/**
* Log the user in
*/
public static function ProcessLogin($useridoremail, $password) {
# Allow them to login in any manner:
# Email: blah@blah.com
# Pilot ID: VMA0001, VMA 001, etc
# Just ID: 001
if (is_numeric($useridoremail)) {
$useridoremail = $useridoremail - intval(Config::Get('PILOTID_OFFSET'));
$sql = 'SELECT * FROM ' . TABLE_PREFIX . 'pilots
WHERE pilotid=' . $useridoremail;
} else {
# They're logging in with an email
if (preg_match('/^.*\@.*$/i', $useridoremail) > 0) {
$emailaddress = DB::escape($useridoremail);
$sql = 'SELECT * FROM ' . TABLE_PREFIX . 'pilots
WHERE email=\'' . $useridoremail . '\'';
}
# They're loggin in with a pilot id
elseif (preg_match('/^([A-Za-z]*)(.*)(\d*)/', $useridoremail, $matches) > 0) {
$id = trim($matches[2]);
$id = $id - intval(Config::Get('PILOTID_OFFSET'));
$sql = 'SELECT * FROM ' . TABLE_PREFIX . 'pilots
WHERE pilotid=' . $id;
}
# No idea
else {
self::$error_message = 'Invalid user ID';
return false;
}
}
$password = DB::escape($password);
$userinfo = DB::get_row($sql);
if (!$userinfo) {
self::$error_message = 'This user does not exist';
return false;
}
/*if($userinfo->retired == 1)
{
self::$error_message = 'Votre compte est désactivé, contactez un staff pour réactiver votre compte';
return false;
}
if($userinfo->retired == 2)
{
self::$error_message = 'Votre compte est suspendu, veuillez contactez la direction pour avoir plus d'information';
return false;
}
if($userinfo->retired == 3)
{
self::$error_message = 'Votre compte est en mode absent, Contacter la Direction RH pour le remettre en activité';
return false;
}*/
//ok now check it
$hash = md5($password . $userinfo->salt);
if ($hash == $userinfo->password) {
self::$userinfo = $userinfo;
self::update_session(self::$session_id, self::$userinfo->pilotid);
SessionManager::Set('loggedin', 'true');
SessionManager::Set('userinfo', $userinfo);
SessionManager::Set('usergroups', PilotGroups::GetUserGroups($userinfo->pilotid));
PilotData::updateProfile($pilotid, array('lastlogin' => 'NOW()', 'lastip' => $_SERVER['REMOTE_ADDR'], ));
return true;
} else {
self::$error_message = 'Invalid login, please check your username and password';
self::LogOut();
return false;
}
}
/**
* Log them out
*/
public static function LogOut() {
#self::remove_sessions(SessionManager::GetValue('userinfo', 'pilotid'));
# Mark them as guest
self::update_session(self::$session_id, 0);
# "Ghost" entry
//self::start_session(self::$userinfo->pilotid); // Orphaned?
SessionManager::Set('loggedin', false);
SessionManager::Set('userinfo', '');
SessionManager::Set('usergroups', '');
# Delete cookie
$_COOKIE[VMS_AUTH_COOKIE] = '';
setcookie(VMS_AUTH_COOKIE, true);
self::$loggedin = false;
}
}
I don't see on line 285 a relation with in-active user.