1 | <?php |
||
2 | // This script displays a login screen in a popupbox when SSL is enabled in the preferences. You should use this script only when your server supports SSL. Place this file under your SSL directory |
||
3 | |||
4 | // path to your xoops main directory |
||
5 | $path = '/path/to/xoops/directory'; |
||
6 | |||
7 | include $path . '/mainfile.php'; |
||
8 | if (!defined('XOOPS_ROOT_PATH')) { |
||
9 | exit(); |
||
10 | } |
||
11 | include_once XOOPS_ROOT_PATH . '/language/' . $xoopsConfig['language'] . '/user.php'; |
||
12 | $op = (isset($_POST['op']) && $_POST['op'] === 'dologin') ? 'dologin' : 'login'; |
||
13 | |||
14 | $username = isset($_POST['username']) ? trim($_POST['username']) : ''; |
||
15 | $password = isset($_POST['userpass']) ? trim($_POST['userpass']) : ''; |
||
16 | if ($username == '' || $password == '') { |
||
17 | $op = 'login'; |
||
18 | } |
||
19 | |||
20 | echo ' |
||
21 | <html> |
||
22 | <head> |
||
23 | <meta http-equiv="content-type" content="text/html; charset=' . _CHARSET . '" /> |
||
24 | <meta http-equiv="content-language" content="' . _LANGCODE . '" /> |
||
25 | <title>' . $xoopsConfig['sitename'] . '</title> |
||
26 | <link rel="stylesheet" type="text/css" media="all" href="' . XOOPS_URL . '/xoops.css" /> |
||
27 | '; |
||
28 | $style = xoops_getcss($xoopsConfig['theme_set']); |
||
29 | if ($style == '') { |
||
30 | $style = xoops_getcss($xoopsConfig['theme_set']); |
||
31 | } |
||
32 | if ($style != '') { |
||
33 | echo '<link rel="stylesheet" type="text/css" media="all" href="' . $style . '" />'; |
||
34 | } |
||
35 | echo ' |
||
36 | </head> |
||
37 | <body> |
||
38 | '; |
||
39 | |||
40 | if ($op === 'dologin') { |
||
41 | /** @var \XoopsMemberHandler $member_handler */ |
||
42 | $member_handler = xoops_getHandler('member'); |
||
43 | $myts = \MyTextSanitizer::getInstance(); |
||
44 | $user = $member_handler->loginUser(addslashes($myts->stripSlashesGPC($username)), addslashes($myts->stripSlashesGPC($password))); |
||
45 | if (is_object($user)) { |
||
46 | if (0 == $user->getVar('level')) { |
||
47 | redirect_header(XOOPS_URL . '/index.php', 5, _US_NOACTTPADM); |
||
48 | exit(); |
||
49 | } |
||
50 | if ($xoopsConfig['closesite'] == 1) { |
||
51 | $allowed = false; |
||
52 | foreach ($user->getGroups() as $group) { |
||
53 | if (in_array($group, $xoopsConfig['closesite_okgrp']) || XOOPS_GROUP_ADMIN == $group) { |
||
54 | $allowed = true; |
||
55 | break; |
||
56 | } |
||
57 | } |
||
58 | if (!$allowed) { |
||
59 | redirect_header(XOOPS_URL . '/index.php', 1, _NOPERM); |
||
60 | exit(); |
||
61 | } |
||
62 | } |
||
63 | $user->setVar('last_login', time()); |
||
64 | if (!$member_handler->insertUser($user)) { |
||
65 | } |
||
66 | $_SESSION = array(); |
||
67 | $_SESSION['xoopsUserId'] = $user->getVar('uid'); |
||
68 | $_SESSION['xoopsUserGroups'] = $user->getGroups(); |
||
69 | if (!empty($xoopsConfig['use_ssl'])) { |
||
70 | xoops_confirm(array($xoopsConfig['sslpost_name'] => session_id()), XOOPS_URL . '/misc.php?action=showpopups&type=ssllogin', _US_PRESSLOGIN, _LOGIN); |
||
71 | } else { |
||
72 | echo sprintf(_US_LOGGINGU, $user->getVar('uname')); |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
73 | echo '<div style="text-align:center;"><input value="' . _CLOSE . '" type="button" onclick="document.window.opener.location.reload();document.window.close();" /></div>'; |
||
74 | } |
||
75 | } else { |
||
76 | xoops_error(_US_INCORRECTLOGIN . '<br><a href="login.php">' . _BACK . '</a>'); |
||
77 | } |
||
78 | } |
||
79 | |||
80 | if ($op === 'login') { |
||
81 | echo ' |
||
82 | <div style="text-align: center; padding: 5px; margin: 0;"> |
||
83 | <form action="login.php" method="post"> |
||
84 | <table class="outer" width="95%"> |
||
85 | <tr> |
||
86 | <td class="head">' . _USERNAME . '</td> |
||
87 | <td class="even"><input type="text" name="username" value="" /></td> |
||
88 | </tr> |
||
89 | <tr> |
||
90 | <td class="head">' . _PASSWORD . '</td> |
||
91 | <td class="even"><input type="password" name="userpass" value="" /></td> |
||
92 | </tr> |
||
93 | <tr> |
||
94 | <td class="head"> </td> |
||
95 | <td class="even"><input type="hidden" name="op" value="dologin" /><input type="submit" name="submit" value="' . _LOGIN . '" /></td> |
||
96 | </tr> |
||
97 | </table> |
||
98 | </form> |
||
99 | </div> |
||
100 | '; |
||
101 | } |
||
102 | |||
103 | echo ' |
||
104 | </body> |
||
105 | </html> |
||
106 | '; |
||
107 |