Location: PHPKode > projects > PhpChangeLog > phpchangelog-0.6/index.php
<?php

/**
 * phpChangeLog Login
 *
 * This is the login part
 */


# For debugging, do full error_reporting
error_reporting(2500);

# Define our own file & path
$thisfile = $_SERVER['PHP_SELF'];

# start a session (or resume an existing one)
session_start();

# destroy session if user wants to logout
if ($_GET['logout'] == TRUE) {
    $_SESSION = array();
    session_destroy();
}

# set root directory for this script
$rootdoc = ".";

# include the configuration file
require ("conf/config.inc.php");
require ("mysql/mysql_process.inc.php");
require ("html/html_header.inc.php");

# If the user entered a password, validate it and put the maintainervariable in the session 
if (isset($_POST['login'])) {
    $maintainer = $_POST['maintainer'];
    $password = md5($_POST['password']);
    $mntnr_db = $_POST['database'] ."_maintainers";
    addslashes($maintainer);
    addslashes($password);
    addslashes($mntnr_db);

    $query = "SELECT * FROM $mntnr_db WHERE maintainer='$maintainer' AND password='$password'"; 
    $result = mysql_query($query) or die('error making query');
    $affected_rows = mysql_num_rows($result);

    # if there's exactly one result, the maintainer is validated. Otherwise, he's invalid
    if($affected_rows == 1) {
        # add the user to our session variables
        $_SESSION['maintainer'] = $maintainer;
        $_SESSION['database'] = $_POST['database'];
    } else {
        echo "<center>Login failed, try again.</center><br />\n";
    }
}


# if the session is empty, we should put a login screen on
if(empty($_SESSION['maintainer'])) {
    echo "<center><img src=\"img/phpChangeLog-logo.gif\" border=\"0\" alt=\"phpChangeLog\" /></center>\n";
    echo "<center><font size=\"1\" color=\"#999999\">$version</font></center>\n";
    echo "  <form name=\"login\" method=\"post\" action=\"$thisfile\">\n";
    echo "<table border=\"0\" align=\"center\" width=\"315\" cellspacing=\"0\" cellpadding=\"0\">\n";
    echo " <tr>\n";
    echo "  <td width=\"250\" valign=\"top\" align=\"left\">\n";
    echo "  database\n";
    echo "  </td>\n";
    echo "  <td width=\"150\" valign=\"top\" align=\"right\">\n";
    echo "   <select name=\"database\">\n";

    $get_dbs = mysql_query("SELECT * FROM db");
    while ($record = mysql_fetch_object($get_dbs)) {
        echo "   <option value=\"$record->db\">$record->db</option>\n";
    }
       
    echo "   </select>\n";
    echo "  </td>\n";
    echo " </tr>\n";
    echo " <tr>\n";
    echo "  <td width=\"250\" valign=\"top\" align=\"left\">\n";
    echo "   maintainer<br />\n";
    echo "  </td>\n";
    echo "  <td width=\"150\" valign=\"top\" align=\"right\">\n";
    echo "   <input type=\"text\" class=\"border\" size=\"15\" name=\"maintainer\" /><br />\n";
    echo "  </td>\n";
    echo " </tr>\n";
    echo " <tr>\n";
    echo "  <td width=\"250\" valign=\"top\" align=\"left\">\n";
    echo "   password\n";
    echo "  </td>\n";
    echo "  <td width=\"150\" valign=\"top\" align=\"right\">\n";
    echo "   <input type=\"password\" size=\"15\" class=\"border\" name=\"password\" /><br />\n";
    echo "   <input type=\"hidden\" name=\"login\" value=\"TRUE\" />\n";
    echo "   <br />\n";
    echo "  </td>\n";
    echo " </tr>\n";
    echo " <tr>\n";
    echo "  <td colspan=\"2\" align=\"center\">\n";
    echo "  <center><a href=\"./admin/index.php\" target=\"_self\" class=\"link\">[admin]</a><br /><br />\n";
    echo "   <input type=\"submit\" value=\"submit\" /></center>\n";
    echo "  </td>\n";
    echo " </tr>\n";
    echo "</table>\n";
    echo "  </form>\n";
} else {
    echo "<meta http-equiv=\"Refresh\" content=\"0; URL=./phpchangelog.php\">";
}

?>

</body>
</html>
Return current item: PhpChangeLog