mirror of
https://github.com/librenms/librenms.git
synced 2024-10-07 16:52:45 +00:00
ff70062aa9
git-svn-id: http://www.observium.org/svn/observer/trunk@2 61d68cd4-352d-0410-923a-c4978735b2b8
41 lines
937 B
PHP
41 lines
937 B
PHP
<?php
|
|
|
|
session_start();
|
|
|
|
if($_GET['logout']) {
|
|
session_destroy();
|
|
}
|
|
|
|
// convert username and password from _POST or _SESSION
|
|
if($_SERVER['PHP_AUTH_PW']) {
|
|
$_SESSION['username']=$_SERVER['PHP_AUTH_USER'];
|
|
$_SESSION['password']=$_SERVER['PHP_AUTH_PW'];
|
|
} elseif($_POST){
|
|
$_SESSION['username']=$_POST["username"];
|
|
$_SESSION['password']=$_POST["password"];
|
|
}
|
|
|
|
// query for a user/pass match
|
|
$password = $_SESSION['password'];
|
|
$encrypted = md5($password);
|
|
|
|
$sql = "select username, level from users where username='$_SESSION[username]' and password='$encrypted'";
|
|
|
|
$row = mysql_fetch_row(mysql_query($sql));
|
|
|
|
$result = $row[0];
|
|
|
|
$auth_level = $row[1];
|
|
|
|
if ( $_SESSION['username'] != "" && $result == $_SESSION['username'] ) {
|
|
$auth_user = $result;
|
|
} else {
|
|
header('WWW-Authenticate: Basic realm="Vostron Administration"');
|
|
header('HTTP/1.0 401 Unauthorized');
|
|
echo 'Authentication required.';
|
|
exit;
|
|
|
|
}
|
|
|
|
?>
|