JasonWoof Got questions, comments, patches, etc.? Contact Jason Woofenden
da07a641986cf50d57e41d32125427835ffdb613
[contractor-progress.git] / login.php
1 <?php
2
3 #  Copyright (C) 2008  Jason Woofenden
4 #
5 #  This program is free software: you can redistribute it and/or modify
6 #  it under the terms of the GNU Affero General Public License as published by
7 #  the Free Software Foundation, either version 3 of the License, or
8 #  (at your option) any later version.
9 #
10 #  This program is distributed in the hope that it will be useful,
11 #  but WITHOUT ANY WARRANTY; without even the implied warranty of
12 #  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13 #  GNU Affero General Public License for more details.
14 #
15 #  You should have received a copy of the GNU Affero General Public License
16 #  along with this program.  If not, see <http://www.gnu.org/licenses/>.
17
18 function login_get_fields() {
19         $username = format_oneline($_REQUEST['username']);
20         tem_set('username', $username);
21         
22         $password = format_oneline($_REQUEST['password']);
23         
24         $url = format_unix($_REQUEST['url']);
25         tem_set('url', $url);
26         
27         return array($username, $password, $url);
28 }
29
30 function login_main() {
31         if(isset($GLOBALS['url'])) {
32                 $_REQUEST['url'] = $GLOBALS['url'];
33                 tem_set('url', $GLOBALS['url']);
34         }
35
36         if(isset($_REQUEST['username'])) {
37                 list($username, $password, $url) = login_get_fields();
38
39                 $row = db_get_row('people', 'id,password', 'where username=%"', $username);
40
41                 if($row) {
42                         list($id, $password_hash) = $row;
43
44                         if($password_hash && check_password($password_hash, $password)) {
45                                 message("Logged in successfully.");
46                                 session_new();
47                                 session_set('auth_username', "$id");
48                                 if($id == '1') {
49                                         session_set('auth_admin', 'yes');
50                                 }
51                                 if($url) {
52                                         return $url;
53                                 } else {
54                                         return './';
55                                 }
56                         }
57                 }
58
59                 tem_sub('failed');
60         }
61         tem_sub('main_body');
62 }
63
64 ?>