Example #1
0
function userIsLoggedIn()
{
    $user = new ProcessUsers();
    if (isset($_POST['action']) and $_POST['action'] == 'login') {
        if (!isset($_POST['username']) or $_POST['username'] == '' or !isset($_POST['password']) or $_POST['password'] == '') {
            $GLOBALS['loginError'] = 'Please fill in both fields';
            return FALSE;
        }
        $password = sha1($_POST['password'] . 'lfiDE3VtFQEK57a2CEupBN6I27B3E5H4');
        $userExists = $user->databaseContainsUser($_POST['username'], $password);
        if ($userExists) {
            session_start();
            $_SESSION['loggedIn'] = TRUE;
            $_SESSION['username'] = $_POST['username'];
            $_SESSION['password'] = $password;
            return TRUE;
        } else {
            session_start();
            unset($_SESSION['loggedIn']);
            unset($_SESSION['username']);
            unset($_SESSION['password']);
            $GLOBALS['loginError'] = 'The specified username address or password was incorrect.';
            return FALSE;
        }
    }
    if (isset($_POST['action']) and $_POST['action'] == 'logout') {
        session_start();
        unset($_SESSION['loggedIn']);
        unset($_SESSION['username']);
        unset($_SESSION['password']);
        header('Location: ' . $_POST['goto']);
        exit;
    }
    session_start();
    if (isset($_SESSION['loggedIn'])) {
        $userExists = $user->databaseContainsUser($_SESSION['username'], $_SESSION['password']);
        return $userExists;
    }
}
Example #2
0
<?php

require_once $_SERVER['DOCUMENT_ROOT'] . "/helpdesk/modules/users/models/processUsers.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/helpdesk/includes/helpers.inc.php";
define("ADMIN_PAGEHEADER", $_SERVER['DOCUMENT_ROOT'] . "/helpdesk/views/templates/header.html.php");
define("ADMIN_PAGEFOOTER", $_SERVER['DOCUMENT_ROOT'] . "/helpdesk/views/templates/footer.html.php");
define("DATABASE", $_SERVER['DOCUMENT_ROOT'] . "/helpdesk/includes/db.inc.php");
define("CMS_ERROR", $_SERVER['DOCUMENT_ROOT'] . "/helpdesk/views/error.html.php");
define("USERS_LIST", $_SERVER['DOCUMENT_ROOT'] . "/helpdesk/modules/users/views/users.html.php");
define("USER_FORM", $_SERVER['DOCUMENT_ROOT'] . "/helpdesk/modules/users/views/form.html.php");
$validateUser = new ProcessUsers();
if (isset($_GET['add'])) {
    $pageTitle = 'New user';
    $action = 'addform';
    $name = '';
    $password = '';
    $login = '';
    $email = '';
    $authorid = '';
    $id = '';
    $button = 'Add user';
    include_once ADMIN_PAGEHEADER;
    include_once USER_FORM;
    include_once ADMIN_PAGEFOOTER;
    exit;
}
if (isset($_GET['addform'])) {
    $data['login'] = $_POST['username'];
    $data['password'] = $_POST['password'];
    $data['email'] = $_POST['email'];
    $data['name'] = $_POST['name'];