Update of /cvsroot/openfirst/members
In directory sc8-pr-cvs1:/tmp/cvs-serv23992
Modified Files:
auth.php index.php
Log Message:
Finish authentication work.
Index: auth.php
===================================================================
RCS file: /cvsroot/openfirst/members/auth.php,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** auth.php 11 May 2003 12:58:08 -0000 1.1.1.1
--- auth.php 11 May 2003 22:15:05 -0000 1.2
***************
*** 43,53 ****
}
// Determine if the user has already logged in with this session. If
// they have, set variables indicating this. If they have not, make a
// note of this so that components requiring them to log in are disabled.
- $query = mysql_query("SELECT * FROM ofirst_members WHERE ID='".$_GET['ID']."'");
! if(mysql_errno() != "") {
// There was an error, check if it's because they didn't create the
// members table.
--- 43,88 ----
}
+ function showlogin () {
+ echo("<form action='".$_SERVER["PHP_SELF"] . "' method='post'>
+ Login: <input name='login' type='text' />
+ <br />Password: <input name='password' type='password' />
+ <br /><input type='submit' value='Login'>
+ </form>");
+ return(0);
+ }
+
// Determine if the user has already logged in with this session. If
// they have, set variables indicating this. If they have not, make a
// note of this so that components requiring them to log in are disabled.
! session_start();
!
! if(isset($_SESSION['authcode'])) {
! $authcode = $_SESSION['authcode'];
! $query = mysql_query("SELECT * FROM ofirst_members WHERE authcode='$authcode';");
! $user = mysql_fetch_object($query);
! } elseif(isset($_POST["login"]) == true && isset($_POST["password"]) == true) {
!
! $query = mysql_query("SELECT * FROM ofirst_members WHERE user='" . $_POST["login"] . "';");
!
! $user = mysql_fetch_object($query);
!
! if(mysql_num_rows($query) == 1) {
! if(cryptpassword($_POST["password"], $encryption, $user->password) == $user->password) {
! session_register("authcode");
! $_SESSION["authcode"] = sha1(rand(1,50000000));
! $aquery = mysql_query("UPDATE ofirst_members SET authcode='" . $_SESSION["authcode"] . "' WHERE user='" . $_POST["login"] . "';");
! session_write_close();
! } else {
! unset($user);
! }
! }
! }
!
!
! if(mysql_errno() == 0) {
!
! } else {
// There was an error, check if it's because they didn't create the
// members table.
***************
*** 74,78 ****
dateregistered TINYTEXT,
picturelocation TINYTEXT,
! team INTEGER
);");
if(mysql_errno() == 0) {
--- 109,114 ----
dateregistered TINYTEXT,
picturelocation TINYTEXT,
! team INTEGER,
! skills TEXT
);");
if(mysql_errno() == 0) {
Index: index.php
===================================================================
RCS file: /cvsroot/openfirst/members/index.php,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -C2 -d -r1.1.1.1 -r1.2
*** index.php 11 May 2003 12:58:08 -0000 1.1.1.1
--- index.php 11 May 2003 22:15:05 -0000 1.2
***************
*** 28,34 ****
include("../config/globals.php");
include($header);
?>
<h1>Members Area</h1>
! <p>This is the openFIRST members area.</p>
! <?php include($footer); ?>
--- 28,41 ----
include("../config/globals.php");
include($header);
+
+ if(isset($user->user)) {
?>
+
<h1>Members Area</h1>
! <p>This is the openFIRST members area. You are logged in as: <?php
! echo($user->user . " the " . $user->membertype . "."); ?></p>
! <?php } else {
! showlogin();
! }
! include($footer); ?>
|
