function logged_in($header = 'Sorry!', $message = 'You need to be logged in to perform this action.', $no_quit = false) { if ($_SESSION['logged_in'] == true) { return true; } else { if (!$no_quit) { display_header($header); echo "<p>" . $message . "</p>\n"; display_login_form(null, ltrim($_SERVER['REQUEST_URI'], '/')); display_footer(); exit; } else { return false; } } }
function login_header() { echo '<nav>'; if (session_status() === PHP_SESSION_ACTIVE && checkLogged()) { display_logged_form(); } else { display_login_form(); } if (isset($_GET['errorMsg'])) { echo '<span>'; echo $_GET['errorMsg']; echo '</span>'; } echo '</nav><br> <noscript> This page needs JavaScript activated to fully work </noscript> <br>'; }
function check_valid_user() { //user logged in if (session_is_registered('valid_user_id')) { return; } else { //user tries to log in if (!empty($_POST['user']) && !empty($_POST['password'])) { $valid_user_id = user_ok($_POST['user'], $_POST['password']); switch ($valid_user_id) { case false: // something went wrong with the DB $title = 'B³±d bazy danych, spróbuj pó¼niej.'; break; case -1: //user cannot be logged in $title = 'Nie mogê zalogowaæ u¿ytkownika ' . htmlspecialchars(stripslashes($_POST['user'])) . '!'; break; default: //everything OK $_SESSION['valid_user_id'] = $valid_user_id; $url = $_SERVER['PHP_SELF'] . (empty($_SERVER['QUERY_STRING']) ? '' : '?' . $_SERVER['QUERY_STRING']); header('location: ' . $url); // reload page exit; } } else { if (!isset($_POST['user']) && !isset($_POST['password'])) { $title = 'Zaloguj siê'; } else { $title = '¬le wype³niony formularz! Spróbuj ponownie'; } } display_html_header(); display_document_header(true); // true = with setfocus script display_menu(); display_login_form($title); display_document_footer(); exit; } }
<li><a href="index.php">Przeglądaj doczesne historie</a></li> <li><a href="delete.php">Wymaż kartę historii</a></li> <li><a href="?logout=true">Opuść zamek</a></li> </ul> <?php } else { if (isset($_POST['submit'])) { if ($_POST['username'] == $username && $_POST['password'] == $password) { $_SESSION["login"] = $hash; header("Location: {$_SERVER['PHP_SELF']}"); } else { display_login_form(); echo '<p>Błędny login lub hasło!</p>'; } } else { display_login_form(); } } function display_login_form() { ?> <form action="<?php echo $self; ?> " method='post'> <label for="username">Login </label> <input type="text" name="username" id="username"><br><br> <label for="password">Hasło </label> <input type="password" name="password" id="password"><br><br> <input type="submit" name="submit" value="Dalej"><br><a href="index.php">Trafiłeś tu przez przypadek?</a> </form>
// Stage 3: body // Depending on action, show appropriate main body content //***************************************************************************** //display any text generated by functions called before header echo $status; if (!check_auth_user()) { echo '<p>You need to log in'; if ($_SERVER['REQUEST_METHOD'] == 'POST' && $action != 'log-out') { echo ' to go to ' . format_action($action); } echo '.</p><br /><br />'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { display_login_form($action); } else { $action = ''; display_login_form($action); } } else { if (isset($_REQUEST['action'])) { switch ($action) { // if we have chosen to setup a new account, or have just added or // deleted an account, show account setup page case 'store-settings': case 'account-setup': case 'delete-account': display_account_setup($_SESSION['auth_user']); break; case 'send-message': if (send_message($to, $cc, $subject, $message)) { echo '<p>Message sent.</p><br /><br /><br /><br /><br /><br />'; } else {
function start_html($user, $title = "UC Medicine QA", $subtitle = "", $status = "", $statusClass = "") { echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">' . "\n\n" . '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>' . escape_output($title) . ($subtitle != "" ? " - " . escape_output($subtitle) : "") . '</title> <link rel="shortcut icon" href="http://ucmcqa.dyndns.org/favicon.ico" /> <link rel="stylesheet" href="' . joinPaths(ROOT_URL, "css/bootstrap.min.css") . '" type="text/css" /> <link rel="stylesheet" href="' . joinPaths(ROOT_URL, "css/bootstrap-responsive.min.css") . '" type="text/css" media="all" /> <link rel="stylesheet" href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css" type="text/css" /> <link rel="stylesheet" href="' . joinPaths(ROOT_URL, "css/jquery.dataTables.css") . '" type="text/css" /> <link rel="stylesheet" href="' . joinPaths(ROOT_URL, "css/linac-qa.css") . '" type="text/css" /> <link rel="stylesheet" href="' . joinPaths(ROOT_URL, "css/print.css") . '" type="text/css" media="print" /> <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script> <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.18/jquery-ui.min.js"></script> <script type="text/javascript" src="' . joinPaths(ROOT_URL, "js/jquery-ui-timepicker-addon.js") . '"></script> <script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/jquery.dropdownPlain.js") . '"></script> <script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/jquery.dataTables.min.js") . '"></script> <script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/jquery.autosave.js") . '"></script> <script type="text/javascript" src="' . joinPaths(ROOT_URL, "js/d3.v2.min.js") . '"></script> <script type="text/javascript" src="' . joinPaths(ROOT_URL, "js/d3-helpers.js") . '"></script> <script type="text/javascript" src="' . joinPaths(ROOT_URL, "js/highcharts.js") . '"></script> <script type="text/javascript" src="' . joinPaths(ROOT_URL, "js/exporting.js") . '"></script> <script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/calcFunctions.js") . '"></script> <script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/renderHighCharts.js") . '"></script> <script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/bootstrap.min.js") . '"></script> <script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/bootstrap-dropdown.js") . '"></script> <script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/loadInterface.js") . '"></script> </head> <body> <div class="navbar navbar-inverse navbar-fixed-top"> <div class="navbar-inner"> <div class="container-fluid"> <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </a> <a href="./index.php" class="brand">UC Medicine QA</a> <div class="nav-collapse"> <ul class="nav">' . "\n"; // display daily, monthly, yearly forms. if ($user->loggedIn()) { $formTypes = $user->dbConn->stdQuery("SELECT `id`, `name` FROM `form_types` ORDER BY `id` ASC"); while ($formType = $formTypes->fetch_assoc()) { $formType = new FormType($user->dbConn, intval($formType['id'])); echo ' <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown"> ' . escape_output($formType->name) . ' <b class="caret"></b> </a> <ul class="dropdown-menu">' . "\n"; foreach ($formType->forms as $form) { echo ' <li><a href="form_entry.php?action=new&form_id=' . intval($form['id']) . '">' . escape_output($form['name']) . '</a></li>' . "\n"; } echo ' </ul> </li> <li class="divider-vertical"></li>' . "\n"; } // display analysis toolbar. echo ' <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown"> Analysis <b class="caret"></b> </a> <ul class="dropdown-menu">' . "\n"; $forms = $user->dbConn->stdQuery("SELECT `id`, `name` FROM `forms` ORDER BY `name` ASC"); while ($form = $forms->fetch_assoc()) { echo ' <li class="dropdown-submenu"> <a tabindex="-1" href="#">' . escape_output($form['name']) . '</a> <ul class="dropdown-menu"> <li><a href="form_entry.php?action=index&form_id=' . intval($form['id']) . '">Entries</a></li> <li><a href="graph.php?action=show&form_id=' . intval($form['id']) . '">Plot</a></li> </ul>' . "\n"; } echo ' </ul>' . "\n"; } // display administrator tools. if ($user->isAdmin()) { echo ' <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown"> Admin <b class="caret"></b> </a> <ul class="dropdown-menu"> <li><a href="facility.php">Facilities</a></li> <li><a href="form.php">Forms</a></li> <li><a href="machine_type.php">Machine Types</a></li> <li><a href="machine.php">Machines</a></li> <li><a href="user.php">Users</a></li> <li><a href="backup.php">Backup</a></li> </ul> </li> <li class="divider-vertical"></li>' . "\n"; } echo ' </ul> <ul class="nav pull-right"> <li class="divider-vertical"></li> <li class="dropdown">' . "\n"; // display user settings / log out link, or sign in form. if ($user->loggedIn()) { echo ' <a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="icon-user icon-white"></i>' . escape_output($user->name) . '<b class="caret"></b></a> <ul class="dropdown-menu"> <li><a href="/user.php?action=show&id=' . intval($user->id) . '">Profile</a></li> <li><a href="/user.php?action=edit&id=' . intval($user->id) . '">User Settings</a></li> <li class="divider"></li> <li><a href="/logout.php">Sign out</a></li> </ul>' . "\n"; } else { echo ' <a href="#" class="dropdown-toggle" data-toggle="dropdown">Sign in<b class="caret"></b></a> <ul class="dropdown-menu">' . "\n"; display_login_form(); echo ' </ul>' . "\n"; } echo ' </li> </ul> </div> </div> </div> </div> <div class="container-fluid">' . "\n"; // display alerts if applicable. if ($status != "") { echo ' <div class="alert alert-' . escape_output($statusClass) . '"> <button class="close" data-dismiss="alert" href="#">×</button> ' . escape_output($status) . ' </div>' . "\n"; } }
global $blog, $action, $disp, $rsc_url, $Settings, $rsc_path, $transmit_hashed_password, $dummy_fields; if (is_logged_in()) { // already logged in echo '<p>' . T_('You are already logged in') . '</p>'; return; } $login = utf8_strtolower(param($dummy_fields['login'], 'string', '')); $action = param('action', 'string', ''); $redirect_to = param('redirect_to', 'url', ''); $return_to = param('return_to', 'url', ''); $source = param('source', 'string', 'inskin login form'); $login_required = $action == 'req_login'; global $admin_url, $ReqHost, $secure_htsrv_url; if (!isset($redirect_to)) { $redirect_to = regenerate_url('disp'); } // Default params: $params = array_merge(array('skin_form_before' => '', 'skin_form_after' => '', 'form_title_login' => '', 'login_page_class' => '', 'login_page_before' => '', 'login_page_after' => '', 'login_form_action' => '', 'login_form_name' => 'login_form', 'login_form_title' => '', 'login_form_layout' => '', 'form_class_login' => 'evo_form__login', 'login_form_source' => $source, 'login_form_inskin' => true, 'login_form_inskin_urls' => true, 'login_form_required' => $login_required, 'login_validate_required' => NULL, 'login_form_redirect_to' => $redirect_to, 'login_form_return_to' => $return_to, 'login_form_login' => $login, 'login_action_value' => '', 'login_form_reqID' => '', 'login_form_sessID' => '', 'transmit_hashed_password' => $transmit_hashed_password, 'display_abort_link' => true, 'abort_link_position' => 'above_form', 'abort_link_text' => T_('Abort login!'), 'display_reg_link' => false, 'display_form_messages' => false, 'login_form_footer' => true), $params); $login_form_params = array('form_before' => str_replace('$form_title$', $params['form_title_login'], $params['skin_form_before']), 'form_after' => $params['skin_form_after'], 'form_action' => $params['login_form_action'], 'form_name' => $params['login_form_name'], 'form_title' => $params['login_form_title'], 'form_layout' => $params['login_form_layout'], 'form_class' => $params['form_class_login'], 'source' => $params['login_form_source'], 'inskin' => $params['login_form_inskin'], 'inskin_urls' => $params['login_form_inskin_urls'], 'login_required' => $params['login_form_required'], 'validate_required' => $params['login_validate_required'], 'redirect_to' => $params['login_form_redirect_to'], 'return_to' => $params['login_form_return_to'], 'login' => $params['login_form_login'], 'action' => $params['login_action_value'], 'reqID' => $params['login_form_reqID'], 'sessID' => $params['login_form_sessID'], 'transmit_hashed_password' => $params['transmit_hashed_password'], 'display_abort_link' => $params['display_abort_link'], 'abort_link_position' => $params['abort_link_position'], 'abort_link_text' => $params['abort_link_text'], 'display_reg_link' => $params['display_reg_link']); echo str_replace('$form_class$', $params['login_page_class'], $params['login_page_before']); if ($params['display_form_messages']) { // Display the form messages before form inside wrapper messages(array('block_start' => '<div class="action_messages">', 'block_end' => '</div>')); } display_login_form($login_form_params); if ($params['login_form_footer']) { // Display login form footer echo '<div class="evo_login_dialog_standard_link"><a href="' . $secure_htsrv_url . 'login.php?source=' . rawurlencode($source) . '&redirect_to=' . rawurlencode($redirect_to) . '&return_to=' . rawurlencode($return_to) . '">' . T_('Use standard login form instead') . ' »</a></div>'; echo '<div class="evo_login_dialog_footer text-muted">' . sprintf(T_('Your IP address: %s'), $Hit->IP) . '</div>'; } echo $params['login_page_after'];
} /** * Include page header (also displays Messages): */ $page_title = T_('Log in to your account'); $page_icon = 'login'; /* fp> The login page is small. Let's use it as a preloader for the backoffice (which is awfully slow to initialize) fp> TODO: find a javascript way to preload more stuff (like icons) WITHOUT delaying the browser autocomplete of the login & password fields dh> // include jquery JS: require_js( '#jquery#' ); jQuery(function(){ alert("Document is ready"); }); See also http://www.texotela.co.uk/code/jquery/preload/ - might be a good opportunity to take a look at jQuery for you.. :) */ require_js('functions.js'); $transmit_hashed_password = (bool) $Settings->get('js_passwd_hashing') && !(bool) $Plugins->trigger_event_first_true('LoginAttemptNeedsRawPassword'); if ($transmit_hashed_password) { // Include JS for client-side password hashing: require_js('sha1_md5.js'); } /** * Login header */ require dirname(__FILE__) . '/_html_header.inc.php'; $params = array('form_action' => $secure_htsrv_url . 'login.php', 'form_layout' => 'fieldset', 'form_class' => 'fform', 'source' => param('source', 'string', 'std login form'), 'inskin' => false, 'redirect_to' => $redirect_to, 'login' => $login, 'login_required' => $login_required, 'validate_required' => $validate_required, 'action' => $action, 'reqID' => isset($reqID) ? $reqID : NULL, 'sessID' => isset($sessID) ? $sessID : NULL, 'transmit_hashed_password' => $transmit_hashed_password); display_login_form($params); require dirname(__FILE__) . '/_html_footer.inc.php';