135 lines
4.2 KiB
PHP
135 lines
4.2 KiB
PHP
<?php
|
|
|
|
|
|
/*
|
|
|
|
Copyright 2018 Murray Hayes
|
|
|
|
Redistribution and use in source and binary forms, with or without
|
|
modification, are permitted provided that the following conditions
|
|
are met:
|
|
|
|
1. Redistributions of source code must retain the above copyright
|
|
notice, this list of conditions and the following disclaimer.
|
|
|
|
2. Redistributions in binary form must reproduce the above copyright
|
|
notice, this list of conditions and the following disclaimer in the
|
|
documentation and/or other materials provided with the distribution.
|
|
|
|
3. Neither the name of the copyright holder nor the names of its
|
|
contributors may be used to endorse or promote products derived from
|
|
this software without specific prior written permission.
|
|
|
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
|
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
|
|
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
*/
|
|
|
|
|
|
session_start();
|
|
|
|
include_once "utils.php";
|
|
include_once "DOMUtils.php";
|
|
include_once "consts.php";
|
|
include_once "database.php";
|
|
include_once "text.php";
|
|
|
|
|
|
|
|
if (isset($_SESSION['cookieMonster']))
|
|
//if (true)
|
|
{
|
|
if (isset($_POST['username']) && isset($_POST['password']))
|
|
{
|
|
if (validatePassword(cleanInput($_POST['username']), cleanInput($_POST['password'])))
|
|
{
|
|
$_SESSION['login'] = TRUE;
|
|
$_SESSION['lastSessionRefresh'] = time();
|
|
$names = explode('.', $_POST['username']);
|
|
$memberID = returnIdFromUsername($_POST['username']);
|
|
populateSessionFromMemberID($memberID);
|
|
//$_SESSION['FirstName'] = $names[0];
|
|
//$_SESSION['LastName'] = $names[1];
|
|
if ($memberID === FALSE)
|
|
{
|
|
unsetSession();
|
|
}
|
|
else
|
|
{
|
|
$_SESSION['MemberID'] = $memberID;
|
|
if ($memberTrackAddrChange)
|
|
{
|
|
updateMemberRemoteAddr($_SERVER['REMOTE_ADDR']);
|
|
}
|
|
}
|
|
}
|
|
else
|
|
{
|
|
print ($text0010);
|
|
unsetSession();
|
|
}
|
|
}
|
|
$doc = returnDoc();
|
|
$root = returnRoot($doc);
|
|
$doc->appendChild($root);
|
|
|
|
if (!isset($_SESSION['login']) || ($_SESSION['login'] === FALSE))
|
|
{
|
|
$root->appendChild(generateHead($doc));
|
|
$_SESSION['login'] = FALSE;
|
|
}
|
|
else
|
|
{
|
|
$meta = $doc->createElement('meta');
|
|
$meta->setAttribute('http-equiv', 'refresh');
|
|
//$meta->setAttribute('content', '0;' . $_SERVER['PHP_SELF'] . "?cookieCheck=true");
|
|
//$meta->setAttribute('content', '0;https://' . $siteDomain . $baseDir . $memberDir . "members.php");
|
|
/*
|
|
* This isn't needed anymore because I setup https on localhost and defined
|
|
* zombies in the hosts file.
|
|
if ($localHost)
|
|
$meta->setAttribute('content', '0;http://localhost' . $baseDir . $memberDir . "member.php");
|
|
else
|
|
$meta->setAttribute('content', '0;https://' . $siteDomain . $baseDir . $memberDir . "member.php");
|
|
*/
|
|
|
|
$meta->setAttribute('content', '0;https://' . $siteDomain . $baseDir . $memberDir . "member.php");
|
|
$root->appendChild(generateHead($doc, $meta));
|
|
}
|
|
$body = $doc->createElement('body');
|
|
$body->appendChild(generateMastHead($doc, $baseDir));
|
|
if ($_SESSION['login'] === FALSE)
|
|
{
|
|
$badPass = $doc->createElement('h3');
|
|
$badPass->appendChild($doc->createTextNode($text0010));
|
|
$body->appendChild($badPass);
|
|
/*
|
|
$badPass = $doc->createElement('h5');
|
|
$badPass->appendChild($doc->createTextNode($_POST['username'] . " " . $_POST['password']));
|
|
$body->appendChild($badPass);*/
|
|
}
|
|
$body->appendChild(generateLoginForm($doc));
|
|
|
|
$body->appendChild(createAnchor($doc, 'password-reset.php', $text0012));
|
|
|
|
$body->appendChild(generateFooter($doc));
|
|
$root->appendChild($body);
|
|
|
|
outputDoc($doc);
|
|
}
|
|
else
|
|
generateCookieMonster();
|
|
|
|
|
|
?>
|
|
|