mirror of
https://github.com/e107inc/e107.git
synced 2025-08-06 14:46:56 +02:00
new module creation
This commit is contained in:
mcfly
175
e107_admin/auth.php
Normal file
175
e107_admin/auth.php
Normal file
@@ -0,0 +1,175 @@
|
||||
<?php
|
||||
/*
|
||||
+ ----------------------------------------------------------------------------+
|
||||
| e107 website system
|
||||
|
|
||||
| <20>Steve Dunstan 2001-2002
|
||||
| http://e107.org
|
||||
| jalist@e107.org
|
||||
|
|
||||
| Released under the terms and conditions of the
|
||||
| GNU General Public License (http://gnu.org).
|
||||
|
|
||||
| $Source: /cvs_backup/e107_0.8/e107_admin/auth.php,v $
|
||||
| $Revision: 1.1.1.1 $
|
||||
| $Date: 2006-12-02 04:33:11 $
|
||||
| $Author: mcfly_e107 $
|
||||
+----------------------------------------------------------------------------+
|
||||
*/
|
||||
|
||||
if (!defined('e107_INIT')) { exit; }
|
||||
|
||||
@include_once(e_LANGUAGEDIR.e_LANGUAGE."/admin/lan_admin.php");
|
||||
@include_once(e_LANGUAGEDIR."English/admin/lan_admin.php");
|
||||
if (ADMIN)
|
||||
{
|
||||
define("ADMIN_PAGE", true);
|
||||
require_once(e_ADMIN."header.php");
|
||||
}
|
||||
else
|
||||
{
|
||||
$use_imagecode = ($pref['logcode'] && extension_loaded("gd"));
|
||||
if ($use_imagecode)
|
||||
{
|
||||
require_once(e_HANDLER."secure_img_handler.php");
|
||||
$sec_img = new secure_image;
|
||||
}
|
||||
|
||||
if ($_POST['authsubmit'])
|
||||
{
|
||||
$obj = new auth;
|
||||
|
||||
if($use_imagecode)
|
||||
{
|
||||
if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))
|
||||
{
|
||||
echo "<script type='text/javascript'>document.location.href='../index.php'</script>\n";
|
||||
header("location: ../index.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
$row = $authresult = $obj->authcheck($_POST['authname'], $_POST['authpass']);
|
||||
if ($row[0] == "authfail") {
|
||||
echo "<script type='text/javascript'>document.location.href='../index.php'</script>\n";
|
||||
header("location: ../index.php");
|
||||
exit;
|
||||
} else {
|
||||
|
||||
$userpass = md5($_POST['authpass']);
|
||||
$cookieval = $row['user_id'].".".md5($userpass);
|
||||
|
||||
$sql->db_Select("user", "*", "user_name='".$tp -> toDB($_POST['authname'])."'");
|
||||
list($user_id, $user_name, $userpass) = $sql->db_Fetch();
|
||||
if ($pref['user_tracking'] == "session") {
|
||||
$_SESSION[$pref['cookie_name']] = $cookieval;
|
||||
} else {
|
||||
cookie($pref['cookie_name'], $cookieval, (time()+3600 * 24 * 30));
|
||||
}
|
||||
echo "<script type='text/javascript'>document.location.href='admin.php'</script>\n";
|
||||
}
|
||||
}
|
||||
|
||||
$e_sub_cat = 'logout';
|
||||
require_once(e_ADMIN."header.php");
|
||||
|
||||
if (ADMIN == FALSE) {
|
||||
$obj = new auth;
|
||||
$obj->authform();
|
||||
require_once(e_ADMIN."footer.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
|
||||
class auth
|
||||
{
|
||||
|
||||
function authform()
|
||||
{
|
||||
/*
|
||||
# Admin auth login
|
||||
#
|
||||
# - parameters none
|
||||
# - return null
|
||||
# - scope public
|
||||
*/
|
||||
|
||||
global $use_imagecode, $sec_img;
|
||||
|
||||
$text = "<div style='text-align:center'>
|
||||
<form method='post' action='".e_SELF."'>\n
|
||||
<table style='width:50%' class='fborder'>
|
||||
<tr>
|
||||
<td style='width:35%' class='forumheader3'>".ADLAN_89."</td>
|
||||
<td class='forumheader3' style='text-align:center'><input class='tbox' type='text' name='authname' size='30' value='$authname' maxlength='20' />\n</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td style='width:35%' class='forumheader3'>".ADLAN_90."</td>
|
||||
<td class='forumheader3' style='text-align:center'><input class='tbox' type='password' name='authpass' size='30' value='' maxlength='20' />\n</td>
|
||||
</tr>
|
||||
";
|
||||
|
||||
if ($use_imagecode) {
|
||||
$text .= "
|
||||
<tr>
|
||||
<td style='width:35%' class='forumheader3'>".ADLAN_152."</td>
|
||||
<td style='text-align:center'>
|
||||
<input type='hidden' name='rand_num' value='".$sec_img->random_number."'>".
|
||||
$sec_img->r_image().
|
||||
"<br /><input class='tbox' type='text' name='code_verify' size='15' maxlength='20' /></td>
|
||||
</tr>
|
||||
";
|
||||
}
|
||||
|
||||
$text .= "
|
||||
<tr>
|
||||
<td colspan='2' style='text-align:center' class='forumheader'>
|
||||
|
||||
<input class='button' type='submit' name='authsubmit' value='".ADLAN_91."' />
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</form>
|
||||
</div>";
|
||||
|
||||
$au = new e107table;
|
||||
$au->tablerender(ADLAN_92, $text);
|
||||
}
|
||||
|
||||
function authcheck($authname, $authpass)
|
||||
{
|
||||
/*
|
||||
# Admin auth check
|
||||
# - parameter #1: string $authname, entered name
|
||||
# - parameter #2: string $authpass, entered pass
|
||||
# - return boolean if fail, else result array
|
||||
# - scope public
|
||||
*/
|
||||
global $tp;
|
||||
$sql_auth = new db;
|
||||
$authname = $tp -> toDB(preg_replace("/\sOR\s|\=|\#/", "", $authname));
|
||||
if ($sql_auth->db_Select("user", "*", "user_loginname='$authname' AND user_admin='1' "))
|
||||
{
|
||||
$row = $sql_auth->db_Fetch();
|
||||
}
|
||||
else
|
||||
{
|
||||
if ($sql_auth->db_Select("user", "*", "user_name='$authname' AND user_admin='1' "))
|
||||
{
|
||||
$row = $sql_auth->db_Fetch();
|
||||
}
|
||||
}
|
||||
if($row['user_id'])
|
||||
{
|
||||
if($row['user_password'] == md5($authpass))
|
||||
{
|
||||
return $row;
|
||||
}
|
||||
}
|
||||
return array("authfail");
|
||||
}
|
||||
}
|
||||
|
||||
//------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------//
|
||||
?>
|
||||
Reference in New Issue
Block a user