/**
* http redirect
*
* To make fragments work with all browsers, the fragment has to be provided here *and* in the link or form leading to the redirect.
*
* @param string $target (optional) relative or absolute URI with fragment or only fragment
*/
function redirect($target="") {
if ($target) {
if (!lefteq($target, "/") and !lefteq($target, "http")) {
// make relative paths absolute
$dirname = dirname($_SERVER['PHP_SELF']);
if ($dirname!="/") $dirname .= "/";
if (lefteq($target, "#")) {
$target = $dirname.URI::same(true).$target;
} else {
$target = $dirname.$target;
}
}
} else {
// reload the page to get rid of POST data
$target = $_SERVER['REQUEST_URI'];
}
if (DEBUG) {
// save page infos to show them in the debug output on the next page
if (!isset($_SESSION['redirects'])) $_SESSION['redirects'] = array();
$_SESSION['redirects'][] = array(
'target' => $target,
'BN' => BN,
'REQUEST_URI' => $_SERVER['REQUEST_URI'],
'GET' => $_GET,
'POST' => $_POST
);
}
// save not yet displayed output to display it on the next page
if (isset($_SESSION['output'])) {
$_SESSION['output'] .= ob_get_clean();
} else {
$_SESSION['output'] = ob_get_clean();
}
session_write_close(); // release session lock
header("Location: ".$target);
exit;
}
/**
* check if a username meets the requirements
*
* @param string $username
* @return boolean
*/
public static function check_username($username) {
if (!$username) {
warning(_("Please enter a username!"));
return false;
}
$len = mb_strlen($username);
if ($len < 3) {
warning(_("The username must have at least 3 characters!"));
return false;
}
if ($len > 32) {
warning(_("The username must have not more than 32 characters!"));
return false;
}
if (lefteq($username, "#")) {
warning(_("The username must not begin with the character '#'!"));
return false;
}
$sql = "SELECT COUNT(1) FROM member WHERE username="******"This username is already used by someone else. Please try a different one!"));
return false;
}
return true;
}
$username = trim($_POST['username']);
if (lefteq($username, "#")) {
$scope = "admin";
$sql = "SELECT id, password FROM admin WHERE username="******"member";
$sql = "SELECT id, password FROM member WHERE username="******"Login successful"));
$_SESSION[$scope] = $row['id'];
if (empty($_POST['origin'])) redirect("index.php");
foreach ( array("login.php", "register.php") as $page ) {
if ( lefteq($_POST['origin'], $page) ) redirect("index.php");
}
redirect($_POST['origin']);
}
}
warning(_("Login failed"));
} else {
$username = "";
}
html_head(_("Login"));
form(BN, 'class="login"');
if (!empty($_POST['origin'])) input_hidden("origin", $_POST['origin']);
?>