if ($user->loginID == '') { $errorMessage = _("Invalid login ID. Please try again."); //perform login, if failed issue message } else { if (!$user->processLogin($password)) { $errorMessage = _("Invalid password. Please try again."); $inputLoginID = $loginID; } else { //login succeeded, perform redirect header('Location: ' . $service); } } //user is already logged in } else { if (isset($_SESSION['loginID'])) { if ($user->getOpenSession()) { $message = _("You are already logged in as ") . $loginID . ".<br />" . _("You may log in as another user below,") . " <a href='" . $service . "'>" . _("return") . "</a> " . _("or") . " <a href='?logout'>" . _("logout") . "</a>."; } $inputLoginID = $user->getRememberLogin(); if ($inputLoginID) { $rememberChecked = 'checked'; } //user comes in new } else { $user = new User(); //get login, if set $inputLoginID = $user->getRememberLogin(); if ($inputLoginID) { $rememberChecked = 'checked'; } $message = _("Please enter login credentials to sign in.");
** ** CORAL is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. ** ** CORAL is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. ** ** You should have received a copy of the GNU General Public License along with CORAL. If not, see <http://www.gnu.org/licenses/>. ** ************************************************************************************************************************** */ session_start(); include_once 'directory.php'; if (isset($_SESSION['loginID'])) { $loginID = $_SESSION['loginID']; } $user = new User(new NamedArguments(array('primaryKey' => $loginID))); if ($user->isAdmin && $user->getOpenSession()) { switch ($_GET['action']) { case 'submitUser': $util = new Utility(); //if this is an existing user if (isset($_POST['editLoginID']) && $_POST['editLoginID'] != '') { $sUser = new User(new NamedArguments(array('primaryKey' => $_POST['editLoginID']))); } else { //set up new user $sUser = new User(); $sUser->loginID = $_POST['loginID']; } //only update it if it was sent if (isset($_POST['password']) && $_POST['password'] != '') { $prefix = $util->randomString(45); $sUser->password = $util->hashString('sha512', $prefix . $_POST['password']);
** ** CORAL is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. ** ** CORAL is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. ** ** You should have received a copy of the GNU General Public License along with CORAL. If not, see <http://www.gnu.org/licenses/>. ** ************************************************************************************************************************** */ session_start(); include_once 'directory.php'; if (isset($_SESSION['loginID'])) { $loginID = $_SESSION['loginID']; $user = new User(new NamedArguments(array('primaryKey' => $loginID))); } if (isset($user) && $user->isAdmin && $user->getOpenSession()) { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>CORAL Authentication</title> <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <link rel="stylesheet" href="css/thickbox.css" type="text/css" media="screen" /> <link rel="SHORTCUT ICON" href="images/clownfishfavicon.ico" /> <script type="text/javascript" src="js/plugins/jquery.js"></script> <script type="text/javascript" src="js/plugins/thickbox.js"></script> <script type="text/javascript" src="js/common.js"></script>