예제 #1
0
 public function process()
 {
     $username = $_POST['username'];
     $password = $_POST['password'];
     if (empty($username)) {
         lib::seterror('Please enter a username.');
         lib::sendto('/login');
     }
     if (empty($password)) {
         lib::setitem('username', $username);
         lib::seterror('Please enter a password.');
         lib::sendto('/login');
     }
     $user = new user(array('username' => $username));
     if (auth::authenticate($user, $password)) {
         lib::setitem('user', $user);
         lib::sendto();
     } else {
         lib::setitem('username', $username);
         lib::seterror('Invalid username or password.');
         lib::sendto('/login');
     }
 }
예제 #2
0
// Use Sessions
// WARNING: Vulnerable to javascript injection.
// NOTE: This will store the username and password entered by the user to the cookie
// variables USERNAME and PASSWORD respectively even if the combination is correct or
// not. Be sure to authenticate every page that you want to be secured and pass as
// parameters the variables USERNAME and PASSWORD.
setcookie("USERNAME", $_POST['username']);
setcookie("PASSWORD", $_POST['password']);
// Change the path to auth.php and authconfig.php if you moved
// vAuthenticate.php from its original directory.
include_once "auth.php";
include_once "authconfig.php";
$username = $_POST['username'];
$password = $_POST['password'];
$Auth = new auth();
$detail = $Auth->authenticate($username, $password);
if ($detail == 0) {
    ?>

	<HEAD>
		<SCRIPT language="JavaScript1.1">
		<!--
			location.replace("<?php 
    echo $failure;
    ?>
");
		//-->
		</SCRIPT>
	  </HEAD>

<?php