273884a652
is divided between users (common properties with any web application) and user_infos (phpwebgallery specific informations). External table and fields can be configured. - modification : profile.php is not reachable through administration anymore (not useful). - modification : in profile.php, current password is mandatory only if user tries to change his password. Username can't be changed. - deletion : of obsolete functions get_user_restrictions, update_user_restrictions, get_user_all_restrictions, is_user_allowed, update_user - modification : $user['forbidden_categories'] equals at least "-1" so that category_id NOT IN ($user['forbidden_categories']) can always be used. - modification : user_forbidden table becomes user_cache so that not only restriction informations can be stored in this table. git-svn-id: http://piwigo.org/svn/trunk@808 68402e56-0260-453c-a942-63ccdbb3a9ee
105 lines
4.2 KiB
PHP
105 lines
4.2 KiB
PHP
<?php
|
|
// +-----------------------------------------------------------------------+
|
|
// | PhpWebGallery - a PHP based picture gallery |
|
|
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
|
|
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
|
|
// +-----------------------------------------------------------------------+
|
|
// | branch : BSF (Best So Far)
|
|
// | file : $RCSfile$
|
|
// | last update : $Date$
|
|
// | last modifier : $Author$
|
|
// | revision : $Revision$
|
|
// +-----------------------------------------------------------------------+
|
|
// | This program is free software; you can redistribute it and/or modify |
|
|
// | it under the terms of the GNU General Public License as published by |
|
|
// | the Free Software Foundation |
|
|
// | |
|
|
// | This program is distributed in the hope that it will be useful, but |
|
|
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
|
|
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
|
|
// | General Public License for more details. |
|
|
// | |
|
|
// | You should have received a copy of the GNU General Public License |
|
|
// | along with this program; if not, write to the Free Software |
|
|
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
|
|
// | USA. |
|
|
// +-----------------------------------------------------------------------+
|
|
|
|
//--------------------------------------------------------------------- include
|
|
define('PHPWG_ROOT_PATH','./');
|
|
include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
|
|
|
|
//-------------------------------------------------------------- identification
|
|
$errors = array();
|
|
if (isset($_POST['login']))
|
|
{
|
|
$username = mysql_escape_string($_POST['username']);
|
|
// retrieving the encrypted password of the login submitted
|
|
$query = '
|
|
SELECT '.$conf['user_fields']['id'].' AS id,
|
|
'.$conf['user_fields']['password'].' AS password
|
|
FROM '.USERS_TABLE.'
|
|
WHERE '.$conf['user_fields']['username'].' = \''.$username.'\'
|
|
;';
|
|
$row = mysql_fetch_array(pwg_query($query));
|
|
if ($row['password'] == $conf['pass_convert']($_POST['password']))
|
|
{
|
|
$session_length = $conf['session_length'];
|
|
if ($conf['authorize_remembering']
|
|
and isset($_POST['remember_me'])
|
|
and $_POST['remember_me'] == 1)
|
|
{
|
|
$session_length = $conf['remember_me_length'];
|
|
}
|
|
$session_id = session_create($row['id'], $session_length);
|
|
redirect('category.php?id='.$session_id);
|
|
}
|
|
else
|
|
{
|
|
array_push( $errors, $lang['invalid_pwd'] );
|
|
}
|
|
}
|
|
//----------------------------------------------------- template initialization
|
|
//
|
|
// Start output of page
|
|
//
|
|
$title = $lang['identification'];
|
|
include(PHPWG_ROOT_PATH.'include/page_header.php');
|
|
|
|
$template->set_filenames( array('identification'=>'identification.tpl') );
|
|
|
|
$template->assign_vars(
|
|
array(
|
|
'MAIL_ADMIN' => $conf['mail_webmaster'],
|
|
|
|
'L_TITLE' => $lang['identification'],
|
|
'L_USERNAME' => $lang['login'],
|
|
'L_PASSWORD' => $lang['password'],
|
|
'L_LOGIN' => $lang['submit'],
|
|
'L_GUEST' => $lang['ident_guest_visit'],
|
|
'L_REGISTER' => $lang['ident_register'],
|
|
'L_FORGET' => $lang['ident_forgotten_password'],
|
|
'L_REMEMBER_ME'=>$lang['remember_me'],
|
|
|
|
'F_LOGIN_ACTION' => add_session_id('identification.php')
|
|
));
|
|
|
|
if ($conf['authorize_remembering'])
|
|
{
|
|
$template->assign_block_vars('remember_me',array());
|
|
}
|
|
//-------------------------------------------------------------- errors display
|
|
if ( sizeof( $errors ) != 0 )
|
|
{
|
|
$template->assign_block_vars('errors',array());
|
|
for ( $i = 0; $i < sizeof( $errors ); $i++ )
|
|
{
|
|
$template->assign_block_vars('errors.error',array('ERROR'=>$errors[$i]));
|
|
}
|
|
}
|
|
//-------------------------------------------------------------- visit as guest
|
|
$template->assign_block_vars('free_access',array());
|
|
//----------------------------------------------------------- html code display
|
|
$template->parse('identification');
|
|
include(PHPWG_ROOT_PATH.'include/page_tail.php');
|
|
?>
|