Location: PHPKode > projects > TVEz - Media Library > tvez-0.2.1/html/stuff/login.php
<?php

# ------------------------------------------------------------------------------
#
# This file contains the user login and php session functionality
#
# ------------------------------------------------------------------------------
#
# Copyright (C) 2003 Christian Eheim and Alex Pachikov
#                                                                               
# This file is part of TVEz (tvez.sourceforge.net).
#                                                                               
# TVEz is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#                                                                               
# TVEz is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#                                                                               
# You should have received a copy of the GNU General Public License
# along with TVEz; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#                                                                               
# ------------------------------------------------------------------------------
#
# Created on 02/12/2003 by Christian Eheim (hide@address.com)
#
# LAST MODIFIED:
# $Date: 2004/01/11 23:20:55 $
# $Revision: 1.1.1.1 $
# $Author: eheim $
#
# ------------------------------------------------------------------------------

# ------------------------------------------------------------------------------
# If we are trying to log in, check the user and passwd
# If the login is valid, start the session and set the user
# ------------------------------------------------------------------------------
if ($_REQUEST['action'] == "login") {

	require_once "passwd.inc";
	$passwd_file = ".htpasswd";

	$user = (isset($_REQUEST['user'])) ? $_REQUEST['user'] : '';
	$passwd = (isset($_REQUEST['passwd'])) ? $_REQUEST['passwd'] : '';

	// Find the user and password in the password file
	$this_pwd = get_passwd($passwd_file,$user);
	
	// Check the password
	if ($this_pwd == '') {
		$message = urlencode("User '$user' was not found.");
		header("Location: ".$_SERVER['PHP_SELF']."?message=$message");
		exit;
	}
	else {
		if ( (crypt($passwd, $this_pwd)) == $this_pwd ) {
			session_start();
			// Depricated
			// session_register('user');
			// use $_SESSION[''] instead
#			header("Location: index.php");
			# DO I NEED TO KEEP TRACK OF THE SID???
			#$sid_value = strip_tags(SID);
			#echo "SID: ".strip_tags(SID)."<br>";
			#header("Location: passwd.php?$sid_value");
			exit;
		}
		else {
			$message = urlencode("The password for user '$user' is invalid.");
			header("Location: ".$_SERVER['PHP_SELF']."?message=$message");
			exit;
		}
	}

}

# ------------------------------------------------------------------------------
# If we are login out, destroy the session and redirect to the login page
# ------------------------------------------------------------------------------
elseif ($_REQUEST['action'] == "logout") {
	session_start();
	#$user = $_SESSION['user'];
	# Free all session variables
#	session_unset();
	unset($_SESSION['user']);
	# Destroy the session
	session_destroy();

	#$message = urlencode("User '".$user."' has been logged out.");
	header("Location: index.php");
	exit;
}

# ------------------------------------------------------------------------------
# Otherwise, display the login screen
# ------------------------------------------------------------------------------
				#<input type=submit onclick='javascript:return window.close();main.document.location=ss.html' value=\"Log in\">
else {
	echo "
<html>
	<head>
	<title>TVEZ Login</title>
	</head>
	<body bgcolor=ddeeff>
		<br><br>
		<center>
	";

	if (isset($_GET['message'])) {
		# urldecode($_GET['message'])????
		$mess = preg_replace("/\\\'/","'",$_GET['message']);
		echo "<b><font color=red>".$mess."</font></b><br><br>";
	}
	echo "

		<form name=login action=".$_SERVER['PHP_SELF']." method=post>

		<table border=2 bgcolor=dddddd cellspacing=0 cellpadding=0 width=220>
		<tr>
			<td height=40 colspan=2 align=center bgcolor=005588>
		<font color=ffffff face=arial size=+1>TVEZ Login</font>
			</td>
		</tr>

		<tr>
			<td>
				<table border=0 width=100% valign=middle cellpadding=2>
				<tr> <td width=50%>
				&nbsp;&nbsp;Username:
				</td> <td>
				<input type=text size=10 maxsize=20 name=user>
				<script language=javascript>
				<!--
					onload=document.login.user.value='user';document.login.user.focus();
				-->
				</script>
				</td> </tr>
				<tr> <td width=50%>
				&nbsp;&nbsp;Password:
				</td> <td>
				<input type=password size=10 maxsize=20 name=passwd>
				</td> </tr>
				<tr> <td colspan=2 align=center>
				<br>
				<input type=hidden name=action value=login>
				<input type=submit onclick='javascript:this.form.submit();opener.parent.main.location.href=\"index.php\";window.close()' value=\"Log in\">
				</table>
			</td>
		</tr>
		</table>

		</form>

		</center>
	</body>
</html>
	";
}
					#onload={document.login.user.focus();document.login.user.value='user'}

?>


Return current item: TVEz - Media Library