|
1
|
|
|
<?php |
|
2
|
|
|
// This script displays a login screen in a popupbox when SSL is enabled in the preferences. You should use this script only when your server supports SSL. Place this file under your SSL directory |
|
3
|
|
|
|
|
4
|
|
|
// path to your xoops main directory |
|
5
|
|
|
$path = '/path/to/xoops/directory'; |
|
6
|
|
|
|
|
7
|
|
|
include $path . '/mainfile.php'; |
|
8
|
|
|
if (!defined('XOOPS_ROOT_PATH')) { |
|
9
|
|
|
exit(); |
|
10
|
|
|
} |
|
11
|
|
|
include_once XOOPS_ROOT_PATH . '/language/' . $xoopsConfig['language'] . '/user.php'; |
|
12
|
|
|
$op = (isset($_POST['op']) && $_POST['op'] === 'dologin') ? 'dologin' : 'login'; |
|
13
|
|
|
|
|
14
|
|
|
$username = isset($_POST['username']) ? trim($_POST['username']) : ''; |
|
15
|
|
|
$password = isset($_POST['userpass']) ? trim($_POST['userpass']) : ''; |
|
16
|
|
|
if ($username == '' || $password == '') { |
|
17
|
|
|
$op = 'login'; |
|
18
|
|
|
} |
|
19
|
|
|
|
|
20
|
|
|
echo ' |
|
21
|
|
|
<html> |
|
22
|
|
|
<head> |
|
23
|
|
|
<meta http-equiv="content-type" content="text/html; charset=' . _CHARSET . '" /> |
|
24
|
|
|
<meta http-equiv="content-language" content="' . _LANGCODE . '" /> |
|
25
|
|
|
<title>' . $xoopsConfig['sitename'] . '</title> |
|
26
|
|
|
<link rel="stylesheet" type="text/css" media="all" href="' . XOOPS_URL . '/xoops.css" /> |
|
27
|
|
|
'; |
|
28
|
|
|
$style = xoops_getcss($xoopsConfig['theme_set']); |
|
29
|
|
|
if ($style == '') { |
|
30
|
|
|
$style = xoops_getcss($xoopsConfig['theme_set']); |
|
31
|
|
|
} |
|
32
|
|
|
if ($style != '') { |
|
33
|
|
|
echo '<link rel="stylesheet" type="text/css" media="all" href="' . $style . '" />'; |
|
34
|
|
|
} |
|
35
|
|
|
echo ' |
|
36
|
|
|
</head> |
|
37
|
|
|
<body> |
|
38
|
|
|
'; |
|
39
|
|
|
|
|
40
|
|
|
if ($op === 'dologin') { |
|
41
|
|
|
/** @var \XoopsMemberHandler $member_handler */ |
|
42
|
|
|
$member_handler = xoops_getHandler('member'); |
|
43
|
|
|
$myts = \MyTextSanitizer::getInstance(); |
|
44
|
|
|
$user = $member_handler->loginUser(addslashes($myts->stripSlashesGPC($username)), addslashes($myts->stripSlashesGPC($password))); |
|
45
|
|
|
if (is_object($user)) { |
|
46
|
|
|
if (0 == $user->getVar('level')) { |
|
47
|
|
|
redirect_header(XOOPS_URL . '/index.php', 5, _US_NOACTTPADM); |
|
48
|
|
|
exit(); |
|
49
|
|
|
} |
|
50
|
|
|
if ($xoopsConfig['closesite'] == 1) { |
|
51
|
|
|
$allowed = false; |
|
52
|
|
|
foreach ($user->getGroups() as $group) { |
|
53
|
|
|
if (in_array($group, $xoopsConfig['closesite_okgrp']) || XOOPS_GROUP_ADMIN == $group) { |
|
54
|
|
|
$allowed = true; |
|
55
|
|
|
break; |
|
56
|
|
|
} |
|
57
|
|
|
} |
|
58
|
|
|
if (!$allowed) { |
|
59
|
|
|
redirect_header(XOOPS_URL . '/index.php', 1, _NOPERM); |
|
60
|
|
|
exit(); |
|
61
|
|
|
} |
|
62
|
|
|
} |
|
63
|
|
|
$user->setVar('last_login', time()); |
|
64
|
|
|
if (!$member_handler->insertUser($user)) { |
|
65
|
|
|
} |
|
66
|
|
|
$_SESSION = array(); |
|
67
|
|
|
$_SESSION['xoopsUserId'] = $user->getVar('uid'); |
|
68
|
|
|
$_SESSION['xoopsUserGroups'] = $user->getGroups(); |
|
69
|
|
|
if (!empty($xoopsConfig['use_ssl'])) { |
|
70
|
|
|
xoops_confirm(array($xoopsConfig['sslpost_name'] => session_id()), XOOPS_URL . '/misc.php?action=showpopups&type=ssllogin', _US_PRESSLOGIN, _LOGIN); |
|
71
|
|
|
} else { |
|
72
|
|
|
echo sprintf(_US_LOGGINGU, $user->getVar('uname')); |
|
|
|
|
|
|
73
|
|
|
echo '<div style="text-align:center;"><input value="' . _CLOSE . '" type="button" onclick="document.window.opener.location.reload();document.window.close();" /></div>'; |
|
74
|
|
|
} |
|
75
|
|
|
} else { |
|
76
|
|
|
xoops_error(_US_INCORRECTLOGIN . '<br><a href="login.php">' . _BACK . '</a>'); |
|
77
|
|
|
} |
|
78
|
|
|
} |
|
79
|
|
|
|
|
80
|
|
|
if ($op === 'login') { |
|
81
|
|
|
echo ' |
|
82
|
|
|
<div style="text-align: center; padding: 5px; margin: 0;"> |
|
83
|
|
|
<form action="login.php" method="post"> |
|
84
|
|
|
<table class="outer" width="95%"> |
|
85
|
|
|
<tr> |
|
86
|
|
|
<td class="head">' . _USERNAME . '</td> |
|
87
|
|
|
<td class="even"><input type="text" name="username" value="" /></td> |
|
88
|
|
|
</tr> |
|
89
|
|
|
<tr> |
|
90
|
|
|
<td class="head">' . _PASSWORD . '</td> |
|
91
|
|
|
<td class="even"><input type="password" name="userpass" value="" /></td> |
|
92
|
|
|
</tr> |
|
93
|
|
|
<tr> |
|
94
|
|
|
<td class="head"> </td> |
|
95
|
|
|
<td class="even"><input type="hidden" name="op" value="dologin" /><input type="submit" name="submit" value="' . _LOGIN . '" /></td> |
|
96
|
|
|
</tr> |
|
97
|
|
|
</table> |
|
98
|
|
|
</form> |
|
99
|
|
|
</div> |
|
100
|
|
|
'; |
|
101
|
|
|
} |
|
102
|
|
|
|
|
103
|
|
|
echo ' |
|
104
|
|
|
</body> |
|
105
|
|
|
</html> |
|
106
|
|
|
'; |
|
107
|
|
|
|
XOOPS /
XoopsCore25
geekwright
Loading history...