<?php // If account already login, sending him to index page if (isset($_SESSION['admin'])) { header('location: Jobs'); die; } require 'classes/class_login.php'; $login = new login(); // If there are query to login if (isset($_POST['login_submit'])) { // If user didnt write his login or password, script write an error if (!isset($_POST['login']) || !isset($_POST['password']) || empty($_POST['login']) || empty($_POST['password'])) { $login->error = 1; } else { $login->auth($_POST['login'], $_POST['password']); } // On success sending user to index page if ($login->success) { header('location: Jobs'); } } require 'design/design_login.php';
include $__base_inc_dir . "gp/class_session.inc.php"; include $__base_inc_dir . "gp/class_master_auth.inc.php"; include $__base_inc_dir . "gp/class_anon_auth.inc.php"; /* SESSION HANDLING */ $auth_conf = array("ses_name" => "SR-SES", "expire" => "7200", "fid" => "0", "cookies" => true); // mop: typ 3 für admin session $ses_conf = array("type" => "1"); $auth = new anon_auth($db, $auth_conf, $ses_conf); if ($_GET["logout"] == 1 && $auth->ses->validate()) { $auth->close_session(); } if (!$auth->ses->validate()) { if (!$auth->auth()) { print "INTERNAL ERROR!"; $db->execute("########## SESSION ERROR ##### " . $db->errstr()); die; } } $GLOBALS["ses"] =& $auth->session(); // mop: logindaten....wrong_logins verhindert bruteforce attacken if ($GLOBALS["ses"]->get_uid() == 0 && isset($_POST["__portal_user"]) && isset($_POST["__portal_pass"]) && $GLOBALS["ses"]->get_var("wrong_logins") < 10) { include "class_login.inc.php"; $login = new login($db, $auth_conf, $GLOBALS["ses"]); if (!($uid = $login->auth($_POST["__portal_user"], $_POST["__portal_pass"], $ses->get_var("wrong_logins")))) { $wrong_logins = $ses->get_var("wrong_logins"); $GLOBALS["ses"]->reg("wrong_logins", $wrong_logins++); } else { $GLOBALS["ses"]->update_uid($uid); } } /* ENDE */