Location: PHPKode > projects > QuickTalk Forum > quicktalk/qtf_login.php
<?php



/**

* PHP versions 4 and 5

*

* LICENSE: This source file is subject to version 3.0 of the PHP license

* that is available through the world-wide-web at the following URI:

* http://www.php.net/license.  If you did not receive a copy of

* the PHP License and are unable to obtain it through the web, please

* send a note to hide@address.com so we can mail you a copy immediately.

*

* @package    QuickTalk

* @author     Philippe Vandenberghe <hide@address.com>

* @copyright  2008-2012 The PHP Group

* @version    2.5 build:20100924

*/



session_start();

require_once('bin/qtf_init.php');

include(Translate('qtf_reg.php'));



// INITIALISE



$oVIP->selfurl = 'qtf_login.php';

$oVIP->selfname = $L['Login'];



$strName = '';

if ( isset($_GET['dfltname']) )

{

  $strName=$_GET['dfltname']; if ( get_magic_quotes_gpc() ) $strName = stripslashes($strName);

  $strName=QTconv($strName,'U');

}



// --------

// SUBMITTED for login

// --------



if ( isset($_POST['ok']) )

{

  // CHECK FORM VALUE



  $strName = trim($_POST['title']); if ( get_magic_quotes_gpc() ) $strName = stripslashes($strName);

  $strName = QTconv($strName,'U',false,false);

  if ( !QTislogin($strName) ) $error = $L['Username'].' '.Error(1);



  $strPwd = trim($_POST['pwd']); if ( get_magic_quotes_gpc() ) $strPwd = stripslashes($strPwd);

  $strPwd = QTconv($strPwd,'U',false,false);

  if ( !QTispassword($strPwd) ) $error = $L['Password'].' '.Error(1);



  // EXECUTE



  if ( empty($error) )

  {

    $arrLog = $oVIP->Login($strName,$strPwd,isset($_POST['remember']));



    if ( $oVIP->auth )

    {

      // check registered if children and coppa active (0=Adult, 1=Kid aggreed, 2=Kid not aggreed)

      

      if ( $_SESSION[QT]['register_coppa']=='1' ) {

      if ( isset($arrLog['coppa']) ) {

      if ( $arrLog['coppa']==2 ) {

        $oVIP->auth=false;

        $_SESSION[QT.'_usr_auth']='no';

        $oVIP->exitname = ObjTrans('index','i',$_SESSION[QT]['index_name']);

        $oVIP->EndMessage(NULL,'<h2>'.$L['Welcome'].' '.$strName.'</h2>'.$L['E_access'].'<br/>'.$L['E_coppa_confirm'],$_SESSION[QT]['skin_dir'],0,'350px','login_header','login');

      }}}



      // check banned

      

      if ( $arrLog['closed']>0 )

      {

        // protection against hacking of admin/moderator

        if ( $oVIP->id<2 || $oVIP->IsStaff() || $oVIP->numpost==0 )

        {

        $oDB->Query('UPDATE '.TABUSER.' SET closed="0" WHERE id='.$oVIP->id);

        $oVIP->exiturl = 'qtf_login.php?dfltname='.$strName;

        $oVIP->exitname = $L['Login'];

        $oVIP->EndMessage(NULL,'<p>You were banned...<br/>As you are admin/moderator or a new member (without post), the protection system has re-opened your account.<br/>Re-try login now...</p>',$_SESSION[QT]['skin_dir'],0);

        }

        // normal process

        $intDays = 1;

        if ( $arrLog['closed']==2 ) $intDays = 10;

        if ( $arrLog['closed']==3 ) $intDays = 20;

        if ( $arrLog['closed']==4 ) $intDays = 30;

        $endban = DateAdd(substr($row['lastdate'],0,8),$intDays,'day');



        if ( date('Ymd')>$endban )

        {

          $oDB->Query('UPDATE '.TABUSER.' SET closed="0" WHERE id='.$oVIP->id);

          $oVIP->exiturl = 'qtf_login.php?dfltname='.$strName;

          $oVIP->exitname = $L['Login'];

          $oVIP->EndMessage(NULL,'<p>'.$L['Is_banned_nomore'].'</p>',$_SESSION[QT]['skin_dir'],0,'350px','login_header','login');

        }

        else

        {

          $oVIP->auth=false;

          $_SESSION[QT.'_usr_auth']='no';

          $oVIP->EndMessage(NULL,'<h2>'.$strName.' '.strtolower($L['Is_banned']).'</h2><p>'.Error(10).'</p><p>'.$L['Retry_tomorrow'].'</p>',$_SESSION[QT]['skin_dir'],0,'350px','login_header','login');

        }

      }



      // end message

      

      // upgrade profile

      $oDB->Query('SELECT secret_a FROM '.TABUSER.' WHERE id='.$oVIP->id);

      $row = $oDB->Getrow();

      if ( empty($row['secret_a']) ) 

      {

      $oVIP->exiturl = 'qtf_user_question.php?id='.$oVIP->id;

      $oVIP->exitname = $L['Secret_question'];

      $oVIP->EndMessage(NULL,'<h2>'.$L['Welcome'].' '.$strName.'</h2><br/><p/>'.$L['Update_secret_question'].'</p>',$_SESSION[QT]['skin_dir'],0,'400px','login_header','login');

      }



      $oVIP->exitname = ObjTrans('index','i',$_SESSION[QT]['index_name']);

      $oVIP->EndMessage(NULL,'<h2>'.$L['Welcome'].' '.$strName.'</h2><br/><br/>',$_SESSION[QT]['skin_dir'],2,'350px','login_header','login');

    }

    else

    {

      $error = Error(10);

    }

  }

}



// --------

// SUBMITTED for loggout

// --------



if ( isset($_GET['a']) ) {

if ( $_GET['a']=='out' ) {



  // LOGGING OUT



  $oVIP->Logout();

    

  // REBOOT

    

  GetParam(true);

  

  // check major parameters

  if ( !isset($_SESSION[QT]['skin_dir']) ) $_SESSION[QT]['skin_dir']='skin/default';

  if ( !isset($_SESSION[QT]['language']) ) $_SESSION[QT]['language']='english';

  if ( empty($_SESSION[QT]['skin_dir']) ) $_SESSION[QT]['skin_dir']='skin/default';

  if ( empty($_SESSION[QT]['language']) ) $_SESSION[QT]['language']='english';

  if ( substr($_SESSION[QT]['skin_dir'],0,5)!='skin/' ) $_SESSION[QT]['skin_dir'] = 'skin/'.$_SESSION[QT]['skin_dir'];



  $oVIP->selfurl = 'qtf_login.php?a=out';

  $oVIP->selfname = $L['Logout'];

  $oVIP->exitname = ObjTrans('index','i',$_SESSION[QT]['index_name']);

  $oVIP->EndMessage(NULL,'<p>'.$L['Goodbye'].'</p>', $_SESSION[QT]['skin_dir'],2,'350px','login_header','login');

  

}}



// --------

// HTML START

// --------



include('qtf_p_header.php');



HtmlMsg(0,'350px','login_header',$oVIP->selfname,'login');



if ( !empty($error) ) echo '<span class="error">',$error,'</span>&nbsp;';

echo '<form method="post" action="',Href(),'" onsubmit="return ValidateForm(this);">

<p style="text-align:right"><label for="title">',$L['Username'],'</label>&nbsp;<input type="text" id="title" name="title" size="20" maxlength="24" value="',$strName,'"/>&nbsp;</p>

<p style="text-align:right"><label for="pwd">',$L['Password'],'</label>&nbsp;<input type="password" id="pwd" name="pwd" size="20" maxlength="24"/>&nbsp;</p>

<p style="text-align:right"><input type="checkbox" id="remember" name="remember"/>&nbsp;<label for="remember">',$L['Remember'],'</label>&nbsp;&nbsp;

<input type="submit" name="ok" value="',$L['Ok'],'"/>&nbsp;</p>

<p style="text-align:right"><a class="small" href="',Href('qtf_user_new.php'),'">',$L['Register'],'</a> &middot; <a class="small" href="',Href('qtf_reset_pwd.php'),'?a=id">',$L['Forgotten_pwd'],'</a>&nbsp;</p>

</form>

';

HtmlMsg(1);



// HTML END



$strFooterAddScript = '

<script type="text/javascript">

<!--

document.getElementById("title").focus();

if ( document.getElementById("title").value.length>1 ) { document.getElementById("pwd").focus(); }

function ValidateForm(theForm)

{

  if (theForm.title.value.length==0) { alert(qtHtmldecode("'.$L['Missing'].': '.$L['Username'].'")); return false; }

  if (theForm.pwd.value.length==0) { alert(qtHtmldecode("'.$L['Missing'].': '.$L['Password'].'")); return false; }

  return null;

}

-->

</script>

';



include('qtf_p_footer.php');



?>
Return current item: QuickTalk Forum