1 files changed, 100 insertions, 0 deletions
diff --git a/central/trunk/login.php b/central/trunk/login.php
new file mode 100644
index 0000000..cb96356
--- /dev/null
+++ b/central/trunk/login.php

@@ -0,0 +1,100 @@
+<?php
+/* InstaDisc Server - A Four Island Project */
+include('instadisc.php');
+include('template.php');
+if (!isset($_GET['submit']))
+{
+        showForm('','',array());
+} else {
+        $numOfErrors = 0;
+        $errors = array();
+        $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($_POST['username']) . "\" AND password = \"" . mysql_real_escape_string(md5($_POST['password'])) . "\"";
+        $getuser2 = mysql_query($getuser);
+        $getuser3 = mysql_fetch_array($getuser2);
+        if ($getuser3['username'] != $_POST['username'])
+        {
+                addError($numOfErrors, $errors, '', 'Account could not be found');
+        }
+        if ($numOfErrors > 0)
+        {
+                showForm($_POST['username'], $_POST['password'], $errors);
+        } else {
+                if (instaDisc_verifyUser($_POST['username'], $_POST['password']))
+                {
+                        $_SESSION['username'] == $_POST['username'];
+                        $template = new FITemplate('loggedin');
+                        $template->add('SITENAME', instaDisc_getConfig('siteName'));
+                        $template->display();
+                } else {
+                        addError($numOfErrors, $errors, '', 'Account could not be found');
+                        showForm($_POST['username'], $_POST['password'], $errors);
+                }
+        }
+}
+function showForm($username, $password, $errors)
+{
+        $template = new FITemplate('login');
+        $template->add('SITENAME', instaDisc_getConfig('siteName'));
+        if (isset($errors[1]))
+        {
+                $template->adds('ERROR', array('ex'=>'1'));
+                foreach ($errors as $name => $value)
+                {
+                        $template->adds('ERRORS', array(        'NAME' => $name,
+                                                                'MSG' => $value['msg']));
+                }
+        }
+        $template->add('USERNAME_ERR', ifErrors($errors, 'username'));
+        $template->add('PASSWORD_ERR', ifErrors($errors, 'password'));
+        doErrors($template, $errors, 'username');
+        doErrors($template, $errors, 'password');
+        $template->add('USERNAME', $username);
+        $template->add('PASSWORD', $password);
+        $template->display();
+}
+function ifErrors($errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        return ' error';
+                }
+        }
+        return '';
+}
+function doErrors($template, $errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        $template->adds(strtoupper($id) . '_ERRS', array(       'NAME' => $name,
+                                                                                'VALUE' => $value['msg']));
+                }
+        }
+}
+function addError(&$numOfErrors, &$errors, $field, $msg)
+{
+        $numOfErrors++;
+        $errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
+}
+?>

diff --git a/central/trunk/login.php b/central/trunk/login.php new file mode 100644 index 0000000..cb96356 --- /dev/null +++ b/central/trunk/login.php
@@ -0,0 +1,100 @@
	1	<?php
	2
	3	/* InstaDisc Server - A Four Island Project */
	4
	5	include('instadisc.php');
	6	include('template.php');
	7
	8	if (!isset($_GET['submit']))
	9	{
	10	showForm('','',array());
	11	} else {
	12	$numOfErrors = 0;
	13	$errors = array();
	14
	15	$getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($_POST['username']) . "\" AND password = \"" . mysql_real_escape_string(md5($_POST['password'])) . "\"";
	16	$getuser2 = mysql_query($getuser);
	17	$getuser3 = mysql_fetch_array($getuser2);
	18	if ($getuser3['username'] != $_POST['username'])
	19	{
	20	addError($numOfErrors, $errors, '', 'Account could not be found');
	21	}
	22
	23	if ($numOfErrors > 0)
	24	{
	25	showForm($_POST['username'], $_POST['password'], $errors);
	26	} else {
	27	if (instaDisc_verifyUser($_POST['username'], $_POST['password']))
	28	{
	29	$_SESSION['username'] == $_POST['username'];
	30
	31	$template = new FITemplate('loggedin');
	32	$template->add('SITENAME', instaDisc_getConfig('siteName'));
	33	$template->display();
	34	} else {
	35	addError($numOfErrors, $errors, '', 'Account could not be found');
	36	showForm($_POST['username'], $_POST['password'], $errors);
	37	}
	38	}
	39	}
	40
	41	function showForm($username, $password, $errors)
	42	{
	43	$template = new FITemplate('login');
	44	$template->add('SITENAME', instaDisc_getConfig('siteName'));
	45
	46	if (isset($errors[1]))
	47	{
	48	$template->adds('ERROR', array('ex'=>'1'));
	49
	50	foreach ($errors as $name => $value)
	51	{
	52	$template->adds('ERRORS', array( 'NAME' => $name,
	53	'MSG' => $value['msg']));
	54	}
	55	}
	56
	57	$template->add('USERNAME_ERR', ifErrors($errors, 'username'));
	58	$template->add('PASSWORD_ERR', ifErrors($errors, 'password'));
	59
	60	doErrors($template, $errors, 'username');
	61	doErrors($template, $errors, 'password');
	62
	63	$template->add('USERNAME', $username);
	64	$template->add('PASSWORD', $password);
	65
	66	$template->display();
	67	}
	68
	69	function ifErrors($errors, $id)
	70	{
	71	foreach ($errors as $name => $value)
	72	{
	73	if ($value['field'] == $id)
	74	{
	75	return ' error';
	76	}
	77	}
	78
	79	return '';
	80	}
	81
	82	function doErrors($template, $errors, $id)
	83	{
	84	foreach ($errors as $name => $value)
	85	{
	86	if ($value['field'] == $id)
	87	{
	88	$template->adds(strtoupper($id) . '_ERRS', array( 'NAME' => $name,
	89	'VALUE' => $value['msg']));
	90	}
	91	}
	92	}
	93
	94	function addError(&$numOfErrors, &$errors, $field, $msg)
	95	{
	96	$numOfErrors++;
	97	$errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
	98	}
	99
	100	?>