include 'inc/' . $class_name . '.php'; } /** Warning do not run in debug on a production system - exposes more information */ //$debug = True; if (!isset($debug)) { $debug = false; } /*** Connect to database ***/ $db = new Database($dbsettings); $kdb = new KidsafeDB($db); //$get_values = getPostParms(); if ($db->getStatus() != 1) { die("Unable to connect to the database"); } // php session - we don't check for login status if come to this page we need to relogin $session = new DashboardSession(); //Get parameters - check safe and return as array // all values are included in array - even if not on url $parms = new Parameters(); // Allow messages to be sent to the web page $message = ''; // If we have a username & password then login attempt, if not then prompt /** logging in **/ // First check that the password is correct - as otherwise we won't allow anything // $password is already md5 encoded, as is the value in get_values so just do direct compare if ($parms->getParm('user') != '' && $parms->getParm('password') != '') { $username = $parms->getParm('user'); $password = $parms->getParm('password'); if ($debug) { print "Login attempt {$username} / {$password}"; }
// autoload any classes as required function __autoload($class_name) { include 'inc/' . $class_name . '.php'; } /*** Connect to database ***/ $db = new Database($dbsettings); $kdb = new KidsafeDB($db); if ($db->getStatus() != 1) { die("Unable to connect to the database"); } // used to set messages to provide to the user (eg. 'proxy not disabled for local network'); // including <br> on the end of each message will keep the messages separate for the user $user_messages = ''; /** Check for login - or redirect to login.php **/ $session = new DashboardSession(); // are we logged in already? if ($session->getUsername() == '') { //If not redirect to login page - then redirect here //header("Location: dashboardlogin.php?redirect=dashboard.php"); // can't redirect within ajax so just return message print "Not logged in"; exit(0); } $parms = new Parameters(); // create user object $user = $kdb->getUserUsername($session->getUsername()); // check we have valid user if ($user == null) { print "Invalid user"; exit(0);
kidsafe is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. kidsafe is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with kidsafe. If not, see <http://www.gnu.org/licenses/>. */ include 'kidsafe-config.php'; // configuration (eg. mysql login) // autoload any classes as required function __autoload($class_name) { include 'inc/' . $class_name . '.php'; } $session = new DashboardSession(); // destroy session $session->destroySession(); // return to login page header("Location: dashboardlogin.php?redirect=dashboard.php"); exit(0); ?>