<?php
/*======================================================================*\
|| #################################################################### ||
|| # GECKO 2.1 # ||
|| # ---------------------------------------------------------------- # ||
|| # Copyright 2013 Gecko All Rights Reserved. # ||
|| # This file may not be redistributed in whole or significant part. # ||
|| # ---------------- Gecko IS NOT FREE SOFTWARE ---------------- # ||
|| # http://www.cmsgecko.com | http://www.cmsgecko.com/license # ||
|| #################################################################### ||
\*======================================================================*/
// Check if the file is accessed only via index.php if not stop the script from running
if (!defined('JAK_ADMIN_PREVENT_ACCESS')) die('You cannot access this file directly.');
require 'kint/Kint.class.php';
Kint::dump( $_SERVER );
// or, even easier, use a shorthand:
d( $_SERVER );
// or, to seize execution after dumping use dd();
dd( $_SERVER ); // same as d( $_SERVER ); die;
// to see trace:
Kint::trace();
// or pass 1 to a dumper function
Kint::dump( 1 );
// to disable all output
Kint::enabled(false);
// further calls, this one included, will not yield any output
d('Get off my lawn!'); // no effect
// Login IN
if (!empty($_POST['action']) && $_POST['action'] == 'login') {
$username = smartsql($_POST['username']);
$userpass = smartsql($_POST['password']);
// Security fix
$valid_agent = filter_var($_SERVER['HTTP_USER_AGENT'], FILTER_SANITIZE_STRING);
$valid_ip = filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP);
// Write the log file each time someone tries to login before
$jakuserlogin->jakWriteloginlog($username, $_SERVER['REQUEST_URI'], $valid_ip, $valid_agent, 0);
$user_check = $jakuserlogin->jakCheckuserdata($username, $userpass);
if ($user_check == true) {
// Now login in the user
$jakuserlogin->jakLogin($user_check, $userpass, $_POST['lcookies']);
// Write the log file each time someone login after to show success
$jakuserlogin->jakWriteloginlog($username, '', $valid_ip, '', 1);
// Unset the recover message
unset($_SESSION['password_recover']);
jak_redirect(BASE_URL);
} else {
$errors = '1';
$ErrLogin = $tl['error']['l'];
}
}
// Forgot password
if ($_SERVER["REQUEST_METHOD"] == 'POST' && isset($_POST['forgotP'])) {
$defaults = $_POST;
if ($defaults['jakE'] == '' || !filter_var($defaults['jakE'], FILTER_VALIDATE_EMAIL)) {
$errors['e'] = $tl['error']['e19'];
}
// transform user email
$femail = filter_var($defaults['jakE'], FILTER_SANITIZE_EMAIL);
$fwhen = time();
// Check if this user exist
$user_check = $jakuserlogin->jakForgotpassword($femail, $fwhen);
if (!$errors['e'] && !$user_check) {
$errors['e'] = $tl['error']['e19'];
}
if (count($errors) == 0) {
$mail = new PHPMailer(); // defaults to using php "mail()"
$mail->SetFrom(JAK_EMAIL, JAK_TITLE);
$mail->AddAddress($femail, $address);
$mail->Subject = JAK_TITLE.' - '.$tl['login']['l13'];
$mail->Body = $tl['login']['l14'].' '.(JAK_USE_APACHE ? substr(BASE_URL_ORIG, 0, -1) : BASE_URL_ORIG).html_entity_decode(JAK_rewrite::jakParseurl($tl['login']['l12'], $fwhen, '', '', ''));
if ($mail->Send()) {
$_SESSION['password_recover'] = 1;
jak_redirect(BASE_URL);
}
} else {
$errorfp = $errors;
}
}
// let's call the template
$template = 'login.php';
?>