コード例 #1
0
ファイル: login.php プロジェクト: alexaylwin/alexaylwin.com
/*
 * this is the login form, it provides a secure way to access the application. it relies on the
 * cred.php file, which holds a hashed version of the password.
 */
$message = '';
if (!isset($_SESSION['UID']) || !isset($_SESSION['USER'])) {
    //If the form is submitted, then check the username and password
    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        if (isset($_POST['loginp']) && isset($_POST['loginu'])) {
            $u = $_POST['loginu'];
            $p = $_POST['loginp'];
            $p = sha1($p);
            //Unserialize all our users to check for a user with this name
            $io = new FileIO();
            $users = array();
            $userFiles = $io->getDirectoryFiles(Constants::GET_USERS_DIRECTORY());
            $cuser = new User('dummy1', 'dummy2');
            $userFound = false;
            foreach ($userFiles as $userFile) {
                $val = $io->readFile(Constants::GET_USERS_DIRECTORY() . '/' . $userFile);
                $cuser = unserialize($val);
                if ($cuser->getUsername() == $u) {
                    $userFound = true;
                    break;
                }
            }
            if ($userFound) {
                if ($cuser->getPassword() == $p) {
                    $_SESSION['UID'] = $cuser->getUsername();
                    $_SESSION['USER'] = $cuser;
                    header("Location: " . get_absolute_uri('index.php'));