verify_login PHP Code Examples

Example #1

0

Show file

File: changepassword.php Project: BackupTheBerlios/otmp

function validate_form(&$frm, &$errors, $session)
{
    /* validate the signup form, and return the error messages in a string.  if
     * the string is empty, then there are no errors */
    $errors = new Object();
    $msg = "";
    $tmp = verify_login($session['username'], $frm["oldpassword"]);
    if (empty($frm["oldpassword"])) {
        $errors->oldpassword = true;
        $msg .= "<li>Sie m&uuml;ssen Ihr altes Passwort eingeben";
    } elseif (!$tmp) {
        $errors->oldpassword = true;
        $msg .= "<li>Ihr altes Passwort ist nicht richtig";
    }
    if (empty($frm["password"])) {
        $errors->password = true;
        $msg .= "<li>Sie haben kein neues Passwort angegeben";
    } elseif (empty($frm["password_check"])) {
        $errors->password_check = true;
        $msg .= "<li>Sie haben vergessen, Ihr neues Passwort zu wiederholen";
    } elseif ($frm["password"] != $frm["password_check"]) {
        $errors->password_check = true;
        $errors->password = true;
        $msg .= "<li>Die Neuen Passw&ouml;rter stimmen nicht &uuml;berein";
    }
    return $msg;
}

Example #2

0

Show file

File: search_experiments.php Project: nipunhere/PHP-Reference-Gateway

<?php

session_start();
include 'utilities.php';
use Airavata\Model\Workspace\Experiment\ExperimentState;
use Airavata\API\Error\InvalidRequestException;
use Airavata\API\Error\AiravataClientException;
use Airavata\API\Error\AiravataSystemException;
use Airavata\API\Error\ExperimentNotFoundException;
use Thrift\Exception\TTransportException;
create_http_header();
connect_to_id_store();
verify_login();
$airavataclient = get_airavata_client();
?>

<html>

<?php 
create_html_head();
?>

<body>

<?php 
create_nav_bar();
?>
    
<div class="container" style="max-width: 750px;">
<h1>Search for Experiments</h1>

Example #3

0

Show file

File: login.php Project: soukaina99/GameForKing

<?php

header('Content-Type: text/xml');
include 'login_functions.php';
echo '<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>';
echo '<Errors>';
$connection = connectDB();
$login = $_POST['login'];
$v_log = verify_login($connection, $login);
echo '<errorLogin>';
if ($v_log === 1) {
    echo 'images/yes1.png';
} else {
    echo 'images/no1.png';
}
echo '</errorLogin>';
echo '<errorPassword>';
if (isset($_POST['password'])) {
    $password = $_POST['password'];
    $login = $_POST['login2'];
    if (verify_password($connection, $login, $password) === 1) {
        echo 'images/yes1.png';
    } else {
        echo 'images/no1.png';
    }
}
echo '</errorPassword>';
echo '</Errors>';

Example #4

0

Show file

File: login.php Project: BackupTheBerlios/otmp

<?php

/*
 * $Source: /home/xubuntu/berlios_backup/github/tmp-cvs/otmp/Repository/Release1/user/login.php,v $
 * $Revision: 1.5 $
 * $Id: login.php,v 1.5 2001/12/15 17:33:18 hifix Exp $
 */
include "../application.php";
$DOC_TITLE = "Login";
if (isset($HTTP_POST_VARS) && $REQUEST_METHOD == "POST") {
    $frm = $HTTP_POST_VARS;
    /* form has been submitted, check if it the user login information is correct */
    if (isset($frm['login'])) {
        $user = verify_login($frm["username"], $frm["password"]);
        /* set all user's sessionvariables */
        if ($user) {
            unset($session);
            $session['username'] = $user['Name'];
            $session['userid'] = $user['usrID'];
            $session['adminlevel'] = $user['AdminLevel'];
            $session['translator'] = $user['Translator'];
            /* if wantsurl is set, that means we came from a page that required
             * log in, so let's go back there.  otherwise go back to the main page */
            $goto = empty($session["wantsurl"]) ? "{$CFG->wwwroot}/main.php" : $session["wantsurl"];
            header("Location: {$goto}");
            die;
        } else {
            $errormsg = "Invalid login, please try again";
        }
        // endif user
    }

Example #5

0

Show file

File: common_funcs.php Project: jeroenrnl/php-syslog-ng

function login($forms)
{
    $error = "";
    $username = $forms["username"];
    $password = $forms["password"];
    if (!$password) {
        $password = "******";
    }
    // die("$password");
    if ($forms["authtype"] == "ldap") {
        //define an appropriate ldap search filter to find your users, and filter out accounts such as administrator(administrator should be renamed anyway!).
        $filter = "(&(|(!(displayname=Administrator*))(!(displayname=Admin*)))(" . LDAP_CN . "={$username}))";
        $dn = LDAP_CN . "={$username}, ";
        if (!($connect = @ldap_connect(LDAP_SRV))) {
            $error .= "Could not connect to LDAP server:" . LDAP_SRV;
        }
        switch (LDAP_MSAD) {
            case "YES":
                ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
                ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
                if (!($bind = @ldap_bind($connect, "{$username}@" . LDAP_DOMAIN, $password))) {
                    $error .= " Unable to bind to LDAP Server: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>";
                }
                break;
            default:
                if (!($bind = @ldap_bind($connect, "{$dn}" . LDAP_BASE_DN, $password))) {
                    $error .= " Unable to bind to LDAP Server: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>";
                }
        }
        if (!($sr = @ldap_search($connect, LDAP_BASE_DN, $filter))) {
            #search for user
            $error .= " Unable to search: <b>" . LDAP_SRV . "</b><br> <li>DN: {$dn}<br> <li>BaseDN: " . LDAP_BASE_DN . "<br>";
        }
        $info = @ldap_get_entries($connect, $sr);
        // print  "Number of entries returned is " .ldap_count_entries($connect, $sr)."<p>";
        if (LDAP_USEPRIV == "ON") {
            if (in_array(LDAP_RW_GROUP, $info[0]["groupmembership"])) {
                $_SESSION["userpriv"] = "rw";
            } elseif (in_array(LDAP_RO_GROUP, $info[0]["groupmembership"])) {
                $_SESSION["userpriv"] = "ro";
            } else {
                $_SESSION["userpriv"] = "disabled";
                // echo "User privileges are " . $_SESSION["userpriv"] . "<br>";
            }
        }
        if (trim($error) != "") {
            return $error;
        } else {
            $fullname = $info[0]["cn"][0];
            $fqdn = $info[0]["dn"];
            $_SESSION["username"] = $username;
            $_SESSION["groups"] = $info[0]["groupmembership"];
            $_SESSION["token"] = $password;
            $_SESSION["fullname"] = $fullname;
            $_SESSION["fqdn"] = $fqdn;
            $flname = explode(" ", $fullname);
            $_SESSION["firstname"] = $flname[0];
            $_SESSION["lastname"] = $flname[1];
            $_SESSION["pageId"] = "searchform";
            // die(phpinfo());
            // die(print_r($info[0]));
            // die(print_r($_SESSION));
        }
        /* from here, do your sql query to query the database to search for existing record with correct username and password */
    } elseif ($forms["authtype"] == "basic") {
        // Using Web basic authentication. Check to see if $_SERVER['REMOTE_USER'] has access, and act accordingly.
        $username = $_SERVER['REMOTE_USER'];
        if ($username == "") {
            $username = "******";
        }
        $dbLink = db_connect_syslog(DBUSER, DBUSERPW);
        if ($username && verify_user($username, $dbLink)) {
            $sessionId = md5(mt_rand());
            $_SESSION["pageId"] = "searchform";
            $expTime = time() + SESSION_EXP_TIME;
            $expTimeDB = date('Y-m-d H:i:s', $expTime);
            // Update sessionId and exptime in database
            $query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n\t\t\t\texptime='" . $expTimeDB . "' WHERE username='******'";
            $result = perform_query($query, $dbLink);
        } else {
            $error .= " Sorry, {$username} does not have access to this service.";
            $_SESSION["error"] = "{$error}";
        }
    } elseif ($forms["authtype"] == "cert") {
        // Using Cert basic authentication.Check certificate SerialNumber first, Subject DN if SerialNumber fails
        $dbLink = db_connect_syslog(DBUSER, DBUSERPW);
        if (verify_user($_SERVER['SSL_CLIENT_M_SERIAL'], $dbLink) || verify_user($_SERVER['SSL_CLIENT_S_DN'], $dbLink)) {
            $sessionId = md5(mt_rand());
            $_SESSION["pageId"] = "searchform";
            $expTime = time() + SESSION_EXP_TIME;
            $expTimeDB = date('Y-m-d H:i:s', $expTime);
            // Update sessionId and exptime in database
            $query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n             exptime='" . $expTimeDB . "' WHERE username='******'";
            $result = perform_query($query, $dbLink);
        } else {
            $error .= " Sorry, {$username} does not have access to this service.";
            $_SESSION["error"] = "{$error}";
        }
    } else {
        // Not using LDAP or WebBasic, revert to local db authentication
        if ($_POST["username"]) {
            $username = $_POST["username"];
            $password = $_POST["password"];
            // die("Info: $username, $password");
            $dbLink = db_connect_syslog(DBUSER, DBUSERPW);
            if ($username && $password && verify_login($username, $password, $dbLink)) {
                $sessionId = md5(mt_rand());
                $_SESSION["pageId"] = "searchform";
                // Calculate the expiration time
                $expTime = time() + SESSION_EXP_TIME;
                $expTimeDB = date('Y-m-d H:i:s', $expTime);
                // Update sessionId and exptime in database
                $query = "UPDATE " . AUTHTABLENAME . " SET sessionid='" . $sessionId . "', \n\t\t\t\t\texptime='" . $expTimeDB . "' WHERE username='******'";
                $result = perform_query($query, $dbLink);
            } else {
                $error .= " Invalid password for user {$username}";
                $_SESSION["error"] = "{$error}";
            }
        } else {
            $error .= " Missing POST variables";
            $_SESSION["error"] = "{$error}";
        }
    }
    if (trim($error) != "") {
        return $error;
    } else {
        $_SESSION["username"] = $username;
        return $username;
    }
}

Example #6

0

Show file

File: index.php Project: mancheopenschool/Sylvain

		<p id="message">
			<?php 
// si l'utilisateur a cliqué sur submit, $_POST est créé.
// $_POST["submit"] existe donc est n'est pas NULL
// On peut faire nos verif
if (isset($_POST["submit"])) {
    // Si l'utilisateur n'a pas rentré de login OU de password
    if ($_POST["login"] == "" || $_POST["password"] == "") {
        // Affichage erreur
        echo "Les champs ne doivent pas être vides";
    } else {
        // Sinon, on verifie si le login existe et si le password est OK
        // Comme on veut afficher les eventuelles erreurs ici, dans le <p>
        // on affiche le résultat renvoyé par la fonction verify_login
        // On lui passe en paramètre le login et password entrés par l'utilsiateur
        echo verify_login($_POST["login"], $_POST["password"]);
    }
}
?>
		</p>
		<!-- Formulaire logn/pass -->
		<label for="login">Login:
			<input type="text" id="login" name="login"/>
		</label>
		<label for="password">Password:
			<input type="password" id="password" name="password"/>
		</label>
		<input type="submit" id="submit" name="submit" value="Connexion"/>
	</form>
</body>
</html>

Example #7

0

Show file

File: SampleTest.php Project: bianhezhen/php_msdk

// 支付接口请求cookie参数，org_loc这里传空，org_loc值会在类中更新
// IOS平台
$cookie = array('session_id' => 'hy_gameid', 'session_type' => 'st_dummy', 'org_loc' => '');
// 安卓平台
//$cookie = array(
//    'session_id' => 'openid',
//    'session_type' => 'kp_actoken',
//    'org_loc' => ''
//);
$fun = 'get_balance_m';
if ($fun == 'help') {
    echo_help();
}
if ($fun == 'verify_login') {
    $params = array('appid' => $appid, 'openid' => $openid, 'openkey' => $openkey, 'userip' => $userip);
    $ret = verify_login($sdk, $params, $qs);
    print_r("============== verify_login ================\n");
    print_r($ret);
} elseif ($fun == 'load_vip') {
    $params = array('appid' => $appid, 'openid' => $openid, 'login' => 2, 'uin' => 0, 'vip' => $vip, 'accessToken' => $openkey);
    $ret = load_vip($sdk, $params, $qs);
    print_r("============== load_vip ================\n");
    print_r($ret);
} elseif ($fun == 'qqprofile') {
    $params = array('appid' => $appid, 'openid' => $openid, 'accessToken' => $openkey);
    $ret = qqprofile($sdk, $params, $qs);
    print_r("============== qqprofile ================\n");
    print_r($ret);
} elseif ($fun == 'qqfriends_detail') {
    $params = array('appid' => $appid, 'openid' => $openid, 'accessToken' => $openkey, 'flag' => $flag);
    $ret = qqfriends_detail($sdk, $params, $qs);

Example #8

0

Show file

File: authentication.php Project: Russell-IO/php-syslog-ng

function auth ($postvars) {
	//Start security update v0.1 
	global $appConfig;
	if($appConfig['ban_ip'] == "on" && $appConfig['max_login_tries']<=$_SESSION['num_login_tries']) {
		//insert ip into banned table
		$expdate = time()+$appConfig['ban_time']*60;
		mysql_query("INSERT INTO banned_ips(bannedIp,expirationDate) VALUES('{$_SERVER['REMOTE_ADDR']}','".date("Y-m-d h:m:s",$expdate)."')");
	}
	
	if($appConfig['captcha']=='on' && $appConfig['num_login_tries']<=$_SESSION['num_login_tries']) {
		require_once('includes/modules/recaptchalib.php');
		$resp = recaptcha_check_answer ($appConfig['captcha_private_key'],
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);
		
		if (!$resp->is_valid) {
			return $_SESSION["error"] = "The CAPTCHA wasn't entered correctly. Go back and try it again." .
			"(CAPTCHA said: " . $resp->error . ")";
		}
	}
	//End security update v0.1
	
    $error = "";
    $username = stripslashes($postvars["username"]);
    $password = stripslashes($postvars["password"]);
    if (validate_input($username, 'username') && (validate_input($password, 'password'))) {
        switch ($postvars['authtype']) {

        case "local":
            if ($username && $username !== "local_noauth") {
                $dbLink = db_connect_syslog(DBADMIN, DBADMINPW);
                if ($username && $password && verify_login($username, $password, $dbLink)) {
                    $error ="";
                } else {
                    $error .= " Invalid password for user $username";
                }
            } else {
                if (trim($username) == "") $error .= "Your username is empty.<br>";
                if (trim($password) == "") $error .= "Your password is empty.";
            }
        if (trim($error)!="") {
			//Start security update v0.1
			$_SESSION['num_login_tries']+=1;
			//End security update v0.1
            return $_SESSION["error"] = $error;
        } else {
        	$sql = "SELECT rbac_key FROM ".$_SESSION["TBL_AUTH"]." WHERE username='******'";
            $result = perform_query($sql, $dbLink, $_SERVER['PHP_SELF']);
    		$row = fetch_array($result);
        	$_SESSION["rbac"] = $row[0];
            return $_SESSION["username"] = $username;
        }
        break;

		case "ldap":
		   	$dbLink = db_connect_syslog(DBADMIN, DBADMINPW);
	   	$sql = "SELECT name,value FROM settings WHERE name like 'LDAP%'";
	   	$result = perform_query($sql, $dbLink, "authentication.php - LDAP Auth");
	   	while($row = fetch_array($result)) {
				if ($row['name'] == 'LDAP_BASE_DN') { $basedn = $row['value']; }
				if ($row['name'] == 'LDAP_CN') { $cn = $row['value']; }
				if ($row['name'] == 'LDAP_DOMAIN') { $domain = $row['value']; }
				if ($row['name'] == 'LDAP_MS') { $ms = $row['value']; }
				if ($row['name'] == 'LDAP_PRIV') { $priv = $row['value']; }
				if ($row['name'] == 'LDAP_RO_FILTERS') { $ro_filter = $row['value']; }
				if ($row['name'] == 'LDAP_RO_GRP') { $ro_grp = $row['value']; }
				if ($row['name'] == 'LDAP_RW_GRP') { $rw_grp = $row['value']; }
				if ($row['name'] == 'LDAP_SRV') { $srv = $row['value']; }
				if ($row['name'] == 'LDAP_DNU_GRP') { $nuser_grp = $row['value']; }
                                if ($row['name'] == 'LDAP_USERS_RO' ){ $list_of_ldapusers_ro = $row['value']; }
                                if ($row['name'] == 'LDAP_USERS_RW' ){ $list_of_ldapusers_rw = $row['value']; }

	   	}
	   	//define an appropriate ldap search filter to find your users, and filter out accounts such as administrator(administrator should be renamed anyway!).
	  	$filter="(&(|(!(displayname=Administrator*))(!(displayname=Admin*)))(" .$cn. "=$username))";
	   	$dn = $cn . "=$username, ";
	   	if (!($connect = @ldap_connect($srv))) {
		   	$error .= "Could not connect to LDAP server:" . $srv;
	   	}

		switch ($ms) {

			case "1":

				ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION,3);
		   	ldap_set_option($connect, LDAP_OPT_REFERRALS,0);

			if (!($bind = @ldap_bind($connect, "$username@" . $domain, $password))) {
			   	$error .= " Unable to bind to LDAP Server: <b>" . $srv . "</b><br> <li>DN: $dn<br> <li>BaseDN: " . $basedn . "<br>";
		   	}

			break;

			default:

			if (!($bind = @ldap_bind($connect, "$dn" . $basedn, $password))) {
			   	$error .= " Unable to bind to LDAP Server: <b>" . $srv . "</b><br> <li>DN: $dn<br> <li>BaseDN: " . $basedn . "<br>";
		   	}

		}

		if (!($sr = @ldap_search($connect, $basedn, $filter))) { #search for user
		   	$error .= " Unable to search: <b>" . $srv . "</b><br> <li>DN: $dn<br> <li>BaseDN: " . $basedn . "<br>";
	   	}

		$info = @ldap_get_entries($connect, $sr);
	   	// print  "Number of entries returned is " .ldap_count_entries($connect, $sr)."<p>";

		if ($priv == "1") {
		   	if (in_array($rw_grp, $info[0]["groupmembership"])) {
			   	$_SESSION["userpriv"] = "rw";
		   	} elseif (in_array($ro_grp, $info[0]["groupmembership"])) {
			   	$_SESSION["userpriv"] = "ro";
		   	} else {
			   	$_SESSION["userpriv"] = "disabled";
		   	} 
                        if ( strlen($list_of_ldapusers_ro) > 0 ){
                          $tmp_miami = explode(',', $list_of_ldapusers_ro);
                          if ( in_array ($username, $tmp_miami ) ){
                            $_SESSION['userpriv'] = 'ro';                          }
                        }
			if ( strlen($list_of_ldapusers_rw) > 0 ){
                          $tmp_miami = explode(',', $list_of_ldapusers_rw);
                          if ( in_array ($username, $tmp_miami ) ){
                            $_SESSION['userpriv'] = 'rw';
                          }
                        }

			if ( $_SESSION['userpriv'] == 'disabled' ){
			  $error.='User not authorized';
			}

		}
	   	if ( trim($error) != "" ) {
			//Start security update v0.1
			$_SESSION['num_login_tries']+=1;
			//End security update v0.1
		   	return $_SESSION["error"] = $error;
	   	} else {

			$fullname=$info[0]["cn"][0];
		   	$fqdn=$info[0]["dn"];

			$_SESSION["username"] = $username;
		   	$_SESSION["groups"] = $info[0]["groupmembership"];
		   	$_SESSION["token"] = $password;
		   	$_SESSION["fullname"] = $fullname;
		   	$_SESSION["fqdn"] = $fqdn;
		   	$flname = explode(" ", $fullname);
		   	$_SESSION["firstname"] = $flname[0];
		   	$_SESSION["lastname"] = $flname[1];
		   	$_SESSION["pageId"] = "searchform" ;
		   	// die(phpinfo());
		   	// die(print_r($info[0]));
		   	// die(print_r($_SESSION));

			// Create user locally
		   	// Add user (if they don't exist)
		   	$sql = "SELECT username from users where username='******'";
		   	$result = perform_query($sql, $dbLink, "authentication.php - LDAP");
		   	$row = fetch_array($result);
		   	if ($row['username'] !== "$username") {
			   	$sql = "INSERT IGNORE INTO ".$_SESSION['TBL_AUTH']." (username,pwhash) VALUES ('$username',MD5('$password'))";
			   	$result = perform_query($sql, $dbLink, "authentication.php - LDAP");
			   	if(mysql_affected_rows() !== 1) {
				   	$error .= "Unable to add $username to local system";
			   	} else {
				   	$sql = "REPLACE INTO groups (userid, groupname) SELECT (SELECT id FROM users WHERE username='******'),'$nuser_grp'";
				   	perform_query($sql, $dbLink, "authentication.php - LDAP");
				   	$sql = "REPLACE INTO ui_layout (userid, pagename, col, rowindex, header, content, group_access) SELECT (SELECT id FROM users WHERE username='******'),pagename,col,rowindex,header,content, group_access FROM ui_layout WHERE userid=0";
				   	perform_query($sql, $dbLink, "authentication.php - LDAP");
			   	}
		   	}
	   	}
		/* from here, do your sql query to query the database to search for existing record with correct username and password */
        if (trim($error)!="") {
			//Start security update v0.1
			$_SESSION['num_login_tries']+=1;
			//End security update v0.1
            return $_SESSION["error"] = $error;
        } else {
            $sessionId = session_id();
            $expTime = time()+$_SESSION["SESS_EXP"];
            $expTimeDB = date('Y-m-d H:i:s', $expTime);
            $query = "UPDATE ".$_SESSION["TBL_AUTH"]." SET sessionid='".$sessionId."', 
                exptime='".$expTimeDB."' WHERE username='******'";
            $result = perform_query($query, $dbLink, $_SERVER['PHP_SELF']);
            $sql = "SELECT rbac_key FROM ".$_SESSION["TBL_AUTH"]." WHERE username='******'";
            $result = perform_query($sql, $dbLink, $_SERVER['PHP_SELF']);
            $row = fetch_array($result);
            $_SESSION["rbac"] = $row[0];
            return $_SESSION["username"] = $username;
        }
        break;

        case "webbasic":
            $error .= "Web Basic not implemented yet";
        if (trim($error)!="") {
            //Start security update v0.1
            $_SESSION['num_login_tries']+=1;
            //End security update v0.1
            return $_SESSION["error"] = $error;
        } else {
            return $_SESSION["username"] = $username;
        }
        break;

        case "msad":
            $error .= "Microsoft Authentication not implemented yet";
        if (trim($error)!="") {
            //Start security update v0.1
            $_SESSION['num_login_tries']+=1;
            //End security update v0.1
            return $_SESSION["error"] = $error;
        } else {
            return $_SESSION["username"] = $username;
        }
        break;

        case "cert":
            $error .= "SSL Certificate Authentication not implemented yet";
        if (trim($error)!="") {
            //Start security update v0.1
            $_SESSION['num_login_tries']+=1;
            //End security update v0.1
            return $_SESSION["error"] = $error;
        } else {
            return $_SESSION["username"] = $username;
        }
        break;

        case "tacacs":
            $error .= "Tacacs Authentication not implemented yet";
        if (trim($error)!="") {
            //Start security update v0.1
            $_SESSION['num_login_tries']+=1;
            //End security update v0.1
            return $_SESSION["error"] = $error;
        } else {
            return $_SESSION["username"] = $username;
        }
        break;

        case "radius":
            $error .= "Radius Authentication not implemented yet";
        if (trim($error)!="") {
            //Start security update v0.1
            $_SESSION['num_login_tries']+=1;
            //End security update v0.1
            return $_SESSION["error"] = $error;
        } else {
            return $_SESSION["username"] = $username;
        }
        break;
        }
    } else {
        //Start security update v0.1
        $_SESSION['num_login_tries']+=1;
        //End security update v0.1
        return $_SESSION["error"] = "Invalid Username or Password";
    }
}

Example #9

0

Show file

File: login.php Project: qqalexqq/Projects_645

require '../../include/global_functions.php';
function verify_login($username, $password)
{
    $dao = new AdministratorDAO();
    if ($dao->verifyLogin($username, $password)) {
        $_SESSION['logged_in'] = true;
        die(header('Location: index.php'));
    }
}
startSession();
if (isset($_SESSION['logged_in']) && $_SESSION['logged_in'] === true) {
    die(header('Location: /admin'));
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    verify_login($_POST['username'], $_POST['password']);
}
$page['title'] = 'Login';
require '../../include/header.inc';
?>
<link rel="stylesheet" type="text/css" href="//static.project645.tk/css/login.css">
<form action="?" method="POST" class="form-signin">
    <h2 class="form-signin-heading"><?php 
echo t('Please sign in');
?>
</h2>
    <label for="inputUsername" class="sr-only"><?php 
echo t('Username');
?>
</label>
    <input type="text" name="username" id="inputUsername" class="form-control" placeholder="<?php

PHP verify_login Examples