From 3021e3c050decc3d68d051785b6c6236800daea5 Mon Sep 17 00:00:00 2001 From: michael Date: Mon, 13 Jan 2003 11:49:57 +0000 Subject: [PATCH] fixed login and error handling --- login.php | 45 +++++++++++++++++++++++++-------------------- 1 file changed, 25 insertions(+), 20 deletions(-) diff --git a/login.php b/login.php index 2d7db98..56fb196 100644 --- a/login.php +++ b/login.php @@ -23,26 +23,27 @@ require_once("$default->owl_fs_root/lib/Session.inc"); // ------------------------------- // page start // ------------------------------- - +global $default; if ($loginAction == "loginForm") { // TODO: build login form using PatternMainPage - include("./lib/header.inc"); - print("
"); - print("
$lang_engine
$lang_version: $default->version
"); + //include("./lib/header.inc"); + print "
"; + print ""; + print "
"; print "
"; if (isset($fileid)) { print ""; print ""; } - if (isset($errorMessage)) { - print "$errorMessage
"; - } + + print "$errorMessage
"; - print ""; - print "
$lang_username:
$lang_password:
"; + print ""; + print "
$lang_username: +
$lang_password: +
"; print ""; - print "\n"; print "\n"; print "\n"; print "

"; @@ -53,18 +54,20 @@ if ($loginAction == "loginForm") { if (checkrequirements() == 1) { // TODO: appropriate error message echo "check requirements failed!
"; - //exit; + exit; } else { + // set default url for login failure + $url = $url . "login.php?loginAction=loginForm"; // if requirements are met and we have a username and password to authenticate if( isset($fUserName) && isset($fPassword) ) { // verifies the login and password of the user - $dbAuth = new DBAuthenticator(); + $dbAuth = new $default->authentication_class; $userDetails = $dbAuth->login($fUserName, $fPassword); + switch ($userDetails["status"]) { // bad credentials case 0: - // this doesn't need to go back to the controller - redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_loginfail)); + $url = $url . "&errorMessage=$lang_loginfail"; break; // successfully authenticated case 1: @@ -77,25 +80,27 @@ if ($loginAction == "loginForm") { // check for a location to forward to if (isset($redirect) && strlen(trim($redirect))>0) { $url = urldecode($redirect); + // else redirect to the dashboard } else { - $_SESSION["authorised"] = false; - $url = "control.php?action=DASHBOARD"; + $_SESSION["authorised"] = false; + $url = "control.php?action=dashboard"; } break; // login disabled case 2: - redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_logindisabled)); + $url = $url . "&errorMessage=$lang_logindisabled"; break; // too many sessions case 3 : - redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_toomanysessions)); + $url = $url . "&errorMessage=$lang_toomanysessions"; break; default : - redirect("login.php?loginAction=loginForm&errorMessage=" . urlencode($lang_err_general)); + $url = $url . "&errorMessage=$lang_err_general"; } } else { // didn't receive any login parameters, so redirect login form - $url = "control.php?action=LOGIN_FORM"; + // TODO: set "no login parameters received error message? + // internal error message- should never happen } redirect($url); } -- libgit2 0.21.4