poweradmin: inc/auth.inc.php@4abaed69febd (annotated)

1 58094faf794d [feladat @ 2] rejo parents: diff changeset	1	<?
58094faf794d [feladat @ 2] rejo parents: diff changeset	2
58094faf794d [feladat @ 2] rejo parents: diff changeset	3	session_start();
58094faf794d [feladat @ 2] rejo parents: diff changeset	4
58094faf794d [feladat @ 2] rejo parents: diff changeset	5	if (isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] == "logout")
58094faf794d [feladat @ 2] rejo parents: diff changeset	6	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	7	logout();
58094faf794d [feladat @ 2] rejo parents: diff changeset	8	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	9
58094faf794d [feladat @ 2] rejo parents: diff changeset	10	// If a user had just entered his/her login && password, store them in our session.
58094faf794d [feladat @ 2] rejo parents: diff changeset	11	if(isset($_POST["authenticate"]))
58094faf794d [feladat @ 2] rejo parents: diff changeset	12	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	13	$_SESSION["userpwd"] = $_POST["password"];
58094faf794d [feladat @ 2] rejo parents: diff changeset	14	$_SESSION["userlogin"] = $_POST["username"];
58094faf794d [feladat @ 2] rejo parents: diff changeset	15	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	16
58094faf794d [feladat @ 2] rejo parents: diff changeset	17	// Check if the session hasnt expired yet.
58094faf794d [feladat @ 2] rejo parents: diff changeset	18	if ((isset($_SESSION["userid"])) && ($_SESSION["lastmod"] != "") && ((time() - $_SESSION["lastmod"]) > $EXPIRE))
58094faf794d [feladat @ 2] rejo parents: diff changeset	19	{
13 2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	20	logout( _('Session expired, please login again.'),"error");
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	21	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	22
58094faf794d [feladat @ 2] rejo parents: diff changeset	23	// If the session hasn't expired yet, give our session a fresh new timestamp.
58094faf794d [feladat @ 2] rejo parents: diff changeset	24	$_SESSION["lastmod"] = time();
58094faf794d [feladat @ 2] rejo parents: diff changeset	25
58094faf794d [feladat @ 2] rejo parents: diff changeset	26	if(isset($_SESSION["userlogin"]) && isset($_SESSION["userpwd"]))
58094faf794d [feladat @ 2] rejo parents: diff changeset	27	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	28	//Username and password are set, lets try to authenticate.
58094faf794d [feladat @ 2] rejo parents: diff changeset	29	$result = $db->query("SELECT id, fullname, level FROM users WHERE username='". $_SESSION["userlogin"] ."' AND password='". md5($_SESSION["userpwd"]) ."' AND active=1");
58094faf794d [feladat @ 2] rejo parents: diff changeset	30	if($result->numRows() == 1)
58094faf794d [feladat @ 2] rejo parents: diff changeset	31	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	32	$rowObj = $result->fetchRow();
58094faf794d [feladat @ 2] rejo parents: diff changeset	33	$_SESSION["userid"] = $rowObj["id"];
58094faf794d [feladat @ 2] rejo parents: diff changeset	34	$_SESSION["name"] = $rowObj["fullname"];
58094faf794d [feladat @ 2] rejo parents: diff changeset	35	$_SESSION["level"] = $rowObj["level"];
58094faf794d [feladat @ 2] rejo parents: diff changeset	36	if($_POST["authenticate"])
58094faf794d [feladat @ 2] rejo parents: diff changeset	37	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	38	//If a user has just authenticated, redirect him to index with timestamp, so post-data gets lost.
58094faf794d [feladat @ 2] rejo parents: diff changeset	39	session_write_close();
58094faf794d [feladat @ 2] rejo parents: diff changeset	40	clean_page("index.php");
58094faf794d [feladat @ 2] rejo parents: diff changeset	41	exit;
58094faf794d [feladat @ 2] rejo parents: diff changeset	42	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	43	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	44	else
58094faf794d [feladat @ 2] rejo parents: diff changeset	45	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	46	//Authentication failed, retry.
13 2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	47	auth( _('Authentication failed!'),"error");
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	48	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	49	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	50	else
58094faf794d [feladat @ 2] rejo parents: diff changeset	51	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	52	//No username and password set, show auth form (again).
58094faf794d [feladat @ 2] rejo parents: diff changeset	53	auth();
58094faf794d [feladat @ 2] rejo parents: diff changeset	54	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	55
58094faf794d [feladat @ 2] rejo parents: diff changeset	56	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	57	* Print the login form.
58094faf794d [feladat @ 2] rejo parents: diff changeset	58	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	59
13 2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	60	function auth($msg="",$type="success")
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	61	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	62	include_once('inc/header.inc.php');
13 2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	63	if ( $msg )
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	64	{
13 2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	65	print "<div class=\"$type\">$msg</div>\n";
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	66	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	67	?>
13 2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	68	<h2><? echo _('Login'); ?></h2>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	69	<?
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	70	?>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	71	<form method="post" action="<? echo $_SERVER["PHP_SELF"] ?>">
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	72	<table border="0">
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	73	<tr>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	74	<td class="n"><? echo _('Login'); ?>:</td>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	75	<td class="n"><input type="text" class="input" name="username"></td>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	76	</tr>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	77	<tr>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	78	<td class="n"><? echo _('Password'); ?>:</td>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	79	<td class="n"><input type="password" class="input" name="password"></td>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	80	</tr>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	81	<tr>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	82	<td class="n"> </td>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	83	<td class="n">
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	84	<input type="submit" name="authenticate" class="button" value=" <? echo _('Login'); ?> ">
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	85	</td>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	86	</tr>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	87	</table>
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	88	</form>
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	89	<?
58094faf794d [feladat @ 2] rejo parents: diff changeset	90	include_once('inc/footer.inc.php');
58094faf794d [feladat @ 2] rejo parents: diff changeset	91	exit;
58094faf794d [feladat @ 2] rejo parents: diff changeset	92	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	93
58094faf794d [feladat @ 2] rejo parents: diff changeset	94
58094faf794d [feladat @ 2] rejo parents: diff changeset	95	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	96	* Logout the user and kickback to login form.
58094faf794d [feladat @ 2] rejo parents: diff changeset	97	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	98
6 9fcac40c1b0e [feladat @ 7] rejo parents: 4 diff changeset	99	function logout($msg="")
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	100	{
6 9fcac40c1b0e [feladat @ 7] rejo parents: 4 diff changeset	101	if ( $msg == "" ) {
13 2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	102	$msg = _('You have logged out.');
2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	103	$type = "success";
6 9fcac40c1b0e [feladat @ 7] rejo parents: 4 diff changeset	104	};
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	105	session_destroy();
58094faf794d [feladat @ 2] rejo parents: diff changeset	106	session_write_close();
13 2ff220cfde13 [feladat @ 60] rejo parents: 6 diff changeset	107	auth($msg, $type);
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	108	exit;
58094faf794d [feladat @ 2] rejo parents: diff changeset	109	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	110
58094faf794d [feladat @ 2] rejo parents: diff changeset	111	?>

author	rejo
	Mon, 25 Jun 2007 19:56:50 +0000
changeset 23	4abaed69febd
parent 13	2ff220cfde13
child 25	576034a80ea8
permissions	-rwxr-xr-x