forked from eromba/taskstep
/
login.php
94 lines (80 loc) · 2.77 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
<?php
session_start();
include("config.php");
include("includes/functions.php");
connect();
$failed = false;
if (isset($_POST["submit"]))
{
$result = mysql_query("SELECT setting,value FROM settings WHERE setting='password' OR setting='salt'");
while($r=mysql_fetch_assoc($result))
{
$setting[$r['setting']] = $r['value']; //Build a multi-dimensional array containing the returned rows
}
$given = $_POST["password"];
$secured = md5($given);
$total = $secured.$setting['salt'];
if ($total == $setting['password'])
{
$_SESSION["loggedin"] = true;
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
$extra = 'index.php';
session_write_close();
header("Location: http://$host$uri/$extra");
exit;
}
else
{
$failed = true;
$_SESSION["loggedin"] = false;
}
}
else if (isset($_GET["action"])) $_SESSION['loggedin'] = false; //If "action" is set, log out
//if($_SESSION['loggedin'] == true)
//{
// echo "You're already logged in! Either <a href='logout.php'>logout</a> or continue to the <a href='index.php'>main page.</a>";
//}
header("Cache-control: private");
include("lang/".$language.".php");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>TaskStep - Login</title>
<?php stylesheet() ?>
</head>
<body>
<!--Open container-->
<div id="container">
<?php
$result = mysql_query("SELECT * FROM settings WHERE setting='sessions'");
while($r3=mysql_fetch_array($result))
{
$sessionssetting = $r3["value"];
}
?>
<div id="loginbox">
<h1><img src="images/icon.png" alt="" /> TaskStep</h1>
<?php if($sessionssetting == '1'){ ?>
<p><img src="images/shield.png" alt="" /> <?php echo $l_login_l1; ?></p>
<form action="login.php" method="post">
<p>
<input type="password" name="password" />
<input type="text" style="display: none;" /> <!--IE workaround: pressing "enter" will submit the form-->
<input type="submit" name="submit" value="<?php echo $l_login_button; ?>" /></p>
</form> <?php }
else{ ?>
<p><img src="images/shield_error.png" alt="" /> <?php echo $l_login_l5; ?></p>
<form action="login.php" method="post">
<p><input type="password" disabled="disabled" name="password" /> <input type="submit" disabled="disabled" name="submit" value="<?php echo $l_login_button; ?>" /></p>
</form>
<p><a href='index.php'><?php echo $l_login_l3; ?></a></p>
<?php }
//Uncomment the next line for session debugging
//echo $_SESSION["loggedin"];
if ($failed) echo "<p><img src='images/cross.png' alt='' /> ".$l_login_l4."</p>";
?>
<span class="securityinfo">TaskStep login system version 1.0</span>
<?php include('includes/footer.php') ?>