Central: Added a login page

Refs #25
author: Kelly Rauchenberger <fefferburbia@gmail.com> 2008-08-15 13:49:58 +0000
committer: Kelly Rauchenberger <fefferburbia@gmail.com> 2008-08-15 13:49:58 +0000
commit: 4d4f2acfe707a83dec8789f8159cb60eab38e290 (patch)
tree: 39371a8b2cc5f10d695c2c40c3f352c893b31221
parent: 92722ab8471764037187a3169cee28b686367c7c (diff)
download: instadisc-4d4f2acfe707a83dec8789f8159cb60eab38e290.tar.gz
instadisc-4d4f2acfe707a83dec8789f8159cb60eab38e290.tar.bz2
instadisc-4d4f2acfe707a83dec8789f8159cb60eab38e290.zip
6 files changed, 181 insertions, 0 deletions
diff --git a/central/trunk/activate.php b/central/trunk/activate.php
index 7b319b5..3237b70 100644
--- a/central/trunk/activate.php
+++ b/central/trunk/activate.php

@@ -99,3 +99,5 @@ function addError(&$numOfErrors, &$errors, $field, $msg)
        $numOfErrors++;
        $errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
 }
+?>
diff --git a/central/trunk/db.php b/central/trunk/db.php
index 3d70d6c..168d303 100644
--- a/central/trunk/db.php
+++ b/central/trunk/db.php

@@ -18,6 +18,8 @@ if (file_exists('install.php'))
        die('Excuse me, but you need to delete install.php before you can use this as leaving install.php there is a biiiig security hole.');
 }
+session_start();
 include('config.php');
 mysql_connect($dbhost, $dbuser, $dbpass);
diff --git a/central/trunk/login.php b/central/trunk/login.php
new file mode 100644
index 0000000..cb96356
--- /dev/null
+++ b/central/trunk/login.php

@@ -0,0 +1,100 @@
+<?php
+/* InstaDisc Server - A Four Island Project */
+include('instadisc.php');
+include('template.php');
+if (!isset($_GET['submit']))
+{
+        showForm('','',array());
+} else {
+        $numOfErrors = 0;
+        $errors = array();
+        $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($_POST['username']) . "\" AND password = \"" . mysql_real_escape_string(md5($_POST['password'])) . "\"";
+        $getuser2 = mysql_query($getuser);
+        $getuser3 = mysql_fetch_array($getuser2);
+        if ($getuser3['username'] != $_POST['username'])
+        {
+                addError($numOfErrors, $errors, '', 'Account could not be found');
+        }
+        if ($numOfErrors > 0)
+        {
+                showForm($_POST['username'], $_POST['password'], $errors);
+        } else {
+                if (instaDisc_verifyUser($_POST['username'], $_POST['password']))
+                {
+                        $_SESSION['username'] == $_POST['username'];
+                        $template = new FITemplate('loggedin');
+                        $template->add('SITENAME', instaDisc_getConfig('siteName'));
+                        $template->display();
+                } else {
+                        addError($numOfErrors, $errors, '', 'Account could not be found');
+                        showForm($_POST['username'], $_POST['password'], $errors);
+                }
+        }
+}
+function showForm($username, $password, $errors)
+{
+        $template = new FITemplate('login');
+        $template->add('SITENAME', instaDisc_getConfig('siteName'));
+        if (isset($errors[1]))
+        {
+                $template->adds('ERROR', array('ex'=>'1'));
+                foreach ($errors as $name => $value)
+                {
+                        $template->adds('ERRORS', array(        'NAME' => $name,
+                                                                'MSG' => $value['msg']));
+                }
+        }
+        $template->add('USERNAME_ERR', ifErrors($errors, 'username'));
+        $template->add('PASSWORD_ERR', ifErrors($errors, 'password'));
+        doErrors($template, $errors, 'username');
+        doErrors($template, $errors, 'password');
+        $template->add('USERNAME', $username);
+        $template->add('PASSWORD', $password);
+        $template->display();
+}
+function ifErrors($errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        return ' error';
+                }
+        }
+        return '';
+}
+function doErrors($template, $errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        $template->adds(strtoupper($id) . '_ERRS', array(       'NAME' => $name,
+                                                                                'VALUE' => $value['msg']));
+                }
+        }
+}
+function addError(&$numOfErrors, &$errors, $field, $msg)
+{
+        $numOfErrors++;
+        $errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
+}
+?>
diff --git a/central/trunk/register.php b/central/trunk/register.php
index 0d4d61d..87774fc 100644
--- a/central/trunk/register.php
+++ b/central/trunk/register.php

@@ -104,3 +104,5 @@ function addError(&$numOfErrors, &$errors, $field, $msg)
        $numOfErrors++;
        $errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
 }
+?>
diff --git a/central/trunk/theme/loggedin.tpl b/central/trunk/theme/loggedin.tpl
new file mode 100644
index 0000000..4fcffc4
--- /dev/null
+++ b/central/trunk/theme/loggedin.tpl

@@ -0,0 +1,14 @@
+<HTML>
+        <HEAD>
+                <TITLE><!--SITENAME--> InstaDisc Central Server</TITLE>
+        </HEAD>
+        <BODY>
+                <CENTER>
+                        <H1>InstaDisc Sign-in</H1>
+                        <P>Thank you for logging in. <A HREF="userpanel.php">You may now procede to the user panel</A>
+                </CENTER>
+        </BODY>
+</HTML>
diff --git a/central/trunk/theme/login.tpl b/central/trunk/theme/login.tpl
new file mode 100644
index 0000000..90fe253
--- /dev/null
+++ b/central/trunk/theme/login.tpl

@@ -0,0 +1,61 @@
+<HTML>
+        <HEAD>
+                <TITLE><!--SITENAME--> InstaDisc Central Server</TITLE>
+                <LINK REL="stylesheet" TYPE="text/css" HREF="uniform.css">
+        </HEAD>
+        <BODY>
+                <CENTER>
+                        <H1>InstaDisc Sign-in</H1>
+                        <P>If you've registered and activated your account, you can sign in to modify your account here!
+                </CENTER>
+                <FORM CLASS="uniform" ACTION="./login.php?submit=" METHOD="POST">
+                        <!--BEGIN ERROR-->
+                        <DIV ID="errorMsg">Uh oh! Validation errors!<P>
+                                <OL>
+                        <!--END ERROR-->
+                        <!--BEGIN ERRORS-->
+                                        <LI><A HREF="#error<!--ERRORS.NAME-->"><!--ERRORS.MSG--></A></LI>
+                        <!--END ERRORS-->
+                        <!--BEGIN ERROR-->
+                                </OL>
+                        </DIV>
+                        <!--END ERROR-->
+                        <FIELDSET CLASS="inlineLabels">
+                                <LEGEND>User Details</LEGEND>
+                                <DIV CLASS="ctrlHolder<!--USERNAME_ERR-->">
+                                        <!--BEGIN USERNAME_ERRS-->
+                                                <P ID="error<!--USERNAME_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
+                                                        <!--USERNAME_ERRS.MSG-->
+                                                </P>
+                                        <!--END USERNAME_ERRS-->
+                                        <LABEL FOR="username"><EM>*</EM> Username: </LABEL>
+                                        <INPUT TYPE="text" ID="username" NAME="username" CLASS="textInput" VALUE="<!--USERNAME-->">                     
+                                </DIV>
+                                <DIV CLASS="ctrlHolder<!--PASSWORD_ERR-->">
+                                        <!--BEGIN PASSWORD_ERRS-->
+                                                <P ID="error<!--PASSWORD_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
+                                                        <!--PASSWORD_ERRS.MSG-->
+                                                </P>
+                                        <!--END PASSWORD_ERRS-->
+                                        <LABEL FOR="password"><EM>*</EM> Password: </LABEL>
+                                        <INPUT TYPE="password" ID="password" NAME="password" CLASS="textInput" VALUE="<!--PASSWORD-->">
+                                </DIV>
+                        </FIELDSET>
+                        <DIV CLASS="buttonHolder">
+                                <INPUT TYPE="submit" NAME="submit" VALUE="Submit">
+                        </DIV>
+                </FORM>
+        </BODY>
+</HTML>
author	Kelly Rauchenberger <fefferburbia@gmail.com>	2008-08-15 13:49:58 +0000
committer	Kelly Rauchenberger <fefferburbia@gmail.com>	2008-08-15 13:49:58 +0000
commit	4d4f2acfe707a83dec8789f8159cb60eab38e290 (patch)
tree	39371a8b2cc5f10d695c2c40c3f352c893b31221
parent	92722ab8471764037187a3169cee28b686367c7c (diff)
download	instadisc-4d4f2acfe707a83dec8789f8159cb60eab38e290.tar.gz instadisc-4d4f2acfe707a83dec8789f8159cb60eab38e290.tar.bz2 instadisc-4d4f2acfe707a83dec8789f8159cb60eab38e290.zip

diff --git a/central/trunk/activate.php b/central/trunk/activate.php index 7b319b5..3237b70 100644 --- a/central/trunk/activate.php +++ b/central/trunk/activate.php
@@ -99,3 +99,5 @@ function addError(&$numOfErrors, &$errors, $field, $msg)
99	$numOfErrors++;	99	$numOfErrors++;
100	$errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);	100	$errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
101	}	101	}
		102
		103	?>


diff --git a/central/trunk/db.php b/central/trunk/db.php index 3d70d6c..168d303 100644 --- a/central/trunk/db.php +++ b/central/trunk/db.php
@@ -18,6 +18,8 @@ if (file_exists('install.php'))
18	die('Excuse me, but you need to delete install.php before you can use this as leaving install.php there is a biiiig security hole.');	18	die('Excuse me, but you need to delete install.php before you can use this as leaving install.php there is a biiiig security hole.');
19	}	19	}
20		20
		21	session_start();
		22
21	include('config.php');	23	include('config.php');
22		24
23	mysql_connect($dbhost, $dbuser, $dbpass);	25	mysql_connect($dbhost, $dbuser, $dbpass);


diff --git a/central/trunk/login.php b/central/trunk/login.php new file mode 100644 index 0000000..cb96356 --- /dev/null +++ b/central/trunk/login.php
@@ -0,0 +1,100 @@
		1	<?php
		2
		3	/* InstaDisc Server - A Four Island Project */
		4
		5	include('instadisc.php');
		6	include('template.php');
		7
		8	if (!isset($_GET['submit']))
		9	{
		10	showForm('','',array());
		11	} else {
		12	$numOfErrors = 0;
		13	$errors = array();
		14
		15	$getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($_POST['username']) . "\" AND password = \"" . mysql_real_escape_string(md5($_POST['password'])) . "\"";
		16	$getuser2 = mysql_query($getuser);
		17	$getuser3 = mysql_fetch_array($getuser2);
		18	if ($getuser3['username'] != $_POST['username'])
		19	{
		20	addError($numOfErrors, $errors, '', 'Account could not be found');
		21	}
		22
		23	if ($numOfErrors > 0)
		24	{
		25	showForm($_POST['username'], $_POST['password'], $errors);
		26	} else {
		27	if (instaDisc_verifyUser($_POST['username'], $_POST['password']))
		28	{
		29	$_SESSION['username'] == $_POST['username'];
		30
		31	$template = new FITemplate('loggedin');
		32	$template->add('SITENAME', instaDisc_getConfig('siteName'));
		33	$template->display();
		34	} else {
		35	addError($numOfErrors, $errors, '', 'Account could not be found');
		36	showForm($_POST['username'], $_POST['password'], $errors);
		37	}
		38	}
		39	}
		40
		41	function showForm($username, $password, $errors)
		42	{
		43	$template = new FITemplate('login');
		44	$template->add('SITENAME', instaDisc_getConfig('siteName'));
		45
		46	if (isset($errors[1]))
		47	{
		48	$template->adds('ERROR', array('ex'=>'1'));
		49
		50	foreach ($errors as $name => $value)
		51	{
		52	$template->adds('ERRORS', array( 'NAME' => $name,
		53	'MSG' => $value['msg']));
		54	}
		55	}
		56
		57	$template->add('USERNAME_ERR', ifErrors($errors, 'username'));
		58	$template->add('PASSWORD_ERR', ifErrors($errors, 'password'));
		59
		60	doErrors($template, $errors, 'username');
		61	doErrors($template, $errors, 'password');
		62
		63	$template->add('USERNAME', $username);
		64	$template->add('PASSWORD', $password);
		65
		66	$template->display();
		67	}
		68
		69	function ifErrors($errors, $id)
		70	{
		71	foreach ($errors as $name => $value)
		72	{
		73	if ($value['field'] == $id)
		74	{
		75	return ' error';
		76	}
		77	}
		78
		79	return '';
		80	}
		81
		82	function doErrors($template, $errors, $id)
		83	{
		84	foreach ($errors as $name => $value)
		85	{
		86	if ($value['field'] == $id)
		87	{
		88	$template->adds(strtoupper($id) . '_ERRS', array( 'NAME' => $name,
		89	'VALUE' => $value['msg']));
		90	}
		91	}
		92	}
		93
		94	function addError(&$numOfErrors, &$errors, $field, $msg)
		95	{
		96	$numOfErrors++;
		97	$errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
		98	}
		99
		100	?>


diff --git a/central/trunk/register.php b/central/trunk/register.php index 0d4d61d..87774fc 100644 --- a/central/trunk/register.php +++ b/central/trunk/register.php
@@ -104,3 +104,5 @@ function addError(&$numOfErrors, &$errors, $field, $msg)
104	$numOfErrors++;	104	$numOfErrors++;
105	$errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);	105	$errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
106	}	106	}
		107
		108	?>


diff --git a/central/trunk/theme/loggedin.tpl b/central/trunk/theme/loggedin.tpl new file mode 100644 index 0000000..4fcffc4 --- /dev/null +++ b/central/trunk/theme/loggedin.tpl
@@ -0,0 +1,14 @@
		1	<HTML>
		2	<HEAD>
		3	<TITLE><!--SITENAME--> InstaDisc Central Server</TITLE>
		4	</HEAD>
		5
		6	<BODY>
		7	<CENTER>
		8	<H1>InstaDisc Sign-in</H1>
		9
		10	<P>Thank you for logging in. <A HREF="userpanel.php">You may now procede to the user panel</A>
		11	</CENTER>
		12	</BODY>
		13	</HTML>
		14


diff --git a/central/trunk/theme/login.tpl b/central/trunk/theme/login.tpl new file mode 100644 index 0000000..90fe253 --- /dev/null +++ b/central/trunk/theme/login.tpl
@@ -0,0 +1,61 @@
		1	<HTML>
		2	<HEAD>
		3	<TITLE><!--SITENAME--> InstaDisc Central Server</TITLE>
		4	<LINK REL="stylesheet" TYPE="text/css" HREF="uniform.css">
		5	</HEAD>
		6
		7	<BODY>
		8	<CENTER>
		9	<H1>InstaDisc Sign-in</H1>
		10
		11	<P>If you've registered and activated your account, you can sign in to modify your account here!
		12	</CENTER>
		13
		14	<FORM CLASS="uniform" ACTION="./login.php?submit=" METHOD="POST">
		15
		16	<!--BEGIN ERROR-->
		17	<DIV ID="errorMsg">Uh oh! Validation errors!<P>
		18	<OL>
		19	<!--END ERROR-->
		20
		21	<!--BEGIN ERRORS-->
		22	<LI><A HREF="#error<!--ERRORS.NAME-->"><!--ERRORS.MSG--></A></LI>
		23	<!--END ERRORS-->
		24
		25	<!--BEGIN ERROR-->
		26	</OL>
		27	</DIV>
		28	<!--END ERROR-->
		29
		30	<FIELDSET CLASS="inlineLabels">
		31	<LEGEND>User Details</LEGEND>
		32
		33	<DIV CLASS="ctrlHolder<!--USERNAME_ERR-->">
		34	<!--BEGIN USERNAME_ERRS-->
		35	<P ID="error<!--USERNAME_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
		36	<!--USERNAME_ERRS.MSG-->
		37	</P>
		38	<!--END USERNAME_ERRS-->
		39
		40	<LABEL FOR="username"><EM>*</EM> Username: </LABEL>
		41	<INPUT TYPE="text" ID="username" NAME="username" CLASS="textInput" VALUE="<!--USERNAME-->">
		42	</DIV>
		43
		44	<DIV CLASS="ctrlHolder<!--PASSWORD_ERR-->">
		45	<!--BEGIN PASSWORD_ERRS-->
		46	<P ID="error<!--PASSWORD_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
		47	<!--PASSWORD_ERRS.MSG-->
		48	</P>
		49	<!--END PASSWORD_ERRS-->
		50
		51	<LABEL FOR="password"><EM>*</EM> Password: </LABEL>
		52	<INPUT TYPE="password" ID="password" NAME="password" CLASS="textInput" VALUE="<!--PASSWORD-->">
		53	</DIV>
		54	</FIELDSET>
		55
		56	<DIV CLASS="buttonHolder">
		57	<INPUT TYPE="submit" NAME="submit" VALUE="Submit">
		58	</DIV>
		59	</FORM>
		60	</BODY>
		61	</HTML>