { global $pandora_version; $ui = Ui::getInstance(); $ui->createPage(); if ($this->errorLogin) { $options['type'] = 'onStart'; $options['title_text'] = __('Login Failed'); $options['content_text'] = __('User not found in database or incorrect password.'); $ui->addDialog($options); } if ($this->logout_action) { $options['dialog_id'] = 'logout_dialog'; $options['type'] = 'onStart'; $options['title_text'] = __('Login out'); $options['content_text'] = __('Your session is over. Please close your browser window to close this Pandora session.'); $ui->addDialog($options); } $ui->createHeader(); $ui->showFooter(false); $ui->beginContent(); $ui->contentAddHtml('