function LoginForm()
{
global $command, $admlogin, $admpassword;
htmlProlog($_SERVER['PHP_SELF'], "Administration", false);
?>
<form method="post" action="<?php
echo basename($_SERVER['PHP_SELF']);
?>
" name=loginform>
<table frame=void rules=none WIDTH="300">
<tr>
<td align="left"> login: </td>
<td align="left"> <input type="text" name="admlogin" maxlength=16 size=16> </td>
<tr>
<td align="left"> password: </td>
<td align="left"> <input type="password" name="admpassword" maxlength=16 size=16> </td>
<tr>
<td align="left"> </td>
<td align="left"> </td>
<tr>
<td align="left"> </td>
<td align="left"> <input type=submit value="login" name="cmdlogin"> </td>
<td align="left"> <input type=hidden name="command" value="login"> </td>
</table>
</form>
<script type="text/javascript">
<!--
if (document.loginform)
{
document.loginform.login.focus();
}
// -->
</script>
<?php
$admlogin = '';
$admpassword = '';
htmlEpilog();
}
echo "<td>" . $parse["UserName"] . "</td>";
echo "<td><a href='index.php?select_view=DefaultPlayer&filter_shard={$res_shard}&filter_entity=" . $parse["EId"] . "'>" . $parse["EId"] . "</a></td>";
echo "<td>" . $parse["EntityName"] . "</td>";
echo "<td>" . $parse["EntitySlot"] . "</td>";
echo "<td>" . $parse["State"] . "</td>";
echo "<td>";
if (isset($parse["SaveFile"])) {
echo "<a href='backup_interface.php?charid=" . $parse["EId"] . "&file=" . $parse["SaveFile"] . "'>Load/Save sheet</a>";
}
echo "</td>";
echo "</tr>\n";
++$num_player;
}
echo "</table>\n";
}
echo "<script><!--\n";
echo "var num_player = {$num_player};\n";
echo "//--></script>\n";
echo "<form name='select_player_form' method=post action='index.php?select_view=DefaultPlayer'>\n";
echo "<input type=submit name='from_player_locator' value='Select Players'>\n";
echo "<input id='filter_entity_hidden' type=hidden name=filter_entity value=''>\n";
echo "<input id='active_player_hidden' type=hidden name=active_player value=''>\n";
echo "</form>\n";
}
echo "</td>\n";
echo "</tr></table>\n";
echo "<script type='text/javascript'><!--\n";
echo "if (document.cmdform) { document.cmdform.execCommand.focus(); }\n";
echo "// --></script>\n";
htmlEpilog();
}
echo "<center>\n";
echo "<form method=post action='" . $_SERVER['PHP_SELF'] . "'>\n";
echo "<textarea name=help_body rows=10 cols=70>{$help_body}</textarea><br>\n";
echo "<input type=submit name='update' value='Update'>\n";
echo "<input type=submit value='Cancel'>\n";
echo "<input type=hidden name=file value='{$file}'>\n";
echo "<input type=hidden name=topic value='{$topic}'>\n";
echo "</form>\n";
echo "</center>\n";
$view = false;
} else {
if ($update) {
mysql_query("DELETE FROM help_topic WHERE file='{$file}' AND topic='{$topic}'");
mysql_query("INSERT INTO help_topic SET file='{$file}', topic='{$topic}', help_body='{$help_body}'");
}
}
if ($view) {
$result = mysql_query("SELECT help_body FROM help_topic WHERE file='{$file}' AND topic='{$topic}'");
if ($result && ($body = mysql_fetch_array($result))) {
echo "<b>Help for '{$file}/{$topic}':</b><br>\n";
echo "<a href='" . $_SERVER['PHP_SELF'] . "?edit=1&file={$file}&topic={$topic}'>Edit Help</a><br><hr>\n";
echo "<p align=justify>" . ereg_replace("{([^}]+)}", "<a href='" . $_SERVER['PHP_SELF'] . "?file=common&topic=\\1'>\\1</a>", nl2br($body["help_body"])) . "<br>\n";
} else {
echo "<b>No help found for '{$file}/{$topic}'.</b><br>\n";
echo "If you want to create an <b>Help note</b> for this topic, <a href='" . $_SERVER['PHP_SELF'] . "?edit=1&file={$file}&topic={$topic}'>click here</a>.\n";
}
}
}
htmlEpilog(false);
function auth(&$error)
{
global $command, $sessionAuth, $admcookielogin, $admcookiepassword, $sessionAuth;
global $admlogin, $admpassword, $uid, $gid, $useCookie, $group, $HTTP_POST_VARS;
unset($error);
switch ($HTTP_POST_VARS["command"]) {
case "logout":
addToLog("Logout!");
$uid = $sessionAuth["uid"];
logUser($uid, "LOGOUT");
//session_unregister("sessionAuth");
unset($_SESSION["sessionAuth"]);
session_destroy();
// erases cookies
eraseCookies();
unset($admlogin);
unset($admpassword);
unset($admcookielogin);
unset($admcookiepassword);
unset($uid);
htmlProlog($_SERVER['PHP_SELF'], "Logout", false);
echo "<center>\n";
echo "You are not logged any more<br>\n";
echo "Click <a href='index.php'>here</a> to login<br>\n";
echo "</center>\n";
htmlEpilog();
die;
break;
case "chPassword":
addToLog("Change pass!");
global $chOldPass, $chNewPass, $chConfirmNewPass;
if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) {
$error = "Invalid login '{$admlogin}'";
eraseCookies();
return 0;
}
if (crypt($chOldPass, "NL") == $admpassword && $chNewPass == $chConfirmNewPass) {
sqlquery("UPDATE user SET password='******' WHERE uid='{$uid}'");
$admpassword = $chNewPass;
addToLog("Changed password to '{$chNewPass}':'" . crypt($chNewPass, "NL") . "'");
//session_unregister("sessionAuth");
unset($_SESSION["sessionAuth"]);
session_destroy();
}
case "login":
$admpassword = crypt($admpassword, "NL");
addToLog("Login! -- admlogin='******', admpassword='******'");
if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) {
$error = "Invalid login '{$admlogin}'";
print $error;
eraseCookies();
return 0;
}
$sessionAuth = array("admlogin" => $admlogin, "admpassword" => $admpassword, "uid" => $uid);
//session_register("sessionAuth");
$_SESSION["sessionAuth"] = $sessionAuth;
if ($useCookie) {
setupCookies($admlogin, $admpassword);
}
logUser($uid, "LOGIN");
return 1;
break;
default:
if (!isset($sessionAuth) || $sessionAuth["admlogin"] == "") {
print "no sessionauth or admlogin is blank";
if (!isset($admcookielogin)) {
addToLog("cookie not set");
return false;
} else {
$admlogin = $admcookielogin;
$admpassword = $admcookiepassword;
}
} else {
$admlogin = $sessionAuth["admlogin"];
$admpassword = $sessionAuth["admpassword"];
$uid = $sessionAuth["uid"];
}
if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) {
if (!$uid) {
$error = "Invalid login '{$admlogin}'";
eraseCookies();
return false;
}
}
$sessionAuth = array("admlogin" => $admlogin, "admpassword" => $admpassword, "uid" => $uid);
//session_register("sessionAuth");
$_SESSION["sessionAuth"] = $sessionAuth;
if ($useCookie) {
setupCookies($admlogin, $admpassword);
} else {
eraseCookies();
}
//logUser($uid, "BROWSE");
return 1;
break;
}
}
