} $lastnamefirst = $_POST["User"]; $newuserid = FindUser("LastNameFirst", $lastnamefirst); if (!$newuserid) { $error_msg = "Unable to find user id. (Two users with same name?)"; $doform = true; goto GenerateHtml; } $newuserinfo = GetUserInfo($newuserid); $newusername = $newuserinfo["UserName"]; $currentuser = GetUserName(); log_msg($loc, 'User ' . $currentuser . ' is attemping to masquerade as ' . $newusername); session_unset(); session_destroy(); session_start(); $okay = StartLogin($newusername, "", true); if ($okay === false) { log_msg($loc, "Login failure for masquerade. Starting ALL over."); session_unset(); session_destroy(); JumpToPage("pages/login.php"); } SetMasquerader($currentuser); JumpToPage("pages/welcome.php"); } GenerateHtml: include "forms/header.php"; include "forms/nav_form.php"; include "forms/admin_menubar.php"; include "forms/admin_masquerade_form.php"; include "forms/footer.php";
<?php // -------------------------------------------------------------------- // logout.php -- Impements the logout page. // // Created: 12/29/14 DLB // -------------------------------------------------------------------- require "libs/all.php"; session_start(); log_page(); if (IsMasquerading()) { $olduser = GetMasquerader(); log_msg("logout.php", "Masquerade session is over."); session_unset(); session_destroy(); session_start(); if (!empty($olduser)) { log_msg("logout.php", "Attempting to re-login as " . $olduser); $okay = StartLogin($olduser, "", true); if ($okay) { JumpToPage("welcome.php"); } } } else { log_msg("logout.php", "User " . UserLastFirstName() . " is Logging Out."); } session_unset(); session_destroy(); include "forms/header.php"; include "forms/logoutmsg.php"; include "forms/footer.php";
// we are processing input from the form... $name = $_POST["name"]; $pw = $_POST["password"]; // Here we do a trick, and allow a developer // to log in by leaving both fields empty. The // bypass must be enabled in the config file. $bypass = false; if (!empty($config["DevBypass"]) && empty($name) && empty($ps)) { $name = $config["DevBypass"]; $pw = "junk"; log_msg("login.php", "Developer bypass attempted for username="******"welcome.php"); } } if (!$LoginOkay) { log_msg("login.php", array("Login Attempt Failed. UserName="******"IP Address=" . $_SERVER["REMOTE_ADDR"])); $ShowError = true; } } // Generate HTML: include "forms/header.php"; include "forms/loginform.php"; include "forms/footer.php";