Mercurial > hg > fapweb
view admin.php @ 1086:4a95cd4fa341
Check for existence of "expires" field in session data.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Thu, 26 Jan 2017 00:30:58 +0200 |
parents | 7da8bde9b7be |
children |
line wrap: on
line source
<?php // // FAPWeb - Simple Web-based Demoparty Management System // Party administration page frontend module // (C) Copyright 2012-2017 Tecnic Software productions (TNSP) // $sessionType = "admin"; require_once "mconfig.inc.php"; require_once "msite.inc.php"; require_once "msession.inc.php"; function stLoginContent() { echo "<div id=\"adminContent\">\n<div id=\"adminLogin\">"; } function stLoginFooter() { echo "</div>\n"; cmPrintPageFooter(); } // Switch to https first, if needed if (!stCheckHTTPS()) { header("Location: https://".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"]); exit; } // Start output $pageCSS = "css/admin.css"; cmPrintPageHeader("FAPWeb Administration", " <meta http-equiv=\"Pragma\" content=\"no-cache\" />\n", FALSE); // Initiate SQL database connection if (!stConnectSQLDB()) { // Error occured, bail out early cmPrintPageFooter(); exit; } // Fetch non-"hardcoded" settings from SQL database stReloadSettings(); // Check if sessions are enabled if (!stChkSetting("admPassword")) { stLoginContent(); echo "<h1>Oh noes, admin configuration not done!</h1>\n". "<p>Better go and prod that, so you get to use the fine admin interface.</p>\n"; stLoginFooter(); exit; } else if (!stAdmSessionAuth(FALSE)) { // Perform authentication if we are not in session already stLoginContent(); echo "<h1>Party admin login</h1>\n". "<p>Please use illegal telepathy over HTTP to provide a ". "password to enter the party administration systembolaget.</p>\n". "\n". " ".stGetFormStart("admlogin", "admlogin.php"). " ".stGetFormHiddenInput("mode", "check")."\n". " ".stGetFormPasswordInput("admpass", "", "", "autofocus=\"autofocus\"")."\n". " ".stGetFormSubmitInput("submit", "Login")."\n". " </form>\n". "\n". "<p>[<a href=\"".stGetSetting("defaultPage")."\">Return to the main page</a>].</p>\n"; stLoginFooter(); exit; } else { echo "<script type=\"text/javascript\" src=\"admajax.js.php\"></script>\n". "<script type=\"text/javascript\" src=\"genajax.js\"></script>\n". "<div id=\"adminPopup\"></div>\n". "<div id=\"adminContent\">\n". "<div id=\"nstatus\">-</div>\n". "<div id=\"tabHeadersCC\" class=\"tabHeaders\"></div>\n". "<div id=\"tabContentsCC\" class=\"tabContents\">\n". "<noscript>\n". " <h1>Ehm, you need to enable JavaScript to use the admin interface.</h1>\n". "</noscript>\n". "</div>\n"; } cmPrintPageFooter(); ?>