archive
/
quote-db
Bevaka 1
Stjärnmärk 0
Förgrening 0
Kod Ärenden 0 Pull-förfrågningar 0 Släpp 0 Wiki Aktiviteter
Quote database webapp
Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.
8 Incheckningar
1 Gren
Gren: master
Grenar Taggar
${ item.name }
Skapa branchen ${ searchTerm }
från 'master'
${ noResults }
quote-db/login.php

login.php 4.4KB
Permalänk Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146 
  1. <?PHP

  2. 

  3.  require_once('inc/database.php');

  4.  require_once('inc/account.php');

  5.  require_once('inc/settings.php');

  6. 

  7. 

  8. 

  9.  if (isset($_POST['openid_url']) || isset($_REQUEST['openid_mode'])) {

  10.   // OpenID login in progress

  11. 

  12.   require_once('openid/processor.php');

  13.  } else if (isset($_SESSION['openid']) && $_SESSION['openid']['validated']) {

  14.   // OpenID login succeeded

  15. 

  16.   $sql  = 'SELECT user_id, user_name, user_standing FROM users WHERE user_name = ';

  17.   $sql .= '\'' . m($_SESSION['openid']['identity']) . '\'';

  18.   $res  = mysql_query($sql);

  19. 

  20.   if (mysql_num_rows($res) == 0) {

  21.    $sql  = 'INSERT INTO users (user_name, user_pass) VALUES (\'' . m($_SESSION['openid']['identity']);

  22.    $sql .= '\', \'openid user\')';

  23.    $res  = mysql_query($sql);

  24. 

  25.    $_SESSION['uid'] = mysql_insert_id();

  26.    $_SESSION['uname'] = $_SESSION['openid']['identity'];

  27.    $_SESSION['standing'] = 0;

  28.   } else {

  29.    $row = mysql_fetch_assoc($res);

  30.  

  31.    $_SESSION['uid'] = $row['user_id'];

  32.    $_SESSION['uname'] = $row['user_name'];

  33.    $_SESSION['standing'] = $row['user_standing'];

  34.   }

  35. 

  36.   unset($_SESSION['openid']);

  37.   if (isset($_POST['remember'])) {

  38.    $row = mysql_fetch_array(mysql_query('SELECT user_hash FROM users WHERE user_id = '.$_SESSION['uid']));

  39.    if (strlen($row[0]) != 32) {

  40.     $row[0] = md5(uniqid($_SESSION['uid']).time());

  41.     mysql_query('UPDATE users SET user_hash = \''.$row[0].'\' WHERE user_id = '.$_SESSION['uid']);

  42.    }

  43.    setcookie('quotedbperm', $row[0], time()+60*24*24*365.24);

  44.   }

  45.   header('Location: '.BASE);

  46.   exit;

  47.  } else if (isset($_SESSION['openid']['error'])) {

  48.   // OpenID login failed

  49. 

  50.   define('MESSAGE', $_SESSION['openid']['error']);

  51.   unset($_SESSION['openid']['error']);

  52.  } else if (isset($_POST['user']) && isset($_POST['pass'])) {

  53.   // Normal login

  54. 

  55.   $sql  = 'SELECT user_id, user_name, user_standing FROM users ';

  56.   $sql .= 'WHERE user_name = \''.m($_POST['user']).'\' AND user_pass = \''.m(md5($_POST['user'].$_POST['pass'])).'\'';

  57.   $res = mysql_query($sql);

  58.   if (mysql_num_rows($res) == 0) {

  59.    define('MESSAGE', 'Login failed. Please check your username and password.');

  60.   } else {

  61.    $row = mysql_fetch_array($res);

  62.    $_SESSION['uid'] = $row['user_id'];

  63.    $_SESSION['uname'] = $row['user_name'];

  64.    $_SESSION['standing'] = $row['user_standing'];

  65.    if (isset($_POST['remember'])) {

  66.     $row = mysql_fetch_array(mysql_query('SELECT user_hash FROM users WHERE user_id = '.$_SESSION['uid']));

  67.     if (strlen($row[0]) != 32) {

  68.      $row[0] = md5(uniqid($row['user_id']).time());

  69.      mysql_query('UPDATE users SET user_hash = \''.$row[0].'\' WHERE user_id = '.$_SESSION['uid']);

  70.     }

  71.     setcookie('quotedbperm', $row[0], time()+60*24*24*365.24);

  72.    }

  73.    header('Location: '.BASE);

  74.    exit;

  75.   }

  76.  }

  77. 

  78.  define('TITLE', 'Login');

  79. 

  80.  require_once('inc/header.php');

  81. 

  82. ?>

  83.  <div class="oneThird right">

  84.   <h2>Why login?</h2>

  85.   <p>

  86.    Because of the public nature of this quotes database (there are no

  87.    moderators or admins, just users), and the way we reward good users

  88.    and punish bad ones (standings), we require that you be logged in in

  89.    order to rate a quote or add a new one.

  90.   </p>

  91.   <p>

  92.    You can still browse quotes without being logged in, but to contribute

  93.    to the site at all you'll have to login.

  94.   </p>

  95.  </div>

  96.  <div>

  97.   <h2>Login</h2>

  98. <?PHP

  99. 

  100.  if (defined('MESSAGE')) {

  101.   echo '<div id="message">'.MESSAGE.'</div>';

  102.  }

  103. 

  104. 

  105. ?>

  106.   <p>

  107.    If you don't have an account, <a href="<?PHP echo BASE; ?>register">

  108.    register one</a> in a few seconds.

  109.   </p>

  110.   <form action="<?PHP echo BASE; ?>login" method="post">

  111.    <table class="form">

  112.     <tr>

  113.      <th>Username</th>

  114.      <td><input type="text" name="user"></td>

  115.     </tr>

  116.     <tr>

  117.      <th>Password</th>

  118.      <td><input type="password" name="pass"></td>

  119.     </tr>

  120.     <tr>

  121.      <th>Remember?</th>

  122.      <td><input type="checkbox" name="remember" style="width: 20px;"> (Requires cookies)</td>

  123.     </tr>

  124.    </table>

  125.    <input type="submit" value="Login">

  126.   </form>

  127.   <p>Alternatively, you can log in using OpenID:</p>

  128.   <form action="<?PHP echo BASE; ?>login" method="post">

  129.    <table class="form">

  130.     <tr><th>Identifier</th>

  131.         <td>

  132.     <input type="text" name="openid_url" id="openid_url" style="background: url('openid/openid.gif') no-repeat; padding-left: 20px;">

  133.     </td></tr>

  134.     <tr>

  135.      <th>Remember?</th>

  136.      <td><input type="checkbox" name="remember" style="width: 20px;"> (Requires cookies)</td>

  137.     </tr>

  138.    </table>

  139.    <input type="submit" value="Login">

  140.   </form>

  141.  </div>

  142. <?PHP

  143. 

  144.  require_once('inc/footer.php');

  145. 

  146. ?>