| [ PHPXref.com ] | [ Generated: Sun Jul 20 18:52:10 2008 ] | [ MuCMS 1.21 ] |
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 /* 3 * Copyright (C) 2006 Matthew Craig 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License 7 * as published by the Free Software Foundation; either version 2 8 * of the License, or (at your option) any later version. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, write to the Free Software 17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 18 * 19 * Matthew Craig 20 * 2501 Riverside Dr Apt 309 21 * Coral Springs, FL 33065 22 * matt@taggedzi.com 23 */ 24 25 /* 26 * 27 * 28 * Filename: login.php 29 * Date: 03 April 2006 30 * Written by: Matthew Craig 31 * Copyright: (c) Copyright 2006 Matthew Craig. All rights Reserved. 32 * Description: This is the login page for MuCMS. 33 * 34 * dependencies: This is dependent on 35 * - class.data.php : The data class object 36 * - cleaner.php : Sterilizes the input string from the user 37 * - makeHTML.php : Create the actual page output 38 * - silver. php : the Password MD5 39 * - silverload.php : the password log for locking the site, and tracking usage. 40 * - class.phpmailer.php : this is an externally generated php class (not created by Matthew Craig) for performing mail through php. It is used here for smtp mail, so that a server running MuCMS does not have to have a mail binary connected to php. 41 * 42 */ 43 44 // Start Session 45 session_start(); 46 47 include_once ('cleaner.php'); 48 include_once ('class.data.php'); 49 include_once ('makeHTML.php'); 50 51 $login = new Admin; 52 53 // If they have been aproved skip all other steps 54 if ($_SESSION['aproval']== 'authorized' ) { 55 $content = '<table width="50%"> 56 <tr> 57 <td> 58 <p>You are already logged in. Please <a href="index.php">Click Here</a> to continue.</p> 59 </td> 60 </tr> 61 </table>'; 62 MakeHTML ('Login Succes', $content); 63 exit; 64 } 65 66 // this saved the Login Count : This is a helper function 67 function SaveCount($num, $offset = 300 , $note) { 68 if(file_exists('silverload.php')) { 69 $time = time() + ($offset * 60); 70 if ($note) { 71 $sender = '<?php $SilverLoad = ' . $num . '; $SilverPoisen = ' . $time . '; $Notified = True; ?>'; 72 } else { 73 $sender = '<?php $SilverLoad = ' . $num . '; $SilverPoisen = ' . $time . '; $Notified = False; ?>'; 74 } 75 $fp = @fopen('silverload.php','wb'); 76 fwrite ($fp, $sender); 77 fclose($fp); 78 } else { 79 $sender = '<?php $SilverLoad=0; $SilverPoisen=0; $Notified = FALSE; ?>'; 80 $fp = @fopen('silverload.php','wb'); 81 fwrite ($fp, $sender); 82 fclose($fp); 83 } 84 } 85 86 // Verify that the Password and Lock file exist - or Lock the site 87 if(file_exists('silverload.php') && file_exists('silver.php')) { 88 include_once ('silverload.php'); 89 include_once('silver.php'); 90 } else { 91 $content = '<table> 92 <tr> 93 <td> 94 <p>If this CMS has already been installed this site\'s administrative controls have been tampered with. This is now locked. Contact your administrator to fix this problem.</p> 95 <p>If this site has not been installed <a href="install.php">Click Here</a></p> 96 </td> 97 </tr> 98 </table>'; 99 MakeHTML('UnAuthorized Modification', $content); 100 exit; 101 } 102 103 // Check Number of Login Attempts if greater than Max Lock server login functions 104 if ($SilverLoad > $login->MaxLogin) { 105 // if the Max Login Attempts have been reached check the time. If the right time has elapsed release the lock down 106 if ( time() >= $SilverPoisen) { 107 // If enough time has passed 108 $ServerLocked = False; 109 // Reset the counter 110 $SilverLoad = 0; 111 // Save it 112 SaveCount ($SilverLoad, $login->LockTime, FALSE ); 113 } else { 114 // If enough time has not passed keep the server locked. 115 $ServerLocked = True; 116 if ($login->NotifyAdmin && !$Notified) { 117 require_once ("class.phpmailer.php"); 118 //require_once('mailconfig.php'); 119 $mail = new PHPMailer(); 120 $mail->From = $login->from_email; 121 $mail->FromName = $login->from_name; 122 $mail->Host = $login->smtp_host; 123 $mail->Mailer = "smtp"; // '' if using binary mail program, 'smtp' to use smtp service 124 $mail->SMTPAuth = true; // if a password is required 125 $mail->Port = $login->smtp_port; 126 $mail->Username = $login->smtp_username; 127 $mail->Password = $login->smtp_userpass; 128 $mail->Priority = $login->priority; 129 130 $mail->Subject = 'Alert! Potential Website Problems'; 131 $body = '<html> 132 <head></head> 133 <body> 134 <table width="640"> 135 <tr> 136 <td> 137 <h1><font color="#ff0000">Alert! This is an Automated Alert!</font></h1> 138 <p>This is an automated message do not respond to this address</p> 139 <p>Your Server at ' . $_SERVER["PHP_SELF"] . ' is experiencing a potential problem.</p> 140 <p>Someone from the IP address of ' . $_SERVER["REMOTE_ADDR"] . ' has attempted to login to your site and failed to use the correct password.</p> 141 <p>If you see this message more than once, they have attempted multiple times (5 times per email).</p> 142 </td> 143 </tr> 144 </table> 145 </body> 146 </html>'; 147 148 // Plain text body (for mail clients that cannot read HTML) 149 $text_body = "Alert! This is an automated Alert!\n\n"; 150 $text_body .= "This is an automated message do not respond to this address.\n\n"; 151 $text_body .= "Your Server at " . $_SERVER["PHP_SELF"] . " is experiencing a potential problem. \n"; 152 $text_body .= "Someone from the IP address of " . $_SERVER["REMOTE_ADDR"] . " has attempted to login to your site and failed to use the correct password.\n"; 153 $text_body .= "If you see this message more than once, they have attempted multiple times (5 times per email)."; 154 $mail->Body = $body; 155 $mail->AltBody = $text_body; 156 $mail->AddAddress($login->AdminEmail); 157 $mail->Send(); 158 // Clear all addresses and attachments for next loop 159 $mail->ClearAddresses(); 160 $mail->ClearAttachments(); 161 SaveCount ($SilverLoad, $login->LockTime, TRUE ); 162 } else { 163 // If email is not enabled.... what to do... nothing for now 164 } 165 } 166 167 } else { 168 $ServerLocked = False; 169 } 170 171 if ($ServerLocked) { 172 $content = '<table> 173 <tr> 174 <td> 175 <p>Aproximatly ' . round(($SilverPoisen - time()) / 60) . ' Minutes remaining until next avaliable login.</p> 176 <p>Your IP address has been logged and the administrator has been notified. ' . $_SERVER["REMOTE_ADDR"] . ':' . $_SERVER["REMOTE_HOST"] . '</p> 177 </td> 178 </tr> 179 </table>'; 180 MakeHTML('Login system Locked', $content); 181 exit; 182 } 183 184 if (isset($_POST['minor']) && isset($_POST['password'])) { 185 // Sterilize data 186 $password = trim(SemiSterilizeInputString ($_POST['password'])); 187 // Save 188 SaveCount ( $SilverLoad+1, ($login->LockTime) , FALSE ); 189 // include_once('class.data.php'); 190 if (md5($password) == $silver) { 191 $_SESSION['aproval'] = 'authorized'; 192 $content = '<table> 193 <tr> 194 <td> 195 <p>There have been ' . $SilverLoad . ' login attempts before success.</p> 196 <p>Please <a href="index.php">Click Here</a> to continue.</p> 197 </td> 198 </tr> 199 </table>'; 200 MakeHTML('Login Success', $content); 201 SaveCount ( 0 , 0 , FALSE); 202 } else { 203 $content = '<table> 204 <tr> 205 <td> 206 <form action="login.php" method="post"> 207 <input type="password" name="password" onFocus="this.className=\'Active\'" onBlur="this.className=\'Passive\'" tabindex="1" accesskey="P"/> 208 <input type="submit" value="Login" name="minor" accesskey="S" tabindex="2" /> 209 </form> 210 <p>Failed Attempts: ' . $SilverLoad . '</p> 211 </td> 212 </tr> 213 </table>'; 214 MakeHTML('Login Failed', $content); 215 } 216 } else { 217 $content = '<table> 218 <tr> 219 <td> 220 <form action="login.php" method="post"> 221 <input type="password" name="password" onFocus="this.className=\'Active\'" onBlur="this.className=\'Passive\'" tabindex="1" accesskey="P" /> 222 <input type="submit" value="Login" name="minor" accesskey="S" tabindex="2" /> 223 </form> 224 </td> 225 </tr> 226 </table>'; 227 MakeHTML('Login', $content); 228 } 229 230 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| [ Powered by PHPXref - Served by Debian GNU/Linux ] |