*/ /** * setup */ require_once 'fns.php'; session_start(); ace_validate_session(_USER_SECURITY_LEVEL_); ace_session_redirect_form_refresh(_CONSOLE_URL_ . (isset($_SESSION['current_lab_id']) ? '?lab_id=' . $_SESSION['current_lab_id'] : '')); $nonce = rand(); if (isset($_POST['lab_id']) && $_POST['lab_id'] != 'null') { $lab_id = $_POST['lab_id']; $_SESSION['current_lab_id'] = $lab_id; } else { $lab_id = NULL; $_SESSION['current_lab_id'] = NULL; ace_out_redirect_page(_LAB_URL_); } # BEGIN COMMAND PROCESSING switch ($_POST['action']) { case 'vm_power_on': if (isset($_POST['vm_id'])) { $vm_display_name = ace_vm_get_display_name_by_id($_POST['vm_id']); $success = ace_vm_activate($_POST['vm_id']); $message = create_message($success, "starting {$vm_display_name}"); } else { $message = create_message(FALSE, "starting vm, no vm_id specified"); } break; case 'vm_power_off': if (isset($_POST['vm_id'])) { $vm_display_name = ace_vm_get_display_name_by_id($_POST['vm_id']);
* @author Michael White-Webster * @version 0.7.4 * @access private */ require_once 'fns.php'; session_start(); $_SESSION = array(); if (isset($_POST['username'])) { $username = $_POST['username']; $password = $_POST['password']; if (ace_authenticate_user($username, $password)) { $url = ace_session_get_home_page(); } else { $url = _LOGIN_URL_; } ace_out_redirect_page($url); } ?> <!doctype html> <html> <head profile="http://www.w3.org/2005/10/profile"> <title>ACEITLab - Login</title> <meta name="description" content="ACEITLab is an Open Source online virtual lab environment for networking students. Login to begin creating your virtual labs."/> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" type="text/css" href="css/rudi.css" /> <link rel="icon" type="image/png" href="icon/favicon-32x32.png"/> </head> <body> <div id="page" class="page"> <div id="section_header" class="section" style="height: 45px;"> <div class="header_left">
/** * prevents the same form being submitted twice * * uses the nonce value in the _POST data to verify if the form has been re-submitted * resubmitted forms are rejected and the page is redirected to a safe url * * @param string $safe_url url of a safe redirection * * @return null nothing to return */ function ace_session_redirect_form_refresh($safe_url) { if (isset($_POST['nonce'])) { if ($_POST['nonce'] == $_SESSION['nonce']) { # redirect page without nonce ace_out_redirect_page($safe_url); } else { # store the nonce $_SESSION['nonce'] = $_POST['nonce']; } } return NULL; }