1 | <?php |
||
2 | // This script displays a login screen in a popupbox when SSL is enabled in the preferences. You should use this script only when your server supports SSL. Place this file under your SSL directory |
||
3 | |||
4 | // path to your xoops main directory |
||
5 | $path = '/path/to/xoops/directory'; |
||
6 | |||
7 | include $path . '/mainfile.php'; |
||
8 | if (!defined('XOOPS_ROOT_PATH')) { |
||
9 | exit(); |
||
10 | } |
||
11 | include_once XOOPS_ROOT_PATH . '/language/' . $xoopsConfig['language'] . '/user.php'; |
||
12 | $op = (isset($_POST['op']) && $_POST['op'] === 'dologin') ? 'dologin' : 'login'; |
||
13 | |||
14 | $username = isset($_POST['username']) ? trim($_POST['username']) : ''; |
||
15 | $password = isset($_POST['userpass']) ? trim($_POST['userpass']) : ''; |
||
16 | if ($username == '' || $password == '') { |
||
17 | $op = 'login'; |
||
18 | } |
||
19 | |||
20 | echo ' |
||
21 | <html> |
||
22 | <head> |
||
23 | <meta http-equiv="content-type" content="text/html; charset=' . _CHARSET . '" /> |
||
24 | <meta http-equiv="content-language" content="' . _LANGCODE . '" /> |
||
25 | <title>' . $xoopsConfig['sitename'] . '</title> |
||
26 | <link rel="stylesheet" type="text/css" media="all" href="' . XOOPS_URL . '/xoops.css" /> |
||
27 | '; |
||
28 | $style = xoops_getcss($xoopsConfig['theme_set']); |
||
29 | if ($style == '') { |
||
30 | $style = xoops_getcss($xoopsConfig['theme_set']); |
||
31 | } |
||
32 | if ($style != '') { |
||
33 | echo '<link rel="stylesheet" type="text/css" media="all" href="' . $style . '" />'; |
||
34 | } |
||
35 | echo ' |
||
36 | </head> |
||
37 | <body> |
||
38 | '; |
||
39 | |||
40 | if ($op === 'dologin') { |
||
41 | /** @var \XoopsMemberHandler $member_handler */ |
||
42 | $member_handler = xoops_getHandler('member'); |
||
43 | $myts = \MyTextSanitizer::getInstance(); |
||
44 | $user = $member_handler->loginUser(addslashes($myts->stripSlashesGPC($username)), addslashes($myts->stripSlashesGPC($password))); |
||
0 ignored issues
–
show
|
|||
45 | if (is_object($user)) { |
||
46 | if (0 == $user->getVar('level')) { |
||
47 | redirect_header(XOOPS_URL . '/index.php', 5, _US_NOACTTPADM); |
||
48 | exit(); |
||
49 | } |
||
50 | if ($xoopsConfig['closesite'] == 1) { |
||
51 | $allowed = false; |
||
52 | foreach ($user->getGroups() as $group) { |
||
53 | if (in_array($group, $xoopsConfig['closesite_okgrp']) || XOOPS_GROUP_ADMIN == $group) { |
||
54 | $allowed = true; |
||
55 | break; |
||
56 | } |
||
57 | } |
||
58 | if (!$allowed) { |
||
59 | redirect_header(XOOPS_URL . '/index.php', 1, _NOPERM); |
||
60 | exit(); |
||
61 | } |
||
62 | } |
||
63 | $user->setVar('last_login', time()); |
||
64 | if (!$member_handler->insertUser($user)) { |
||
65 | } |
||
66 | $_SESSION = array(); |
||
67 | $_SESSION['xoopsUserId'] = $user->getVar('uid'); |
||
68 | $_SESSION['xoopsUserGroups'] = $user->getGroups(); |
||
69 | if (!empty($xoopsConfig['use_ssl'])) { |
||
70 | xoops_confirm(array($xoopsConfig['sslpost_name'] => session_id()), XOOPS_URL . '/misc.php?action=showpopups&type=ssllogin', _US_PRESSLOGIN, _LOGIN); |
||
71 | } else { |
||
72 | echo sprintf(_US_LOGGINGU, $user->getVar('uname')); |
||
73 | echo '<div style="text-align:center;"><input value="' . _CLOSE . '" type="button" onclick="document.window.opener.location.reload();document.window.close();" /></div>'; |
||
74 | } |
||
75 | } else { |
||
76 | xoops_error(_US_INCORRECTLOGIN . '<br><a href="login.php">' . _BACK . '</a>'); |
||
77 | } |
||
78 | } |
||
79 | |||
80 | if ($op === 'login') { |
||
81 | echo ' |
||
82 | <div style="text-align: center; padding: 5px; margin: 0;"> |
||
83 | <form action="login.php" method="post"> |
||
84 | <table class="outer" width="95%"> |
||
85 | <tr> |
||
86 | <td class="head">' . _USERNAME . '</td> |
||
87 | <td class="even"><input type="text" name="username" value="" /></td> |
||
88 | </tr> |
||
89 | <tr> |
||
90 | <td class="head">' . _PASSWORD . '</td> |
||
91 | <td class="even"><input type="password" name="userpass" value="" /></td> |
||
92 | </tr> |
||
93 | <tr> |
||
94 | <td class="head"> </td> |
||
95 | <td class="even"><input type="hidden" name="op" value="dologin" /><input type="submit" name="submit" value="' . _LOGIN . '" /></td> |
||
96 | </tr> |
||
97 | </table> |
||
98 | </form> |
||
99 | </div> |
||
100 | '; |
||
101 | } |
||
102 | |||
103 | echo ' |
||
104 | </body> |
||
105 | </html> |
||
106 | '; |
||
107 |
This function has been deprecated. The supplier of the function has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.