// configuration (eg. mysql login) // autoload any classes as required function __autoload($class_name) { include 'inc/' . $class_name . '.php'; } /*** Connect to database ***/ // Use for getting appropriate permissions based on logged in session //$db = new Database($dbsettings); //$kdb = new KidsafeDB($db); //if ($db->getStatus() != 1) {die ("Unable to connect to the database");} // used to set messages to provide to the user (eg. 'proxy not disabled for local network'); // including <br> on the end of each message will keep the messages separate for the user $user_messages = ''; // Read in active sessions $session_file = new SessionFile($sessionfilename); // there are some classes for handling sessions, but we only need a basic check // and don't want the overhead of handling all the additional classes and methods // when this doesn't need that level of detail - and it's a commonly used page $sessions = split("\n", $session_file->readFile()); // note need to check that ip is not the same as the proxy (in which case they haven't set bypass for local $ip = $_SERVER['REMOTE_ADDR']; if ($ip == $_SERVER['SERVER_ADDR']) { // if nolocal then don't allow login if ($nolocal == True) { $ip = ''; } // if nolocal false then allow tunnelled proxy connections // We add warning in either case which can prompt user if it doesn't work $user_messages .= 'WARNING: Please set your browser to bypass proxy for local network to allow login. <br>'; }
// duration - relative time entry (eg. 2 hours) - we can login a computer forever, but not through this include 'kidsafe-config.php'; // autoload any classes as required function __autoload($class_name) { include 'inc/' . $class_name . '.php'; } /** Warning do not run in debug on a production system - exposes more information */ //$debug = True; if (!isset($debug)) { $debug = false; } /*** Connect to database ***/ $db = new Database($dbsettings); $kdb = new KidsafeDB($db); $session_file = new SessionFile($sessionfilename); //Get parameters - check safe and return as array // all values are included in array - even if not on url $parms = new Parameters(); //$get_values = getPostParms(); if ($db->getStatus() != 1) { die("Unable to connect to the database"); } // Allow messages to be sent to the web page $message = ''; // if we restrict login expiry then give reason $login_restrict = ''; // If we have a username & password then login attempt, if not then prompt /** logging in **/ // First check that the password is correct - as otherwise we won't allow anything // $password is already md5 encoded, as is the value in get_values so just do direct compare
// duration - relative time entry (eg. 2 hours) - we can login a computer forever, but not through this include 'kidsafe-config.php'; // autoload any classes as required function __autoload($class_name) { include 'inc/' . $class_name . '.php'; } /** Warning do not run in debug on a production system - exposes more information */ //$debug = True; if (!isset($debug)) { $debug = false; } /*** Connect to database ***/ $db = new Database($dbsettings); $kdb = new KidsafeDB($db); $session_file = new SessionFile($sessionfilename); //Get parameters - check safe and return as array // all values are included in array - even if not on url $parms = new Parameters(); //$get_values = getPostParms(); if ($db->getStatus() != 1) { die("Unable to connect to the database"); } // Allow messages to be sent to the web page $message = ''; // If we have a username & password then login attempt, if not then prompt /** logging in **/ // First check that the password is correct - as otherwise we won't allow anything // $password is already md5 encoded, as is the value in get_values so just do direct compare if ($parms->getParm('user') != '' && $parms->getParm('password') != '') { $username = $parms->getParm('user');
You should have received a copy of the GNU General Public License along with kidsafe. If not, see <http://www.gnu.org/licenses/>. */ include 'kidsafe-config.php'; // configuration (eg. mysql login) // autoload any classes as required function __autoload($class_name) { include 'inc/' . $class_name . '.php'; } // used to set messages to provide to the user (eg. 'proxy not disabled for local network'); // including <br> on the end of each message will keep the messages separate for the user $user_messages = ''; // Read in active sessions $session_file = new SessionFile($sessionfilename); // there are some classes for handling sessions, but we only need a basic check // and don't want the overhead of handling all the additional classes and methods // when this doesn't need that level of detail - and it's a commonly used page $sessions = split("\n", $session_file->readFile()); $updated_session = ''; // read through each session - drop any that match this IP address foreach ($sessions as $thissession) { // compare start of session + space with IP address of this client if (strncmp($thissession, $_SERVER['REMOTE_ADDR'] . ' ', strlen($_SERVER['REMOTE_ADDR']) + 1) != 0) { $updated_session .= $thissession . "\n"; } } $session_file->writeFile($updated_session); // setup and load headers $title = "Kidsafe - logout";