public function index() { destroy_session(); redirect('admin/login'); // if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { // $this->layout = 'ajax'; // if (!session('username')) // redirect('admin/login'); // $this->load->view('admin/login/logout'); // $this->session->sess_destroy(); // } else { // $this->session->sess_destroy(); // redirect('admin/login'); // } }
function login() { // // $db = login(); // // Tries to connect to database using session vars. // Sends user to login script if the session has not been initialized // or if the current session values are not valid. // init_session(); if (isset($_SESSION['dbname']) && isset($_SESSION['username']) && isset($_SESSION['password'])) { list($db, $msg) = dbConnect($_SESSION['username'], $_SESSION['password'], $_SESSION['dbname'], 'localhost'); if (!$db) { destroy_session(); header("Location: login.php?continueURL=" . urlencode(hostURL() . "/" . $_SERVER["REQUEST_URI"]) . "&msg=" . urlencode($msg)); exit; } else { return $db; } } else { destroy_session(); header("Location: login.php?continueURL=" . urlencode(hostURL() . "/" . $_SERVER["REQUEST_URI"])); exit; } if (!isset($_SESSION['username'])) { // Session not started OK trigger_error("Session failed to initialize- problem with cookies?"); exit; } // $db = FALSE; // // Force basic auth // $realm = "mrData"; // if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) // list($db,$msg) = dbConnect($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'], 'mrDataDB'); // if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) || !$db){ // header('WWW-Authenticate: Basic realm="'.$realm.'"'); // header('HTTP/1.0 401 Unauthorized'); // // We only get here if the user cancels the basic auth dialog. // echo 'Sorry- you must log in.'; // exit; // } else { // //echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>"; // //echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>"; // } // return($db); }
<?php require_once "init.php"; destroy_session(); header("Location:" . link_r("login.php"));
<?php // Terminate user session (logout) require_once 'lib_auth.php'; if (array_key_exists("php_sa_session", $_COOKIE)) { $session_key = $_COOKIE['php_sa_session']; destroy_session($session_key); } header("Location: login.php");
function do_login($username = NULL, $password = NULL, $force_login = FALSE) { global $auth_settings; destroy_expired_sessions(); $session_key = $_COOKIE[$auth_settings['cookie_name']]; $username = trim($username); // Check for session if forced login not specified if ($force_login != TRUE) { $login_id = session_key_to_login_id($session_key); if ($login_id !== FALSE) { //echo "Session detected!\n<br>"; return $login_id; } } else { // Destroy any prior session on a forced login destroy_session($session_key); } if (is_null($username)) { $username = $_POST['username']; } if (is_null($password)) { $password = $_POST['password']; } // Don't allow logins for locked out accounts $lo = check_lockout($username); if ($lo != 0) { auth_lockout(NULL, NULL, $username); return -1; } // Authenticate credentials and take lockout actions as required $login_id = authenticate_user($username, $password); if ($login_id > 0) { create_session(NULL, $login_id); return $login_id; } else { destroy_session($session_key); // Good user name, bad password if ($login_id == -1) { auth_lockout(NULL, NULL, $username); } // Bad user name if ($login_id == -2) { auth_lockout(); } return -2; } return -255; }
# #} else { $conn = connect(); $user = $_POST['USER']; // make the string safe $pass = md5($_POST['PASS']); #$pass = $_POST['PASS']; $result = select($conn, "*", "users", "username='******' AND password='******'"); mysql_close($conn); while ($row = mysql_fetch_assoc($result)) { // User provided proper credentials echo "<pre>"; print_r($row); echo "</pre>"; if ($row['username'] == $user) { destroy_session($user); // if user is logging in twice w/o logging out create_session($user, $row['user_type'], $row['last_name'], $row['uid']); if ($row['user_type'] == 1) { header('Location: pages/dr_participants.php'); } else { if ($row['user_type'] == 0) { header('Location: pages/p_day.php'); } } exit; } } // user failed to log in echo "\n<DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 3.2//EN\">\n<HEAD>\n<TITLE>fb4ho</TITLE>\n</HEAD>\t\n<BODY BGCOLOR=WHITE>\n<TABLE ALIGN=\"CENTER\">\n<TR><TD>\n<IMG SRC='title.gif' WIDTH=500px HEIGHT=100px/>\n</TD></TR>\n<TR><TD>\n<H2> Login Failed! </H2>\n<a href=\"index.php\">Back</a>\n</TD></TR>\n</TABLE>\n</BODY>"; exit;