Location: PHPKode > projects > Horizon Blogging Software > admin/password_protect.php
<?php
if (!(defined('IN_HBS')) || IN_HBS !== TRUE) { header('Location: 404.php'); exit(); }
$confg = getConfig();

$LOGIN_INFORMATION = array(
  $confg["hzn_a_user"] => $confg["hzn_a_pass"],
);

define('USE_USERNAME', true);


// show usage example
if(isset($_GET['help'])) {
  die('Include following code into every page you would like to protect, at the very beginning (first line):<br>&lt;?php include("' . __FILE__ . '"); ?&gt;');
}

// logout?
if(isset($_GET['logout'])) {
  setcookie("verify", ''); // clear password;
  die("Logged out.");
}

if(!function_exists('showLoginPasswordProtect')) {

// show login form
function showLoginPasswordProtect($error_msg) {
?>
<html>
<head>
  <title>HBS Administrative Control Panel</title>
  <META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
  <META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
  <style>

body {
     margin: 0; /* to avoid margins */
     text-align: center; /* to correct the centering IE bug*/
	 background-color:#F4F4F4;
     }
   
#global {
     position:absolute;
     left: 50%; 
     top: 50%;
     width: 244px;
     height: 300px;
     margin-top: -150px; /* half of the height */
     margin-left: -122px; /* half of the width */
     border: 2px solid #555555;
background:url('images/loginbg.png');
     }
#last {
position:absolute;
width: 100%;
bottom: 0px;

}
input { border: 1px solid black; }
  </style>
</head>
<body>
<div id="global">
  <form method="post">

<img src="images/loginlogo.png" style="padding-bottom:7px;">
      <font color="red"><?php echo $error_msg; ?></font><br />
<br /><table align="center"><tr><td><?php if (USE_USERNAME) echo'Login:</td><td><input type="input" name="access_login" /></td><tr><td>Password:</td><td>';?>    <input type="password" name="access_password" /></td></tr></table><input type="submit" name="Submit" value="Submit" />
  </form>
  <br /></div>
</body>
</html>
<?php
  // stop at this point
  die();
}
}

// user provided password
if (isset($_POST['access_password'])) {

  $login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
  $pass = md5($_POST['access_password']);
  if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
  || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) 
  ) {
    showLoginPasswordProtect("Incorrect password.");
  }
  else {
    // set cookie if password was validated
    setcookie("verify", md5($pass));
    
    // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed
    // So need to clear password protector variables
    unset($_POST['access_login']);
    unset($_POST['access_password']);
    unset($_POST['Submit']);
  }

}

else {

  // check if password cookie is set
  if (!isset($_COOKIE['verify'])) {
    showLoginPasswordProtect("");
  }

  // check if cookie is good
  $found = false;
  foreach($LOGIN_INFORMATION as $kay=>$val) {
    if ($_COOKIE['verify'] == md5($val)) {
      $found = true;
      break;
    }
  }
  if (!$found) {
    showLoginPasswordProtect("");
  }

}

?>
Return current item: Horizon Blogging Software