Posted by:
Jixar
(---.ds1-od.adsl.cybercity.dk)
The code is not that personal, its shared by 4 students i study with, its just a bit complex.. I have simplified it a bit here then:
SIMPLE index.php:
<?php
include_once("core/core.php" //Class files, db connection, etc.
//Also includes ActionHandler.php!
include_once("plugin/PluginHandler.php" //Plugin handling, decides what page to show.
//Design is added...
echo Menu::writeUserMenu(); //This static method adds the menu for the current user, this is where the problems are...
//More design
?>
SIMPLE Menu class:
<?php
$currentUser = new CurrentUser(); //This class tells the script who the user is, userlevel, id, name and the most important, is he logged in??
if($currentUser->isOnline()){ //Is the user logged in the system.
//Design and the menu for the user.
}else{
?>
<fieldset style="padding:5px;">
<legend>Login her </legend>
<form name="loginform" style="padding:0px;margin:0px;" action="<?php echo $url->setVar("action", "logon" ?>" method="post">
<?php $url->remVar("action" ?>
<input type="text" name="username" style="width:120px;" onKeyDown="loginTouched()"><br>
<input type="password" name="password" style="width:100px;margin-top:4px;margin-bottom:4px;" onKeyDown="loginTouched()"><br>
<input type="checkbox" name="loginremem" onClick="if(this.checked){if(!confirm('DO you want the computer to remember you next time you enter the page?')){this.checked=false}}">Cookie <br>
<input type="button" name="loginbutton" value="Login" onClick="loginFormSubmit(this.form)"><br>
</form>
</fieldset>
<?php
}
SIMPLE ActionHandler.php
<?php
$action = $_GET['action'];
if($action == "logon"{ //Brugeren forsøges logget ind
Validator::login($_POST['username'], $_POST['password']); //Logs user in, return bool and mutate a class that writes a message for the user in the design.
$currentURL = new CurrentURL(); //Contains the URL of the current page, contained in arrays.
$currentURL->remVar("action"
Validator::redirect($currentURL->getUrl()); //A redirect function, since the actionhandler is included in core.php, it can be done via header.
}
?>
Javascript for loginForm:
function loginFormSubmit(sentForm)
{
if(sentForm.loginremem.checked&&!loginFormUnTouched)
setLoginCookie(sentForm.username.value,sentForm.password.value);
document.cookie="logget=true;expires=";
sentForm.submit();
}
SIMPLE class Validator
<?php
public static function login($username, $password){
if(($legal) && (!isset($password))){$legal = false;}
if(($legal) && (!isset($username))){$legal = false;}
if(($legal) && (!Validator::validUsername($username))){$legal = false;}
if(($legal) && (!Validator::validPassword($password))){$legal = false;}
if($legal){
$encryptedPass = Validator::spicyPassword($password); //Add a salt and encrypt
}
if($legal){ //User exists?
$num_usernamesPasswords = DB::sqlNum("SELECT id FROM users WHERE username='$username' AND password='$encryptedPass'"
if($num_usernamesPasswords != 1){
$legal = false;
}
}
//Log user in
//Return true.
//If user not logged in return false
}
}
?>
I can't see where the code should be wrong. Everything with login except the forms, happen before headers are sent to the user.
It uses $_POST to login and nothing fancy beyond that.
The javascript simply places a cookie on the machine and submits the form.
EDIT: Typo's and ekstra text
Edited 2 time(s). Last edit at 03/03/2008 09:23AM by Jixar.