<?
// Setting the title
$GLOBALS[page_title] = "User Login";

//  This get the document root specified in the virtual host of apache
$GLOBALS[int_path] = getenv(DOCUMENT_ROOT);

// This will be changed to look at a file that the user can set the prefrence of.
$GLOBALS[lib_path] = "$GLOBALS[int_path]/../lib";

include "$GLOBALS[lib_path]/config.inc";
include "$GLOBALS[lib_path]/mysql.inc";
include "$GLOBALS[lib_path]/overseer.inc";
include "$GLOBALS[lib_path]/user_db.inc";
include "$GLOBALS[lib_path]/design.inc";

$user_db = new USER_DB();
if(!$user_db->connect("$GLOBALS[dbhost]","$GLOBALS[dbusername]","$GLOBALS[dbuserpassword]","$GLOBALS[dbname]")) header("Location: $url_path/error_db_fail.php");

$os = new OVERSEER;
$os->connect("$GLOBALS[dbhost]","$GLOBALS[dbusername]","$GLOBALS[dbuserpassword]","$GLOBALS[dbname]");


$session_array = $os->decipher($HTTP_COOKIE_VARS[login_active], $GLOBALS[secret_key]);


// Set the user navbars.
if(!$HTTP_COOKIE_VARS[login_active]) $nav_array = array(main);
elseif($os->num_rows("SELECT user_name FROM users WHERE user_name='$session_array[user_name]' AND user_type='1'")) $nav_array = array_merge($GLOBALS[admin_navbox_array], $os->get_navbox_array($session_array[user_name]));
else $nav_array = array_merge($GLOBALS[basic_navbox_array], $os->get_navbox_array($session_array[user_name]));



// Checking for op passes to this page.
if($op){
	switch($op) {
    	case "logout":
    	    setcookie("login_active", "");
    	    header("Location: $GLOBALS[url_path]/login.php");
    }
}

// This variable is used as the 'checked' work that was used to check the checkbox
 if($HTTP_COOKIE_VARS[c_login_name]){
 	$checked = 'checked';
 }


$GLOBALS[contents00] = <<<ENDcontents00
	<font face="$GLOBALS[body_font_face]" size="$GLOBALS[body_font_size]">

<form name="" method="post" action="$GLOBALS[url_path]$PHP_SELF">
<table cellpadding="5" cellspacing="1" border="0"><tr bgcolor="dddddd">
	<td>1</td>
	<td>enter your username</td>
	<td><input type="text" size="16" maxlength="15" name="user_name" value="$HTTP_COOKIE_VARS[c_login_name]"></td>
	<td><input type="checkbox" name="save_uid" value="true" $checked>&nbsp;save</td>
</tr><tr bgcolor="dddddd">
	<td>2</td>
	<td>enter your password</td>
	<td><input type="password" maxlength="15" size="16" name="user_pass" value=""></td>
	<td></td>
</tr><tr bgcolor="cccccc">
	<td>3</td>
	<td>click to access your area.</td>
	<td>
	<input type="hidden" name="logindt00" value="true">
	<input type="submit" name="password" value="login">
	</td>
	<td></td>
</tr><tr bgcolor="dddddd">
	<td>4</td>
	<td>Problems with your login?</td>
	<td><a href="http://demo.audiodevil.com/forgotpass.php">click here</a></td>
	<td></td>
</tr></table>
</form>
</font>
ENDcontents00;



$GLOBALS[contents01] = <<<ENDcontents01
	<font face="$GLOBALS[body_font_face]" size="$GLOBALS[body_font_size]">
	you must fill-in all the blanks.
	</font>
ENDcontents01;




$GLOBALS[contents02] = <<<ENDcontents02
	<font face="$GLOBALS[body_font_face]" size="$GLOBALS[body_font_size]">
	username does not exist.  use another username
	</font>
ENDcontents02;



$GLOBALS[contents03] = <<<ENDcontents03
	<font face="$GLOBALS[body_font_face]" size="$GLOBALS[body_font_size]">
	passwords do not match....
	</font>

ENDcontents03;


// Check for error passes
if($error){
	switch($error){
		case "setcookie_error":

$GLOBALS[contents00] = <<<ENDcontents00
	<font face="$GLOBALS[body_font_face]" size="$GLOBALS[body_font_size]">
	Error setting the cookie<br><br>
	</font>
ENDcontents00;

		case "not_admin":

$GLOBALS[contents00] = <<<ENDcontents00
	<font face="$GLOBALS[body_font_face]" size="$GLOBALS[body_font_size]">
	You do not have admin privileges to view this page.<br><br>
	</font>
ENDcontents00;

	}
}



// --------------
if($HTTP_POST_VARS[logindt00]){

	// MD5ing the password for later use.
	$pwd = md5($HTTP_POST_VARS[user_pass]);

	// if anything is empty.
	if(empty($HTTP_POST_VARS[user_name]) || empty($HTTP_POST_VARS[user_pass])) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[contents01]");

	// see if the user name exists.
	elseif(!$user_db->chk_user_name($HTTP_POST_VARS[user_name])) $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[contents02]");

	// see if the password match the database.
	elseif($pwd != $user_db->get_user_pass($HTTP_POST_VARS[user_name])){
		$contents = array("$GLOBALS[page_title]"=>"$GLOBALS[contents03]");


	}else{


		if($HTTP_POST_VARS[save_uid]){

			//echo "save_uid = $HTTP_POST_VARS[save_uid]<br>\n";

			$co_t = ($GLOBALS[c_time] * 2);
			setcookie("c_login_name",$HTTP_POST_VARS[user_name],$co_t);
		}else setcookie("c_login_name","",$GLOBALS[c_dtime]);


		if(!$cipher_text = $os->encipher(array(user_name=>"$HTTP_POST_VARS[user_name]",time=>$GLOBALS[current_utime]), $GLOBALS[secret_key])) header("Location: $GLOBALS[url_path]/login.php");
		elseif(!setcookie("login_active",$cipher_text)) header("Location: $GLOBALS[url_path]/login.php?error=setcookie_error");
		else{
			// if the user has come from a page that needed authincation redirect them back to that page
			if($HTTP_GET_VARS[redirect_url]) header("Location: $HTTP_GET_VARS[redirect_url]");
			else header("Location: $GLOBALS[url_path]/home.php");
		}


	}

}else $contents = array("$GLOBALS[page_title]"=>"$GLOBALS[contents00]");



//$log = new LOG();

draw_header("$GLOBALS[page_title]");
draw_nav($nav_array);
draw_sect($contents);
draw_footer();
ob_end_flush();
?>