<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

1. <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
2.  
3.  
4. class Login extends CI_Controller
5. {
6.  
7. public function __construct()
8. {
9. parent::__construct();
10. $this->load->model("login_model");
11. $this->load->model("user_model");
12.  
13. $this->load->model("register_model");
14. $this->load->model("faucet_model");
15. }
16.  
17. public function index()
18. {
19. $this->template->set_page_title("Login");
20. $this->template->set_error_view("error/login_error.php", array('css_inc' =>'' ,'js_inc'=>'' ));
21. $this->template->set_layout("layout/layout.php", array('css_inc' =>'' ,'js_inc'=>'' ));
22. if ($this->user_model->check_block_ip()) {
23. $this->template->error("You have been blocked from this site!");
24. }
25. if ($this->user->loggedin) {
26. redirect(base_url());
27. }
28. $this->template->loadContent("login/index.php", array('css_inc' =>'' ,'js_inc'=>'' ));
29. }
30.  
31. public function go($redirect="")
32. {
33. $this->template->set_error_view("error/login_error.php", array('css_inc' =>'' ,'js_inc'=>'' ));
34. $this->template->set_layout("layout/layout.php", array('css_inc' =>'' ,'js_inc'=>'' ));
35. if ($this->user_model->check_block_ip()) {
36. $this->template->error("You have been blocked from this site!");
37. }
38.  
39. $config = $this->config->item("cookieprefix");
40. if ($this->user->loggedin) {
41. $this->template->error("You are already logged in!");
42. }
43.  
44. $email = $this->input->post("email", true);
45. $pass = $this->common->nohtml($this->input->post("pass", true));
46. $remember = $this->input->post("remember", true);
47.  
48.  
49. if (!$this->faucet_model->check_captcha('solvemedia')) {
50. $this->template->set_error_view("error/login_error.php", array('css_inc' =>'' ,'js_inc'=>'' ));
51. $this->template->error("Please fill out the captcha correctly!", array('css_inc' =>'' ,'js_inc'=>'' ));
52.  
53. }
54.  
55.  
56.  
57.  
58.  
59.  
60. if($this->settings->info->login_protect) {
61. // Check user for 5 login attempts
62. $s = $this->login_model->get_login_attempts($_SERVER['REMOTE_ADDR'],
63. $email, (15*60));
64. if($s->num_rows() > 0) {
65. $s = $s->row();
66. if($s->count >=5) {
67.  
68. $this->template->error("You have attempted to login too many times! Please wait 15 minutes before trying again.");
69. }
70. }
71. }
72.  
73. if (empty($email) || empty($pass)) {
74. $this->template->error("You are missing some details!");
75. }
76.  
77. $login = $this->login_model->getUserByEmail($email);
78. if ($login->num_rows() == 0) {
79. $login = $this->login_model->getUserByUsername($email);
80. if($login->num_rows() == 0) {
81. $this->login_protect($email);
82. $this->template->error("Invalid Login Details!");
83. }
84. }
85. $r = $login->row();
86. $userid = $r->ID;
87. $email = $r->email;
88.  
89. $phpass = new PasswordHash(12, false);
90. if (!$phpass->CheckPassword($pass, $r->password)) {
91. $this->login_protect($email);
92. $this->template->error("Invalid Login Details!");
93. }
94.  
95.  
96.  
97. if($this->settings->info->secure_login) {
98. // Generate a token
99. $token = rand(1,100000) . $email;
100. $token = md5(sha1($token));
101.  
102. // Store it
103. $this->login_model->updateUserToken($userid, $token);
104. } else {
105. if(empty($r->token)) {
106. // Generate a token
107. $token = rand(1,100000) . $email;
108. $token = md5(sha1($token));
109.  
110. // Store it
111. $this->login_model->updateUserToken($userid, $token);
112. } else {
113. if($r->online_timestamp + (3600*24*30*2) < time() ) {
114. // Generate a token
115. $token = rand(1,100000) . $email;
116. $token = md5(sha1($token));
117.  
118. // Store it
119. $this->login_model->updateUserToken($userid, $token);
120. } else {
121. $token = $r->token;
122. }
123. }
124. }
125.  
126. // Create Cookies
127. if ($remember == 1) {
128. $ttl = 3600*24*31;
129. } else {
130. $ttl = 3600*24*31;
131. }
132.  
133. setcookie($config . "un", $email, time()+$ttl, "/");
134. setcookie($config . "tkn", $token, time()+$ttl, "/");
135.  
136. if(!empty($redirect)) {
137. redirect(site_url(urldecode($redirect)));
138. } else {
139. redirect(base_url());
140. }
141. }
142.  
143. private function login_protect($email)
144. {
145.  
146. // Add Count
147. $s = $this->login_model
148. ->get_login_attempts($_SERVER['REMOTE_ADDR'],
149. $email, (15*60));
150. if($s->num_rows() > 0) {
151. $s = $s->row();
152. $this->login_model->update_login_attempt($s->ID, array(
153. "count" => $s->count+1
154. )
155. );
156. } else {
157. $this->login_model->add_login_attempt(array(
158. "IP" => $_SERVER['REMOTE_ADDR'],
159. "username" => $email,
160. "count" => 1,
161. "timestamp" => time()
162. )
163. );
164. }
165.  
166. }
167.  
168.  
169.  
170.  
171.  
172. public function logout($hash)
173. {
174. $this->template->set_error_view("error/login_error.php");
175. $config = $this->config->item("cookieprefix");
176. $this->load->helper("cookie");
177. if ($hash != $this->security->get_csrf_hash() ) {
178. echo'hash';
179. //$this->template->error(lang("error_6"));
180. redirect(base_url());
181. exit;
182. }
183. delete_cookie($config. "un");
184. delete_cookie($config. "tkn");
185. delete_cookie($config. "provider");
186. delete_cookie($config. "oauthid");
187. delete_cookie($config. "oauthtoken");
188. delete_cookie($config. "oauthsecret");
189. $this->session->sess_destroy();
190. redirect(base_url());
191. }
192.  
193.  
194. public function banned()
195. {
196. $this->template->set_error_view("error/login_error.php");
197. $this->template->set_layout("layout/login_layout.php");
198. $this->template->loadContent("login/banned.php", array());
199. }
200.  
201.  
202. }
203.  
204. ?>