function doLogin() { $conn = mysqli_connect("localhost", "root", "root", "aceTraining") or die(mysqli_error($conn)); $ea = $_POST['emaillogin']; $pw = $_POST['passwordlogin']; $sql = "SELECT * FROM user WHERE (email ='{$ea}' AND password = '******')"; $result = mysqli_query($conn, $sql); $resultline = mysqli_fetch_array($result); if ($resultline['userId'] == "") { echo "Login Failed <br><br>"; showLogin(); } else { $_SESSION['userId'] = $resultline['userId']; $_SESSION['usertype'] = $resultline['usertype']; if ($_SESSION['usertype'] == "admin") { header('Location: Admin.php'); } else { if ($_SESSION['usertype'] == "tutor") { header('Location: Tutor.php'); } else { if ($_SESSION['usertype'] == "student") { header('Location: Student.php'); } } } } }
function showHome($loggedin) { if ($loggedin) { showMainPage(); } else { showLogin(); } }
function processLogin($connection) { $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); $checkUsername = "******"; $result = mysqli_query($connection, $checkUsername); if (mysqli_num_rows($result) != 0) { $checkPassword = "******"; $result = mysqli_query($connection, $checkPassword); if (mysqli_num_rows($result) != 0) { $loggedUser = $_SESSION['username'] = $username; header('Location: HomePage.php'); exit; } else { $err = "Invalid username or password"; //echo "Wrong password"; showLogin($err, $connection); } } else { $err = "Invalid username or password"; //echo "No such username"; showLogin($err, $connection); } }
$rssURLArray[] = array("href" => generateURL("show.php", $defaultFeedFormat, array("where" => 'modified_date = CURDATE()'), true, $showRows), "title" => "records edited today"); } // -------------------------------------------------------------------- // Adjust the width of the right-hand column according to the calling user agent: // NOTE: strictly, this isn't really necessary but it helps to achieve a similar appearance of the login form on Firefox/Gecko & Safari/WebKit browsers (with all supported GUI languages) // TODO: figure out a better way (which isn't based on user agent sniffing); the problem could also be avoided by simply stacking <input> fields & their labels on top of each other if (isset($_SERVER['HTTP_USER_AGENT']) and preg_match("/AppleWebKit/i", $_SERVER['HTTP_USER_AGENT'])) { $rightColumnWidth = "215"; } else { $rightColumnWidth = "225"; } // Get the total number of records: $recordCount = getTotalNumberOfRecords(); // function 'getTotalNumberOfRecords()' is defined in 'include.inc.php' // Show the login status: showLogin(); // (function 'showLogin()' is defined in 'include.inc.php') // (4) DISPLAY header: // call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'): displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $loc["Home"], "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", true, "", $viewType, $rssURLArray); showPageHeader($HeaderString); // Define variables holding common drop-down elements, i.e. build properly formatted <option> tag elements: // - "Browse My Refs" form: $dropDownFieldNameArray2 = array("author" => $loc["DropDownFieldName_Author"], "year" => $loc["DropDownFieldName_Year"], "publication" => $loc["DropDownFieldName_Publication"], "keywords" => $loc["DropDownFieldName_Keywords"], "user_keys" => $loc["DropDownFieldName_UserKeys"]); $dropDownItems2 = buildSelectMenuOptions($dropDownFieldNameArray2, "//", "\t\t\t\t\t", true); // function 'buildSelectMenuOptions()' is defined in 'include.inc.php' // -------------------------------------------------------------------- ?> <table align="center" width="95%" summary="This table explains features, goals and usage of the <?php echo encodeHTML($officialDatabaseName);
if (util::getPost('password1') === false) { $output = showRegister(''); } else { extract($_POST); // print_r($_POST); if ("" == $email) { // echo "setting email"; $email = ""; } if (!"" == $name) { if ($password1 != $password2) { // not all set $output = showRegister("Passwords not equal"); } else { if (CTF::register($name, $password1, $email)) { $output = showLogin("", isset($_SESSION[Challenge::PLAYER])); } else { $output = showRegister("User already exists"); } } } else { $output = showRegister("Name can't be empty"); } } break; default: break; } } $challenge = new Challenge(); $array = $BASE_ARRAY;
function showQueryPage($operation, $viewType, $showRows, $rowOffset) { global $officialDatabaseName; // defined in 'ini.inc.php' global $displayType; global $loc; // defined in 'locales/core.php' global $client; // If there's no stored message available: if (!isset($_SESSION['HeaderString'])) { $HeaderString = $loc["SearchDB"] . ":"; } else { $HeaderString = $_SESSION['HeaderString']; // extract 'HeaderString' session variable (only necessary if register globals is OFF!) // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString': deleteSessionVariable("HeaderString"); // function 'deleteSessionVariable()' is defined in 'include.inc.php' } // For HTML output, we'll need to reset the value of the '$displayType' variable // (which, by default, is set to "Export"; see above); otherwise, the 'originalDisplayType' // parameter in the 'quickSearch' form of the page header would be incorrectly set to "Export" $displayType = ""; // if '$displayType' is empty, 'show.php' will use the default view that's given in session variable 'userDefaultView' // Show the login status: showLogin(); // (function 'showLogin()' is defined in 'include.inc.php') // DISPLAY header: // call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'): displayHTMLhead(encodeHTML($officialDatabaseName) . " -- " . $loc["Search"], "index,follow", "Search the " . encodeHTML($officialDatabaseName), "", true, "", $viewType, array()); if (!preg_match("/^Mobile\$/i", $viewType) and !preg_match("/^inc/i", $client)) { // Note: we omit the visible header in mobile view ('viewType=Mobile') and for include mechanisms! showPageHeader($HeaderString); } // Define variables holding common drop-down elements, i.e. build properly formatted <option> tag elements: $dropDownConditionals1Array = array("contains" => $loc["contains"], "does not contain" => $loc["contains not"], "is equal to" => $loc["equal to"], "is not equal to" => $loc["equal to not"], "starts with" => $loc["starts with"], "ends with" => $loc["ends with"]); $dropDownItems1 = buildSelectMenuOptions($dropDownConditionals1Array, "//", "\t\t\t", true); // function 'buildSelectMenuOptions()' is defined in 'include.inc.php' $dropDownConditionals2Array = array("is greater than" => $loc["is greater than"], "is less than" => $loc["is less than"], "is within range" => $loc["is within range"], "is within list" => $loc["is within list"]); $dropDownItems2 = buildSelectMenuOptions($dropDownConditionals2Array, "//", "\t\t\t", true); $dropDownFieldNames1Array = array("author" => $loc["DropDownFieldName_Author"], "address" => $loc["DropDownFieldName_Address"], "corporate_author" => $loc["DropDownFieldName_CorporateAuthor"], "thesis" => $loc["DropDownFieldName_Thesis"], "", "title" => $loc["DropDownFieldName_Title"], "orig_title" => $loc["DropDownFieldName_OrigTitle"], "", "year" => $loc["DropDownFieldName_Year"], "publication" => $loc["DropDownFieldName_Publication"], "abbrev_journal" => $loc["DropDownFieldName_AbbrevJournal"], "editor" => $loc["DropDownFieldName_Editor"], "", "volume_numeric" => $loc["DropDownFieldName_Volume"], "issue" => $loc["DropDownFieldName_Issue"], "pages" => $loc["DropDownFieldName_Pages"], "", "series_title" => $loc["DropDownFieldName_SeriesTitle"], "abbrev_series_title" => $loc["DropDownFieldName_AbbrevSeriesTitle"], "series_editor" => $loc["DropDownFieldName_SeriesEditor"], "series_volume_numeric" => $loc["DropDownFieldName_SeriesVolume"], "series_issue" => $loc["DropDownFieldName_SeriesIssue"], "", "publisher" => $loc["DropDownFieldName_Publisher"], "place" => $loc["DropDownFieldName_Place"], "", "edition" => $loc["DropDownFieldName_Edition"], "medium" => $loc["DropDownFieldName_Medium"], "issn" => $loc["DropDownFieldName_Issn"], "isbn" => $loc["DropDownFieldName_Isbn"], "", "language" => $loc["DropDownFieldName_Language"], "summary_language" => $loc["DropDownFieldName_SummaryLanguage"], "", "keywords" => $loc["DropDownFieldName_Keywords"], "abstract" => $loc["DropDownFieldName_Abstract"], "", "area" => $loc["DropDownFieldName_Area"], "expedition" => $loc["DropDownFieldName_Expedition"], "conference" => $loc["DropDownFieldName_Conference"], "", "doi" => $loc["DropDownFieldName_Doi"], "url" => $loc["DropDownFieldName_Url"]); if (isset($_SESSION['loginEmail'])) { // we only include the 'file' field if the user is logged in $dropDownFieldNames1Array["file"] = $loc["DropDownFieldName_File"]; } $dropDownFieldNames1Array[] = ""; $dropDownFieldNames1Array["notes"] = $loc["DropDownFieldName_Notes"]; if (isset($_SESSION['loginEmail'])) { // we only include the 'location' field if the user is logged in $dropDownFieldNames1Array["location"] = $loc["DropDownFieldName_Location"]; } $dropDownFieldNames2Array = array("call_number" => $loc["DropDownFieldName_CallNumber"], "", "serial" => $loc["DropDownFieldName_Serial"], "type" => $loc["DropDownFieldName_Type"], "approved" => $loc["DropDownFieldName_Approved"], "", "created_date" => $loc["DropDownFieldName_CreatedDate"], "created_time" => $loc["DropDownFieldName_CreatedTime"]); if (isset($_SESSION['loginEmail'])) { // we only include the 'created_by' field if the user is logged in $dropDownFieldNames2Array["created_by"] = $loc["DropDownFieldName_CreatedBy"]; } $dropDownFieldNames2Array[] = ""; $dropDownFieldNames2Array["modified_date"] = $loc["DropDownFieldName_ModifiedDate"]; $dropDownFieldNames2Array["modified_time"] = $loc["DropDownFieldName_ModifiedTime"]; if (isset($_SESSION['loginEmail'])) { // we only include the 'modified_by' field if the user is logged in $dropDownFieldNames2Array["modified_by"] = $loc["DropDownFieldName_ModifiedBy"]; } $dropDownItems3 = buildSelectMenuOptions(array_merge($dropDownFieldNames1Array, $dropDownFieldNames2Array), "//", "\t\t\t", true); $dropDownConditionals3Array = array("html" => "html", "atom" => "Atom XML", "rss" => "RSS XML", "srw_dc" => "SRW_DC XML", "srw_mods" => "SRW_MODS XML"); $dropDownItems4 = buildSelectMenuOptions($dropDownConditionals3Array, "//", "\t\t\t", true); // Map CQL indexes to refbase field names: $indexNamesArray = mapCQLIndexes(); // function 'mapCQLIndexes()' is defined in 'webservice.inc.php' // -------------------------------------------------------------------- // TODO: when the simple CQL Query Builder interface is done, a call to 'opensearch.php' (or 'opensearch.php?operation=simple') // should activate that simple GUI-based interface (currently, it activates the advanced interface that you'd normally only // get via 'opensearch.php?operation=cql' or 'opensearch.php?operation=advanced') // if (preg_match("/^(advanced|CQL)$/i", $operation)) showQueryFormAdvanced($dropDownItems1, $dropDownItems2, $dropDownItems3, $dropDownItems4, $showRows, $rowOffset, $indexNamesArray, $viewType); // let's you enter a standard CQL query directly // else // showQueryFormSimple($dropDownItems1, $dropDownItems2, $dropDownItems3, $dropDownItems4, $showRows, $rowOffset, $indexNamesArray, $viewType); // let's you build a CQL query via dropdown menues // -------------------------------------------------------------------- // DISPLAY THE HTML FOOTER: // call the 'showPageFooter()' and 'displayHTMLfoot()' functions (which are defined in 'footer.inc.php') if (!preg_match("/^Mobile\$/i", $viewType) and !preg_match("/^inc/i", $client)) { // Note: we omit the visible footer in mobile view ('viewType=Mobile') and for include mechanisms! showPageFooter($HeaderString); } displayHTMLfoot(); }
function checkLogin($user, $hashed_pass, $uid = 0) { global $dbName, $adminloggedIn, $loggedIn, $cookie, $warn, $step, $failImg, $lang; global $tempData, $userName, $fullname, $password, $userId, $userToken, $pageData, $groupData, $userOptions, $userIds; global $fb, $hardDemo; if ($db = new PDO('sqlite:' . $dbName . '-settings.db')) { //Is admin Login? $statement = $db->prepare("SELECT * FROM Settings"); if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Error while checking login/cookie information. Settings Database opened OK but statement execution failed."); } $tempData = $statement->fetchAll(); if (strcasecmp($user, $tempData[0]['admin']) == 0 && $hashed_pass === md5(decrypt($tempData[0]['adminpass']))) { $adminloggedIn = true; $cookie = base64_encode("{$user}:" . $hashed_pass); setcookie('FBMPGPLogin', $cookie); if (isset($_GET['logs'])) { showLogs(); } elseif (isset($_GET['rg']) && !$hardDemo) { //This refresh is used for Admin Token Install authRedirect(); } elseif (isset($_GET['users'])) { require_once 'includes/showusers.php'; } elseif (isset($_GET['crons'])) { require_once 'includes/showcrons.php'; } elseif (isset($_GET['clogs'])) { if (file_exists($dbName . '-logs.db')) { unlink($dbName . '-logs.db'); } header("Location: ./?logs"); exit; } else { showHTML(include_once 'includes/admin.php', $lang['Admin Panel']); } } } else { showHTML("{$failImg} Failed to open settings database while checking login information. Exiting..."); } if ($db = new PDO('sqlite:' . $dbName . '-users.db')) { $statement = $db->prepare("SELECT COUNT(*) FROM FB WHERE username = \"{$user}\""); if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Error while checking login/cookie information. Users Database opened OK but statement execution failed."); } if ($statement->fetchColumn() > 0) { if ($uid) { $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\" AND userid = \"{$uid}\""); } else { $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\""); } if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Users Database query failed while checking login information"); } $tempData = $statement->fetchAll(); if (!$tempData) { $warn = $lang['User does not exist']; showLogin(); } $userName = $tempData[0]['username']; $password = decrypt($tempData[0]['password']); $userToken = $tempData[0]['usertoken']; $fullname = $tempData[0]['fullname']; $pageData = $tempData[0]['pagedata']; $groupData = $tempData[0]['groupdata']; $userId = $tempData[0]['userid']; $userOptions = readOptions($tempData[0]['useroptions']); $userOptions = checkUserOptions($userOptions); $userOptions['lastActive'] = time(); saveUserOptions(); if ($uid) { $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\""); if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Users Database query failed while checking id information"); } $tempData = $statement->fetchAll(); } foreach ($tempData as $s) { $userIds[$s['fullname']] = $s['userid']; } } } else { showHTML("{$failImg} Failed to open users database while checking login information. Exiting..."); } if (strcasecmp($user, $userName) != 0 || $hashed_pass != md5($password)) { if (isset($_POST['un'])) { $warn = $lang['Incorrect login info']; } showLogin(); } $cookie = base64_encode("{$userName}:" . md5($password)); $loggedIn = true; }
echo " [<a target='_blank' href='{$atom_url}'>{$mode} ATOM FEED</a>] "; if ($mode === 'PREVIEW') { echo " [<a target='_blank' href='{$admin_url}vfp/static/flatplan.html?atom=" . rawurlencode($atom_url) . "'>{$mode} Visual Flat Plan</a>]"; } } } } if (!empty($atom)) { $preview_base = 'http://' . $this_title . '.' . $this_app['name'] . '.' . $this_app['user'] . $ppdomains['PREVIEW'] . dirname(parse_url($atom, PHP_URL_PATH)) . '/'; showSingleEdition($user, $opds, $atom, $edition_file_root, $edition_zip_root, $preview_base, $edition_thumbs_root); } elseif (!empty($opds)) { showEditionsAndCovers($user, $opds, $edition_file_root); } elseif (!empty($user)) { showAppList($apps, $user); } else { showLogin($apps); } if (count($_REQUEST) === 0) { echo '<br><a href="?hosts">[hosts file entries]</a>'; } echo "<h3>That's all folks</h3>"; function showSingleEdition($user, $opds, $atom, $edition_file_root, $edition_zip_root, $preview_base, $edition_thumbs_root) { $entries = array(); //$save_path = $edition_file_root . 'opds/' . hash('md5', $opds). '/atom/' . hash('md5', $atom). 'contents.xml'; $save_path = pugpig_get_local_save_path($edition_file_root, $atom); //echo "** Atom: $save_path<br />"; $entries[$atom] = $save_path; $entries = _pugpig_package_download_batch("Atom Feed", $entries); // Read the ATOM from the file $fhandle = fopen($entries[$atom], 'r');
function login_page($referer) { global $HeaderString; global $viewType; global $loginWelcomeMsg; global $loginStatus; global $loginLinks; global $officialDatabaseName; global $loc; // Show login status (should be logged out!) showLogin(); // (function 'showLogin()' is defined in 'include.inc.php') // If there's no stored message available: if (!isset($_SESSION['HeaderString'])) { $HeaderString = $loc['YouNeedToLoginInOrderToMakeChangesToTheDatabase']; } else { $HeaderString = $_SESSION['HeaderString']; // extract 'HeaderString' session variable (only necessary if register globals is OFF!) // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString': deleteSessionVariable("HeaderString"); // function 'deleteSessionVariable()' is defined in 'include.inc.php' } // Call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'): displayHTMLhead(encodeHTML($officialDatabaseName) . " -- User Login", "index,follow", "User login page. You must be logged in to the " . encodeHTML($officialDatabaseName) . " in order to add, edit or delete records", "", false, "", $viewType, array()); showPageHeader($HeaderString); // Build the login form: // Note: we use the fact here, that a page can have both, a GET and POST request. // (if you POST, but add ?blah=foo to the end of the action URL, the client will GET, then POST) ?> <form method="POST" action="user_login.php?referer=<?php echo rawurlencode($referer); ?> "> <div class="row"> <div class="small-12 column"> <div class="row"> <div class="small-2 columns"> <label for=""><?php echo $loc["EmailAddress"]; ?> :</label> </div> <div class="small-10 columns"> <input type="text" name="loginEmail" size="30"> </div> </div> </div> </div> <div class="row"> <div class="small-12 column"> <div class="row"> <div class="small-2 columns"> <label for=""><?php echo $loc["EmailAdressPassword"]; ?> :</label> </div> <div class="small-10 columns"> <input type="password" name="loginPassword" size="30"> </div> </div> </div> </div> <div class="row"> <div class="small-12 column"> <input class="button secondary right" style="margin-bottom: 15px" type="submit" value="Login"> </div> </div> <!--<table align="center" border="0" cellpadding="2" cellspacing="5" width="95%" summary="This table holds a login form for the --><?php //echo encodeHTML($officialDatabaseName); ?> <!--">--> <!-- <tr>--> <!-- <td width="174" valign="bottom">--> <!-- <b>--><?php //echo $loc["EmailAddress"]; ?> <!--:</b>--> <!-- </td>--> <!-- <td valign="bottom">--> <!-- <input type="text" name="loginEmail" size="30">--> <!-- </td>--> <!-- </tr>--> <!-- <tr>--> <!-- <td valign="bottom">--> <!-- <b>--><?php //echo $loc["EmailAdressPassword"]; ?> <!--:</b>--> <!-- </td>--> <!-- <td valign="bottom">--> <!-- <input type="password" name="loginPassword" size="30">--> <!-- </td>--> <!-- </tr>--> <!-- <tr>--> <!-- <td valign="bottom">--> <!-- --> <!-- </td>--> <!-- <td valign="bottom">--> <!-- <input class="button secondary" type="submit" value="Login">--> <!-- </td>--> <!-- </tr>--> <!--</table>--> </form><?php // -------------------------------------------------------------------- // DISPLAY THE HTML FOOTER: // call the 'showPageFooter()' and 'displayHTMLfoot()' functions (which are defined in 'footer.inc.php') showPageFooter($HeaderString); displayHTMLfoot(); // -------------------------------------------------------------------- }