| [ Index ] |
|
Code source de GeekLog 1.4.1 |
1 <?php 2 3 /* Reminder: always indent with 4 spaces (no tabs). */ 4 // +---------------------------------------------------------------------------+ 5 // | Geeklog 1.4 | 6 // +---------------------------------------------------------------------------+ 7 // | auth.inc.php | 8 // | | 9 // | Geeklog admin authentication module | 10 // +---------------------------------------------------------------------------+ 11 // | Copyright (C) 2000-2006 by the following authors: | 12 // | | 13 // | Authors: Tony Bibbs - tony AT tonybibbs DOT com | 14 // | Mark Limburg - mlimburg AT users DOT sourceforge DOT net | 15 // | Jason Whittenburg - jwhitten AT securitygeeks DOT com | 16 // +---------------------------------------------------------------------------+ 17 // | | 18 // | This program is free software; you can redistribute it and/or | 19 // | modify it under the terms of the GNU General Public License | 20 // | as published by the Free Software Foundation; either version 2 | 21 // | of the License, or (at your option) any later version. | 22 // | | 23 // | This program is distributed in the hope that it will be useful, | 24 // | but WITHOUT ANY WARRANTY; without even the implied warranty of | 25 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 26 // | GNU General Public License for more details. | 27 // | | 28 // | You should have received a copy of the GNU General Public License | 29 // | along with this program; if not, write to the Free Software Foundation, | 30 // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | 31 // | | 32 // +---------------------------------------------------------------------------+ 33 // 34 // $Id: auth.inc.php,v 1.34 2006/10/01 19:16:13 dhaun Exp $ 35 36 // this file can't be used on its own 37 if (strpos ($_SERVER['PHP_SELF'], 'auth.inc.php') !== false) 38 { 39 die ('This file can not be used on its own.'); 40 } 41 42 // MAIN 43 $uid = ''; 44 if (!empty ($_POST['loginname']) && !empty ($_POST['passwd'])) { 45 $status = SEC_authenticate (COM_applyFilter ($_POST['loginname']), 46 $_POST['passwd'], $uid); 47 } else { 48 $status = ''; 49 } 50 $display = ''; 51 52 if ($status == 3) { 53 DB_change($_TABLES['users'],'pwrequestid',"NULL",'uid',$uid); 54 $_USER = SESS_getUserDataFromId ($uid); 55 $sessid = SESS_newSession ($_USER['uid'], $_SERVER['REMOTE_ADDR'], 56 $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']); 57 SESS_setSessionCookie ($sessid, $_CONF['session_cookie_timeout'], 58 $_CONF['cookie_session'], $_CONF['cookie_path'], 59 $_CONF['cookiedomain'], $_CONF['cookiesecure']); 60 PLG_loginUser ($_USER['uid']); 61 62 // Now that we handled session cookies, handle longterm cookie 63 64 if (!isset ($_COOKIE[$_CONF['cookie_name']])) { 65 66 // Either their cookie expired or they are new 67 68 $cooktime = COM_getUserCookieTimeout(); 69 70 if (!empty($cooktime)) { 71 72 // They want their cookie to persist for some amount of time so set it now 73 74 setcookie ($_CONF['cookie_name'], $_USER['uid'], 75 time() + $cooktime, $_CONF['cookie_path'], 76 $_CONF['cookiedomain'], $_CONF['cookiesecure']); 77 } 78 } 79 if (!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,syndication.edit','OR')) { 80 $display .= COM_refresh($_CONF['site_admin_url'] . '/moderation.php'); 81 } else { 82 $display .= COM_refresh($_CONF['site_url'] . '/index.php'); 83 } 84 echo $display; 85 exit; 86 } else if (!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit','OR') && (count (PLG_getAdminOptions()) == 0)) { 87 $display .= COM_siteHeader(); 88 89 $display .= COM_startBlock($LANG20[01]); 90 91 if (!empty($warn)) { 92 $display .= $LANG20[02] 93 .'<br><br>' 94 .COM_accessLog($LANG20[03] . ' ' . $_POST['loginname']); 95 } 96 97 $display .= '<form action="' . $_SERVER['PHP_SELF'] 98 . '" method="POST">' 99 .'<table cellspacing="0" cellpadding="0" border="0" width="100%">'.LB 100 .'<tr><td align="right">'.$LANG20[04].' </td>'.LB 101 .'<td><input type="text" name="loginname" size="16" maxlength="16"></td>'.LB 102 .'</tr>'.LB 103 .'<tr>'.LB 104 .'<td align="right">'.$LANG20[05].' </td>'.LB 105 .'<td><input type="password" name="passwd" size="16" maxlength="16"></td>' 106 .'</tr>'.LB 107 .'<tr>'.LB 108 .'<td colspan="2" align="center" class="warning">'.$LANG20[06].'<input type="hidden" name="warn" value="1">' 109 .'<br><input type="submit" name="mode" value="'.$LANG20[07].'"></td>'.LB 110 .'</tr>'.LB 111 .'</table></form>' 112 .COM_endBlock() 113 .COM_siteFooter(); 114 echo $display; 115 exit; 116 } 117 118 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Wed Nov 21 12:27:40 2007 | par Balluche grâce à PHPXref 0.7 |
|
|