You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
135 lines
4.2 KiB
135 lines
4.2 KiB
<?php |
|
|
|
|
|
/* |
|
|
|
Copyright 2018 Murray Hayes |
|
|
|
Redistribution and use in source and binary forms, with or without |
|
modification, are permitted provided that the following conditions |
|
are met: |
|
|
|
1. Redistributions of source code must retain the above copyright |
|
notice, this list of conditions and the following disclaimer. |
|
|
|
2. Redistributions in binary form must reproduce the above copyright |
|
notice, this list of conditions and the following disclaimer in the |
|
documentation and/or other materials provided with the distribution. |
|
|
|
3. Neither the name of the copyright holder nor the names of its |
|
contributors may be used to endorse or promote products derived from |
|
this software without specific prior written permission. |
|
|
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
|
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
|
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
|
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
|
COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
|
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
|
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
|
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
POSSIBILITY OF SUCH DAMAGE. |
|
|
|
*/ |
|
|
|
|
|
session_start(); |
|
|
|
include_once "utils.php"; |
|
include_once "DOMUtils.php"; |
|
include_once "consts.php"; |
|
include_once "database.php"; |
|
include_once "text.php"; |
|
|
|
|
|
|
|
if (isset($_SESSION['cookieMonster'])) |
|
//if (true) |
|
{ |
|
if (isset($_POST['username']) && isset($_POST['password'])) |
|
{ |
|
if (validatePassword(cleanInput($_POST['username']), cleanInput($_POST['password']))) |
|
{ |
|
$_SESSION['login'] = TRUE; |
|
$_SESSION['lastSessionRefresh'] = time(); |
|
$names = explode('.', $_POST['username']); |
|
$memberID = returnIdFromUsername($_POST['username']); |
|
populateSessionFromMemberID($memberID); |
|
//$_SESSION['FirstName'] = $names[0]; |
|
//$_SESSION['LastName'] = $names[1]; |
|
if ($memberID === FALSE) |
|
{ |
|
unsetSession(); |
|
} |
|
else |
|
{ |
|
$_SESSION['MemberID'] = $memberID; |
|
if ($memberTrackAddrChange) |
|
{ |
|
updateMemberRemoteAddr($_SERVER['REMOTE_ADDR']); |
|
} |
|
} |
|
} |
|
else |
|
{ |
|
print ($text0010); |
|
unsetSession(); |
|
} |
|
} |
|
$doc = returnDoc(); |
|
$root = returnRoot($doc); |
|
$doc->appendChild($root); |
|
|
|
if (!isset($_SESSION['login']) || ($_SESSION['login'] === FALSE)) |
|
{ |
|
$root->appendChild(generateHead($doc)); |
|
$_SESSION['login'] = FALSE; |
|
} |
|
else |
|
{ |
|
$meta = $doc->createElement('meta'); |
|
$meta->setAttribute('http-equiv', 'refresh'); |
|
//$meta->setAttribute('content', '0;' . $_SERVER['PHP_SELF'] . "?cookieCheck=true"); |
|
//$meta->setAttribute('content', '0;https://' . $siteDomain . $baseDir . $memberDir . "members.php"); |
|
/* |
|
* This isn't needed anymore because I setup https on localhost and defined |
|
* zombies in the hosts file. |
|
if ($localHost) |
|
$meta->setAttribute('content', '0;http://localhost' . $baseDir . $memberDir . "member.php"); |
|
else |
|
$meta->setAttribute('content', '0;https://' . $siteDomain . $baseDir . $memberDir . "member.php"); |
|
*/ |
|
|
|
$meta->setAttribute('content', '0;https://' . $siteDomain . $baseDir . $memberDir . "member.php"); |
|
$root->appendChild(generateHead($doc, $meta)); |
|
} |
|
$body = $doc->createElement('body'); |
|
$body->appendChild(generateMastHead($doc, $baseDir)); |
|
if ($_SESSION['login'] === FALSE) |
|
{ |
|
$badPass = $doc->createElement('h3'); |
|
$badPass->appendChild($doc->createTextNode($text0010)); |
|
$body->appendChild($badPass); |
|
/* |
|
$badPass = $doc->createElement('h5'); |
|
$badPass->appendChild($doc->createTextNode($_POST['username'] . " " . $_POST['password'])); |
|
$body->appendChild($badPass);*/ |
|
} |
|
$body->appendChild(generateLoginForm($doc)); |
|
|
|
$body->appendChild(createAnchor($doc, 'password-reset.php', $text0012)); |
|
|
|
$body->appendChild(generateFooter($doc)); |
|
$root->appendChild($body); |
|
|
|
outputDoc($doc); |
|
} |
|
else |
|
generateCookieMonster(); |
|
|
|
|
|
?> |
|
|