Location: PHPKode > projects > PhpProjectMaster > www/php/login.php
<?php
/* 
 Member/User Login
 (c) 2004-2007 by "Oleg Savchuk" <hide@address.com>

 part of phpProjectMaster project
 http://phpprojmaster.sourceforge.net

 The contents of this file are subject to the GNU GENERAL PUBLIC LICENSE
 http://www.gnu.org/copyleft/gpl.html

*/

 session_start();
 require_once "../inc/sitelib.php" ;
 require_once "../inc/form_utils.php" ;
 require_once "../inc/user.php" ;
 require_once "../inc/sess.php" ;

 global_init();
//********* variables

//********* action!
 $CGI_ACTIONS=array(
  ''           => 'goto_login_page',
  'gologin'    => 'admin_login',
  'logoff'     => 'admin_logoff',

  'ShowPwd'    => 'show_forgotpwd',
  'SendPwd'    => 'send_forgotpwd',
 );

 go_action();

 exit;


#####################
function goto_login_page(){

 if ($_SESSION['u_id']>0){
    do_redirect($GLOBALS['MENU_URL']);
 }
 else{
    show_login_page();
 }
}

###################
function admin_login(){
 #!!! debug
 if ($GLOBALS['test_server']==1 && !$_REQUEST['login'] && $_REQUEST['pwd']=='~'){
    $_REQUEST['login']='hide@address.com';
    $_REQUEST['pwd']='321';
 }

 $login=db_quote($_REQUEST['login']);
 $pwd=db_quote($_REQUEST['pwd']);

 $sql="select *
   from users
  where status=0
    and email=$login
    and pwd=$pwd";

 $hr=db_row($sql);
 $u_id=$hr['u_id']+0;
 if ($u_id>0){
    session_destroy();
    session_start();

#    logger($hr['u_id']);
#    logger($hr['access_level']);
    #fill up session data
    set_def_session($u_id);
    session_write_close();
#    $_SESSION[is_simulated]=1 if $_SESSION[sim_time] ge $_SESSION[login_time];

#    do_redirect($GLOBALS['MENU_URL']);
#    logger($_SESSION[login_time]);
#    logger("u_id=".$_SESSION[u_id]);

    //set permanent login if requested
    if ($_REQUEST['is_remember']) create_perm_cookie($u_id);

    $gourl=$GLOBALS['MENU_URL'];
    if ($_SESSION['access_level']<100){
       $gourl="/php/task.php?my=1&ass=0&u_id=$u_id";
    }

    $ps=array(
       'gourl' => $gourl,
    );
    parse_page("/admin/login", "jscheck.html", $ps);
    flush(); #flush buffer for faster user response

    #update login vars
    $ip=getenv("REMOTE_ADDR");
    $sql="update users 
          set login_time=now(),
              login_ip=".dbq($ip)."
         where u_id=$u_id";
#    logger($sql);
    db_query($sql);

 }
 else{
    $GLOBALS['err_msg']="Login/Password is incorrect";
    $_SESSION[err_ctr]++;
    show_login_page();
 }
}

###################
function admin_logoff(){
 global $PERM_COOKIE_NAME;

 //delete session
 $_SESSION = array();
 session_destroy();

 //remove permanent cookie
 remove_perm_cookie();

 do_redirect("/");
}

####################
function show_login_page(){

 $ps=array(
    'err_ctr'       => $_SESSION['err_ctr'],
    'site_admin_email' => $GLOBALS['ADMIN_EMAIL'],
 );
 parse_page("/admin/login", $GLOBALS['PAGE_TPL'], $ps);
}





//**********************
function show_forgotpwd(){
 global $green_msg, $err_msg;

 $hITEM=$_REQUEST['item'];
 if (!$hITEM){ //init values
 }

 $ps=array(
 );
 $ps=array_merge($ps, $hITEM);
 parse_page("/admin/login/forgotpwd", $GLOBALS['PAGE_TPL'], $ps);
}

//**********************
function send_forgotpwd(){
 global $err_msg, $green_msg;

 if (validate_item_forgotpwd($_REQUEST['item'])) {
    //logging in:
    $IFORM=$_REQUEST['item'];
    $email=$IFORM['email'];
   
    //check login/pwd
    $sql="select * 
    from users 
    where email=".db_quote($email)." 
    ";
//    echo $sql;
    $sth=db_query($sql);
    $row=mysql_fetch_assoc($sth);
    if ($row){

       $IFORM=$row;
       $IFORM['ROOT_DOMAIN']=$GLOBALS['root_domain'];
       $msg_body=parse_page("/emails", 'email_pwd.txt', $IFORM, 'v');
       list($msg_subj, $msg_body)=email2subj_body($msg_body);
       
       send_email($IFORM['email'], $msg_subj, $msg_body);
       
       $green_msg="Password was sent successfully. Please check your email";

       goto_login_page();

    } else {
      $err_msg="Email is incorrect. Please try again.";
      show_forgotpwd();
    }
 } else {
   show_forgotpwd();
 }

}

//################# Validate item form values in IFORM
function validate_item_forgotpwd($IFORM){
 global $err_msg;

 $REQFLD=array(
'email' => array('Your Email'),
);

 //VALIDATE REQUIRED FIELDS
 if (!$err_msg) { $err_msg=validate_form($IFORM, $REQFLD); }

 if (!$err_msg) {
 //check that email exists in db
    $sql="select * 
    from users 
    where email=".db_quote($IFORM['email'])." 
    ";
//    echo $sql;
    $sth=db_query($sql);
    $row=mysql_fetch_assoc($sth);
    if (!$row){
       $err_msg="Such email cannot be found in our membership system. Please, check your email again or register as a new member.";
    }
 }

 if ($err_msg) { return 0 ;}
 return 1;
}

?>
Return current item: PhpProjectMaster