function logged_in($header = 'Sorry!', $message = 'You need to be logged in to perform this action.', $no_quit = false)
{
if ($_SESSION['logged_in'] == true) {
return true;
} else {
if (!$no_quit) {
display_header($header);
echo "<p>" . $message . "</p>\n";
display_login_form(null, ltrim($_SERVER['REQUEST_URI'], '/'));
display_footer();
exit;
} else {
return false;
}
}
}
function login_header()
{
echo '<nav>';
if (session_status() === PHP_SESSION_ACTIVE && checkLogged()) {
display_logged_form();
} else {
display_login_form();
}
if (isset($_GET['errorMsg'])) {
echo '<span>';
echo $_GET['errorMsg'];
echo '</span>';
}
echo '</nav><br>
<noscript>
This page needs JavaScript activated to fully work
</noscript>
<br>';
}
function check_valid_user()
{
//user logged in
if (session_is_registered('valid_user_id')) {
return;
} else {
//user tries to log in
if (!empty($_POST['user']) && !empty($_POST['password'])) {
$valid_user_id = user_ok($_POST['user'], $_POST['password']);
switch ($valid_user_id) {
case false:
// something went wrong with the DB
$title = 'B³±d bazy danych, spróbuj pó¼niej.';
break;
case -1:
//user cannot be logged in
$title = 'Nie mogê zalogowaæ u¿ytkownika ' . htmlspecialchars(stripslashes($_POST['user'])) . '!';
break;
default:
//everything OK
$_SESSION['valid_user_id'] = $valid_user_id;
$url = $_SERVER['PHP_SELF'] . (empty($_SERVER['QUERY_STRING']) ? '' : '?' . $_SERVER['QUERY_STRING']);
header('location: ' . $url);
// reload page
exit;
}
} else {
if (!isset($_POST['user']) && !isset($_POST['password'])) {
$title = 'Zaloguj siê';
} else {
$title = '¬le wype³niony formularz! Spróbuj ponownie';
}
}
display_html_header();
display_document_header(true);
// true = with setfocus script
display_menu();
display_login_form($title);
display_document_footer();
exit;
}
}
<li><a href="index.php">Przeglądaj doczesne historie</a></li>
<li><a href="delete.php">Wymaż kartę historii</a></li>
<li><a href="?logout=true">Opuść zamek</a></li>
</ul>
<?php
} else {
if (isset($_POST['submit'])) {
if ($_POST['username'] == $username && $_POST['password'] == $password) {
$_SESSION["login"] = $hash;
header("Location: {$_SERVER['PHP_SELF']}");
} else {
display_login_form();
echo '<p>Błędny login lub hasło!</p>';
}
} else {
display_login_form();
}
}
function display_login_form()
{
?>
<form action="<?php
echo $self;
?>
" method='post'>
<label for="username">Login </label>
<input type="text" name="username" id="username"><br><br>
<label for="password">Hasło </label>
<input type="password" name="password" id="password"><br><br>
<input type="submit" name="submit" value="Dalej"><br><a href="index.php">Trafiłeś tu przez przypadek?</a>
</form>
// Stage 3: body
// Depending on action, show appropriate main body content
//*****************************************************************************
//display any text generated by functions called before header
echo $status;
if (!check_auth_user()) {
echo '<p>You need to log in';
if ($_SERVER['REQUEST_METHOD'] == 'POST' && $action != 'log-out') {
echo ' to go to ' . format_action($action);
}
echo '.</p><br /><br />';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
display_login_form($action);
} else {
$action = '';
display_login_form($action);
}
} else {
if (isset($_REQUEST['action'])) {
switch ($action) {
// if we have chosen to setup a new account, or have just added or
// deleted an account, show account setup page
case 'store-settings':
case 'account-setup':
case 'delete-account':
display_account_setup($_SESSION['auth_user']);
break;
case 'send-message':
if (send_message($to, $cc, $subject, $message)) {
echo '<p>Message sent.</p><br /><br /><br /><br /><br /><br />';
} else {
function start_html($user, $title = "UC Medicine QA", $subtitle = "", $status = "", $statusClass = "")
{
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">' . "\n\n" . '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>' . escape_output($title) . ($subtitle != "" ? " - " . escape_output($subtitle) : "") . '</title>
<link rel="shortcut icon" href="http://ucmcqa.dyndns.org/favicon.ico" />
<link rel="stylesheet" href="' . joinPaths(ROOT_URL, "css/bootstrap.min.css") . '" type="text/css" />
<link rel="stylesheet" href="' . joinPaths(ROOT_URL, "css/bootstrap-responsive.min.css") . '" type="text/css" media="all" />
<link rel="stylesheet" href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/themes/base/jquery-ui.css" type="text/css" />
<link rel="stylesheet" href="' . joinPaths(ROOT_URL, "css/jquery.dataTables.css") . '" type="text/css" />
<link rel="stylesheet" href="' . joinPaths(ROOT_URL, "css/linac-qa.css") . '" type="text/css" />
<link rel="stylesheet" href="' . joinPaths(ROOT_URL, "css/print.css") . '" type="text/css" media="print" />
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.18/jquery-ui.min.js"></script>
<script type="text/javascript" src="' . joinPaths(ROOT_URL, "js/jquery-ui-timepicker-addon.js") . '"></script>
<script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/jquery.dropdownPlain.js") . '"></script>
<script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/jquery.dataTables.min.js") . '"></script>
<script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/jquery.autosave.js") . '"></script>
<script type="text/javascript" src="' . joinPaths(ROOT_URL, "js/d3.v2.min.js") . '"></script>
<script type="text/javascript" src="' . joinPaths(ROOT_URL, "js/d3-helpers.js") . '"></script>
<script type="text/javascript" src="' . joinPaths(ROOT_URL, "js/highcharts.js") . '"></script>
<script type="text/javascript" src="' . joinPaths(ROOT_URL, "js/exporting.js") . '"></script>
<script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/calcFunctions.js") . '"></script>
<script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/renderHighCharts.js") . '"></script>
<script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/bootstrap.min.js") . '"></script>
<script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/bootstrap-dropdown.js") . '"></script>
<script type="text/javascript" language="javascript" src="' . joinPaths(ROOT_URL, "js/loadInterface.js") . '"></script>
</head>
<body>
<div class="navbar navbar-inverse navbar-fixed-top">
<div class="navbar-inner">
<div class="container-fluid">
<a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</a>
<a href="./index.php" class="brand">UC Medicine QA</a>
<div class="nav-collapse">
<ul class="nav">' . "\n";
// display daily, monthly, yearly forms.
if ($user->loggedIn()) {
$formTypes = $user->dbConn->stdQuery("SELECT `id`, `name` FROM `form_types` ORDER BY `id` ASC");
while ($formType = $formTypes->fetch_assoc()) {
$formType = new FormType($user->dbConn, intval($formType['id']));
echo ' <li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
' . escape_output($formType->name) . '
<b class="caret"></b>
</a>
<ul class="dropdown-menu">' . "\n";
foreach ($formType->forms as $form) {
echo ' <li><a href="form_entry.php?action=new&form_id=' . intval($form['id']) . '">' . escape_output($form['name']) . '</a></li>' . "\n";
}
echo ' </ul>
</li>
<li class="divider-vertical"></li>' . "\n";
}
// display analysis toolbar.
echo ' <li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
Analysis
<b class="caret"></b>
</a>
<ul class="dropdown-menu">' . "\n";
$forms = $user->dbConn->stdQuery("SELECT `id`, `name` FROM `forms` ORDER BY `name` ASC");
while ($form = $forms->fetch_assoc()) {
echo ' <li class="dropdown-submenu">
<a tabindex="-1" href="#">' . escape_output($form['name']) . '</a>
<ul class="dropdown-menu">
<li><a href="form_entry.php?action=index&form_id=' . intval($form['id']) . '">Entries</a></li>
<li><a href="graph.php?action=show&form_id=' . intval($form['id']) . '">Plot</a></li>
</ul>' . "\n";
}
echo ' </ul>' . "\n";
}
// display administrator tools.
if ($user->isAdmin()) {
echo ' <li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
Admin
<b class="caret"></b>
</a>
<ul class="dropdown-menu">
<li><a href="facility.php">Facilities</a></li>
<li><a href="form.php">Forms</a></li>
<li><a href="machine_type.php">Machine Types</a></li>
<li><a href="machine.php">Machines</a></li>
<li><a href="user.php">Users</a></li>
<li><a href="backup.php">Backup</a></li>
</ul>
</li>
<li class="divider-vertical"></li>' . "\n";
}
echo ' </ul>
<ul class="nav pull-right">
<li class="divider-vertical"></li>
<li class="dropdown">' . "\n";
// display user settings / log out link, or sign in form.
if ($user->loggedIn()) {
echo ' <a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="icon-user icon-white"></i>' . escape_output($user->name) . '<b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a href="/user.php?action=show&id=' . intval($user->id) . '">Profile</a></li>
<li><a href="/user.php?action=edit&id=' . intval($user->id) . '">User Settings</a></li>
<li class="divider"></li>
<li><a href="/logout.php">Sign out</a></li>
</ul>' . "\n";
} else {
echo ' <a href="#" class="dropdown-toggle" data-toggle="dropdown">Sign in<b class="caret"></b></a>
<ul class="dropdown-menu">' . "\n";
display_login_form();
echo ' </ul>' . "\n";
}
echo ' </li>
</ul>
</div>
</div>
</div>
</div>
<div class="container-fluid">' . "\n";
// display alerts if applicable.
if ($status != "") {
echo ' <div class="alert alert-' . escape_output($statusClass) . '">
<button class="close" data-dismiss="alert" href="#">×</button>
' . escape_output($status) . '
</div>' . "\n";
}
}
global $blog, $action, $disp, $rsc_url, $Settings, $rsc_path, $transmit_hashed_password, $dummy_fields;
if (is_logged_in()) {
// already logged in
echo '<p>' . T_('You are already logged in') . '</p>';
return;
}
$login = utf8_strtolower(param($dummy_fields['login'], 'string', ''));
$action = param('action', 'string', '');
$redirect_to = param('redirect_to', 'url', '');
$return_to = param('return_to', 'url', '');
$source = param('source', 'string', 'inskin login form');
$login_required = $action == 'req_login';
global $admin_url, $ReqHost, $secure_htsrv_url;
if (!isset($redirect_to)) {
$redirect_to = regenerate_url('disp');
}
// Default params:
$params = array_merge(array('skin_form_before' => '', 'skin_form_after' => '', 'form_title_login' => '', 'login_page_class' => '', 'login_page_before' => '', 'login_page_after' => '', 'login_form_action' => '', 'login_form_name' => 'login_form', 'login_form_title' => '', 'login_form_layout' => '', 'form_class_login' => 'evo_form__login', 'login_form_source' => $source, 'login_form_inskin' => true, 'login_form_inskin_urls' => true, 'login_form_required' => $login_required, 'login_validate_required' => NULL, 'login_form_redirect_to' => $redirect_to, 'login_form_return_to' => $return_to, 'login_form_login' => $login, 'login_action_value' => '', 'login_form_reqID' => '', 'login_form_sessID' => '', 'transmit_hashed_password' => $transmit_hashed_password, 'display_abort_link' => true, 'abort_link_position' => 'above_form', 'abort_link_text' => T_('Abort login!'), 'display_reg_link' => false, 'display_form_messages' => false, 'login_form_footer' => true), $params);
$login_form_params = array('form_before' => str_replace('$form_title$', $params['form_title_login'], $params['skin_form_before']), 'form_after' => $params['skin_form_after'], 'form_action' => $params['login_form_action'], 'form_name' => $params['login_form_name'], 'form_title' => $params['login_form_title'], 'form_layout' => $params['login_form_layout'], 'form_class' => $params['form_class_login'], 'source' => $params['login_form_source'], 'inskin' => $params['login_form_inskin'], 'inskin_urls' => $params['login_form_inskin_urls'], 'login_required' => $params['login_form_required'], 'validate_required' => $params['login_validate_required'], 'redirect_to' => $params['login_form_redirect_to'], 'return_to' => $params['login_form_return_to'], 'login' => $params['login_form_login'], 'action' => $params['login_action_value'], 'reqID' => $params['login_form_reqID'], 'sessID' => $params['login_form_sessID'], 'transmit_hashed_password' => $params['transmit_hashed_password'], 'display_abort_link' => $params['display_abort_link'], 'abort_link_position' => $params['abort_link_position'], 'abort_link_text' => $params['abort_link_text'], 'display_reg_link' => $params['display_reg_link']);
echo str_replace('$form_class$', $params['login_page_class'], $params['login_page_before']);
if ($params['display_form_messages']) {
// Display the form messages before form inside wrapper
messages(array('block_start' => '<div class="action_messages">', 'block_end' => '</div>'));
}
display_login_form($login_form_params);
if ($params['login_form_footer']) {
// Display login form footer
echo '<div class="evo_login_dialog_standard_link"><a href="' . $secure_htsrv_url . 'login.php?source=' . rawurlencode($source) . '&redirect_to=' . rawurlencode($redirect_to) . '&return_to=' . rawurlencode($return_to) . '">' . T_('Use standard login form instead') . ' »</a></div>';
echo '<div class="evo_login_dialog_footer text-muted">' . sprintf(T_('Your IP address: %s'), $Hit->IP) . '</div>';
}
echo $params['login_page_after'];
}
/**
* Include page header (also displays Messages):
*/
$page_title = T_('Log in to your account');
$page_icon = 'login';
/*
fp> The login page is small. Let's use it as a preloader for the backoffice (which is awfully slow to initialize)
fp> TODO: find a javascript way to preload more stuff (like icons) WITHOUT delaying the browser autocomplete of the login & password fields
dh>
// include jquery JS:
require_js( '#jquery#' );
jQuery(function(){
alert("Document is ready");
});
See also http://www.texotela.co.uk/code/jquery/preload/ - might be a good opportunity to take a look at jQuery for you.. :)
*/
require_js('functions.js');
$transmit_hashed_password = (bool) $Settings->get('js_passwd_hashing') && !(bool) $Plugins->trigger_event_first_true('LoginAttemptNeedsRawPassword');
if ($transmit_hashed_password) {
// Include JS for client-side password hashing:
require_js('sha1_md5.js');
}
/**
* Login header
*/
require dirname(__FILE__) . '/_html_header.inc.php';
$params = array('form_action' => $secure_htsrv_url . 'login.php', 'form_layout' => 'fieldset', 'form_class' => 'fform', 'source' => param('source', 'string', 'std login form'), 'inskin' => false, 'redirect_to' => $redirect_to, 'login' => $login, 'login_required' => $login_required, 'validate_required' => $validate_required, 'action' => $action, 'reqID' => isset($reqID) ? $reqID : NULL, 'sessID' => isset($sessID) ? $sessID : NULL, 'transmit_hashed_password' => $transmit_hashed_password);
display_login_form($params);
require dirname(__FILE__) . '/_html_footer.inc.php';
