| Server IP : 162.214.74.102 / Your IP : 216.73.217.80 Web Server : Apache System : Linux dedi-4363141.lrsys.com.br 3.10.0-1160.119.1.el7.tuxcare.els25.x86_64 #1 SMP Wed Oct 1 17:37:27 UTC 2025 x86_64 User : lrsys ( 1015) PHP Version : 5.6.40 Disable Function : exec,passthru,shell_exec,system MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/lrsys/public_html/lrsys_apps/leve/application/controllers/ |
Upload File : |
<?php
// *************************************************************************
// * *
// * iBilling - Accounting, Billing Software *
// * Copyright (c) Sadia Sharmin. All Rights Reserved *
// * *
// *************************************************************************
// * *
// * Email: sadiasharmin3139@gmail.com *
// * Website: http://www.sadiasharmin.com *
// * *
// *************************************************************************
// * *
// * This software is furnished under a license and may be used and copied *
// * only in accordance with the terms of such license and with the *
// * inclusion of the above copyright notice. *
// * If you Purchased from Codecanyon, Please read the full License from *
// * here- http://codecanyon.net/licenses/standard *
// * *
// *************************************************************************
$do = route(1);
if ($do == '') {
$do = 'login-display';
}
switch ($do) {
case 'post':
$username = _post('username');
$password = _post('password');
// Tratamento do login pelo Google
$google_client_id = '142857919784-nos9c73050eohn1hccj2uho39m4crkmf.apps.googleusercontent.com';
$GoogleOAuth2Token = _post('GoogleOAuth2Token');
$google_email_verified = false;
if(!empty($GoogleOAuth2Token)){
$response = file_get_contents("https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=".$GoogleOAuth2Token);
$token_info = json_decode($response);
if ($token_info && $token_info->aud === $google_client_id && $token_info->email_verified == 'true') {
$username = $token_info->email;
$google_email_verified = true;
}
}
$after = route(2);
$rd = U . $config['redirect_url'] . '/';
if ($after != '') {
$after = str_replace('*', '/', $after);
$rd = U . $after . '/';
}
if ($username != '' AND ($password != '' || $google_email_verified == true)) {
$d = ORM::for_table('sys_users')->where('username', $username)->find_one();
if ($d) {
$d_pass = $d['password'];
if (Password::_verify($password, $d_pass) == true || $google_email_verified == true) {
//Now check if OTP is enabled
if ($d['otp'] == 'Yes') {
// Otp::make($d['id']);
// $_SESSION['tuid'] = $d['id'];
//
// r2(U.'otp');
} else {
$_SESSION['uid'] = $d->id;
$d->last_login = date('Y-m-d H:i:s');
if (strlen($d->autologin) > 20) {
$str = $d->autologin;
} else {
$str = Ib_Str::random_string(20) . $d->id;
}
$d->autologin = $str;
$d->save();
//login log
buscaVersoesPluginsExterno();
setcookie('ib_at', $str, time() + (86400 * 180), "/"); // 86400 = 1 day
_log($_L['Login Successful'] . ' ' . $username, 'Admin', $d['id']);
setcookie("tplsub", 'default', time() + 15552000);
if (!isset($config['build']) OR ( $config['build'] < $file_build)) {
r2(U . 'update/');
}
// if ((isset($routes['2'])) AND (($routes['2'] != ''))){
// $rd = $routes['2'];
// exit($rd);
// }
r2($rd);
}
} else {
_msglog('e', $_L['Invalid Username or Password']);
_log($_L['Failed Login'] . ' ' . $username, 'Admin');
r2(U . 'login');
}
} else {
_msglog('e', $_L['Invalid Username or Password']);
r2(U . 'login/');
}
} else {
_msglog('e', $_L['Invalid Username or Password']);
r2(U . 'login/');
}
break;
case 'login-display':
// added param after
$ui->display('login.tpl');
break;
case 'forgot-pw':
$ui->display('forgot-pw.tpl');
break;
case 'forgot-pw-post':
$username = _post('username');
$d = ORM::for_table('sys_users')->where('username', $username)->find_one();
if ($d) {
$xkey = _raid('10');
$d->pwresetkey = $xkey;
$d->keyexpire = time() + 3600;
$d->save();
$e = ORM::for_table('sys_email_templates')->where('tplname', 'Admin:Password Change Request')->find_one();
$subject = new Template($e['subject']);
$subject->set('business_name', $config['CompanyName']);
$subj = $subject->output();
$message = new Template($e['message']);
$message->set('name', $d['fullname']);
$message->set('business_name', $config['CompanyName']);
$message->set('password_reset_link', U . 'login/pwreset-validate/' . $d['id'] . '/token_' . $xkey);
$message->set('username', $d['username']);
$message->set('ip_address', $_SERVER["REMOTE_ADDR"]);
$message_o = $message->output();
Notify_Email::_send($d['fullname'], $d['username'], $subj, $message_o);
_msglog('s', $_L['Check your email to reset Password']);
r2(U . 'login/');
} else {
_msglog('e', $_L['User Not Found'] . '!');
r2(U . 'login/forgot-pw/');
}
break;
case 'pwreset-validate':
$v_uid = $routes['2'];
$v_token = $routes['3'];
$v_token = str_replace('token_', '', $v_token);
$d = ORM::for_table('sys_users')->find_one($v_uid);
if ($d) {
$d_token = $d['pwresetkey'];
if ($v_token != $d_token) {
r2(U . 'login/', 'e', $_L['Invalid Password Reset Key'] . '!');
}
$keyexpire = $d['keyexpire'];
$ctime = time();
if ($ctime > $keyexpire) {
r2(U . 'login/', 'e', $_L['Password Reset Key Expired']);
}
$password = _raid('6');
$npassword = Password::_crypt($password);
$d->password = $npassword;
$d->pwresetkey = '';
$d->keyexpire = '0';
$d->save();
$e = ORM::for_table('sys_email_templates')->where('tplname', 'Admin:New Password')->find_one();
$subject = new Template($e['subject']);
$subject->set('business_name', $config['CompanyName']);
$subj = $subject->output();
$message = new Template($e['message']);
$message->set('name', $d['fullname']);
$message->set('business_name', $config['CompanyName']);
$message->set('login_url', U . 'login/');
$message->set('username', $d['username']);
$message->set('password', $password);
$message_o = $message->output();
Notify_Email::_send($d['fullname'], $d['username'], $subj, $message_o);
_msglog('s', $_L['Check your email to reset Password'] . '.');
r2(U . 'login/');
}
break;
case 'where':
r2(U . 'login');
break;
case 'after':
$after = route(2);
$ui->assign('after', $after);
$ui->display('login.tpl');
break;
default:
$ui->display('login.tpl');
break;
}