]>
Commit | Line | Data |
---|---|---|
a5eae6b7 MR |
1 | <?php |
2 | /* $Id$ */ | |
3 | ||
4 | if (! file_exists('config.inc.php')) | |
5 | throw new Exception("The application is not configured yet"); | |
6 | ||
7 | include_once 'config.inc.php'; | |
8 | require_once 'helper.php'; | |
9 | ||
10 | if (isset($_SESSION['attemps'])) | |
11 | $_SESSION['attemps']++; | |
12 | else | |
13 | $_SESSION['attemps'] = 1; | |
14 | ||
15 | if ($_SESSION['attemps'] == 1) { | |
16 | $_SESSION['authenticate'] = new Authenticate(DBDRIVER); | |
17 | } | |
18 | ||
19 | /* | |
20 | * To avoid bots, script kiddeis or other password harvester | |
21 | * add a 5 seconds delay for every 5 failed attemps | |
22 | */ | |
23 | if ($_SESSION['attemps'] > 5) { | |
24 | sleep(5); | |
25 | header('Location: logout.php'); | |
26 | } | |
27 | ||
28 | if (isset($_POST['uid']) && isset($_POST['pwd'])) { | |
29 | $auth = $_SESSION['authenticate']; | |
30 | ||
31 | $auth->login($_POST['uid'], $_POST['pwd']); | |
32 | if ($auth->validUser()) { | |
33 | unset($_SESSION['attemps']); | |
34 | $_SESSION['user_settings'] = new UserSettings($_POST['uid']); | |
35 | $_SESSION['user_settings']->setSettings( | |
36 | $_SESSION['authenticate']->getSettings()); | |
37 | //var_dump($_SESSION['user_settings']); | |
38 | //var_dump($_SESSION['authenticate']->getSettings()); | |
39 | header('Location: index.php'); | |
40 | exit(); | |
41 | } | |
42 | } | |
43 | ||
44 | include 'include/header.inc.php'; | |
45 | $email = ADMIN_MAIL; | |
46 | $action = $_SERVER['PHP_SELF']; | |
47 | ||
48 | print <<< _HTML | |
49 | <div id="login_msg"> | |
50 | <form action="$action" method="post"> | |
51 | <table> | |
52 | <tr> | |
53 | <td>Username</td><td><input id="uid" type="text" name="uid"/></td> | |
54 | </tr> | |
55 | <tr> | |
56 | <td>Password</td><td><input type="password" name="pwd"/></td> | |
57 | </tr> | |
58 | <tr> | |
59 | <td colspan="2" style="text-align: center"> | |
60 | <input type="reset" value="Clear"/> | |
61 | <input type="submit" name="submit" value="Login"/> | |
62 | </td> | |
63 | </tr> | |
64 | <tr> | |
65 | <td colspan="2" style="text-align: center">If you don't have an account | |
66 | <a href="mailto:$email?subject=Requesting an account">apply</a> | |
67 | </td> | |
68 | </tr> | |
69 | </table> | |
70 | </form> | |
71 | </div> | |
72 | <script type="text/javascript"> | |
73 | focus("uid"); | |
74 | </script> | |
75 | _HTML; | |
76 | ||
77 | include 'include/footer.inc.php'; | |
78 | ||
79 | ?> |