2007-04-03 14:10:23 +00:00
|
|
|
<?php
|
|
|
|
|
|
2009-05-11 14:59:40 +00:00
|
|
|
@ini_set("session.gc_maxlifetime","0");
|
|
|
|
|
|
2009-03-17 20:26:29 +00:00
|
|
|
session_start();
|
2010-07-05 19:19:19 +00:00
|
|
|
|
|
|
|
|
// Preflight checks
|
|
|
|
|
if(!is_dir($config['rrd_dir']))
|
|
|
|
|
echo "<div class='errorbox'>RRD Log Directory is missing ({$config['rrd_dir']}). Graphing may fail.</div>";
|
|
|
|
|
|
2010-07-10 13:50:27 +00:00
|
|
|
### RRD dir probably shouldn't be writable by apache :>
|
|
|
|
|
#if(!$config['rrdcached'] && !is_writable($config['rrd_dir']))
|
|
|
|
|
# echo "<div class='errorbox'>RRD Log Directory is not writable ({$config['rrd_dir']}). Graphing may fail.</div>";
|
2010-07-05 19:19:19 +00:00
|
|
|
|
2010-07-05 19:34:52 +00:00
|
|
|
if(!is_dir($config['temp_dir']))
|
2010-07-05 19:19:19 +00:00
|
|
|
echo "<div class='errorbox'>Temp Directory is missing ({$config['tmp_dir']}). Graphing may fail.</div>";
|
|
|
|
|
|
2010-07-05 19:34:52 +00:00
|
|
|
if(!is_writable($config['temp_dir']))
|
2010-07-05 19:19:19 +00:00
|
|
|
echo "<div class='errorbox'>Temp Directory is not writable ({$config['tmp_dir']}). Graphing may fail.</div>";
|
|
|
|
|
|
2010-01-16 22:57:10 +00:00
|
|
|
if(isset($_GET['logout']) && $_SESSION['authenticated']) {
|
2010-01-02 17:47:06 +00:00
|
|
|
mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('" . $_SESSION['username'] . "', '".$_SERVER["REMOTE_ADDR"]."', 'logged out')");
|
2009-06-19 10:43:02 +00:00
|
|
|
unset($_SESSION);
|
2007-04-03 14:10:23 +00:00
|
|
|
session_destroy();
|
|
|
|
|
header('Location: /');
|
2009-06-19 10:43:02 +00:00
|
|
|
setcookie ("username", "", time() - 60*60*24*100, "/");
|
|
|
|
|
setcookie ("password", "", time() - 60*60*24*100, "/");
|
2008-11-26 12:55:55 +00:00
|
|
|
$auth_message = "Logged Out";
|
2007-04-03 14:10:23 +00:00
|
|
|
}
|
|
|
|
|
|
2010-08-03 12:09:38 +00:00
|
|
|
if(isset($_GET['username']) && isset($_GET['password'])){
|
|
|
|
|
$_SESSION['username'] = mres($_GET['username']);
|
|
|
|
|
$_SESSION['password'] = mres($_GET['password']);
|
|
|
|
|
} elseif(isset($_POST['username']) && isset($_POST['password'])){
|
2009-06-19 10:43:02 +00:00
|
|
|
$_SESSION['username'] = mres($_POST['username']);
|
|
|
|
|
$_SESSION['password'] = mres($_POST['password']);
|
2010-08-03 12:09:38 +00:00
|
|
|
} elseif(isset($_COOKIE['username']) && isset($_COOKIE['password'])){
|
2009-06-19 10:43:02 +00:00
|
|
|
$_SESSION['username'] = mres($_COOKIE['username']);
|
|
|
|
|
$_SESSION['password'] = mres($_COOKIE['password']);
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-28 13:04:07 +00:00
|
|
|
if (!isset($config['auth_mechanism']))
|
|
|
|
|
{
|
|
|
|
|
$config['auth_mechanism'] = "mysql";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (file_exists('includes/authentication/' . $config['auth_mechanism'] . '.inc.php'))
|
|
|
|
|
{
|
|
|
|
|
include('includes/authentication/' . $config['auth_mechanism'] . '.inc.php');
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2010-07-05 19:19:19 +00:00
|
|
|
echo "<div class='errorbox'>ERROR: no valid auth_mechanism defined</div>";
|
2010-02-28 13:04:07 +00:00
|
|
|
exit();
|
2010-02-28 02:20:05 +00:00
|
|
|
}
|
|
|
|
|
|
2009-12-31 19:06:05 +00:00
|
|
|
$auth_success = 0;
|
2009-06-19 10:43:02 +00:00
|
|
|
|
2010-02-28 02:20:05 +00:00
|
|
|
if (isset($_SESSION['username']))
|
2009-12-31 19:06:05 +00:00
|
|
|
{
|
2010-02-28 13:04:07 +00:00
|
|
|
if (authenticate($_SESSION['username'],$_SESSION['password']))
|
2010-01-05 20:06:24 +00:00
|
|
|
{
|
2010-03-06 01:19:06 +00:00
|
|
|
$_SESSION['userlevel'] = get_userlevel($_SESSION['username']);
|
2010-03-07 22:22:29 +00:00
|
|
|
$_SESSION['user_id'] = get_userid($_SESSION['username']);
|
2010-02-28 13:04:07 +00:00
|
|
|
if(!$_SESSION['authenticated'])
|
2009-12-31 19:06:05 +00:00
|
|
|
{
|
2010-02-28 13:04:07 +00:00
|
|
|
$_SESSION['authenticated'] = true;
|
|
|
|
|
mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('".$_SESSION['username']."', '".$_SERVER["REMOTE_ADDR"]."', 'logged in')");
|
|
|
|
|
header("Location: ".$_SERVER['REQUEST_URI']);
|
2009-12-31 19:06:05 +00:00
|
|
|
}
|
2010-02-28 13:04:07 +00:00
|
|
|
if(isset($_POST['remember']))
|
|
|
|
|
{
|
|
|
|
|
setcookie("username", $_SESSION['username'], time()+60*60*24*100, "/");
|
|
|
|
|
setcookie("password", $_SESSION['password'], time()+60*60*24*100, "/");
|
|
|
|
|
}
|
2010-07-31 21:08:35 +00:00
|
|
|
$permissions = permissions_cache($_SESSION['user_id']);
|
|
|
|
|
|
2010-02-28 13:04:07 +00:00
|
|
|
}
|
|
|
|
|
elseif (isset($_SESSION['username']))
|
|
|
|
|
{
|
|
|
|
|
$auth_message = "Authentication Failed";
|
|
|
|
|
unset ($_SESSION['authenticated']);
|
|
|
|
|
mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('".$_SESSION['username']."', '".$_SERVER["REMOTE_ADDR"]."', 'authentication failure')");
|
2009-12-31 19:06:05 +00:00
|
|
|
}
|
2009-06-19 10:43:02 +00:00
|
|
|
}
|
2007-04-03 14:10:23 +00:00
|
|
|
?>
|
