Mercurial > hg > fapweb
diff usrlogin.php @ 110:ff511f5351df
Work on voting.
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Mon, 21 Oct 2013 22:48:55 +0300 |
| parents | |
| children | 5837b9333964 |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/usrlogin.php Mon Oct 21 22:48:55 2013 +0300 @@ -0,0 +1,38 @@ +<? +$sessionType = "user"; +require "mconfig.inc.php"; +require "msite.inc.php"; +require "msession.inc.php"; + +stSetupCacheControl(); + +// Initiate SQL database connection +if (!stConnectSQLDB()) + die("Could not connect to SQL database."); + +// Fetch non-"hardcoded" settings from SQL database +stReloadSettings(); + + +$gotoPage = stGetRequestItem("goto", FALSE); +$password = stGetRequestItem("key", FALSE); + +$sql = stPrepareSQL("SELECT id FROM votekeys WHERE key=%s", $password); +if (($votekey_id = stFetchSQLColumn($sql)) !== false) +{ + if (!stSessionStart(SESS_USER, $votekey_id, "userTimeout")) + { + error_log("User session AUTH LOGIN failed (session setup)"); + $gotoPage = "loginerror"; + } + else + stSetSessionItem("mode", stGetRequestItem("mode", "error")); +} +else +{ + error_log("User session AUTH LOGIN failed (password)"); + $gotoPage = "loginerror"; +} + +header("Location: ".($gotoPage !== FALSE ? $gotoPage : "news")); +?> \ No newline at end of file