function guiLoginAnswer(&$session, &$message)
{
$session->trace(TC_Gui1, 'guiLoginAnswer; login_user: '******'login_user']);
$login_again = true;
$message = null;
$again = false;
$user = $_POST['login_user'];
$email = $_POST['login_email'];
$code = $_POST['login_code'];
if (isset($_POST['but_forget'])) {
if (empty($user)) {
$message = "+kein Benutzername angegeben";
} elseif (empty($email)) {
$message = "+keine EMail-Adresse angegeben";
} else {
$row = dbSingleRecord($session, 'select id,email from ' . dbTable($session, T_User) . ' where name=' . dbSqlString($session, $user));
if (!$row) {
$message = "+unbekannter Benutzer";
} elseif (empty($row[1])) {
$message = "+keine EMail-Adresse eingetragen";
} elseif (strcasecmp($row[1], $email) != 0) {
$message = "+EMail-Adresse ist nicht bekannt";
} else {
sendPassword($session, $row[0], $user, $email);
$message = 'Das Passwort wurde an ' . $email . ' verschickt';
}
}
$again = true;
} else {
$message = dbCheckUser($session, $user, $code);
if (!empty($message)) {
$again = true;
} else {
setLoginCookie($session, $user, $code);
$session->setPageName(P_Home);
$session->setSessionNo(1);
}
}
return $again;
}
define('A_ChangeThread', 'changethread');
define('A_ShowThread', 'showthread');
define('A_ShowForum', 'showforum');
// Änderungen auch in forum_inc.php erledigen:
define('P_ForumSearch', 'forumsearch');
define('P_ForumHome', 'forumhome');
define('P_Forum', 'forum');
define('P_Thread', 'thread');
// Im Basismodul:
define('P_Home', '!home');
// ----------- Program
$session = new Session($start_time);
// All requests require the database
dbOpen($session);
//p ('User,Id,Login: '******'') {
$session->trace(TC_Init, 'index.php: Cookie erfolgreich gelesen');
}
$rc = dbCheckSession($session);
$do_login = false;
if (!empty($rc)) {
// p ("Keine Session gefunden: $session_id / $session_user ($rc)");
if (!empty($login_user)) {
baseLoginAnswer($session);
} else {
$do_login = true;
}
} else {
if (isset($login_user)) {
baseLoginAnswer($session);
}
function baseLoginAnswer(&$session)
{
$login_again = true;
$session->trace(TC_Gui1, 'baseLoginAnswer');
global $login_user, $login_code, $session_user, $but_forget, $login_email;
if (isset($but_forget)) {
$message = null;
if (empty($login_user)) {
$message = "+kein Benutzername angegeben";
} elseif (empty($login_email)) {
$message = "+keine EMail-Adresse angegeben";
} else {
$row = dbSingleRecord($session, 'select id,email from ' . dbTable($session, T_User) . ' where name=' . dbSqlString($session, $login_user));
if (!$row) {
$message = "+unbekannter Benutzer";
} elseif (empty($row[1])) {
$message = "+keine EMail-Adresse eingetragen";
} elseif (strcasecmp($row[1], $login_email) != 0) {
$message = "+EMail-Adresse ist nicht bekannt";
} else {
sendPassword($session, $row[0], $login_user, $login_email);
$message = 'Das Passwort wurde an ' . $login_email . ' verschickt';
}
}
guiLogin($session, $message);
} else {
$rc = dbCheckUser($session, $login_user, $login_code);
if (!empty($rc)) {
guiLogin($session, $rc);
} else {
setLoginCookie($session, $login_user, $login_code);
$session->setPageName(P_Start);
$login_again = false;
}
}
return $login_again;
}
function successfullLogin(&$session)
{
dbOpen($session);
if (empty($session_user) && getLoginCookie($session, $user, $code) && dbCheckUser($session, $user, $code) == '') {
$session->trace(TC_Init, 'index.php: Cookie erfolgreich gelesen');
}
$rc = dbCheckSession($session);
$do_login = false;
#$session->dumpVars ("Init");
if ($rc != null) {
$session->trace(TC_Init, 'keine Session gefunden: ' . $rc . ' ' . (empty($_POST['login_user']) ? "-" : '>' . $_POST['login_user']));
$do_login = true;
} else {
$session->trace(TC_Init, 'login_user: '******'login_user'));
if (isset($_POST['login_user'])) {
$do_login = guiLoginAnswer($session, $rc);
} else {
$known_user = $session->fSessionUser != null && $session->fSessionUser > 0;
$do_login = $session->fPageURL == P_Login || !$known_user;
$session->trace(TC_Init, 'known_user: '******'t' : 'f'));
}
}
$session->trace(TC_Init, "session_no: do_login: "******"t" : "f"));
if ($do_login) {
clearLoginCookie($session);
guiLogin($session, $rc);
} else {
$session->storeSession();
}
return !$do_login;
}
//$error='';
//$_SESSION['login']="";
if (isset($_SESSION['login'])) {
header("location:" . SITE_ROOT);
}
//elseif ($_SESSION['login']==FALSE) {
//echo "Incorrect Username or Password";
//}
include_once '../connection/connection.php';
if (isset($_POST['login'])) {
$conn = connect();
if ($conn->connect_error) {
die("Connection failed:" . $conn->connect_error);
} else {
// $_SESSION['$flag']=true;
$flag = dbCheckUser($_POST);
if ($flag == TRUE) {
header("location:" . SITE_ROOT);
} else {
echo "Incorrect Username or Password...!!";
}
}
}
?>
<html>
<head>
<title> sign in form </title>
<link rel="stylesheet" type="text/css" href="../css/style.css">
<link rel="stylesheet" href="../css/bootstrap.min.css">
</head>