inc/auth.inc.php
author rejo
Mon, 04 Jun 2007 18:43:11 +0000
changeset 13 2ff220cfde13
parent 6 9fcac40c1b0e
child 25 576034a80ea8
permissions -rwxr-xr-x
[feladat @ 60] Merged 1.4.0 changes r23:59 into trunk.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     1
<?
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     2
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     3
session_start();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     4
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     5
if (isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] == "logout")
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     6
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     7
	logout();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     8
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     9
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    10
// If a user had just entered his/her login && password, store them in our session.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    11
if(isset($_POST["authenticate"]))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    12
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    13
    	$_SESSION["userpwd"] = $_POST["password"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    14
    	$_SESSION["userlogin"] = $_POST["username"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    15
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    16
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    17
// Check if the session hasnt expired yet.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    18
if ((isset($_SESSION["userid"])) && ($_SESSION["lastmod"] != "") && ((time() - $_SESSION["lastmod"]) > $EXPIRE))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    19
{
13
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    20
	logout( _('Session expired, please login again.'),"error");
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    21
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    22
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    23
// If the session hasn't expired yet, give our session a fresh new timestamp.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    24
$_SESSION["lastmod"] = time();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    25
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    26
if(isset($_SESSION["userlogin"]) && isset($_SESSION["userpwd"]))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    27
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    28
    //Username and password are set, lets try to authenticate.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    29
	$result = $db->query("SELECT id, fullname, level FROM users WHERE username='". $_SESSION["userlogin"]  ."' AND password='". md5($_SESSION["userpwd"])  ."' AND active=1");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    30
	if($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    31
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    32
        	$rowObj = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    33
		$_SESSION["userid"] = $rowObj["id"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    34
		$_SESSION["name"] = $rowObj["fullname"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    35
		$_SESSION["level"] = $rowObj["level"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    36
        	if($_POST["authenticate"])
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    37
        	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    38
            		//If a user has just authenticated, redirect him to index with timestamp, so post-data gets lost.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    39
            		session_write_close();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    40
            		clean_page("index.php");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    41
            		exit;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    42
        	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    43
    	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    44
    	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    45
    	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    46
        	//Authentication failed, retry.
13
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    47
	        auth( _('Authentication failed!'),"error");
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    48
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    49
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    50
else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    51
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    52
	//No username and password set, show auth form (again).
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    53
	auth();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    54
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    55
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    56
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    57
 * Print the login form.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    58
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    59
13
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    60
function auth($msg="",$type="success")
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    61
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    62
	include_once('inc/header.inc.php');
13
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    63
	if ( $msg )
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    64
	{
13
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    65
		print "<div class=\"$type\">$msg</div>\n";
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    66
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    67
	?>
13
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    68
	<h2><? echo _('Login'); ?></h2>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    69
	<?
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    70
	?>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    71
	<form method="post" action="<? echo $_SERVER["PHP_SELF"] ?>">
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    72
	 <table border="0">
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    73
	  <tr>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    74
	   <td class="n"><? echo _('Login'); ?>:</td>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    75
	   <td class="n"><input type="text" class="input" name="username"></td>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    76
	  </tr>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    77
	  <tr>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    78
	   <td class="n"><? echo _('Password'); ?>:</td>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    79
	   <td class="n"><input type="password" class="input" name="password"></td>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    80
	  </tr>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    81
	  <tr>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    82
	   <td class="n">&nbsp;</td>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    83
	   <td class="n">
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    84
	    <input type="submit" name="authenticate" class="button" value=" <? echo _('Login'); ?> ">
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    85
	   </td>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    86
	  </tr>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    87
	 </table>
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
    88
	</form>
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    89
	<?
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    90
	include_once('inc/footer.inc.php');
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    91
	exit;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    92
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    93
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    94
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    95
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    96
 * Logout the user and kickback to login form.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    97
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    98
6
9fcac40c1b0e [feladat @ 7]
rejo
parents: 4
diff changeset
    99
function logout($msg="")
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   100
{
6
9fcac40c1b0e [feladat @ 7]
rejo
parents: 4
diff changeset
   101
	if ( $msg == "" ) {
13
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
   102
		$msg = _('You have logged out.');
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
   103
		$type = "success";
6
9fcac40c1b0e [feladat @ 7]
rejo
parents: 4
diff changeset
   104
	};
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   105
	session_destroy();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   106
	session_write_close();
13
2ff220cfde13 [feladat @ 60]
rejo
parents: 6
diff changeset
   107
	auth($msg, $type);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   108
	exit;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   109
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   110
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   111
?>