|
|
|
|
@ -82,34 +82,44 @@ |
|
|
|
|
// any users? |
|
|
|
|
if ($user_counter>0) { |
|
|
|
|
// compare passwords |
|
|
|
|
if(!strcmp(md5($user_pass), $users[0]['user_pass'])) { |
|
|
|
|
// all ok: user is logged in, register session data |
|
|
|
|
$_SESSION['suser_id'] = $users[0]['user_id']; |
|
|
|
|
$_SESSION['suser_displayname'] = $users[0]['user_displayname']; |
|
|
|
|
$_SESSION['suser_language'] = $users[0]['user_language']; |
|
|
|
|
$_SESSION['suser_imagesize'] = $users[0]['user_imagesize']; |
|
|
|
|
$_SESSION['suser_imagecount'] = $users[0]['user_imagecount']; |
|
|
|
|
$_SESSION['suser_mac'] = $users[0]['user_mac']; |
|
|
|
|
$_SESSION['suser_dateformat'] = $users[0]['user_dateformat']; |
|
|
|
|
$_SESSION['suser_dns1suffix'] = $users[0]['user_dns1suffix']; |
|
|
|
|
$_SESSION['suser_dns2suffix'] = $users[0]['user_dns2suffix']; |
|
|
|
|
$_SESSION['suser_menu_assets'] = $users[0]['user_menu_assets']; |
|
|
|
|
$_SESSION['suser_menu_assetclasses'] = $users[0]['user_menu_assetclasses']; |
|
|
|
|
$_SESSION['suser_menu_assetclassgroups'] = $users[0]['user_menu_assetclassgroups']; |
|
|
|
|
$_SESSION['suser_menu_locations'] = $users[0]['user_menu_locations']; |
|
|
|
|
$_SESSION['suser_menu_nodes'] = $users[0]['user_menu_nodes']; |
|
|
|
|
$_SESSION['suser_menu_subnets'] = $users[0]['user_menu_subnets']; |
|
|
|
|
$_SESSION['suser_menu_users'] = $users[0]['user_menu_users']; |
|
|
|
|
$_SESSION['suser_menu_vlans'] = $users[0]['user_menu_vlans']; |
|
|
|
|
$_SESSION['suser_menu_zones'] = $users[0]['user_menu_zones']; |
|
|
|
|
$_SESSION['suser_tooltips'] = $users[0]['user_tooltips']; |
|
|
|
|
if(!strcmp(md5($user_pass), rtrim($users[0]['user_pass']))) { |
|
|
|
|
// all ok: user is logged in |
|
|
|
|
|
|
|
|
|
// md5 match but outdated. rewrite with new algo |
|
|
|
|
$newhash = password_hash($user_pass, PASSWORD_BCRYPT); |
|
|
|
|
$query = "UPDATE user SET user_pass='" . $newhash. "' WHERE user_id=" . $users[0]['user_id']; |
|
|
|
|
$db->db_update($query); |
|
|
|
|
|
|
|
|
|
} else { |
|
|
|
|
return FALSE; |
|
|
|
|
if (! password_verify($user_pass, $users[0]['user_pass'])) { |
|
|
|
|
return FALSE; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} else { |
|
|
|
|
return FALSE; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// register session data |
|
|
|
|
$_SESSION['suser_id'] = $users[0]['user_id']; |
|
|
|
|
$_SESSION['suser_displayname'] = $users[0]['user_displayname']; |
|
|
|
|
$_SESSION['suser_language'] = $users[0]['user_language']; |
|
|
|
|
$_SESSION['suser_imagesize'] = $users[0]['user_imagesize']; |
|
|
|
|
$_SESSION['suser_imagecount'] = $users[0]['user_imagecount']; |
|
|
|
|
$_SESSION['suser_mac'] = $users[0]['user_mac']; |
|
|
|
|
$_SESSION['suser_dateformat'] = $users[0]['user_dateformat']; |
|
|
|
|
$_SESSION['suser_dns1suffix'] = $users[0]['user_dns1suffix']; |
|
|
|
|
$_SESSION['suser_dns2suffix'] = $users[0]['user_dns2suffix']; |
|
|
|
|
$_SESSION['suser_menu_assets'] = $users[0]['user_menu_assets']; |
|
|
|
|
$_SESSION['suser_menu_assetclasses'] = $users[0]['user_menu_assetclasses']; |
|
|
|
|
$_SESSION['suser_menu_assetclassgroups'] = $users[0]['user_menu_assetclassgroups']; |
|
|
|
|
$_SESSION['suser_menu_locations'] = $users[0]['user_menu_locations']; |
|
|
|
|
$_SESSION['suser_menu_nodes'] = $users[0]['user_menu_nodes']; |
|
|
|
|
$_SESSION['suser_menu_subnets'] = $users[0]['user_menu_subnets']; |
|
|
|
|
$_SESSION['suser_menu_users'] = $users[0]['user_menu_users']; |
|
|
|
|
$_SESSION['suser_menu_vlans'] = $users[0]['user_menu_vlans']; |
|
|
|
|
$_SESSION['suser_menu_zones'] = $users[0]['user_menu_zones']; |
|
|
|
|
$_SESSION['suser_tooltips'] = $users[0]['user_tooltips']; |
|
|
|
|
|
|
|
|
|
// no errors found, return |
|
|
|
|
return TRUE; |
|
|
|
|
} |
|
|
|
|
|
Thomas Hooge
1 year ago