diff --git a/application/controllers/Login.php b/application/controllers/Login.php index 3d8a27178..dda1a1b15 100644 --- a/application/controllers/Login.php +++ b/application/controllers/Login.php @@ -5,6 +5,7 @@ class Login extends CI_Controller public function index() { $this->load->library('migration'); + if($this->Employee->is_logged_in()) { redirect('home'); @@ -15,12 +16,6 @@ class Login extends CI_Controller $this->form_validation->set_rules('username', 'lang:login_username', 'required|callback_login_check'); - - if($this->config->item('gcaptcha_enable')) - { - $this->form_validation->set_rules('g-recaptcha-response', 'lang:login_gcaptcha', 'required|callback_gcaptcha_check'); - } - if($this->form_validation->run() == FALSE) { $this->load->view('login'); @@ -34,22 +29,22 @@ class Login extends CI_Controller public function login_check($username) { - $password = $this->input->post('password'); - - if(!$this->_installation_check()) + if(!$this->installation_check()) { $this->form_validation->set_message('login_check', $this->lang->line('login_invalid_installation')); return FALSE; } - if (!$this->migration->is_latest()) + if(!$this->migration->is_latest()) { set_time_limit(3600); // trigger any required upgrade before starting the application $this->migration->latest(); } + $password = $this->input->post('password'); + if(!$this->Employee->login($username, $password)) { $this->form_validation->set_message('login_check', $this->lang->line('login_invalid_username_and_password')); @@ -57,33 +52,55 @@ class Login extends CI_Controller return FALSE; } - return TRUE; - } - - public function gcaptcha_check($recaptchaResponse) - { - $url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . $this->config->item('gcaptcha_secret_key') . '&response=' . $recaptchaResponse . '&remoteip=' . $this->input->ip_address(); - - $ch = curl_init(); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); - curl_setopt($ch, CURLOPT_URL, $url); - $result = curl_exec($ch); - curl_close($ch); - - $status = json_decode($result, TRUE); - - if(empty($status['success'])) + if($this->config->item('gcaptcha_enable')) { - $this->form_validation->set_message('gcaptcha_check', $this->lang->line('login_invalid_gcaptcha')); + $g_recaptcha_response = $this->input->post('g-recaptcha-response'); - return FALSE; + if(!$this->gcaptcha_check($g_recaptcha_response)) + { + $this->form_validation->set_message('login_check', $this->lang->line('login_invalid_gcaptcha')); + + return FALSE; + } } return TRUE; } - private function _installation_check() + private function gcaptcha_check($response) + { + if(!empty($response)) + { + $check = array( + 'secret' => $this->config->item('gcaptcha_secret_key'), + 'response' => $response, + 'remoteip' => $this->input->ip_address() + ); + + $ch = curl_init(); + + curl_setopt($ch, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify"); + curl_setopt($ch, CURLOPT_POST, TRUE); + curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($check)); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); + + $result = curl_exec($ch); + + curl_close($ch); + + $status = json_decode($result, TRUE); + + if(!empty($status['success'])) + { + return TRUE; + } + } + + return FALSE; + } + + private function installation_check() { // get PHP extensions and check that the required ones are installed $extensions = implode(', ', get_loaded_extensions());