Peter M. Groen / knowledgetree

Commit 0cbfd0f96062d1e256afaf2a3da82dba06377584

Authored by michael
1 parent 438efb85

almost done with authentication 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@128 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 24 additions and 23 deletions
login.php
  View file @0cbfd0f
... ... @@ -15,11 +15,14 @@
15 15  
16 16 // main library routines and defaults
17 17 require_once("./config/dmsDefaults.php");
18   -require_once("./lib/owl.lib.php");
19   -require_once("./lib/control.inc");
20   -require_once("./config/html.php");
21   -require_once("./lib/Session.inc");
  18 +require_once("$default->owl_fs_root/lib/owl.lib.php");
  19 +require_once("$default->owl_fs_root/config/html.php");
  20 +require_once("$default->owl_fs_root/lib/control.inc");
  21 +require_once("$default->owl_fs_root/lib/Session.inc");
22 22  
  23 +// -------------------------------
  24 +// page start
  25 +// -------------------------------
23 26  
24 27 if ($loginAction == "loginForm") {
25 28 // TODO: build login form using PatternMainPage
... ... @@ -32,8 +35,8 @@ if ($loginAction == "loginForm") {
32 35 print "<INPUT TYPE=\"HIDDEN\" NAME=\"parent\" value=\"$parent\">";
33 36 print "<INPUT TYPE=\"HIDDEN\" NAME=\"fileid\" value=\"$fileid\">";
34 37 }
35   - if (isset($loginFailureMessage)) {
36   - print "$loginFailureMessage<br>";
  38 + if (isset($errorMessage)) {
  39 + print "<font color=\"red\">$errorMessage</font><br>";
37 40 }
38 41  
39 42 print "<TABLE><TR><TD>$lang_username:</TD><TD><INPUT TYPE=\"TEXT\" NAME=\"fUserName\"><BR></TD></TR>";
... ... @@ -56,46 +59,44 @@ if ($loginAction == &quot;loginForm&quot;) {
56 59 if( isset($fUserName) && isset($fPassword) ) {
57 60 // verifies the login and password of the user
58 61 $dbAuth = new DBAuthenticator();
59   - $userDetails = $dbAuth->login($fUserName, $fUserName);
  62 + $userDetails = $dbAuth->login($fUserName, $fPassword);
60 63 switch ($userDetails["status"]) {
  64 + // bad credentials
  65 + case 0:
  66 + // this doesn't need to go back to the controller
  67 + redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_loginfail));
  68 + break;
61 69 // successfully authenticated
62 70 case 1:
63 71 // start the session
64   - $sessionID = Session::create($userDetails["user_id"]);
  72 + $session = new Session();
  73 + $sessionID = $session->create($userDetails["user_id"]);
65 74 // add the user details array to the session
66 75 $_SESSION["userDetails"] = $userDetails;
67 76  
68 77 // check for a location to forward to
69   - //echo "started session, with id=$sessionID<br>";
70   - /*
71 78 if (isset($redirect) && strlen(trim($redirect))>0) {
72   - echo "it is set to $redirect<br>";
73   - $url = $redirect;
74   - //redirect($redirect);
75   - } else {*/
  79 + $url = urldecode($redirect);
  80 + } else {
  81 + $_SESSION["authorised"] = false;
76 82 $url = "control.php?action=DASHBOARD";
77   - //}
78   - //echo "url set to $url<br>";
  83 + }
79 84 break;
80 85 // login disabled
81 86 case 2:
82   - controllerRedirect("LOGIN_FORM", "errorMessage=$lang_logindisabled");
83   - //$url = "control.php?action=LOGIN_FORM&loginFailureMessage=$lang_logindisabled";
  87 + redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_logindisabled));
84 88 break;
85 89 // too many sessions
86 90 case 3 :
87   - controllerRedirect("LOGIN_FORM", "errorMessage=$lang_toomanysessions");
88   - //$url = "control.php?action=LOGIN_FORM&loginFailureMessage=$lang_toomanysessions";
  91 + redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_toomanysessions));
89 92 break;
90 93 default :
91   - controllerRedirect("LOGIN_FORM", "errorMessage=$lang_err_general");
92   - //$url = "control.php?action=LOGIN_FORM&loginFailureMessage=$lang_err_general";
  94 + redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_err_general));
93 95 }
94 96 } else {
95 97 // didn't receive any login parameters, so redirect login form
96 98 $url = "control.php?action=LOGIN_FORM";
97 99 }
98   - //echo "about to redirect to $url<br>";
99 100 redirect($url);
100 101 }
101 102 }
... ...