/[webwml]/newmaint/amlogin2.wml
ViewVC logotype

Contents of /newmaint/amlogin2.wml

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.6 - (hide annotations) (download)
Sun Aug 14 21:40:55 2005 UTC (7 years, 9 months ago) by tbm
Branch: MAIN
CVS Tags: HEAD
Changes since 1.5: +3 -2 lines 
in the password verification check, try MD5 first and fall back to DES.
So far we've used DES but PHP 4 defaults to MD5 so all new passwords
will be MD5.
1 tbm 1.5 # Copyright (C) 2001 Craig Small <csmall@debian.org>
2     # Copyright (C) 2001, 2002, 2003, 2004, 2005 Martin Michlmayr <tbm@cyrius.com>
3     # This file may be distributed under the GPL v2 or higher.
4    
5 csmall 1.1 <?
6    
7     session_start();
8     include("config.inc");
9     include("common.inc");
10    
11     session_name("DebianNM");
12    
13     ?>
14     <HTML>
15     <BODY bgcolor="#ffffff">
16     <?
17     function find_manager($login, $password) {
18     global $s_isam, $s_isfd, $s_isdam, $s_username;
19    
20     if (! ($db = open_db())) {
21     return FALSE;
22     }
23     $sql = "SELECT * FROM manager WHERE login = '$login'";
24     if (! ($result = pg_exec($db, $sql))) {
25     echo "Problem with query", pg_ErrorMessage($db), "<BR>";
26     return FALSE;
27     }
28     if (pg_NumRows($result) == 1) {
29     $row = pg_Fetch_Array($result, 0);
30 tbm 1.6 // try MD5 first, and fall back to DES
31     if (passwd_verify($row["passwd"], $password) ||
32     $row["passwd"] == crypt($password, substr($row["passwd"], 0, 2))) {
33 csmall 1.1 $s_username = $login;
34     $s_isam = 't';
35     $s_isfd = $row["is_frontdesk"];
36     $s_isdam = $row["is_dam"];
37     session_register("s_username");
38     session_register("s_isam");
39     session_register("s_isfd");
40     session_register("s_isdam");
41     return TRUE;
42     }
43     }
44     return FALSE;
45     }
46     ?>
47     <?
48     #=============main()
49 tbm 1.3 if ($_REQUEST['username'] == "") {
50 csmall 1.1 ?>
51     No username supplied, please click the back button and enter in a username.
52     <?
53     session_destroy();
54     } else {
55 tbm 1.3 $username = strip_tags($_REQUEST['username']);
56     $passwd = strip_tags($_REQUEST['passwd']);
57 csmall 1.1 if (find_manager($username, $passwd)) {
58    
59     echo "<META http-equiv=\"refresh\" content=\"0;URL=ammain.php?";?><?=SID?>
60     <? echo "\">"; ?>
61     Logged in ok, click <A href="ammain.php?<?=SID?>">here</A> to continue if the
62     refresh doesn't do it itself.
63     <?
64     } else {
65     session_destroy();
66     ?>
67     <P>I can either not find that manager in the database or you have entered in
68     the wrong password. Click <A href="index.php">here</A> to go back.<BR>
69     <?
70     }
71     } ?>
72     </BODY>
73     </HTML>
  ViewVC Help
Powered by ViewVC 1.1.5