1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
<?php
/*
* Identity Provider Example -- Local Login
*
* Copyright (C) 2004 Entr'ouvert
* http://lasso.entrouvert.org
*
* Authors: Christophe Nowicki <cnowicki@easter-eggs.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
$config = unserialize(file_get_contents('config.inc'));
require_once 'HTML/QuickForm.php';
require_once 'DB.php';
$form = new HTML_QuickForm('frm');
$form->addElement('header', null, 'Login on the Lasso Identity Provider Example');
$form->addElement('text', 'username', 'Username:', array('size' => 50, 'maxlength' => 255));
$form->addElement('password', 'password', 'Password:', array('size' => 50, 'maxlength' => 255));
$form->addElement('submit', null, 'Ok');
$form->addRule('username', 'Please enter the Username', 'required', null, 'client');
$form->addRule('password', 'Please enter the Password', 'required', null, 'client');
if ($form->validate())
{
$config = unserialize(file_get_contents('config.inc'));
$db = &DB::connect($config['dsn']);
if (DB::isError($db))
die($db->getMessage());
$query = "SELECT user_id FROM users WHERE username=" . $db->quoteSmart($form->exportValue('username'));
$query .= " AND password=" . $db->quoteSmart($form->exportValue('password'));;
$res =& $db->query($query);
if (DB::isError($res))
die($res->getMessage());
$db->disconnect();
if ($res->numRows())
{
$row = $res->fetchRow();
session_start();
$_SESSION['user_id'] = $row[0];
$_SESSION['username'] = $form->exportValue('username');
$url = 'index.php';
header("Request-URI: $url");
header("Content-Location: $url");
header("Location: $url\n\n");
exit;
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<body>
<?php
$form->display();
?>
</body>
</html>
|