Mercurial > hg > fapweb

annotate usrlogin.php @ 1092:95b74632cfe2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Rename votekeys table to userkeys, and all related variables and settings.
author Matti Hamalainen <ccr@tnsp.org>
date Thu, 26 Jan 2017 13:38:19 +0200
parents 00632d30bafe
children 0a2117349f46
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1074
48e16e856646 Use long tags.
Matti Hamalainen <ccr@tnsp.org>
parents: 1072
diff changeset
1 <?php
155
5b92f130ba87 Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents: 129
diff changeset
2 //
571
ce11ea112a65 Change the header blurb a bit.
Matti Hamalainen <ccr@tnsp.org>
parents: 565
diff changeset
3 // FAPWeb - Simple Web-based Demoparty Management System
155
5b92f130ba87 Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents: 129
diff changeset
4 // Administration interface session login handler
1072
7da8bde9b7be Bump copyrights.
Matti Hamalainen <ccr@tnsp.org>
parents: 1001
diff changeset
5 // (C) Copyright 2012-2017 Tecnic Software productions (TNSP)
155
5b92f130ba87 Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents: 129
diff changeset
6 //
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
7 $sessionType = "user";
175
8df523e6326a User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents: 156
diff changeset
8 require_once "mconfig.inc.php";
8df523e6326a User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents: 156
diff changeset
9 require_once "msite.inc.php";
8df523e6326a User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents: 156
diff changeset
10 require_once "msession.inc.php";
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
11
156
fa7f3defffd0 Comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 155
diff changeset
12 //
fa7f3defffd0 Comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 155
diff changeset
13 // Initialize
fa7f3defffd0 Comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 155
diff changeset
14 //
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
15 stSetupCacheControl();
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
16
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
17 if (!stConnectSQLDB())
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
18 die("Could not connect to SQL database.");
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
19
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
20 stReloadSettings();
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
21
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
22
156
fa7f3defffd0 Comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 155
diff changeset
23 //
fa7f3defffd0 Comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 155
diff changeset
24 // Authenticate
fa7f3defffd0 Comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 155
diff changeset
25 //
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
26 $gotoPage = stGetRequestItem("goto", FALSE);
306
6610311ac48e Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents: 304
diff changeset
27 $errorPage = stGetRequestItem("error", FALSE);
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
28 $password = stGetRequestItem("key", FALSE);
1089
00632d30bafe Implement new settings for making user/votekeys case-insensitive and
Matti Hamalainen <ccr@tnsp.org>
parents: 1074
diff changeset
29 if (stGetSetting("userKeyCase", NULL) === FALSE)
00632d30bafe Implement new settings for making user/votekeys case-insensitive and
Matti Hamalainen <ccr@tnsp.org>
parents: 1074
diff changeset
30 $password = strtoupper($password);
00632d30bafe Implement new settings for making user/votekeys case-insensitive and
Matti Hamalainen <ccr@tnsp.org>
parents: 1074
diff changeset
31
306
6610311ac48e Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents: 304
diff changeset
32 $error = 0;
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
33
1092
95b74632cfe2 Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents: 1089
diff changeset
34 $sql = stPrepareSQL("SELECT * FROM userkeys WHERE key=%s", $password);
311
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
35 if (($key = stFetchSQL($sql)) !== false)
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
36 {
554
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
37 //
1092
95b74632cfe2 Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents: 1089
diff changeset
38 // Validate login based on current user key mode
554
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
39 //
1092
95b74632cfe2 Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents: 1089
diff changeset
40 switch (stGetSetting("userKeyMode"))
311
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
41 {
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
42 case VOTE_ACTIVATE:
315
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
43 if ($key["active"] == 0)
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
44 $error = 3;
311
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
45 break;
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
46
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
47 case VOTE_ASSIGN:
315
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
48 $sql = stPrepareSQL("SELECT id FROM attendees WHERE key_id=%d", $key["id"]);
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
49 if (stFetchSQL($sql) === false)
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
50 $error = 3;
311
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
51 break;
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
52 }
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
53
554
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
54 //
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
55 // Okay, attempt to set up session if no error
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
56 //
315
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
57 if ($error == 0)
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
58 {
315
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
59 if (!stSessionStart(SESS_USER, $password, "userTimeout"))
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
60 {
874
ffb5643eff4f Rename functions.
Matti Hamalainen <ccr@tnsp.org>
parents: 861
diff changeset
61 stLogError("User session AUTH LOGIN failed (session setup)");
315
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
62 $error = 2;
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
63 }
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
64 else
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
65 {
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
66 stSetSessionItem("key_id", $key["id"]);
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
67 stSetSessionItem("mode", stGetRequestItem("mode", "error"));
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
68 }
311
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
69 }
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
70 }
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
71 else
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
72 {
874
ffb5643eff4f Rename functions.
Matti Hamalainen <ccr@tnsp.org>
parents: 861
diff changeset
73 stLogError("User session AUTH LOGIN failed (password)");
306
6610311ac48e Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents: 304
diff changeset
74 $error = 1;
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
75 }
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
76
554
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
77
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
78 // Select destination page based on error status and
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
79 // if error page has been set. Use common destination page
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
80 // if no error or no error page.
325
aac3bdd73ec1 More work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents: 323
diff changeset
81 $nextPage = ($error != 0 && $errorPage !== FALSE) ? $errorPage : $gotoPage;
306
6610311ac48e Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents: 304
diff changeset
82
554
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
83 // Okay, if destination page is set, go there.
eee6b811f58a Add comments.
Matti Hamalainen <ccr@tnsp.org>
parents: 325
diff changeset
84 // Otherwise, just use the default page.
311
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
85 header("Location: ".
2f46b6254ff2 We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents: 306
diff changeset
86 ($nextPage !== FALSE ? $nextPage : stGetSetting("defaultPage")).
323
ab675dc128ac Fix login code.
Matti Hamalainen <ccr@tnsp.org>
parents: 315
diff changeset
87 ($error ? "?error=".$error : ""));
315
100d9f7f9dde Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents: 311
diff changeset
88
110
ff511f5351df Work on voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
diff changeset
89 ?>