Cheetah
member.php
Go to the documentation of this file.
1 <?php
2 
8 define('CH_MEMBER_PAGE', 1);
9 
10 define('CH_LOGIN_BY_ID', true);
11 define('CH_LOGIN_BY_NICK', true);
12 define('CH_LOGIN_BY_EMAIL', true);
13 
14 require_once('inc/header.inc.php');
15 require_once(CH_DIRECTORY_PATH_INC . 'design.inc.php');
16 require_once(CH_DIRECTORY_PATH_INC . 'profiles.inc.php');
17 require_once(CH_DIRECTORY_PATH_INC . 'utils.inc.php');
18 
19 ch_import('ChTemplAccountView');
20 
21 // --------------- page variables and login
22 $_page['name_index'] = 81;
23 $_page['css_name'] = array(
24  'member_panel.css',
25  'categories.css',
26  'explanation.css'
27 );
28 
29 $_page['header'] = _t("_My Account");
30 
31 // --------------- GET/POST actions
32 
33 $member['ID'] = process_pass_data(empty($_POST['ID']) ? '' : $_POST['ID']);
34 $member['Password'] = process_pass_data(empty($_POST['Password']) ? '' : $_POST['Password']);
35 
36 $bAjxMode = (isset($_SERVER['HTTP_X_REQUESTED_WITH']) and $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') ? true : false;
37 
38 if (!(isset($_POST['ID']) && $_POST['ID'] && isset($_POST['Password']) && $_POST['Password'])
39  && ((!empty($_COOKIE['memberID']) && $_COOKIE['memberID']) && $_COOKIE['memberPassword'])) {
40  if (!($logged['member'] = member_auth(0, false))) {
41  login_form(_t("_LOGIN_OBSOLETE"), 0, $bAjxMode);
42  }
43 } else {
44  if (!isset($_POST['ID']) && !isset($_POST['Password'])) {
45 
46  // this is dynamic page - send headers to not cache this page
47  send_headers_page_changed();
48 
49  login_form('', 0, $bAjxMode);
50  } else {
51  require_once(CH_DIRECTORY_PATH_CLASSES . 'ChWsbAlerts.php');
52  $oZ = new ChWsbAlerts('profile', 'before_login', 0, 0, array('login' => $member['ID'], 'password' => $member['Password'], 'ip' => getVisitorIP()));
53  $oZ->alert();
54 
55  if(!CH_LOGIN_BY_ID) {
56  // Do not allow logins by ID.
57  if(ctype_digit($member['ID'])) {
58  echo 'Fail';
59  exit;
60  }
61  }
62 
63  if(!CH_LOGIN_BY_NICK) {
64  // Do not allow logins by nickname.
65  $sNickName = $GLOBALS['MySQL']->getOne("SELECT `NickName` FROM `Profiles` WHERE `NickName`= ? LIMIT 1", [$member['ID']]);
66  if($sNickName == $member['ID']) {
67  echo 'Fail';
68  exit;
69  }
70  }
71 
72  if(!CH_LOGIN_BY_EMAIL) {
73  // Do not allow logins by email.
74  if(filter_var($member['ID'], FILTER_VALIDATE_EMAIL)) {
75  echo 'Fail';
76  exit;
77  }
78  }
79 
80  $member['ID'] = getID($member['ID']);
81 
82  // Ajaxy check
83  if ($bAjxMode) {
84  echo check_password($member['ID'], $member['Password'], CH_WSB_ROLE_MEMBER, false) ? 'OK' : 'Fail';
85  exit;
86  }
87 
88  // Check if ID and Password are correct (addslashes already inside)
89  if (check_password($member['ID'], $member['Password'])) {
90  $p_arr = ch_login($member['ID'], (bool)$_POST['rememberMe']);
91 
92  ch_member_ip_store($p_arr['ID']);
93 
94  if (isAdmin($p_arr['ID'])) {
95  $iId = (int)$p_arr['ID'];
96  }
97  $sRelocate = ch_get('relocate');
98  if (!$sUrlRelocate = $sRelocate or $sRelocate == $site['url'] or basename($sRelocate) == 'join.php' or 0 !== mb_stripos($sRelocate, CH_WSB_URL_ROOT)) {
99  $sUrlRelocate = CH_WSB_URL_ROOT . 'member.php';
100  }
101 
102  $_page['name_index'] = 150;
103  $_page['css_name'] = '';
104 
105  $_ni = $_page['name_index'];
106  $_page_cont[$_ni]['page_main_code'] = MsgBox(_t('_Please Wait'));
107  $_page_cont[$_ni]['url_relocate'] = ch_js_string($sUrlRelocate);
108 
109  if (isAdmin($p_arr['ID']) && !in_array($iCode, array(0, -1))) {
110  Redirect($site['url_admin'], array('ID' => $member['ID'], 'Password' => $member['Password'], 'rememberMe' => $_POST['rememberMe'], 'relocate' => $sUrlRelocate), 'post');
111  }
112  PageCode();
113  }
114  exit;
115  }
116 }
117 /* ------------------ */
118 
119 $member['ID'] = getLoggedId();
120 $member['Password'] = getLoggedPassword();
121 
122 $_ni = $_page['name_index'];
123 
124 // --------------- [END] page components
125 
126 // --------------- page components functions
127 
128 // this is dynamic page - send headers to do not cache this page
129 send_headers_page_changed();
130 $oAccountView = new ChTemplAccountView($member['ID'], $site, $dir);
131 $_page_cont[$_ni]['page_main_code'] = $oAccountView->getCode();
132 
133 // Submenu actions
134 $aVars = array(
135  'ID' => $member['ID'],
136  'BaseUri' => CH_WSB_URL_ROOT,
137  'cpt_am_account_profile_page' => _t('_sys_am_account_profile_page')
138 );
139 
140 $GLOBALS['oTopMenu']->setCustomSubActions($aVars, 'AccountTitle', false);
141 
142 PageCode();
getVisitorIP
getVisitorIP($isProxyCheck=true)
Definition: utils.inc.php:643
ch_login
ch_login($iId, $bRememberMe=false, $bAlert=true)
Definition: profiles.inc.php:514
$_ni
$_ni
Definition: member.php:122
getLoggedPassword
getLoggedPassword()
Definition: profiles.inc.php:36
MsgBox
MsgBox($sText, $iTimer=0)
Definition: design.inc.php:175
$member
$member['ID']
Definition: member.php:33
ch_js_string
ch_js_string($mixedInput, $iQuoteType=CH_ESCAPE_STR_AUTO)
Definition: utils.inc.php:1294
ch_import
ch_import($sClassName, $aModule=array())
Definition: utils.inc.php:1218
$_page_cont
$_page_cont[$_ni]['page_main_code']
Definition: member.php:131
ch_get
ch_get($sName)
Definition: utils.inc.php:1664
check_password
check_password($sUsername, $sPassword, $iRole=CH_WSB_ROLE_MEMBER, $error_handle=true)
Definition: admin.inc.php:296
php
$oZ
$oZ
Definition: db.php:20
$iId
$iId
Definition: license.php:15
login_form
login_form($text="", $member=0, $bAjaxMode=false, $sLoginFormParams='')
Definition: admin.inc.php:13
send_headers_page_changed
send_headers_page_changed()
Definition: design.inc.php:99
$bAjxMode
$bAjxMode
Definition: member.php:36
CH_LOGIN_BY_ID
const CH_LOGIN_BY_ID
Definition: member.php:10
isAdmin
isAdmin()
Definition: index.php:649
ch_member_ip_store
ch_member_ip_store($iMemberId, $sIP=false)
Definition: utils.inc.php:1799
Redirect
Redirect($ActionURL, $Params=null, $Method="get", $Title='Redirect')
Definition: utils.inc.php:432
ChWsbAlerts
Definition: ChWsbAlerts.php:39
exit
exit
Definition: cart.php:21
and
and
Definition: license.txt:18
getLoggedId
getLoggedId()
Definition: profiles.inc.php:32
CH_LOGIN_BY_EMAIL
const CH_LOGIN_BY_EMAIL
Definition: member.php:12
$site
$site['ver']
Definition: version.inc.php:8
_t
_t($key, $arg0="", $arg1="", $arg2="")
Definition: languages.inc.php:509
PageCode
PageCode($oTemplate=null)
Definition: design.inc.php:91
member_auth
member_auth($member=0, $error_handle=true, $bAjx=false)
Definition: admin.inc.php:262
CH_WSB_ROLE_MEMBER
const CH_WSB_ROLE_MEMBER
Definition: profiles.inc.php:16
process_pass_data
process_pass_data($text, $strip_tags=0)
Definition: utils.inc.php:290
$oAccountView
$oAccountView
Definition: member.php:130
$logged
$logged['member']
Definition: activation_email.php:16
getID
getID( $str, $with_email=1)
Definition: admin.inc.php:139
$p_arr
$p_arr
Definition: profile.php:68
$aVars
$aVars
Definition: member.php:134
CH_LOGIN_BY_NICK
const CH_LOGIN_BY_NICK
Definition: member.php:11
empty
Attr AllowedRel this is empty
Definition: Attr.AllowedRel.txt:7
$_page
$_page['name_index']
Definition: member.php:22
ChTemplAccountView
Definition: ChTemplAccountView.php:11
$GLOBALS
$GLOBALS['iAdminPage']
Definition: advanced_settings.php:10
or
Voluntary License Schemes The Licensor waives the right to collect whether individually or
Definition: license.txt:37
$dir
$dir
Definition: config.php:10
Generated by doxygen 1.8.20