Peter M. Groen / knowledgetree

Commit 0cbfd0f96062d1e256afaf2a3da82dba06377584

Authored by michael
1 parent 438efb85

almost done with authentication 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@128 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 24 additions and 23 deletions
login.php
  View file @0cbfd0f
@@ -15,11 +15,14 @@ @@ -15,11 +15,14 @@
15 15
16 // main library routines and defaults 16 // main library routines and defaults
17 require_once("./config/dmsDefaults.php"); 17 require_once("./config/dmsDefaults.php");
18 -require_once("./lib/owl.lib.php");  
19 -require_once("./lib/control.inc");  
20 -require_once("./config/html.php");  
21 -require_once("./lib/Session.inc"); 18 +require_once("$default->owl_fs_root/lib/owl.lib.php");
  19 +require_once("$default->owl_fs_root/config/html.php");
  20 +require_once("$default->owl_fs_root/lib/control.inc");
  21 +require_once("$default->owl_fs_root/lib/Session.inc");
22 22
  23 +// -------------------------------
  24 +// page start
  25 +// -------------------------------
23 26
24 if ($loginAction == "loginForm") { 27 if ($loginAction == "loginForm") {
25 // TODO: build login form using PatternMainPage 28 // TODO: build login form using PatternMainPage
@@ -32,8 +35,8 @@ if ($loginAction == "loginForm") { @@ -32,8 +35,8 @@ if ($loginAction == "loginForm") {
32 print "<INPUT TYPE=\"HIDDEN\" NAME=\"parent\" value=\"$parent\">"; 35 print "<INPUT TYPE=\"HIDDEN\" NAME=\"parent\" value=\"$parent\">";
33 print "<INPUT TYPE=\"HIDDEN\" NAME=\"fileid\" value=\"$fileid\">"; 36 print "<INPUT TYPE=\"HIDDEN\" NAME=\"fileid\" value=\"$fileid\">";
34 } 37 }
35 - if (isset($loginFailureMessage)) {  
36 - print "$loginFailureMessage<br>"; 38 + if (isset($errorMessage)) {
  39 + print "<font color=\"red\">$errorMessage</font><br>";
37 } 40 }
38 41
39 print "<TABLE><TR><TD>$lang_username:</TD><TD><INPUT TYPE=\"TEXT\" NAME=\"fUserName\"><BR></TD></TR>"; 42 print "<TABLE><TR><TD>$lang_username:</TD><TD><INPUT TYPE=\"TEXT\" NAME=\"fUserName\"><BR></TD></TR>";
@@ -56,46 +59,44 @@ if ($loginAction == &quot;loginForm&quot;) { @@ -56,46 +59,44 @@ if ($loginAction == &quot;loginForm&quot;) {
56 if( isset($fUserName) && isset($fPassword) ) { 59 if( isset($fUserName) && isset($fPassword) ) {
57 // verifies the login and password of the user 60 // verifies the login and password of the user
58 $dbAuth = new DBAuthenticator(); 61 $dbAuth = new DBAuthenticator();
59 - $userDetails = $dbAuth->login($fUserName, $fUserName); 62 + $userDetails = $dbAuth->login($fUserName, $fPassword);
60 switch ($userDetails["status"]) { 63 switch ($userDetails["status"]) {
  64 + // bad credentials
  65 + case 0:
  66 + // this doesn't need to go back to the controller
  67 + redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_loginfail));
  68 + break;
61 // successfully authenticated 69 // successfully authenticated
62 case 1: 70 case 1:
63 // start the session 71 // start the session
64 - $sessionID = Session::create($userDetails["user_id"]); 72 + $session = new Session();
  73 + $sessionID = $session->create($userDetails["user_id"]);
65 // add the user details array to the session 74 // add the user details array to the session
66 $_SESSION["userDetails"] = $userDetails; 75 $_SESSION["userDetails"] = $userDetails;
67 76
68 // check for a location to forward to 77 // check for a location to forward to
69 - //echo "started session, with id=$sessionID<br>";  
70 - /*  
71 if (isset($redirect) && strlen(trim($redirect))>0) { 78 if (isset($redirect) && strlen(trim($redirect))>0) {
72 - echo "it is set to $redirect<br>";  
73 - $url = $redirect;  
74 - //redirect($redirect);  
75 - } else {*/ 79 + $url = urldecode($redirect);
  80 + } else {
  81 + $_SESSION["authorised"] = false;
76 $url = "control.php?action=DASHBOARD"; 82 $url = "control.php?action=DASHBOARD";
77 - //}  
78 - //echo "url set to $url<br>"; 83 + }
79 break; 84 break;
80 // login disabled 85 // login disabled
81 case 2: 86 case 2:
82 - controllerRedirect("LOGIN_FORM", "errorMessage=$lang_logindisabled");  
83 - //$url = "control.php?action=LOGIN_FORM&loginFailureMessage=$lang_logindisabled"; 87 + redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_logindisabled));
84 break; 88 break;
85 // too many sessions 89 // too many sessions
86 case 3 : 90 case 3 :
87 - controllerRedirect("LOGIN_FORM", "errorMessage=$lang_toomanysessions");  
88 - //$url = "control.php?action=LOGIN_FORM&loginFailureMessage=$lang_toomanysessions"; 91 + redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_toomanysessions));
89 break; 92 break;
90 default : 93 default :
91 - controllerRedirect("LOGIN_FORM", "errorMessage=$lang_err_general");  
92 - //$url = "control.php?action=LOGIN_FORM&loginFailureMessage=$lang_err_general"; 94 + redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_err_general));
93 } 95 }
94 } else { 96 } else {
95 // didn't receive any login parameters, so redirect login form 97 // didn't receive any login parameters, so redirect login form
96 $url = "control.php?action=LOGIN_FORM"; 98 $url = "control.php?action=LOGIN_FORM";
97 } 99 }
98 - //echo "about to redirect to $url<br>";  
99 redirect($url); 100 redirect($url);
100 } 101 }
101 } 102 }