[Summary view] [Print] [Text view]

   1  <?php
   2  /*
   3   * This file is part of Zoph.
   4   *
   5   * Zoph is free software; you can redistribute it and/or modify
   6   * it under the terms of the GNU General Public License as published by
   7   * the Free Software Foundation; either version 2 of the License, or
   8   * (at your option) any later version.
   9   * 
  10   * Zoph is distributed in the hope that it will be useful,
  11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13   * GNU General Public License for more details.
  14   * You should have received a copy of the GNU General Public License
  15   * along with Zoph; if not, write to the Free Software
  16   * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
  17   */
  18  
  19      /*
  20       * This file lets a user pass through if one of the following is true:
  21       * - a valid username/password was given
  22       * - a $user object was found in the session
  23       * - a default user has been defined in config.inc.php
  24       */
  25      session_start();
  26  
  27      $_action = getvar("_action");
  28  
  29      mysql_pconnect(DB_HOST, DB_USER, DB_PASS)
  30          or die("Unable to connect to MySQL");
  31      mysql_select_db(DB_NAME)
  32          or die("Unable to select database");
  33  
  34      if (minimum_version('4.1.0')) {
  35          $user = $_SESSION['user'];
  36      }
  37  
  38      // no user was in the session, try logging in
  39      if ($_action == "logout") {
  40          // delete left over temp files
  41          delete_temp_annotated_files($user->get("user_id"));
  42  
  43          session_destroy();
  44          $user = null;
  45          header("Location: logon.php");
  46          die;
  47      } else if (empty($user)) {
  48          if(FORCE_SSL_LOGIN && !FORCE_SSL) {
  49              header("Location: " . ZOPH_URL . "/zoph.php");
  50          }
  51          $uname = getvar("uname");
  52          $pword = getvar("pword");
  53  
  54          $validator = new validator($uname, $pword);
  55          $user = $validator->validate();
  56  
  57          // we have a valid user
  58          if (!empty($user)) {
  59              $user->lookup();
  60              $user->lookup_person();
  61              $user->lookup_prefs();
  62  
  63              if (!minimum_version('4.1.0')) {
  64                  session_register("user");
  65              }
  66  
  67              // Update Last Login Fields
  68              $updated_user = new user($user->get("user_id"));
  69              $updated_user->set("lastlogin", "now()");
  70              $updated_user->set("lastip", $_SERVER["REMOTE_ADDR"]);
  71              $updated_user->update();
  72  
  73              // delete left over temp files
  74              delete_temp_annotated_files($user->get("user_id"));
  75          }
  76          else {
  77              header("Location: logon.php");
  78              die;
  79          }
  80  
  81      }
  82  
  83      if (!empty($user)) {
  84          $user->prefs->load();
  85          $rtplang = $user->load_language();
  86          
  87          if (minimum_version('4.1.0')) {
  88              $_SESSION['user'] = &$user;
  89          }
  90      } else {
  91          $rtplang = new rtplang("lang", "en", "en", "en");
  92      }    
  93  ?>