Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
Marcus Andersson
aurweb
Commits
30aea4ec
Commit
30aea4ec
authored
Jun 19, 2004
by
eric
Browse files
started working on the login
parent
f478d720
Changes
6
Hide whitespace changes
Inline
Side-by-side
support/schema/aur-schema.sql
View file @
30aea4ec
...
...
@@ -20,7 +20,7 @@ INSERT INTO AccountTypes (ID, AccountType) VALUES (3, 'Developer');
--
CREATE
TABLE
Users
(
ID
INTEGER
UNSIGNED
NOT
NULL
AUTO_INCREMENT
,
AccountTypeID
TINYINT
UNSIGNED
NOT
NULL
DEFAULT
1
,
AccountTypeID
TINYINT
UNSIGNED
NOT
NULL
DEFAULT
1
,
Suspended
TINYINT
UNSIGNED
NOT
NULL
DEFAULT
0
,
Email
CHAR
(
64
)
NOT
NULL
,
Passwd
CHAR
(
32
)
NOT
NULL
,
...
...
@@ -46,7 +46,8 @@ CREATE TABLE Sessions (
UsersID
INTEGER
UNSIGNED
NOT
NULL
,
SessionID
CHAR
(
32
)
NOT
NULL
,
LastUpdateTS
BIGINT
UNSIGNED
NOT
NULL
,
FOREIGN
KEY
(
UsersID
)
REFERENCES
Users
(
ID
)
FOREIGN
KEY
(
UsersID
)
REFERENCES
Users
(
ID
),
UNIQUE
(
SessionID
)
);
...
...
web/html/index.php
View file @
30aea4ec
...
...
@@ -2,12 +2,110 @@
include
(
"index_po.inc"
);
include
(
"aur.inc"
);
set_lang
();
check_sid
();
# Need to do the authentication prior to sending HTML
#
$login_error
=
""
;
if
(
isset
(
$_REQUEST
[
"user"
])
||
isset
(
$_REQUEST
[
"pass"
]))
{
# Attempting to log in
#
if
(
!
isset
(
$_REQUEST
[
'user'
]))
{
$login_error
=
__
(
"You must supply a username."
);
}
if
(
!
isset
(
$_REQUEST
[
'pass'
]))
{
$login_error
=
__
(
"You must supply a password."
);
}
if
(
!
$login_error
)
{
# Try and authenticate the user
#
$dbh
=
db_connect
();
$q
=
"SELECT ID, Suspended FROM Users "
;
$q
.
=
"WHERE Email = '"
.
mysql_escape_string
(
$_REQUEST
[
"user"
])
.
"' "
;
$q
.
=
"AND Passwd = '"
.
mysql_escape_string
(
$_REQUEST
[
"pass"
])
.
"'"
;
$result
=
mysql_query
(
$q
,
$dbh
);
if
(
!
$result
)
{
$login_error
=
__
(
"Incorrect password for username %s."
,
array
(
$_REQUEST
[
"user"
]));
}
$row
=
mysql_fetch_row
(
$result
);
if
(
$row
[
1
])
{
$login_error
=
__
(
"Your account has been suspended."
);
}
if
(
!
$login_error
)
{
# Account looks good. Generate a SID and store it.
#
$logged_in
=
0
;
$num_tries
=
0
;
while
(
!
$logged_in
&&
$num_tries
<
5
)
{
$new_sid
=
new_sid
();
$q
=
"INSERT INTO Sessions (UsersID, SessionID, LastUpdateTS) "
;
$q
.
=
"VALUES ("
.
$row
[
0
]
.
", '"
.
$new_sid
.
"', UNIX_TIMESTAMP())"
;
$result
=
mysql_query
(
$q
,
$dbh
);
# Query will fail if $new_sid is not unique
#
if
(
$result
)
{
$logged_in
=
1
;
break
;
}
$num_tries
++
;
}
if
(
$logged_in
)
{
# set our SID cookie
#
setcookie
(
"AURSID"
,
$new_sid
,
0
,
"/"
);
header
(
"Location: /index.php"
);
}
else
{
$login_error
=
__
(
"Error trying to generate session id."
);
}
}
}
}
# Any cookies have been sent, can now display HTML
#
html_header
();
print
"<table border='0' cellpadding='0' cellspacing='3' width='90%'>
\n
"
;
print
"<tr>
\n
"
;
print
" <td align='left'>"
;
print
__
(
"This is where the intro text will go."
);
print
__
(
"For now, it's just a place holder."
);
print
__
(
"It's more important to get the login functionality finished."
);
print
__
(
"After that, this can be filled in with more meaningful text."
);
print
" </td>"
;
print
" <td align='right'>"
;
if
(
!
isset
(
$_COOKIE
[
"AURSID"
]))
{
# the user is not logged in, give them login widgets
#
print
"<form action='/index.php' method='post'>
\n
"
;
if
(
$login_error
)
{
print
$login_error
.
"<br/>
\n
"
;
}
print
"<table border='0' cellpadding='0' cellspacing='0' width='100%'>
\n
"
;
print
"<tr>
\n
"
;
print
"<td>"
.
__
(
"Username:"
)
.
"</td>"
;
print
"<td><input type='text' name='user' size='30' maxlength='64'></td>"
;
print
"</tr>
\n
"
;
print
"<tr>
\n
"
;
print
"<td>"
.
__
(
"Password:"
)
.
"</td>"
;
print
"<td><input type='password' name='pass' size='30' maxlength='32'></td>"
;
print
"</tr>
\n
"
;
print
"<tr>
\n
"
;
print
"<td colspan='2' align='right'> <br/>"
;
print
"<input type='submit' value='"
.
__
(
"Login"
)
.
"'></td>"
;
print
"</tr>
\n
"
;
print
"</table>
\n
"
;
print
"</form>
\n
"
;
#$dbh = db_connect();
print
"Connected...<br>
\n
"
;
print
"My LANG is: "
.
$LANG
.
"<br>
\n
"
;
}
else
{
print
__
(
"Currently logged in as: %h%s%h"
,
array
(
"<b>"
,
username_from_sid
(
$_COOKIE
[
"AURSID"
]),
"</b>"
));
}
print
" </td>"
;
print
"</tr>
\n
"
;
print
"</table>
\n
"
;
html_footer
(
"
\$
Id$"
);
...
...
web/html/timeout.php
0 → 100644
View file @
30aea4ec
<?
include
(
"timeout_po.inc"
);
include
(
"aur.inc"
);
set_lang
();
html_header
();
print
__
(
"Your session has timed out. You must log in again."
);
print
"<p>
\n
"
;
print
__
(
"Click on the Home link above to log in."
);
print
"</p>
\n
"
;
html_footer
(
"
\$
Id$"
);
?>
web/lang/index_po.inc
View file @
30aea4ec
...
...
@@ -16,4 +16,69 @@ $_t["en"]["Hi, this is worth reading!"] = "Hi, this is worth reading!";
# $_t["fr"]["Hi, this is worth reading!"] = "--> Traduction franaise ici. <--";
# $_t["de"]["Hi, this is worth reading!"] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"You must supply a password."
]
=
"You must supply a password."
;
# $_t["es"]["You must supply a password."] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["You must supply a password."] = "--> Traduction franaise ici. <--";
# $_t["de"]["You must supply a password."] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"You must supply a username."
]
=
"You must supply a username."
;
# $_t["es"]["You must supply a username."] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["You must supply a username."] = "--> Traduction franaise ici. <--";
# $_t["de"]["You must supply a username."] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"Incorrect password for username %s."
]
=
"Incorrect password for username %s."
;
# $_t["es"]["Incorrect password for username %s."] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["Incorrect password for username %s."] = "--> Traduction franaise ici. <--";
# $_t["de"]["Incorrect password for username %s."] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"After that, this can be filled in with more meaningful text."
]
=
"After that, this can be filled in with more meaningful text."
;
# $_t["es"]["After that, this can be filled in with more meaningful text."] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["After that, this can be filled in with more meaningful text."] = "--> Traduction franaise ici. <--";
# $_t["de"]["After that, this can be filled in with more meaningful text."] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"Your account has been suspended."
]
=
"Your account has been suspended."
;
# $_t["es"]["Your account has been suspended."] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["Your account has been suspended."] = "--> Traduction franaise ici. <--";
# $_t["de"]["Your account has been suspended."] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"Password:"
]
=
"Password:"
;
# $_t["es"]["Password:"] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["Password:"] = "--> Traduction franaise ici. <--";
# $_t["de"]["Password:"] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"Username:"
]
=
"Username:"
;
# $_t["es"]["Username:"] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["Username:"] = "--> Traduction franaise ici. <--";
# $_t["de"]["Username:"] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"It's more important to get the login functionality finished."
]
=
"It's more important to get the login functionality finished."
;
# $_t["es"]["It's more important to get the login functionality finished."] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["It's more important to get the login functionality finished."] = "--> Traduction franaise ici. <--";
# $_t["de"]["It's more important to get the login functionality finished."] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"Currently logged in as: %h%s%h"
]
=
"Currently logged in as: %h%s%h"
;
# $_t["es"]["Currently logged in as: %h%s%h"] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["Currently logged in as: %h%s%h"] = "--> Traduction franaise ici. <--";
# $_t["de"]["Currently logged in as: %h%s%h"] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"For now, it's just a place holder."
]
=
"For now, it's just a place holder."
;
# $_t["es"]["For now, it's just a place holder."] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["For now, it's just a place holder."] = "--> Traduction franaise ici. <--";
# $_t["de"]["For now, it's just a place holder."] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"This is where the intro text will go."
]
=
"This is where the intro text will go."
;
# $_t["es"]["This is where the intro text will go."] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["This is where the intro text will go."] = "--> Traduction franaise ici. <--";
# $_t["de"]["This is where the intro text will go."] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"Error trying to generate session id."
]
=
"Error trying to generate session id."
;
# $_t["es"]["Error trying to generate session id."] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["Error trying to generate session id."] = "--> Traduction franaise ici. <--";
# $_t["de"]["Error trying to generate session id."] = "--> Deutsche bersetzung hier. <--";
$_t
[
"en"
][
"Login"
]
=
"Login"
;
# $_t["es"]["Login"] = "--> Traduccin espaola aqu. <--";
# $_t["fr"]["Login"] = "--> Traduction franaise ici. <--";
# $_t["de"]["Login"] = "--> Deutsche bersetzung hier. <--";
?>
\ No newline at end of file
web/lang/timeout_po.inc
0 → 100644
View file @
30aea4ec
<?
# INSTRUCTIONS TO TRANSLATORS
#
# This file contains the i18n translations for a subset of the
# Arch Linux User-community Repository (AUR). This is a PHP
# script, and as such, you MUST pay great attention to the syntax.
# If your text contains any double-quotes ("), you MUST escape
# them with the backslash character (\).
#
include_once
(
"translator.inc"
);
global
$_t
;
$_t
[
"en"
][
"Click on the Home link above to log in."
]
=
"Click on the Home link above to log in."
;
# $_t["es"]["Click on the Home link above to log in."] = "--> Traducción española aquí. <--";
# $_t["fr"]["Click on the Home link above to log in."] = "--> Traduction française ici. <--";
# $_t["de"]["Click on the Home link above to log in."] = "--> Deutsche Übersetzung hier. <--";
$_t
[
"en"
][
"Your session has timed out. You must log in again."
]
=
"Your session has timed out. You must log in again."
;
# $_t["es"]["Your session has timed out. You must log in again."] = "--> Traducción española aquí. <--";
# $_t["fr"]["Your session has timed out. You must log in again."] = "--> Traduction française ici. <--";
# $_t["de"]["Your session has timed out. You must log in again."] = "--> Deutsche Übersetzung hier. <--";
?>
\ No newline at end of file
web/lib/aur.inc
View file @
30aea4ec
...
...
@@ -11,6 +11,84 @@ $SUPPORTED_LANGS = array(
"fr"
=>
1
,
# Franais
);
# see if the visitor is already logged in
#
function
check_sid
()
{
global
$_COOKIE
;
if
(
isset
(
$_COOKIE
[
"AURSID"
]))
{
$failed
=
0
;
# the visitor is logged in, try and update the session
#
$dbh
=
db_connect
();
$q
=
"SELECT LastUpdateTS, UNIX_TIMESTAMP() FROM Sessions "
;
$q
.
=
"WHERE SessionID = '"
.
mysql_escape_string
(
$_COOKIE
[
"AURSID"
])
.
"'"
;
$result
=
mysql_query
(
$q
,
$dbh
);
if
(
!
$result
)
{
$failed
=
1
;
}
else
{
if
(
$row
[
0
]
+
10
>=
$row
[
1
])
{
$failed
=
1
;
}
}
if
(
$failed
)
{
# visitor's session id either doesn't exist, or the timeout
# was reached and they must login again, send them back to
# the main page where they can log in again.
#
$q
=
"DELETE FROM Sessions WHERE SessionID = '"
;
$q
.
=
mysql_escape_string
(
$_COOKIE
[
"AURSID"
])
.
"'"
;
mysql_query
(
$q
,
$dbh
);
setcookie
(
"AURSID"
,
""
,
time
()
-
(
60
*
60
*
24
*
30
),
"/"
);
header
(
"Location: /timeout.php"
);
}
}
return
;
}
# a new seed value for mt_srand()
#
function
make_seed
()
{
list
(
$usec
,
$sec
)
=
explode
(
' '
,
microtime
());
return
(
float
)
$sec
+
((
float
)
$usec
*
10000
);
}
# generate a (hopefully) unique session id
#
function
new_sid
()
{
mt_srand
(
make_seed
());
$ts
=
time
();
$pid
=
getmypid
();
$rand_num
=
mt_rand
();
mt_srand
(
make_seed
());
$rand_str
=
substr
(
md5
(
mt_rand
()),
2
,
20
);
$id
=
$rand_str
.
strtolower
(
md5
(
$ts
.
$pid
))
.
$rand_num
;
return
strtoupper
(
md5
(
$id
));
}
# obtain the username if given their current SID
#
function
username_from_sid
(
$sid
=
""
)
{
if
(
!
$sid
)
{
return
""
;
}
$dbh
=
db_connect
();
$q
=
"SELECT Email "
;
$q
.
=
"FROM Users, Sessions "
;
$q
.
=
"WHERE Users.ID = Sessions.UsersID "
;
$q
.
=
"AND SessionID = '"
.
mysql_escape_string
(
$sid
)
.
"'"
;
$result
=
mysql_query
(
$q
,
$dbh
);
if
(
!
$result
)
{
return
""
;
}
$row
=
mysql_fetch_row
(
$result
);
return
$row
[
0
];
}
# connect to the database
#
...
...
@@ -155,7 +233,7 @@ function html_footer($ver="") {
print
"</table>
\n
"
;
print
"<p>
\n
"
;
if
(
$ver
)
{
print
"<table border='0' cellpadding='0' cellspacing='0' width='
100
%'>
\n
"
;
print
"<table border='0' cellpadding='0' cellspacing='0' width='
97
%'>
\n
"
;
print
"<tr><td align='right'><span class='fix'>"
.
$ver
.
"</span></td></tr>
\n
"
;
print
"</table>
\n
"
;
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment