| [ PHPXref.com ] | [ Generated: Sun Jul 20 19:05:01 2008 ] | [ OneOrZero 1.6.3 ] |
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * file: login.php 5 * 6 * This file will check to see if the user is logged in already via a cookie...if not, 7 * logged in, it will do the login script and set the cookie so the user can login. 8 * The cookie will be checked against all of the remaining pages that require login.php. 9 * 10 * Note: This file needs to be required of all pages that require a user to be logged in. 11 * 12 /*************************************************************************** 13 * This program is free software; you can redistribute it and/or 14 * modify it under the terms of the GNU General Public 15 * License as published by the Free Software Foundation; either 16 * version 2.1 of the License, or (at your option) any later version. 17 * 18 * This program is distributed in the hope that it will be useful, 19 * but WITHOUT ANY WARRANTY; without even the implied warranty of 20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 21 * General Public License for more details. 22 * 23 * You should have received a copy of the GNU General Public 24 * License along with This program; if not, write to: 25 * Free Software Foundation, Inc. 26 * 59 Temple Place 27 * Suite 330 28 * Boston, MA 02111-1307 USA 29 * 30 * Copyright 2005 One or Zero 31 * info@oneorzero.com 32 * http://www.oneorzero.com 33 * Developers: OneOrZero Team / Contributors: OneOrZero Community 34 ****************************************************************************/ 35 36 //Handle Error Messages 37 if (isset($_GET[error])){ 38 // check the cookie first. 39 if (!isCookieSet()) { 40 if (eregi("supporter", $_SERVER[PHP_SELF]) || eregi("admin", $_SERVER[PHP_SELF])){ 41 require_once "../common/style.php"; 42 require_once "../lang/$default_language.lang.php"; 43 require_once "../common/common.php"; 44 }else{ 45 require_once "common/style.php"; 46 require_once "lang/$default_language.lang.php"; 47 require_once "common/common.php"; 48 } 49 } 50 51 switch($_GET[error]){ 52 case (1): 53 $error_message = $lang_wronglogin.'<br><br><a href=index.php>'.$lang_click_here.'</a>'; 54 break; 55 case (2): 56 $error_message = $lang_wronglogin.'<br><br><a href=index.php>'.$lang_click_here.'</a>'; 57 break; 58 case (3): 59 $error_message = $lang_notsupporter.'<br><br><a href=../index.php>'.$lang_click_here.'</a>'; 60 break; 61 case (4): 62 $error_message = $lang_wronglogin.'<br><br><a href=index.php>'.$lang_click_here.'</a>'; 63 break; 64 case (5): 65 $error_message = $lang_notadmin.'<br><br><a href=index.php>'.$lang_click_here.'</a>'; 66 break; 67 default: 68 } 69 echo '<TABLE class=border cellSpacing=0 cellPadding=0 width=' . $theme['width'] . ' align=center border=0> 70 <TR> 71 <TD> 72 <TABLE cellSpacing=1 cellPadding=5 width="100%" border=0> 73 <TR> 74 <TD class=hf class=info align=center><strong>' . $helpdesk_name . '</strong></TD> 75 </TR> 76 <TR> 77 <TD class=back> 78 <TABLE border=0 width="100%"> 79 <TR> 80 <TD class=back vAlign=top><BR>'; 81 printError($error_message,"40%"); 82 echo ' </TD> 83 </TR> 84 </TABLE> 85 </TD> 86 </TR> 87 </TABLE></Table>'; 88 if (eregi("supporter", $_SERVER[PHP_SELF]) || eregi("admin", $_SERVER[PHP_SELF])) 89 require "../common/footer.php"; 90 else 91 require "common/footer.php"; 92 93 94 unset($_GET[error]); 95 exit; 96 } 97 // set the start time so we can calculate how long it takes to load the page. 98 $mtime1 = explode(" ", microtime()); 99 $starttime = $mtime1[0] + $mtime1[1]; 100 // require_once "../common/common.php"; 101 if (eregi("supporter", $_SERVER[PHP_SELF]) || eregi("admin", $_SERVER[PHP_SELF])) 102 require_once "../lang/$default_language.lang.php"; 103 else 104 require_once "lang/$default_language.lang.php"; 105 106 session_start(); 107 $password = getMD5(); 108 // if submit has been hit, set the cookie and reload the page immediately so the cookie takes effect. 109 if (isset($_POST[login])) { 110 // if admin is contained in the url, we need to make sure the user is an 111 // admin before letting them login. 112 if (ereg("/admin/", $_SERVER[HTTP_REFERER])) { 113 // check the user name and password against the database. 114 if (checkUser($_POST[user], $password)) { 115 if (isAdministrator($_POST[user])) { 116 $_SESSION[user] = $_POST[user]; 117 $_SESSION[enc_pwd] = $password; 118 session_write_close(); 119 header("Location: $_SERVER[HTTP_REFERER]"); 120 } else { 121 // echo $lang_notadmin; 122 header("Location: index.php?error=5"); 123 exit; 124 } 125 } else { 126 // echo $lang_wronglogin; 127 // exit; 128 header("Location: index.php?error=4"); 129 exit; 130 } 131 } elseif (ereg("/supporter/", $_SERVER[HTTP_REFERER])) { 132 // check the user name and password against the database. 133 if (checkUser($_POST[user], $password)) { 134 if (isSupporter($_POST[user])) { 135 $_SESSION[user] = $_POST[user]; 136 $_SESSION[enc_pwd] = $password; 137 session_write_close(); 138 header("Location: $_SERVER[HTTP_REFERER]"); 139 } else { 140 // echo $lang_notsupporter; 141 // exit; 142 header("Location: index.php?error=3"); 143 exit; 144 } 145 } else { 146 header("Location: index.php?error=2"); 147 exit; 148 //echo $lang_wronglogin; 149 150 } 151 } 152 // otherwise, the user is not logging in to the admin site. 153 else { 154 // check the user name and password against the database. 155 if (checkUser($_POST[user], $password)) { 156 $_SESSION[user] = $_POST[user]; 157 $_SESSION[enc_pwd] = $password; 158 session_write_close(); 159 header("Location: $_SERVER[HTTP_REFERER]"); 160 } else { 161 //echo $lang_wronglogin; 162 header("Location: index.php?error=1"); 163 //echo $lang_contactadmin; 164 exit; 165 } 166 } 167 } 168 // check the cookie first. 169 if (!isCookieSet()) { 170 if (eregi("supporter", $_SERVER[PHP_SELF]) || eregi("admin", $_SERVER[PHP_SELF])) 171 require_once "../common/style.php"; 172 else 173 require_once "common/style.php"; 174 175 echo ' 176 177 178 <script language="JavaScript"> 179 function setfocus(){ 180 document.login.user.focus(); 181 } 182 </script> 183 </head> 184 <body bgcolor=' . $theme['bgcolor'] . ' onload="setfocus()"> 185 <form name=login method=post> 186 <TABLE class=border cellSpacing=0 cellPadding=0 width=' . $theme['width'] . ' align=center border=0> 187 <TR> 188 <TD> 189 <TABLE cellSpacing=1 cellPadding=5 width="100%" border=0> 190 <TR> 191 <TD class=hf class=info align=center><strong>' . $helpdesk_name . '</strong></TD> 192 </TR> 193 <TR> 194 <TD class=back> 195 <TABLE border=0 width="100%"> 196 <TR> 197 <TD class=back vAlign=top><BR> 198 199 200 <TABLE class=border cellSpacing=0 cellPadding=0 width="40%" align=center border=0> 201 <TR> 202 <TD> 203 <TABLE cellSpacing=1 cellPadding=5 width="100%" border=0> 204 <TR> 205 <TD class=info align=left><b>' . $helpdesk_name . ' ' . $lang_login . '</b></TD> 206 </TR> 207 <TR> 208 <TD class=back2> 209 <table width=100% border=0 cellspacing=0 cellpadding=6> 210 <tr> 211 <td class=back2 align=right>' . $lang_username . ':</td><td> 212 <input type=text name=user size=12></td> 213 </tr> 214 <tr> 215 <td class=back2 align=right>' . $lang_password . ':</td><td> 216 <input type=password name=password size=12></td> 217 </tr> 218 <tr> 219 <td class=back2 align=center colspan=2> 220 221 <input type=submit name=login value="' . $lang_submit . '"></td> 222 </tr> 223 </table> 224 225 226 </TD> 227 </TR> 228 </TABLE> 229 </TD> 230 </TR> 231 </TABLE>'; 232 233 234 //show applicable account registration and password retrieval links 235 if ($pubpriv == 'Private' and $user_account_registration != "Off") { 236 echo '<br><center><a href="' . $site_url . '/index.php?reg=yes">' . $lang_registerforaccount . '</a>'; 237 } 238 if ($pubpriv == 'Private' and $password_retrieval != "Off") { 239 if ($user_account_registration != "Off") { 240 echo ' | <a href="' . $site_url . '/index.php?pass=yes">' . $lang_forgotten_password . '</a>'; 241 }else{ 242 echo '<br><center><a href="' . $site_url . '/index.php?pass=yes">' . $lang_forgotten_password . '</a>'; 243 } 244 } 245 echo ' 246 <BR> 247 248 </TD> 249 </TR> 250 </TABLE> 251 </TD> 252 </TR> 253 </TABLE> 254 </TD> 255 </TR> 256 </TABLE> 257 </TD> 258 </TR> 259 </TABLE> 260 </TD> 261 </TR> 262 </TABLE> 263 </TD> 264 </TR> 265 </TABLE> 266 </form> 267 268 '; 269 270 if (eregi("supporter", $_SERVER[PHP_SELF]) || eregi("admin", $_SERVER[PHP_SELF])) 271 require "../common/footer.php"; 272 else 273 require "common/footer.php"; 274 275 exit; 276 } else { 277 // if submit has not been pressed, check the cookie against the database. 278 if (ereg("/supporter/", $_SERVER[PHP_SELF]) && !isSupporter($_SESSION[user]) && $_SESSION[user] != '') { 279 echo "$lang_notsupporter"; 280 exit; 281 } 282 283 if (ereg("/admin/", $_SERVER[PHP_SELF]) && !isAdministrator($_SESSION[user]) && $_SESSION[user] != '') { 284 echo "$lang_notadmin"; 285 exit; 286 } 287 } 288 // this returns back to the page that called it. 289 290 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| [ Powered by PHPXref - Served by Debian GNU/Linux ] |