1 files changed, 36 insertions, 1 deletions

diff --git a/php/Attic/examples/sample-idp/login.php b/php/Attic/examples/sample-idp/login.php
index f8f7fbca..b61a933b 100644
--- a/php/Attic/examples/sample-idp/login.php
+++ b/php/Attic/examples/sample-idp/login.php
@@ -23,18 +23,53 @@
  */
    $config = unserialize(file_get_contents('config.inc'));
 
-  require_once 'DB.php';
   require_once 'HTML/QuickForm.php';
+  require_once 'DB.php';
+
   
   $form = new HTML_QuickForm('frm');
 
   $form->addElement('header', null, 'Login on the Lasso Identity Provider Example');
+  
   $form->addElement('text', 'username', 'Username:', array('size' => 50, 'maxlength' => 255));
   $form->addElement('password', 'password', 'Password:', array('size' => 50, 'maxlength' => 255));
   $form->addElement('submit', null, 'Ok');
 
   $form->addRule('username', 'Please enter the Username', 'required', null, 'client');
   $form->addRule('password', 'Please enter the Password', 'required', null, 'client');
+
+  if ($form->validate())
+  {
+  	$config = unserialize(file_get_contents('config.inc'));
+	
+   	$db = &DB::connect($config['dsn']);
+
+	if (DB::isError($db)) 
+	  die($db->getMessage());
+
+	  $query = "SELECT user_id FROM users WHERE username=" . $db->quoteSmart($form->exportValue('username'));
+	  $query .= " AND password=" . $db->quoteSmart($form->exportValue('password'));;
+
+	  $res =& $db->query($query);
+	  if (DB::isError($res)) 
+		die($res->getMessage());
+
+	  $db->disconnect();
+	
+	  if ($res->numRows()) 
+	  {
+		$row = $res->fetchRow();
+		session_start();
+		$_SESSION['user_id'] = $row[0];
+		$_SESSION['username'] = $form->exportValue('username');
+
+		$url = 'index.php';
+		header("Request-URI: $url");
+		header("Content-Location: $url");
+		header("Location: $url");
+		exit;
+	  }
+  }
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">