session->username ." from ". $_SERVER['REMOTE_ADDR']); $gallery->session->username = ''; $gallery->session->language = ''; destroyGallerySession(); // Prevent the 'you have to be logged in' error message // when the user logs out of a protected album createGallerySession(); $gallery->session->gRedirDone = true; header("Location: $g1_return"); } if (!empty($username) && !empty($gallerypassword) && !empty($login)) { $userLogins = new Logins(); $userLogins->load(); $tmpUser = $gallery->userDB->getUserByUsername($username); if ($userLogins->userIslocked($username)) { $loginFailure[] = array( 'type' => 'error', 'text' => gTranslate('core', "This account is locked due too much wrong login attempts. Wait for automatic unlock, or contact an administrator.") ); } elseif ($tmpUser && $tmpUser->isCorrectPassword($gallerypassword)) { // User is successfully logged in, regenerate a new // session ID to prevent session fixation attacks createGallerySession(true); // Perform the login $tmpUser->log("login"); $tmpUser->save(); $gallery->session->username = $username; gallery_syslog("Successful login for $username from " . $_SERVER['REMOTE_ADDR']); if ($tmpUser->getDefaultLanguage() != "") { $gallery->session->language = $tmpUser->getDefaultLanguage(); } $userLogins->reset($username); $userLogins->save(); if (!$gallery->session->offline) { header("Location: $g1_return"); } else { echo ''. gTranslate('core', "SUCCEEDED") . '

'; return; } } elseif($tmpUser) { $loginFailure[] = array( 'type' => 'error', 'text' => gTranslate('core', "Invalid username or password.") ); $userLogins->addLoginTry($username); $userLogins->save(); $gallerypassword = null; gallery_syslog("Failed login for $username from " . $_SERVER['REMOTE_ADDR']); } else { $loginFailure[] = array( 'type' => 'error', 'text' => gTranslate('core', "Invalid username or password.") ); $gallerypassword = null; gallery_syslog("Failed login attempt with an invalid username from " . $_SERVER['REMOTE_ADDR']); $userLogins->addLoginTry($username); $userLogins->save(); } } elseif (!empty($login) && empty($forgot)) { $loginFailure[] = array( 'type' => 'information', 'text' => gTranslate('core', "Please enter username and password!") ); } elseif (!empty($forgot) && empty($reset_username)) { $resetInfo[] = array( 'type' => 'information', 'text' => gTranslate('core', "Please enter your username.") ); } elseif (!empty($forgot) && !empty($reset_username)) { $tmpUser = $gallery->userDB->getUserByUsername($reset_username); if ($tmpUser) { if (check_email($tmpUser->getEmail())) { if (gallery_mail( $tmpUser->email, gTranslate('core', "New password request"), sprintf(gTranslate('core', "Someone requested a new password for user %s from Gallery '%s' on %s. You can create a password by visiting the link below. If you didn't request a password, please ignore this mail. "), $reset_username, $gallery->app->galleryTitle, $gallery->app->photoAlbumURL) . "\n\n" . sprintf(gTranslate('core', "Click to reset your password: %s"), $tmpUser->genRecoverPasswordHash()) . "\n", sprintf(gTranslate('core', "New password request %s"), $reset_username))) { $tmpUser->log("new_password_request"); $tmpUser->save(); } else { $resetInfo[] = array( 'type' => 'error', 'text' => gTranslate('core', "Email could not be sent.") . "
" . sprintf(gTranslate('core', "Please contact %s administrators for a new password."), $gallery->app->galleryTitle) ); } } } if(empty($resetInfo) && empty($loginFailure)) { $resetInfo[] = array( 'type' => 'information', 'text' => sprintf(gTranslate('core', "If there is a valid email-address for this user, then an email has been sent to the address stored for %s. Follow the instructions to change your password. If you do not receive this email, please contact the Gallery administrators."), $reset_username) ); } } $title = sprintf(gTranslate('core', "Login to %s"), $gallery->app->galleryTitle); if (!$GALLERY_EMBEDDED_INSIDE) { doctype(); ?> <?php echo sprintf(gTranslate('core', "Login to %s"), $gallery->app->galleryTitle) ?>

app->galleryTitle) ?>
"; echo infoBox($loginFailure); echo "\n
"; ?>
'loginForm')); ?> 'g-form-text g-usernameInput')); echo gInput('password', 'gallerypassword', gTranslate('core', "Password"), true, null, array('class' => 'g-form-text g-passwordInput')); ?>

app->emailOn) && $gallery->app->emailOn == 'yes') { ?>
'resetForm')); echo infoBox($resetInfo); echo gInput('text', 'reset_username', gTranslate('core', "Username"), false, $username, array('class' => 'g-form-text g-usernameInput')); echo "\n

"; echo gSubmit('forgot', gTranslate('core', "Send me my password")); echo "\n

"; ?>
app->selfReg == 'yes') { ?>