function check_login($i, $twig, $args) { if ($s = $i->prepare("SELECT ID, PASSWORD, USERNAME FROM USERS WHERE USERNAME = ?")) { $s->bind_param('s', $_POST['username']); $s->bind_result($uid, $upass, $uname); if ($s->execute()) { // Query success if ($s->fetch() && password_verify($_POST['password'], $upass)) { // Login success $_SESSION['user-id'] = $uid; $_SESSION['user-username'] = $uname; header("Location: index.php"); } else { // Login failure login_error($twig, $args, "Invalid login"); } } else { // Execution Failure error_log("Login error, execution: {$i->error}"); login_error($twig, $args, "There was an internal error while logging in. Please contact your administrator."); } $s->close(); } else { // Preparation Failure error_log("Login error preparation: {$i->error}"); login_error($twig, $args, "There was an internal error while logging in. Please contact your administrator."); } }
function login_check() { global $smarty; $email = @$_POST['email']; $pass = @$_POST['loginpass']; if (login_needcaptcha()) { if (recaptcha_verify() !== true) { login_error(_('The CAPTCHA you entered is incorrect')); die; } } $ret = user_verify($email, $pass); if ($ret !== true) { login_incfail(); login_error($ret); die; } else { user_online($email); login_resetfail(); $url = 'account.php'; header("Location: {$url}"); $smarty->assign('url', $url); $smarty->display('templates/redirect.html'); } }
$print_blank_button = "\n\t\t\t\t<CENTER>\n\t\t\t\t<FORM action=printview_blankscoresheet.php method=POST target=new name=printview>\n\t\t\t\t<input type=submit class=submit name=submit value=\"Print\" class=\"submit\" /> Blank Score Sheet\n\t\t\t\t</form>"; //$new_assignment ="<a href=teach_addAssign2Gradebook.php?lev=".$_GET['lev']."&cat=".$_GET['cat']." onclick=\"return GB_showCenter('Add Assignment to Gradebook', this.href,400,1000)\">Add Assignment</a></center>"; //$new_assignment ="<a href=teach_addAssign2Gradebook.php?lev=".$_GET['lev']."&cat=".$_GET['cat']." class=\"greybox\" title=\"New Assignment\">Add Assignment</a></center>"; $class = $_SESSION[$_CONF['sess_name'] . '_selected_class']; $sql = "SELECT term_start_date, term_end_date from terms, classes\n WHERE terms.term_id=classes.term_id AND classes.class_id=" . $class; $result = $db->query($sql); $row = $result->fetch_assoc(); $term_start = $row['term_start_date']; $term_end = $row['term_end_date']; list($sy, $sm, $sd) = preg_split("/-/", $term_start); list($ey, $em, $ed) = preg_split("/-/", $term_end); $new_assignment = "\n <script type='text/javascript'>\n \$(document).ready(\n function() {\n \$('input#a_1_due_date').datepick({\n onDate: \$.datepick.noWeekends,\n dateFormat: 'yyyy-mm-dd',\n minDate: new Date(" . $sy . ", " . ($sm - 1) . ", " . $sd . "),\n maxDate: new Date(" . $ey . ", " . ($em - 1) . ", " . $ed . "),\n numberOfMonths: 1\n }),\n \$('#addAssignForm').validationEngine()\n });\n </script>\n <div id=\"greybox\" class=\"greybox\"></div>\n <div id=\"popup\" class=\"popup\">"; $today = date('Y-m-d'); $sql = "SELECT * from categories where class_id=" . $class; $result = $db->query($sql); if ($result) { while ($row = $result->fetch_assoc()) { $catList .= "\n\t\t\t\t<option value=" . $row['category_id'] . ">" . $row['category_name'] . " (" . $row['category_weight'] . "%)</option>"; } } $new_assignment .= "\n <div id=assignDiv name=assignDiv>\n\t\t<div style=\"text-align:center; font-weight:bold; font-size:20px;\">Term Start: " . $sm . "-" . $sd . "-" . $sy . " Term End: " . $em . "-" . $ed . "-" . $ey . "</div>\n\t\t<center>\n\t\t<form id=\"addAssignForm\" name=\"addAssignForm\" action=" . $_SERVER['PHP_SELF'] . " method=post>\n\t\t<table cellspacing=1 cellpadding=3 border=0 bgcolor=black border=0>"; $new_assignment .= "\n\t\t<tr>\n <th align=right>Name</th>\n\t\t\t<td>\n\t\t\t\t<input class=\"validate[required]\" type=text size=30 id=a_1_assignment_name name=a_1_assignment_name />\n\t\t\t</td>\n </tr>\n <tr>\n <th align=right>Category</th>\n\t\t\t<td>\n\t\t\t\t<select id=a_1_category_id name=a_1_category_id>" . $catList . "</select>\n\t\t\t</td>\n </tr>\n <tr>\n <th align=right>Due Date</th>\n\t\t\t<td>\n\t\t\t\t<input class=\"validate[required,custom[date]]\" type=text size=15 id=a_1_due_date name=a_1_due_date value=" . $today . " />\n\t\t\t</td>\n </tr>\n <tr>\n <th align=right>Max Score</th>\n\t\t\t<td>\n\t\t\t\t<input class=\"validate[required,custom[number]]\" type=text size=5 id=a_1_max_score name=a_1_max_score value=100 />\n\t\t\t</td>\n </tr>\n <tr>\n <th align=right>Weight</th>\n\t\t\t<td>\n\t\t\t\t<input class=\"validate[required,custom[number]]\" type=text size=5 id=a_1_weight name=a_1_assignment_weight value=1 />\n\t\t\t</td>\n </tr>\n <tr>\n <th align=right>Extra Credit?</th>\n <td>\n <input class=\"validate[required] radio\" type=radio id=a_1_isExtraCredit name=a_1_isExtraCredit value='Y'>Y \n <input class=\"validate[required] radio\" type=radio id=a_1_isExtraCredit name=a_1_isExtraCredit value='N' checked=\"checked\">N\n </td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<th align=right>Note</th>\n <td><input type=text size=50 name=a_1_assignment_note /></td>\n\t\t</tr>"; $new_assignment .= "\n\t\t</table>\n\t\t<input type=submit class=submit id=insertAssign name=insertAssign value=Insert />\n\t\t</center>\n </div><!-- end assignDiv -->"; $new_assignment .= "\n <input type=button id=close name=close value=Close />\n </form>\n </div><!-- end pouup div -->\n <div id=\"newAssignPopupDiv\" class=\"newAssignPopupDiv\">\n <input type=submit id=\"newAssignPopup\" name=\"newAssignPopup\" value=\"New Assignment\" />\n </div>"; $b .= "<br />" . $print_gradebook_button . $print_blank_button . $new_assignment; $main .= make_box($t, $b); } /** end if class_id and term_id **/ } else { $main .= login_error(); }
$token = uniqid(); setcookie("roll", $roll); setcookie("token", $token); $login_query = 'update students set token="' . $token . '" where roll=' . $roll; if (db_exec_only($login_query)) { $login_success = true; } } } theme_header('Login'); theme_navbar($login_success, $roll); ?> <div class="col-lg-5"> <h2><i class="fa fa-sign-in fa-fw"></i> Login <small>Get access student database</small></h2> <? if($login_success) login_success(); else { if($_POST) { login_error(); } theme_login_form(); } ?> </div> <? theme_footer(); db_close(); ?>
$result = $db->query("SELECT * FROM cc" . $n . "_users WHERE username='******'"); $row = $db->fetch_array($result); if (strtolower($row['username']) != $username) { trace_msg("login ERROR '{$username}' wrong username", 2); login_error($ln_login_e_2); exit; } if ($row['password'] != md5($password)) { trace_msg("login ERROR '{$username}' wrong password", 2); login_error($ln_login_e_2); exit; } if (!$row['serveradmin']) { $grp_q = $db->query("SELECT `perm_lvl`, `id` FROM `cc" . $n . "_user_groups` WHERE `id` = '" . $row['group'] . "'"); $grp = $db->fetch_array($grp_q); if (!$grp) { login_error('Schwerer Fehler! Die Usergruppe konnte nicht gefunden werden! Sie haben keine Berechtigungen für diesen Bereich!'); exit; } if ($grp['perm_lvl'] <= 0) { login_error('Sie haben keine Berechtigungen für diesen Bereich!'); exit; } } $userid = intval($row['userid']); $_SESSION['userid'] = $userid; trace_msg("login OK '{$username}' ", 2); $db->unbuffered_query("UPDATE cc" . $n . "_users SET lastlogin='******', ip='" . getenv("REMOTE_ADDR") . "' WHERE username='******'"); header("LOCATION: " . LITO_MODUL_PATH_URL . 'acp_core/admin.php'); exit; }