123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146 |
- <?PHP
-
- require_once('inc/database.php');
- require_once('inc/account.php');
- require_once('inc/settings.php');
-
-
-
- if (isset($_POST['openid_url']) || isset($_REQUEST['openid_mode'])) {
- // OpenID login in progress
-
- require_once('openid/processor.php');
- } else if (isset($_SESSION['openid']) && $_SESSION['openid']['validated']) {
- // OpenID login succeeded
-
- $sql = 'SELECT user_id, user_name, user_standing FROM users WHERE user_name = ';
- $sql .= '\'' . m($_SESSION['openid']['identity']) . '\'';
- $res = mysql_query($sql);
-
- if (mysql_num_rows($res) == 0) {
- $sql = 'INSERT INTO users (user_name, user_pass) VALUES (\'' . m($_SESSION['openid']['identity']);
- $sql .= '\', \'openid user\')';
- $res = mysql_query($sql);
-
- $_SESSION['uid'] = mysql_insert_id();
- $_SESSION['uname'] = $_SESSION['openid']['identity'];
- $_SESSION['standing'] = 0;
- } else {
- $row = mysql_fetch_assoc($res);
-
- $_SESSION['uid'] = $row['user_id'];
- $_SESSION['uname'] = $row['user_name'];
- $_SESSION['standing'] = $row['user_standing'];
- }
-
- unset($_SESSION['openid']);
- if (isset($_POST['remember'])) {
- $row = mysql_fetch_array(mysql_query('SELECT user_hash FROM users WHERE user_id = '.$_SESSION['uid']));
- if (strlen($row[0]) != 32) {
- $row[0] = md5(uniqid($_SESSION['uid']).time());
- mysql_query('UPDATE users SET user_hash = \''.$row[0].'\' WHERE user_id = '.$_SESSION['uid']);
- }
- setcookie('quotedbperm', $row[0], time()+60*24*24*365.24);
- }
- header('Location: '.BASE);
- exit;
- } else if (isset($_SESSION['openid']['error'])) {
- // OpenID login failed
-
- define('MESSAGE', $_SESSION['openid']['error']);
- unset($_SESSION['openid']['error']);
- } else if (isset($_POST['user']) && isset($_POST['pass'])) {
- // Normal login
-
- $sql = 'SELECT user_id, user_name, user_standing FROM users ';
- $sql .= 'WHERE user_name = \''.m($_POST['user']).'\' AND user_pass = \''.m(md5($_POST['user'].$_POST['pass'])).'\'';
- $res = mysql_query($sql);
- if (mysql_num_rows($res) == 0) {
- define('MESSAGE', 'Login failed. Please check your username and password.');
- } else {
- $row = mysql_fetch_array($res);
- $_SESSION['uid'] = $row['user_id'];
- $_SESSION['uname'] = $row['user_name'];
- $_SESSION['standing'] = $row['user_standing'];
- if (isset($_POST['remember'])) {
- $row = mysql_fetch_array(mysql_query('SELECT user_hash FROM users WHERE user_id = '.$_SESSION['uid']));
- if (strlen($row[0]) != 32) {
- $row[0] = md5(uniqid($row['user_id']).time());
- mysql_query('UPDATE users SET user_hash = \''.$row[0].'\' WHERE user_id = '.$_SESSION['uid']);
- }
- setcookie('quotedbperm', $row[0], time()+60*24*24*365.24);
- }
- header('Location: '.BASE);
- exit;
- }
- }
-
- define('TITLE', 'Login');
-
- require_once('inc/header.php');
-
- ?>
- <div class="oneThird right">
- <h2>Why login?</h2>
- <p>
- Because of the public nature of this quotes database (there are no
- moderators or admins, just users), and the way we reward good users
- and punish bad ones (standings), we require that you be logged in in
- order to rate a quote or add a new one.
- </p>
- <p>
- You can still browse quotes without being logged in, but to contribute
- to the site at all you'll have to login.
- </p>
- </div>
- <div>
- <h2>Login</h2>
- <?PHP
-
- if (defined('MESSAGE')) {
- echo '<div id="message">'.MESSAGE.'</div>';
- }
-
-
- ?>
- <p>
- If you don't have an account, <a href="<?PHP echo BASE; ?>register">
- register one</a> in a few seconds.
- </p>
- <form action="<?PHP echo BASE; ?>login" method="post">
- <table class="form">
- <tr>
- <th>Username</th>
- <td><input type="text" name="user"></td>
- </tr>
- <tr>
- <th>Password</th>
- <td><input type="password" name="pass"></td>
- </tr>
- <tr>
- <th>Remember?</th>
- <td><input type="checkbox" name="remember" style="width: 20px;"> (Requires cookies)</td>
- </tr>
- </table>
- <input type="submit" value="Login">
- </form>
- <p>Alternatively, you can log in using OpenID:</p>
- <form action="<?PHP echo BASE; ?>login" method="post">
- <table class="form">
- <tr><th>Identifier</th>
- <td>
- <input type="text" name="openid_url" id="openid_url" style="background: url('openid/openid.gif') no-repeat; padding-left: 20px;">
- </td></tr>
- <tr>
- <th>Remember?</th>
- <td><input type="checkbox" name="remember" style="width: 20px;"> (Requires cookies)</td>
- </tr>
- </table>
- <input type="submit" value="Login">
- </form>
- </div>
- <?PHP
-
- require_once('inc/footer.php');
-
- ?>
|