Mercurial > hg > fapweb
annotate usrlogin.php @ 1096:bbc0a3d0b51e
Major renaming / refactor of site messages. Some that were previously
modifiable from admin interface are now "hardcoded" in the configuration
file. Having these settings made modifiable from there made no sense
and just took space in the UI.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Fri, 27 Jan 2017 22:15:06 +0200 |
parents | 95b74632cfe2 |
children | 0a2117349f46 |
rev | line source |
---|---|
1074 | 1 <?php |
155
5b92f130ba87
Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents:
129
diff
changeset
|
2 // |
571
ce11ea112a65
Change the header blurb a bit.
Matti Hamalainen <ccr@tnsp.org>
parents:
565
diff
changeset
|
3 // FAPWeb - Simple Web-based Demoparty Management System |
155
5b92f130ba87
Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents:
129
diff
changeset
|
4 // Administration interface session login handler |
1072 | 5 // (C) Copyright 2012-2017 Tecnic Software productions (TNSP) |
155
5b92f130ba87
Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents:
129
diff
changeset
|
6 // |
110 | 7 $sessionType = "user"; |
175
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
156
diff
changeset
|
8 require_once "mconfig.inc.php"; |
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
156
diff
changeset
|
9 require_once "msite.inc.php"; |
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
156
diff
changeset
|
10 require_once "msession.inc.php"; |
110 | 11 |
156 | 12 // |
13 // Initialize | |
14 // | |
110 | 15 stSetupCacheControl(); |
16 | |
17 if (!stConnectSQLDB()) | |
18 die("Could not connect to SQL database."); | |
19 | |
20 stReloadSettings(); | |
21 | |
22 | |
156 | 23 // |
24 // Authenticate | |
25 // | |
110 | 26 $gotoPage = stGetRequestItem("goto", FALSE); |
306
6610311ac48e
Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents:
304
diff
changeset
|
27 $errorPage = stGetRequestItem("error", FALSE); |
110 | 28 $password = stGetRequestItem("key", FALSE); |
1089
00632d30bafe
Implement new settings for making user/votekeys case-insensitive and
Matti Hamalainen <ccr@tnsp.org>
parents:
1074
diff
changeset
|
29 if (stGetSetting("userKeyCase", NULL) === FALSE) |
00632d30bafe
Implement new settings for making user/votekeys case-insensitive and
Matti Hamalainen <ccr@tnsp.org>
parents:
1074
diff
changeset
|
30 $password = strtoupper($password); |
00632d30bafe
Implement new settings for making user/votekeys case-insensitive and
Matti Hamalainen <ccr@tnsp.org>
parents:
1074
diff
changeset
|
31 |
306
6610311ac48e
Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents:
304
diff
changeset
|
32 $error = 0; |
110 | 33 |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1089
diff
changeset
|
34 $sql = stPrepareSQL("SELECT * FROM userkeys WHERE key=%s", $password); |
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
35 if (($key = stFetchSQL($sql)) !== false) |
110 | 36 { |
554 | 37 // |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1089
diff
changeset
|
38 // Validate login based on current user key mode |
554 | 39 // |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1089
diff
changeset
|
40 switch (stGetSetting("userKeyMode")) |
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
41 { |
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
42 case VOTE_ACTIVATE: |
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
43 if ($key["active"] == 0) |
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
44 $error = 3; |
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
45 break; |
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
46 |
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
47 case VOTE_ASSIGN: |
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
48 $sql = stPrepareSQL("SELECT id FROM attendees WHERE key_id=%d", $key["id"]); |
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
49 if (stFetchSQL($sql) === false) |
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
50 $error = 3; |
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
51 break; |
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
52 } |
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
53 |
554 | 54 // |
55 // Okay, attempt to set up session if no error | |
56 // | |
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
57 if ($error == 0) |
110 | 58 { |
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
59 if (!stSessionStart(SESS_USER, $password, "userTimeout")) |
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
60 { |
874 | 61 stLogError("User session AUTH LOGIN failed (session setup)"); |
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
62 $error = 2; |
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
63 } |
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
64 else |
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
65 { |
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
66 stSetSessionItem("key_id", $key["id"]); |
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
67 stSetSessionItem("mode", stGetRequestItem("mode", "error")); |
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
68 } |
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
69 } |
110 | 70 } |
71 else | |
72 { | |
874 | 73 stLogError("User session AUTH LOGIN failed (password)"); |
306
6610311ac48e
Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents:
304
diff
changeset
|
74 $error = 1; |
110 | 75 } |
76 | |
554 | 77 |
78 // Select destination page based on error status and | |
79 // if error page has been set. Use common destination page | |
80 // if no error or no error page. | |
325 | 81 $nextPage = ($error != 0 && $errorPage !== FALSE) ? $errorPage : $gotoPage; |
306
6610311ac48e
Improve user login handling.
Matti Hamalainen <ccr@tnsp.org>
parents:
304
diff
changeset
|
82 |
554 | 83 // Okay, if destination page is set, go there. |
84 // Otherwise, just use the default page. | |
311
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
85 header("Location: ". |
2f46b6254ff2
We'll be checking key validity in login phase, so start working on that.
Matti Hamalainen <ccr@tnsp.org>
parents:
306
diff
changeset
|
86 ($nextPage !== FALSE ? $nextPage : stGetSetting("defaultPage")). |
323 | 87 ($error ? "?error=".$error : "")); |
315
100d9f7f9dde
Implement bits of user login checking.
Matti Hamalainen <ccr@tnsp.org>
parents:
311
diff
changeset
|
88 |
110 | 89 ?> |