Mercurial > hg > fapweb
annotate usrlogin.php @ 1074:48e16e856646
Use long tags.
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Tue, 24 Jan 2017 17:57:38 +0200 |
| parents | 7da8bde9b7be |
| children | 00632d30bafe |
| rev | line source |
|---|---|
| 1074 | 1 <?php |
|
155
5b92f130ba87
Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents:
129
diff
changeset
|
2 // |
|
571
ce11ea112a65
Change the header blurb a bit.
Matti Hamalainen <ccr@tnsp.org>
parents:
565
diff
changeset
|
3 // FAPWeb - Simple Web-based Demoparty Management System |
|
155
5b92f130ba87
Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents:
129
diff
changeset
|
4 // Administration interface session login handler |
| 1072 | 5 // (C) Copyright 2012-2017 Tecnic Software productions (TNSP) |
|
155
5b92f130ba87
Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents:
129
diff
changeset
|
6 // |
| 110 | 7 $sessionType = "user"; |
|
175
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
156
diff
changeset
|
8 require_once "mconfig.inc.php"; |
|
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
156
diff
changeset
|
9 require_once "msite.inc.php"; |
|
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
156
diff
changeset
|
10 require_once "msession.inc.php"; |
| 110 | 11 |
| 156 | 12 // |
| 13 // Initialize | |
| 14 // | |
| 110 | 15 stSetupCacheControl(); |
| 16 | |
| 17 if (!stConnectSQLDB()) | |
| 18 die("Could not connect to SQL database."); | |
| 19 | |
| 20 stReloadSettings(); | |
| 21 | |
| 22 | |
| 156 | 23 // |
| 24 // Authenticate | |
| 25 // | |
| 110 | 26 $gotoPage = stGetRequestItem("goto", FALSE); |
|
306
6610311ac48e
Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents:
304
diff
changeset
|
27 $errorPage = stGetRequestItem("error", FALSE); |
| 110 | 28 $password = stGetRequestItem("key", FALSE); |
|
306
6610311ac48e
Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents:
304
diff
changeset
|
29 $error = 0; |
| 110 | 30 |
|
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
31 $sql = stPrepareSQL("SELECT * FROM votekeys WHERE key=%s", $password); |
|
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
32 if (($key = stFetchSQL($sql)) !== false) |
| 110 | 33 { |
| 554 | 34 // |
| 35 // Validate login based on current vote key mode | |
| 36 // | |
|
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
37 switch (stGetSetting("voteKeyMode")) |
|
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
38 { |
|
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
39 case VOTE_ACTIVATE: |
|
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
40 if ($key["active"] == 0) |
|
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
41 $error = 3; |
|
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
42 break; |
|
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
43 |
|
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
44 case VOTE_ASSIGN: |
|
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
45 $sql = stPrepareSQL("SELECT id FROM attendees WHERE key_id=%d", $key["id"]); |
|
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
46 if (stFetchSQL($sql) === false) |
|
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
47 $error = 3; |
|
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
48 break; |
|
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
49 } |
|
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
50 |
| 554 | 51 // |
| 52 // Okay, attempt to set up session if no error | |
| 53 // | |
|
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
54 if ($error == 0) |
| 110 | 55 { |
|
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
56 if (!stSessionStart(SESS_USER, $password, "userTimeout")) |
|
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
57 { |
| 874 | 58 stLogError("User session AUTH LOGIN failed (session setup)"); |
|
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
59 $error = 2; |
|
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
60 } |
|
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
61 else |
|
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
62 { |
|
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
63 stSetSessionItem("key_id", $key["id"]); |
|
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
64 stSetSessionItem("mode", stGetRequestItem("mode", "error")); |
|
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
65 } |
|
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
66 } |
| 110 | 67 } |
| 68 else | |
| 69 { | |
| 874 | 70 stLogError("User session AUTH LOGIN failed (password)"); |
|
306
6610311ac48e
Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents:
304
diff
changeset
|
71 $error = 1; |
| 110 | 72 } |
| 73 | |
| 554 | 74 |
| 75 // Select destination page based on error status and | |
| 76 // if error page has been set. Use common destination page | |
| 77 // if no error or no error page. | |
| 325 | 78 $nextPage = ($error != 0 && $errorPage !== FALSE) ? $errorPage : $gotoPage; |
|
306
6610311ac48e
Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents:
304
diff
changeset
|
79 |
| 554 | 80 // Okay, if destination page is set, go there. |
| 81 // Otherwise, just use the default page. | |
|
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
82 header("Location: ". |
|
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
83 ($nextPage !== FALSE ? $nextPage : stGetSetting("defaultPage")). |
| 323 | 84 ($error ? "?error=".$error : "")); |
|
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
85 |
| 110 | 86 ?> |