function auth_authenticate_user() { # check user logged into correct host $parsed_url = parse_url(RTH_URL); // account for host running on port other than 80 if (array_key_exists('port', $parsed_url)) { $hostname = $parsed_url['host'] . ":" . $parsed_url['port']; } else { $hostname = $parsed_url['host']; } if ($_SERVER['HTTP_HOST'] != $hostname) { html_redirect(RTH_URL . "login.php"); } # check if user logged in $logged_in = session_getLogged_in(); $login_cookie_username = util_get_cookie(USER_COOKIE_NAME, ''); $login_cookie_pwd = util_get_cookie(PWD_COOKIE_NAME, ''); if (!$logged_in) { # User not logged in # try logging in using username from cookies and password from user if (!empty($login_cookie_username)) { include "login_confirm_password_inc.php"; exit; # Else get username and password from user } else { include "login_inc.php"; exit; } } }
<?php # --------------------------------------------------------------------- # rth is a requirement, test, and bugtracking system # Copyright (C) 2005 George Holbrook - rth@lists.sourceforge.net # This program is distributed under the terms and conditions of the GPL # See the README and LICENSE files for details #---------------------------------------------------------------------- # ------------------------------------ # $RCSfile: login_switch_proj.php,v $ $Revision: 1.1.1.1 $ # ------------------------------------ include_once "./api/include_api.php"; $logged_in = session_getLogged_in(); $username = $_POST['uname']; $switch_project = $_POST['login']['switch_project']; $redirect_page = $_POST['login']['page']; $redirect_page_get = $_POST['login']['get']; # If user not logged in, then redirect back to the page they tried to login from # auth_authenticate_user() will display the login forms if (!$logged_in) { html_redirect($redirect_page . "?" . $redirect_page_get); } # Check that $switch_project is not blank and that the user has access rights to the project. # Doing this to check access rights when loggin in from urls that contain the $_GET[project_id] variable. if (!empty($switch_project) && user_has_rights(project_get_id($switch_project), user_get_id($username), USER)) { $new_project_name = $switch_project; } else { error_report_show('login.php', PROJECT_SWITCH_FAILED); } session_set_new_project_name($new_project_name); session_reset_project();