Location: PHPKode > projects > QuickTicket > quickticket/quickticket/qti_usr_login.php
<?php

/*
 * PHP versions 4 and 5
 *
 * LICENSE: This source file is subject to version 3.0 of the PHP license
 * that is available through the world-wide-web at the following URI:
 * http://www.php.net/license. If you did not receive a copy of
 * the PHP License and are unable to obtain it through the web, please
 * send a note to hide@address.com so we can mail you a copy immediately.
 *
 * @category   Troubleticket
 * @package    QuickTicket
 * @author     Philippe Vandenberghe <hide@address.com>
 * @copyright  2008-2012 The PHP Group
 * @license    http://www.php.net/license  PHP License 3.0
 * @version    1.9.0.3 build:20081001
 * @link       http://www.qt-cute.org/doc/package/qti
 * @since      File available since Release 1.0.0
 * @deprecated File deprecated in Release 2.0.0
 *
 */

session_start();
require_once('bin/qti_init.php');

// INITIALISE

include($_SESSION[QT]['language'].'/qti_lang_reg.inc');

$oVIP->selfurl = 'qti_usr_login.php';
$oVIP->selfname = $L['Login'];

$strName = '';
if ( isset($_GET['dfltname']) )
{
  $strName=$_GET['dfltname']; if ( get_magic_quotes_gpc() ) $strName = stripslashes($strName);
  $strName=QTconv($strName,'U');
}

// --------
// SUBMITTED for login
// --------

if ( isset($_POST['ok']) )
{
  // CHECK FORM VALUE

  $strName = $_POST['title']; if ( get_magic_quotes_gpc() ) $strName = stripslashes($strName);
  $strName = QTconv($strName,'U');
  if ( !QTislogin($strName) ) $qti_error = $L['Username'].S.$L['E_invalid'];

  $strPwd = $_POST['pwd']; if ( get_magic_quotes_gpc() ) $strPwd = stripslashes($strPwd);
  $strPwd = QTconv($strPwd,'U');
  if ( !QTispassword($strPwd) ) $qti_error = $L['Password'].S.$L['E_invalid'];

  // EXECUTE

  if ( empty($qti_error) )
  {

    $arrLog = $oVIP->Login($strName,$strPwd,isset($_POST['remember']));

    if ( $oVIP->auth )
    {
      // check registered if children and coppa active (0=Adult, 1=Kid aggreed, 2=Kid not aggreed)
      if ( QTI_USE_COPPA ) {
      if ( isset($arrLog['coppa']) ) {
      if ( $arrLog['coppa']==2 ) {
        $oVIP->auth=false;
        $_SESSION[QT.'_usr_auth']='no';
        $oVIP->exitname = ObjectName('index','i',$_SESSION[QT]['index_name']);
        $oVIP->EndMessage(NULL,'<h2>'.$L['Welcome'].' '.$strName.'</h2>'.$L['E_access'].'<br/>'.$L['E_coppa_confirm'],$_SESSION[QT]['skin_dir'],0,'350px','login_header','login');
      }}}

      // check banned
      if ( $arrLog['closed']>0 )
      {
        // protection against hacking of admin/moderator
        if ( $oVIP->id<2 || $oVIP->role=='A' || $oVIP->role=='M' || $oVIP->numpost==0 )
        {
        $oDB->Query('UPDATE '.TABUSER.' SET closed="0" WHERE id='.$oVIP->id);
        $oVIP->exiturl = 'qti_usr_login.php?dfltname='.$strName;
        $oVIP->exitname = $L['Login'];
        $oVIP->EndMessage(NULL,'<p>You were banned...<br/>As you are admin/moderator or a new member (without post), the protection system has re-opened your account.<br/>Re-try login now...</p>',$_SESSION[QT]['skin_dir'],0);
        }
        // normal process
        $intDays = 1;
        if ( $arrLog['closed']==2 ) $intDays = 10;
        if ( $arrLog['closed']==3 ) $intDays = 20;
        if ( $arrLog['closed']==4 ) $intDays = 30;
        $oDB->Query( 'SELECT lastdate FROM '.TABUSER.' WHERE id='.$oVIP->id);
        $row = $oDB->Getrow();
        if ( $row['lastdate']=='0' ) $row['lastdate']='20000101';
        $endban = DateAdd($row['lastdate'],$intDays,'day');
        if ( date('Ymd')>$endban )
        {
          $oDB->Query('UPDATE '.TABUSER.' SET closed="0" WHERE id='.$oVIP->id);
          $oVIP->exiturl = 'qti_usr_login.php?dfltname='.$strName;
          $oVIP->exitname = $L['Login'];
          $oVIP->EndMessage(NULL,'<p>'.$L['Is_banned_nomore'].'</p>',$_SESSION[QT]['skin_dir'],0,'350px','login_header','login');
        }
        else
        {
          $oVIP->auth=false;
          $_SESSION[QT.'_usr_auth']='no';
          $oVIP->EndMessage(NULL,"<h2>$strName ".strtolower($L['Is_banned'])."</h2><p>{$L['E_access']}</p><p>{$L['Retry_tomorrow']}</p>",$_SESSION[QT]['skin_dir'],0,'350px','login_header','login');
        }
      }

      // end message
      $oVIP->exitname = ObjectName('index','i',$_SESSION[QT]['index_name']);
      $oVIP->EndMessage(NULL,'<h2>'.$L['Welcome'].' '.$strName.'</h2><br/><br/>',$_SESSION[QT]['skin_dir'],2,'350px','login_header','login');
    }
    else
    {
      $qti_error = $L['E_access'];
    }

  }

}

// --------
// SUBMITTED for loggout
// --------

if ( isset($_GET['a']) ) {
if ( $_GET['a']=='out' ) {

  // LOGGING OUT

  $oVIP->Logout();

  // REBOOT

  GetParam(true);

  // check major parameters
  if ( !isset($_SESSION[QT]['skin_dir']) ) $_SESSION[QT]['skin_dir']='skin/default';
  if ( !isset($_SESSION[QT]['language']) ) $_SESSION[QT]['language']='language/english';
  if ( !isset($_SESSION[QT]['lang_iso']) ) $_SESSION[QT]['lang_iso']='en';
  if ( empty($_SESSION[QT]['skin_dir']) ) $_SESSION[QT]['skin_dir']='skin/default';
  if ( empty($_SESSION[QT]['language']) ) $_SESSION[QT]['language']='language/english';
  if ( empty($_SESSION[QT]['lang_iso']) ) $_SESSION[QT]['lang_iso']='en';
  if ( substr($_SESSION[QT]['skin_dir'],0,5)!='skin/' ) $_SESSION[QT]['skin_dir'] = 'skin/'.$_SESSION[QT]['skin_dir'];
  if ( substr($_SESSION[QT]['language'],0,9)!='language/' ) $_SESSION[QT]['language'] = 'language/'.$_SESSION[QT]['language'];

  $oVIP->selfurl = 'qti_usr_login.php?a=out';
  $oVIP->selfname = $L['Logout'];
  $oVIP->exitname = ObjectName('index','i',$_SESSION[QT]['index_name']);
  $oVIP->EndMessage(NULL,'<p>'.$L['Goodbye'].'</p>', $_SESSION[QT]['skin_dir'],2,'350px','login_header','login');

}}

// --------
// HTML START
// --------

include('qti_p_header.php');

echo '
<script type="text/javascript">
<!--
function ValidateForm(theForm)
{
  if (theForm.title.value.length==0) { alert(html_entity_decode("',$L['E_mandatory'],': ',$L['Username'],'")); return false; }
  if (theForm.pwd.value.length==0) { alert(html_entity_decode("',$L['E_mandatory'],': ',$L['Password'],'")); return false; }
  return null;
}
-->
</script>
';

HtmlMsg(0,'350px','login_header',$oVIP->selfname,'login');

if ( !empty($qti_error) ) echo '<span class="error">',$qti_error,'</span>&nbsp;';
echo '<form method="post" action="',$oVIP->selfurl,'" onsubmit="return ValidateForm(this);">
<p style="text-align:right"><label for="title">',$L['Username'],'</label>&nbsp;<input type="text" id="title" name="title" size="20" maxlength="24" value="',$strName,'"/>&nbsp;</p>
<p style="text-align:right"><label for="pwd">',$L['Password'],'</label>&nbsp;<input type="password" id="pwd" name="pwd" size="20" maxlength="24" onKeyUp="handle_keypress(event,\'ok\')"/>&nbsp;</p>
<p style="text-align:right"><input type="checkbox" id="remember" name="remember"/>&nbsp;<label for="remember">',$L['Remember'],'</label>&nbsp;&nbsp;
<input type="submit" id="ok" name="ok" value="',$L['Ok'],'"/>&nbsp;</p>
<p style="text-align:right"><a class="small" href="qti_usr_new.php">',$L['Register'],'</a> &middot; <a class="small" href="qti_usr_pwd_for.php">',$L['Forgotten_pwd'],'</a>&nbsp;</p>
</form>';

HtmlMsg(1);

// HTML END

$strFooterAddScript = 'document.getElementById("title").focus();
if ( document.getElementById("title").value.length>1 ) { document.getElementById("pwd").focus(); }';

include('qti_p_footer.php');

?>
Return current item: QuickTicket