function determine_user_credentials() { global $userid, $username; if ($_POST['login'] === 'Login') { db_try_to_login($_POST['email'], $_POST['passwd']); } $userid = $_SESSION['userid']; if (strlen($userid) === 0) { show_login_form(); return FALSE; } else { db_users_load($userid); } return TRUE; }
} else { //if($HTTP_VARS['op'] == 'login') if (strlen($HTTP_VARS['uid']) > 0 && strlen($HTTP_VARS['passwd']) > 0) { $result = perform_login($HTTP_VARS); if ($result === TRUE) { if (strlen($HTTP_VARS['redirect']) > 0) { // User tried to get in with an invalid session. // We've just given her a valid one, so log it // appropriately and send a redirect to where she // really wanted to go. opendb_redirect(urldecode($HTTP_VARS['redirect'])); return; } else { opendb_redirect('welcome.php'); return; } } else { if ($result === "SITE_IS_DISABLED") { opendb_site_disabled(get_opendb_config_var('login', 'show_menu') !== FALSE); } else { // $result === FALSE show_login_form($HTTP_VARS, array('error' => get_opendb_lang_var('login_failure'), details => get_opendb_lang_var('double_check_info'))); } } } else { show_login_form($HTTP_VARS); } } } // Cleanup after begin.inc.php require_once "./include/end.inc.php";
function process_login_form() { $email = strtolower($_POST['email']); $passhash = hash_pass($email, $_POST['pass']); // Check to see if the user/ip is temporarily banned: // An IP is banned when 10 unsuccessful attempts are made to log in from a single IP/email within 10 minutes, // regardless of whether any successful attempts were made. $attempts = DBExt::queryCount('login_attempts', array('successful=0', '(remote_ip=%s OR email=%s)', DBExt::timeInInterval('request_time', '-10m', '')), $_SERVER['REMOTE_ADDR'], $email); if ($attempts > 10) { log_attempt($email, false); alert('You have been temporarily locked out. Please wait 10 minutes before attempting to sign in again.', -1); show_login_form(''); return; } // Check for super-user login: // (the account LHSMATH and password set in CONFIG if ($email == 'lhsmath') { global $LHSMATH_PASSWORD; if ($passhash == $LHSMATH_PASSWORD) { // $LHSMATH_PASSWORD is pre-hashed log_attempt('LHSMATH', true); session_destroy(); session_name('Session'); session_start(); session_regenerate_id(true); $_SESSION['user_name'] = 'LHSMATH Super-Admin'; $_SESSION['permissions'] = '+'; $_SESSION['login_time'] = time(); $_SESSION['user_id'] = '-999'; header('Location: ' . URL::root() . '/Admin/Super_Admin'); die; } } // Validate credentials $id = DB::queryFirstField('SELECT id FROM users WHERE LOWER(email)=%s AND passhash=%s LIMIT 1', $email, $passhash); if (is_null($id)) { log_attempt($email, false); show_login_form($email); alert('Incorrect email address or password', -1); return; } // ** CREDENTIALS ARE VALIDATED AT THIS POINT ** // log_attempt($email, true); set_login_data($id); alert('Logged in!', 1); //If this page was being included, redirect back. global $being_included; if ($being_included) { header('Location: ' . $_SERVER['REQUEST_URI']); } else { header('Location: ../Home'); } }
} else { // the user is not login yet if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = sha1($_POST['password']); echo "username: "******"<br>"; echo "password: "******"<br>"; // user validation is here // DATABASE CONNECTION $CONN = mysqli_connect('LOCALHOST', 'root', '', 'login'); if ($CONN) { //read the table $SQL = "SELECT username,password from login\n\t\t\t\t\t\t\t where username='******' AND password='******'"; $TABLE = mysqli_query($CONN, $SQL); if ($TABLE->num_rows > 0) { //username is valid //create COOKIE // forexample user is valid // here is code to save cookie setcookie('USERNAME', $username, time() + 86400, "/"); include "start.php"; } } else { die("database server is off / connection fail"); //stop to proceed php code here } } else { // show login form show_login_form(); } }
error_reporting(E_ALL); ini_set('display_errors', '1'); } else { error_reporting(0); } if ($conf['auth_required'] === true) { session_start(); } if ($conf['html_headers'] === true) { echo '<!DOCTYPE html><html><head><meta charset="UTF-8"><title>' . $conf['title'] . '</title><link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css" type="text/css" media="screen" title="Normal" /></head><body><main class="container">'; } if ($conf['auth_required'] === true) { check_logout(); $err = check_login(); if (!isset($_SESSION['HenTie_login'])) { show_login_form($err); } else { browser(); } } else { browser(); } if ($conf['html_headers'] === true) { echo '</main></body></html>'; } // ********************************************************************** function show_login_form($err) { global $conf; echo '<form method="post" class="form-signin" role="form" style="width: 40%; margin: auto; margin-top: 10%; text-align: center;">' . (empty($conf['logo']) ? '' : '<img src="' . $conf['logo'] . '" style="max-width: 70%;" alt="logo">') . '<h2 class="form-signin-heading">' . $conf['title'] . '</h2>'; if ($err === false) {
function eMember_login_widget() { if (!defined('DONOTCACHEPAGE')) { define('DONOTCACHEPAGE', TRUE); } //Cache plugin compatibility. Do not cache the login form. $emember_config = Emember_Config::getInstance(); $auth = Emember_Auth::getInstance(); $username = $auth->getUserInfo('user_name'); $output = ''; if ($auth->isLoggedIn()) { $expires = $auth->getUserInfo('account_state'); $subscription_duration = $auth->permitted->subscription_duration; if ($subscription_duration['type'] == 'noexpire') { $sub_expires = EMEMBER_NEVER; } else { if ($subscription_duration['type'] == 'fixeddate') { $sub_expires = emember_date_locale(strtotime($subscription_duration['duration'])); } else { $sub_start = strtotime($auth->getUserInfo('subscription_starts')); $sub_expires = emember_date_locale(strtotime("+" . $subscription_duration['duration'] . " days ", $sub_start)); } } $states = array('active' => EMEMBER_ACTIVE, 'inactive' => EMEMBER_INACTIVE, 'expired' => EMEMBER_EXPIRED, 'pending' => EMEMBER_PENDING, 'unsubscribed' => EMEMBER_UNSUBSCRIBED); $eMember_secure_rss = $emember_config->getValue('eMember_secure_rss'); $eMember_show_welcome_page_link = $emember_config->getValue('eMember_show_link_to_after_login_page'); $feed_url = get_bloginfo('rss2_url'); //$feed_url = get_bloginfo('url') . '?feed=ememberfeed&key=' . md5($auth->getUserInfo('member_id')); global $wp_rewrite; //$nonce = wp_create_nonce('emember-secure-feed-nonce'); if ($wp_rewrite->using_permalinks()) { $feed_url .= '?emember_feed_key=' . md5($auth->getUserInfo('member_id')); } else { $feed_url .= '&emember_feed_key=' . md5($auth->getUserInfo('member_id')); } $logout = get_logout_url(); $output .= '<div class="eMember_logged_widget">'; $output .= '<div class="eMember_logged_user_info_section">'; $output .= '<div class="eMember_logged_in_as">' . EMEMBER_LOGGED_IN_AS; $output .= '<label class="eMember_highlight">' . $username . '</label></div>'; $output .= '<div class="eMember_logged_in_level">' . EMEMBER_LOGGED_IN_LEVEL; $output .= '<label class="eMember_highlight">' . $auth->permitted->primary_level->get('alias') . '</label></div>'; $output .= '<div class="eMember_logged_in_account_status">' . EMEMBER_ACCOUNT_STATUS . " "; $output .= '<label class="eMember_highlight">' . $states[$auth->getUserInfo('account_state')] . '</label></div>'; $output .= '<div class="eMember_logged_user_expiry">'; if ($expires != 'expired') { $output .= EMEMBER_ACCOUNT_EXPIRES_ON . " "; $output .= '<label class="eMember_highlight">' . $sub_expires . '</label>'; } else { $renew_url = $emember_config->getValue('eMember_account_upgrade_url'); $output .= '<a href="' . $renew_url . '">' . EMEMBER_RENEW_OR_UPGRADE . '</a>'; } $output .= '</div>'; //End of eMember_logged_user_expiry $output .= '</div>'; //End of eMember_logged_user_info_section $output .= '<ul>'; $output .= '<li><a href="' . $logout . '">' . EMEMBER_LOGOUT . '</a></li>'; if ($eMember_secure_rss) { $output .= '<li><a href="' . $feed_url . '">' . EMEMBER_MY_FEED . '</a></li>'; } $edit_profile_page = $emember_config->getValue('eMember_profile_edit_page'); $support_page = $emember_config->getValue('eMember_support_page'); if (!empty($edit_profile_page)) { $output .= '<li><a href="' . $edit_profile_page . '">' . EMEMBER_EDIT_PROFILE . '</a></li>'; } if (!empty($support_page)) { $output .= '<li><a href="' . $support_page . '">' . EMEMBER_SUPPORT_PAGE . '</a></li>'; } if ($eMember_show_welcome_page_link) { $welcome_page_url = emember_get_after_login_page_url_of_current_user(); $output .= '<li><a href="' . $welcome_page_url . '">' . EMEMBER_WELCOME_PAGE . '</a></li>'; } $bookmark_feature = $emember_config->getValue('eMember_enable_bookmark'); if ($bookmark_feature) { $bookmark_page_url = $emember_config->getValue('eMember_bookmark_listing_page'); if (!empty($bookmark_page_url)) { $output .= '<li><a href="' . $bookmark_page_url . '">' . EMEMBER_BOOKMARK_PAGE . '</a></li>'; } } $output .= '</ul>'; $custom_login_msg = stripslashes($emember_config->getValue('eMember_login_widget_message_for_logged_members')); if (!empty($custom_login_msg)) { $custom_login_msg = do_shortcode($custom_login_msg); $output .= html_entity_decode($custom_login_msg, ENT_COMPAT); } $output .= '</div>'; //End of eMember_logged_widget } else { $output = show_login_form(); } return $output; }