Location: PHPKode > projects > FeedMeLinks, Social BookmarkingSince2002 > feedmelinks.com/login.php
<%
	# $Id: login.php,v 1.46 2005/11/06 23:14:54 hirokai Exp $ 

	include_once( "modules/utils.inc.php" );
	$site = getSiteUrl();
	if( $op == "logout" ) {
		$authenticated = 0;	
		$sessionUserId = "xx";	
		logout();
	}

	$page = "login";
	$shouldShowLoginForm = 1;
	$shouldShowCreateForm = 0;

	# optionally take an incoming message to display
	$mesg = $mesg ? $mesg : "";

	if( $op == "login" && $userId && $password ) {
		$con_login = mysql_connect();
		mysql_selectdb( getDBName() );
		$qs = "SELECT * from linksUsers WHERE userId = '$userId'";
		$q = mysql_query( $qs );
		if( $q )
			$numRows = mysql_num_rows($q);
		if( $numRows ) {
			$i = 0;
			while ($i < $numRows) {
				$dbPassword = mysql_result($q,$i,"password");
				$dbUserId = mysql_result($q,$i,"userId");
				if( ! strncmp( urlencode( $password ), $dbPassword, 16 )) {
					$authenticated = 1;
					$sessionUserId = $dbUserId;

					setCookie( 'c_uid', $dbUserId, time()+60*60*24*69, '/', get_cookie_domain() );
					setCookie( 'c_pass_token', md5( getPasswdForUser( $sessionUserId )), time()+60*60*24*69, '/', get_cookie_domain() );

					if( $debug ) {
						e( "auth challenge successful, authenticating you as $sessionUserId" );
					}
					
					if( $debug ) {
						e( "just set cookies:" );
						e( " setCookie( 'c_uid', $dbUserId, " . (time()+60*60*24*69) . ", '/', " . get_cookie_domain() . " );" );
						e( " setCookie( 'c_pass_token', " . (md5( getPasswdForUser( $sessionUserId ))) . ", " . (time()+60*60*24*69) . ", '/', " . get_cookie_domain() . " );" );
					}

%>
<div class="welcome">Welcome, <b><%= $userId %></b>!<br />
	<small>
		<small>
			<small>
				<br />
				logging you in... hol' up!
			</small>
		</small>
	</small>
</div>
<%
					$shouldShowLoginForm = 0;
					$nofooter = true;
					if( $debug ) {
						echo "<p>would bounce to: \"$bounceToPage\" ";
						echo "(empty means default to /)<br />";
						echo "\$passThroughURL: \"$passThroughURL\"</p>";
					}
					else {
						if( $bounceToPage ) {
							echo bounceTo( $site . "/" . $bounceToPage );
						} else if( $from == "funnel" ||  $from == "toolbar" || $from == "xulbar" ) {
							echo bounceTo( "/funnel?op=submit&name=" . $name . "&url=" . $url . "&ref=" . $ref . "&loggedIn=wasnt" );
						} else if( $passThroughURL ) {
							echo "PASS IT THROUGH!";
							echo bounceTo( "/?loggedIn=wasnt&op=submit&name=" . $name . "&url=" . $url . "&from=" . $from . "&groupid=" . $groupid );
						} else {
							echo bounceTo( "/" );
						}
					}
				} else {
					if( $debug ) {
						echo urlencode( $password ) . "<br />";
						echo $dbPassword . "<br />";
					}
					$mesg = "Darn it! Your password seems to be incorrect. Please double-check your username and password and try again, or email the <a href='mailto:hide@address.com'>admins</a> if you need help.";
					$shouldShowLoginForm = 1;
				}
				$i++;
			}
		} else {
			$mesg = "Oh no! We couldn't find your Username in our database! Please double-check your username and try again, or email the <a href='mailto:hide@address.com'>admins</a> if you need help.";
		}
		conClose( $con_login );
	} else if( $op == "inputNewAccount" ) {
		$shouldShowLoginForm = 0;
		$shouldShowCreateForm = 1;
	} else if( $op == "createAccount" ) {
		$con = mysql_connect();
		mysql_selectdb( getDBName() );
		$shouldShowLoginForm = 0;
		if( ! $errors )  {

			if( $userId && $email && $password && $password == $password2 ) {
				
				if( $userId == "feedmelinks" || $userId == "feedmelinks.com" || $userId == "anonymous" ) {
					$errors = "$errors $userId is a reserved name. please pick a new user ID.";
					$shouldShowCreateForm = 1;
					$mesg = "Shoot! Please pick a new userId, that one is taken.";
				} else {
					$qs = "SELECT * FROM linksUsers where userid = '$userId';";
					$q = mysql_query( $qs );
					$numRows = mysql_num_rows($q);
					if( $numRows ) {
						$errors = "$errors Urghh. That user name is already taken!<br />(dang, that sucks. sorry.)";
						$shouldShowCreateForm = 1;
						$mesg = "Please pick a new userId, that one is taken.";
					} else {

						$shouldShowLoginForm = 0;
						$shouldShowCreateForm = 0;
						$userAdded = addUser( $userId, $email, $password, "" );
						if( $userAdded ) {

							$headers = "";
							$subject = "Welcome, Linkster!";
							$body    = "Welcome to Feed Me Links!

Your feedmelinks user name is: $userId.
Your feedmelinks password is: $password

Go to $site to log in and start sharing links.
After you log in, you can add the 'Add Link' button to you web
browser so you can manage all your links with a single click.

Save this message under your pillow in case you forget your username
and password. Email hide@address.com with any questions or comments.

Happy Linking!

- jm3 
  Feed Me Links
";

							$headers .= "From: Feed Me Links <hide@address.com>\n";
							$headers .= "X-Mailer: feedmelinks-mailer-daemon\n";
							$mailSuccess = mail( $origEmail, $subject, $body, $headers);

							# now add their default folders:
							#  'unfiled', makePublicFolderName( 'public' ), and 'private' (suggested by pheezy)

							$folderId = addFolder( "public", $userId );
							$folderId = addFolder( "linkpocket", $userId );
							$folderId = addPrivateFolder( "private", $userId );

							$authenticated = 1;
							$sessionUserId = $userId;
							setCookie( "c_uid", $userId, time()+60*60*24*69, "/", ".feedmelinks.com" );
							setCookie( "c_pass_token", md5( getPasswdForUser( $sessionUserId )), time()+60*60*24*69, "/", ".feedmelinks.com" );
							
							# display status message:
							echo "<h3>Creating your user account...</h3><br />\n"; 

							if( ! $debug ) {
								echo bounceWithDelay( "/", 1 );
							}
						} else { 
							$shouldShowCreateForm = 1;
							$mesg = "Please pick a new userId, that one is taken.";
						}
					}
				}
		
			} else {
				$mesg = "Please fill in all fields and make sure your passwords match.";
				$shouldShowCreateForm = 1;
			}
		} else {
			#errors
			$shouldShowCreateForm = 1;
		}
	} else {
		if( $op != "logout" && $op == "login" )
			$mesg = "Dang. Login failed. Please double-check your username and password and try again, or email the <a href='mailto:hide@address.com'>admins</a> if you need help.";
	}
%>

<% include( "$modules/header.insecure.inc.php" ); %>

<% if( $shouldShowLoginForm || $shouldShowCreateForm ) { %>
<title> Feed me your password! </title>
</head>
<body onLoad="if( document.forms['login_form'] )  document.forms['login_form'].userId.focus();" >
<img src="img/login-logo.gif" />
<% } %>

<% if( $shouldShowLoginForm ) { %>
<% include( "$modules/announce.inc.php" ); %>
<br />
<form name="login_form" action="<%= $page %>">
	<input type="hidden" name="op" value="login" />
<% if( $bounceToPage ) { %>
<input type="hidden" name="bounceToPage" value="<%= $bounceToPage %>" />
<% } %>
	<% if( $name || $url ) { %>
	<input type="hidden" name="passThroughURL" value="1" />
	<input type="hidden" name="name" value="<%= urlencode( $name ) %>" />
	<input type="hidden" name="loggedIn" value="wasnt" />
	<input type="hidden" name="url"  value="<%= urlencode( $url  ) %>" />
	<input type="hidden" name="ref"  value="<%= urlencode( $ref  ) %>" />
	<% } %>
	<% if( $from ) { %>
	<input type="hidden" name="from" value="<%= urlencode( $from ) %>" />
	<% } %>

	<div>
		<div style="float: left; margin-right: 1em;">
			<% include_once( "$modules/mascot-image.inc.php" ); %>
		</div>
		<div style="float: right;">
			<table width="310" border="0">

				<% if( $mesg ) { %>

				<tr>
					<td colspan="2">
						<div class="warning">
						<b><%= $mesg %></b>
						</div>
						<br />
						<br />
					</td>
				</tr>
				<% } %>

				<tr>
					<td align="right"><b>Username</b>:</td>
					<td><input name="userId" value="<%= $userId %>" class="nfield" /></td>
				</tr>
				<tr>
					<td align="right"><b>Password</b>:</td>
					<td><input name="password" value="<%= $password %>" type="password" class="nfield" /></td>
				</tr>
				<tr>
					<td>&nbsp;</td>
					<td>
						<input type="submit" class="button" value="Log In Now" />
						or
						<input type="button" onClick="window.location='<%= $page %>?op=inputNewAccount';" class="button" value="Register" />
					</td>
				</tr>

			</table>
			<br />
			<a href="/misc/forgot-password">Forget your password? No worries, we&rsquo;ll mail it to you!<br />
			<b>Click to have it re-sent via email</b></a>
			</div>
		</div>
</form>

<br />
<br />
<!-- <img src="http://www.klot.net/pictures/modifica/modifi07.jpg" /> -->
<br />
<!-- "The Mentalist, from his pulpit onstage..." -->
<% } else if( $shouldShowCreateForm ) {
	if( ! $errors ) 
		$mesg = "&nbsp;<b>one more click and you're done</b>!<br />";
%>
<%= $mesg %>
<br />

<script language="javascript">
	function validateForm( f ) {
		var errors = "";
		var re;
		
		if( ! f.userId.value )
			errors += "Please pick a user name.<br />\n";
		else {
			re = /^[\w\d_]+$/i; 
			var userIdOK = f.userId.value.match(re);
			if( !userIdOK )
				errors += "Please use only letters, numbers, and underscores in your userId.<br />\n";
			else if( f.userId.value.length < 3 )
				errors += "User names must be at least 3 characters.<br />\n";
			else if( f.userId.value.length > 16 )
				errors += "User names must be less than 16 characters.<br />\n";
		}

		if( f.password.value && f.password2.value && f.password.value == f.password2.value )
			errors += "";
		else
			errors += "Please fill in your password and make sure both password fields match.<br />\n";
		if( ! f.email.value )
			errors += "Please fill in your email address.<br />\n";
		else {
			re = /^[\w\d_-\.]+@[\w\d_]+.*\.[\w\d_]+$/i; 
			var emailOK = f.email.value.match(re);
			if( !emailOK )
				errors += "Please double-check your email address.<br />\n";
		}

		
		if( ! errors )
			return true;
		else {
			f.errors.value = errors;
			//return false;
			return true;
		}
	}

</script>

<% if( $errors ) { %>

<div class="alert" style="margin-bottom: 15px;">
	<h3>PLEASE CORRECT THE FOLLOWING:</h3>
	<div class="warning"><%= $errors %></span>
</div>
<br />

<% } %>

<form name="create_account_form" action="<%= $page %>" method="get" onSubmit="return(validateForm(this));">
<input type="hidden" name="op" value="createAccount" />
<input type="hidden" name="errors" value="" />
<table>
	<tr>
		<td align="right">pick a <b>user name</b>:</td>
		<td><input name="userId" maxlength="16" value="<%= $userId %>" class="text" />
			<span class="subtle">
				(letters, numbers, underscores only)
			</span>
		</td>
	</tr>
	<tr>
		<td align="right">your <b>email address</b>:</td>
		<td><input name="email" maxlength="48" value="<%= $email %>"
		class="text" /> <span class="subtle">(we
		NEVER sell or share emails)</span></td>
	</tr>
	<tr>
		<td align="right">pick a <b>password</b>:</td>
		<td><input name="password" value="<%= $password %>" type="password"  size="16" maxlength="16" class="text"/>
			<span class="subtle">
				(16 letters or fewer)
			</span>
		</td>
	</tr>
	<tr>
		<td align="right">confirm password:</td>
		<td><input name="password2" value="<%= $password2 %>" type="password" size="16" maxlength="16" class="text" /> </td>
	</tr>
	</table> <br />
  <input type="submit" class="button" value="Make My Account >>" />
</form> <% } %> 

<% 
	$noxml = true;
	if( ! $nofooter )
		include_once( "$modules/footer.inc.php" ); 
%>

</body> </html>
Return current item: FeedMeLinks, Social BookmarkingSince2002