function UserIDCheck($sValue, &$oStatus) { global $sTable; global $postgisObject; global $sUserID; $sUserID = postgis::toAscii($sValue, NULL, "_"); $sPassword = VDFormat($_POST['Password'], true); $sPassword = Settings_viewer::encryptPw($sPassword); ings_viewerssword; $oStatus->bValid = false; $oStatus->sErrMsg = "User ID '{$sValue}' already exist"; $sQuery = "SELECT COUNT(*) as count FROM {$sTable} WHERE screenname = '{$sUserID}' AND pw='{$sPassword}'"; $res = $postgisObject->execQuery($sQuery); $row = $postgisObject->fetchRow($res); //echo($sQuery); //die(); if ($row['count'] > 0) { $oStatus->bValid = 1; $postgisObject->numRows($res); } else { $oStatus->bValid = 0; } }
logfile::write($password); if (is_null($username)) { header('WWW-Authenticate: Basic realm="' . $parts[2] . '"'); header('HTTP/1.0 401 Unauthorized'); header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past // Text to send if user hits Cancel button die("Could not authenticate you 1"); } elseif ($username != $parts[2]) { header('WWW-Authenticate: Basic realm="' . $parts[2] . '"'); header('HTTP/1.0 401 Unauthorized'); header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past // Text to send if user hits Cancel button die("Could not authenticate you 2"); } elseif (Settings_viewer::encryptPw($password) != $response['data']['pw']) { header('WWW-Authenticate: Basic realm="' . $parts[2] . '"'); header('HTTP/1.0 401 Unauthorized'); header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past die("Could not authenticate you 3"); } else { //$_SESSION['auth'] = true; } }
$res = $postgisObject->execQuery($sQuery); $row = $postgisObject->fetchRow($res); //echo($row['count']); //die(); if ($row['count'] > 0) { $oStatus->bValid = 0; $postgisObject->numRows($res); } else { $oStatus->bValid = 1; } } $sUserID = VDFormat($_POST['UserID'], true); $sPassword = VDFormat($_POST['Password'], true); $sEmail = VDFormat($_POST['Email'], true); $sUserID = postgis::toAscii($sUserID, NULL, "_"); $sPassword = Settings_viewer::encryptPw($sPassword); $sQuery = "INSERT INTO {$sTable} (screenname,pw,email) VALUES('{$sUserID}','{$sPassword}','{$sEmail}')"; $postgisObject->execQuery($sQuery); $_SESSION['auth'] = true; $_SESSION['screen_name'] = $sUserID; //print_r($_SESSION); ?> </div> </div> </div> </body> </html> <?php if ($_SESSION['auth'] && $_SESSION['screen_name']) { die("<script>window.location='/user/login/p'</script>");