Ejemplo n.º 1
0
<?php

// If account already login, sending him to index page
if (isset($_SESSION['admin'])) {
    header('location: Jobs');
    die;
}
require 'classes/class_login.php';
$login = new login();
// If there are query to login
if (isset($_POST['login_submit'])) {
    // If user didnt write his login or password, script write an error
    if (!isset($_POST['login']) || !isset($_POST['password']) || empty($_POST['login']) || empty($_POST['password'])) {
        $login->error = 1;
    } else {
        $login->auth($_POST['login'], $_POST['password']);
    }
    // On success sending user to index page
    if ($login->success) {
        header('location: Jobs');
    }
}
require 'design/design_login.php';
include $__base_inc_dir . "gp/class_session.inc.php";
include $__base_inc_dir . "gp/class_master_auth.inc.php";
include $__base_inc_dir . "gp/class_anon_auth.inc.php";
/* SESSION HANDLING */
$auth_conf = array("ses_name" => "SR-SES", "expire" => "7200", "fid" => "0", "cookies" => true);
// mop: typ 3 für admin session
$ses_conf = array("type" => "1");
$auth = new anon_auth($db, $auth_conf, $ses_conf);
if ($_GET["logout"] == 1 && $auth->ses->validate()) {
    $auth->close_session();
}
if (!$auth->ses->validate()) {
    if (!$auth->auth()) {
        print "INTERNAL ERROR!";
        $db->execute("########## SESSION ERROR ##### " . $db->errstr());
        die;
    }
}
$GLOBALS["ses"] =& $auth->session();
// mop: logindaten....wrong_logins verhindert bruteforce attacken
if ($GLOBALS["ses"]->get_uid() == 0 && isset($_POST["__portal_user"]) && isset($_POST["__portal_pass"]) && $GLOBALS["ses"]->get_var("wrong_logins") < 10) {
    include "class_login.inc.php";
    $login = new login($db, $auth_conf, $GLOBALS["ses"]);
    if (!($uid = $login->auth($_POST["__portal_user"], $_POST["__portal_pass"], $ses->get_var("wrong_logins")))) {
        $wrong_logins = $ses->get_var("wrong_logins");
        $GLOBALS["ses"]->reg("wrong_logins", $wrong_logins++);
    } else {
        $GLOBALS["ses"]->update_uid($uid);
    }
}
/* ENDE */