[feladat @ 85]
The type of zone wasn't show to users with access level 1.
If a user with access level 1 did have access to a slave zone the
user did not see the IP of the master nameserver of that zone. Now
the user will the IP address (readonly and only if one is set).
Bugfix. If no master IP for a slave zone is given, a warning is
shown regardless of the userlevel.
Bugfix. Both the "add record" and "edit record" buttons in the "edit
zone" screen is no longer available for users with level 1 for
domains of type "slave". Bug report by Antonio Prado.
Some PHP and HTML cleanup (removing of empty tags and unnecessary
repeatings of calls to a single function).
<?
session_start();
if (isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] == "logout")
{
logout();
}
// If a user had just entered his/her login && password, store them in our session.
if(isset($_POST["authenticate"]))
{
$_SESSION["userpwd"] = $_POST["password"];
$_SESSION["userlogin"] = $_POST["username"];
}
// Check if the session hasnt expired yet.
if ((isset($_SESSION["userid"])) && ($_SESSION["lastmod"] != "") && ((time() - $_SESSION["lastmod"]) > $EXPIRE))
{
logout( _('Session expired, please login again.'),"error");
}
// If the session hasn't expired yet, give our session a fresh new timestamp.
$_SESSION["lastmod"] = time();
if(isset($_SESSION["userlogin"]) && isset($_SESSION["userpwd"]))
{
//Username and password are set, lets try to authenticate.
$result = $db->query("SELECT id, fullname, level FROM users WHERE username='". $_SESSION["userlogin"] ."' AND password='". md5($_SESSION["userpwd"]) ."' AND active=1");
if($result->numRows() == 1)
{
$rowObj = $result->fetchRow();
$_SESSION["userid"] = $rowObj["id"];
$_SESSION["name"] = $rowObj["fullname"];
$_SESSION["level"] = $rowObj["level"];
if($_POST["authenticate"])
{
//If a user has just authenticated, redirect him to index with timestamp, so post-data gets lost.
session_write_close();
clean_page("index.php");
exit;
}
}
else
{
//Authentication failed, retry.
auth( _('Authentication failed!'),"error");
}
}
else
{
//No username and password set, show auth form (again).
auth();
}
/*
* Print the login form.
*/
function auth($msg="",$type="success")
{
include_once('inc/header.inc.php');
if ( $msg )
{
print "<div class=\"$type\">$msg</div>\n";
}
?>
<h2><? echo _('Login'); ?></h2>
<?
?>
<form method="post" action="<? echo $_SERVER["PHP_SELF"] ?>">
<table border="0">
<tr>
<td class="n"><? echo _('Login'); ?>:</td>
<td class="n"><input type="text" class="input" name="username"></td>
</tr>
<tr>
<td class="n"><? echo _('Password'); ?>:</td>
<td class="n"><input type="password" class="input" name="password"></td>
</tr>
<tr>
<td class="n"> </td>
<td class="n">
<input type="submit" name="authenticate" class="button" value=" <? echo _('Login'); ?> ">
</td>
</tr>
</table>
</form>
<?
include_once('inc/footer.inc.php');
exit;
}
/*
* Logout the user and kickback to login form.
*/
function logout($msg="")
{
if ( $msg == "" ) {
$msg = _('You have logged out.');
$type = "success";
};
unset($_SESSION["userid"]);
unset($_SESSION["name"]);
unset($_SESSION["level"]);;
session_destroy();
session_write_close();
auth($msg, $type);
exit;
}
?>