[2] | 1 | <?php |
---|
| 2 | /*************************************************************************** |
---|
| 3 | * identification.php is a part of PhpWebGallery * |
---|
| 4 | * ------------------- * |
---|
| 5 | * last update : Thursday, December 26, 2002 * |
---|
| 6 | * email : pierrick@z0rglub.com * |
---|
| 7 | * * |
---|
| 8 | ***************************************************************************/ |
---|
| 9 | |
---|
| 10 | /*************************************************************************** |
---|
| 11 | * * |
---|
| 12 | * This program is free software; you can redistribute it and/or modify * |
---|
| 13 | * it under the terms of the GNU General Public License as published by * |
---|
| 14 | * the Free Software Foundation; * |
---|
| 15 | * * |
---|
| 16 | ***************************************************************************/ |
---|
| 17 | |
---|
| 18 | //----------------------------------------------------------- personnal include |
---|
| 19 | include_once( "./include/init.inc.php" ); |
---|
| 20 | //-------------------------------------------------------------- identification |
---|
| 21 | $error = array(); |
---|
| 22 | if ( isset( $_POST['login'] ) ) |
---|
| 23 | { |
---|
| 24 | $i = 0; |
---|
| 25 | // retrieving the encrypted password of the login submitted |
---|
| 26 | $query = 'select password'; |
---|
| 27 | $query.= ' from '.$prefixeTable.'users'; |
---|
| 28 | $query.= " where pseudo = '".$_POST['login']."';"; |
---|
| 29 | $row = mysql_fetch_array( mysql_query( $query ) ); |
---|
| 30 | if( $row['password'] == md5( $_POST['pass'] ) ) |
---|
| 31 | { |
---|
| 32 | $session_id = session_create( $_POST['login'] ); |
---|
| 33 | $url = 'category.php?id='.$session_id; |
---|
| 34 | header( "Request-URI: $url" ); |
---|
| 35 | header( "Content-Location: $url" ); |
---|
| 36 | header( "Location: $url" ); |
---|
| 37 | exit(); |
---|
| 38 | } |
---|
| 39 | else |
---|
| 40 | { |
---|
| 41 | $error[$i++] = $lang['invalid_pwd']; |
---|
| 42 | } |
---|
| 43 | } |
---|
| 44 | //----------------------------------------------------- template initialization |
---|
| 45 | $vtp = new VTemplate; |
---|
| 46 | $handle = $vtp->Open( './template/default/identification.vtp' ); |
---|
| 47 | // language |
---|
| 48 | $vtp->setGlobalVar( $handle, 'ident_page_title', $lang['ident_page_title'] ); |
---|
| 49 | $vtp->setGlobalVar( $handle, 'ident_title', $lang['ident_title'] ); |
---|
| 50 | $vtp->setGlobalVar( $handle, 'login', $lang['login'] ); |
---|
| 51 | $vtp->setGlobalVar( $handle, 'password', $lang['password'] ); |
---|
| 52 | $vtp->setGlobalVar( $handle, 'submit', $lang['submit'] ); |
---|
| 53 | $vtp->setGlobalVar( $handle, 'ident_guest_visit',$lang['ident_guest_visit'] ); |
---|
| 54 | $vtp->setGlobalVar( $handle, 'ident_register', $lang['ident_register'] ); |
---|
| 55 | $vtp->setGlobalVar( $handle, 'ident_forgotten_password', |
---|
| 56 | $lang['ident_forgotten_password'] ); |
---|
| 57 | // conf |
---|
| 58 | $vtp->setGlobalVar( $handle, 'mail_webmaster', $conf['mail_webmaster'] ); |
---|
| 59 | // user |
---|
| 60 | $vtp->setGlobalVar( $handle, 'page_style', $user['style'] ); |
---|
| 61 | $vtp->setGlobalVar( $handle, 'user_theme', $user['theme'] ); |
---|
| 62 | // structure |
---|
| 63 | $vtp->setGlobalVar( $handle, 'frame_start', get_frame_start() ); |
---|
| 64 | $vtp->setGlobalVar( $handle, 'frame_begin', get_frame_begin() ); |
---|
| 65 | $vtp->setGlobalVar( $handle, 'frame_end', get_frame_end() ); |
---|
| 66 | //-------------------------------------------------------------- errors display |
---|
| 67 | if ( sizeof( $error ) != 0 ) |
---|
| 68 | { |
---|
| 69 | $vtp->addSession( $handle, 'errors' ); |
---|
| 70 | for ( $i = 0; $i < sizeof( $error ); $i++ ) |
---|
| 71 | { |
---|
| 72 | $vtp->addSession( $handle, 'li' ); |
---|
| 73 | $vtp->setVar( $handle, 'li.li', $error[$i] ); |
---|
| 74 | $vtp->closeSession( $handle, 'li' ); |
---|
| 75 | } |
---|
| 76 | $vtp->closeSession( $handle, 'errors' ); |
---|
| 77 | } |
---|
| 78 | //------------------------------------------------------------------ users list |
---|
| 79 | // retrieving all the users login |
---|
| 80 | $query = 'select pseudo from '.$prefixeTable.'users;'; |
---|
| 81 | $result = mysql_query( $query ); |
---|
| 82 | if ( mysql_num_rows ( $result ) < $conf['max_user_listbox'] ) |
---|
| 83 | { |
---|
| 84 | $vtp->addSession( $handle, 'select_field' ); |
---|
| 85 | while ( $row = mysql_fetch_array( $result ) ) |
---|
| 86 | { |
---|
| 87 | if ( $row['pseudo'] != 'visiteur' ) |
---|
| 88 | { |
---|
| 89 | $vtp->addSession( $handle, 'option' ); |
---|
| 90 | $vtp->setVar( $handle, 'option.option', $row['pseudo'] ); |
---|
| 91 | $vtp->closeSession( $handle, 'option' ); |
---|
| 92 | } |
---|
| 93 | } |
---|
| 94 | $vtp->closeSession( $handle, 'select_field' ); |
---|
| 95 | } |
---|
| 96 | else |
---|
| 97 | { |
---|
| 98 | $vtp->addSession( $handle, 'text_field' ); |
---|
| 99 | $vtp->closeSession( $handle, 'text_field' ); |
---|
| 100 | } |
---|
| 101 | //-------------------------------------------------------------- visit as guest |
---|
| 102 | if ( $conf['acces'] == "libre" ) |
---|
| 103 | { |
---|
| 104 | $vtp->addSession( $handle, 'guest_visit' ); |
---|
| 105 | $vtp->closeSession( $handle, 'guest_visit' ); |
---|
| 106 | } |
---|
| 107 | //---------------------------------------------------------------- registration |
---|
| 108 | if ( $conf['acces'] == "libre" ) |
---|
| 109 | { |
---|
| 110 | $vtp->addSession( $handle, 'register' ); |
---|
| 111 | $vtp->closeSession( $handle, 'register' ); |
---|
| 112 | } |
---|
| 113 | //----------------------------------------------------------- html code display |
---|
| 114 | $code = $vtp->Display( $handle, 0 ); |
---|
| 115 | echo $code; |
---|
| 116 | //------------------------------------------------------------ log informations |
---|
| 117 | $query = 'insert into '.$prefixeTable.'history'; |
---|
| 118 | $query.= '(date,login,IP,page) values'; |
---|
| 119 | $query.= "('".time()."', '".$user['pseudo']; |
---|
| 120 | $query.= "','$REMOTE_ADDR','identification');"; |
---|
| 121 | $result = mysql_query( $query ); |
---|
| 122 | ?> |
---|