<?php
session_start();
include "settings.php";
require_once('classes/login.class.php');
require_once('classes/general.class.php');
/*
Login and check login system
Version 1.0
7/12/2013
Robert Saylor
*/
$check_login = new Login($linkID);
// check if login data was posted
if (isset($_POST['section']) == "login") {
$check_login->login($_POST['uuname'],$_POST['uupass']);
}
// set varibles for login
$uuname = '';
$uupass = '';
$token = '';
if(isset($_SESSION['uuname'])) { $uuname = $_SESSION['uuname']; }
if(isset($_SESSION['uupass'])) { $uupass = $_SESSION['uupass']; }
if(isset($_SESSION['token'])) { $token = $_SESSION['token']; }
// done varibles
$check_login->check_login($uuname,$uupass,$token);
/* END LOGIN SYSTEM */
/* Main Program */
$general = new General($linkID);
if (isset($_GET['section']) == "destinations") {
$list_general->destinations();
}
foreach ($_GET as $key=>$value) {
print "K $key V $value<br>\n";
}
?>
<?php
class Login {
function __construct($linkID){}
public function login($user,$pass) {
global $linkID;
$sql = "SELECT * FROM `users` WHERE `uuname` = '$user' AND `uupass` = '$pass'";
$result = $linkID->query($sql) or die($linkID->error.__LINE__);
$row = $result->fetch_assoc();
if($result->num_rows > 0) {
// get a new token
$new_token = $this->token();
$sql2 = "UPDATE `users` SET `token` = '$new_token' WHERE `id` = '$row[id]'";
$result2 = $linkID->query($sql2) or die($linkID->error.__LINE__);
// Set session data
$_SESSION['uuname'] = $row['uuname'];
$_SESSION['uupass'] = $row['uupass'];
$_SESSION['token'] = $new_token;
}
}
public function token() {
$length = 40;
$string = "";
while ($length > 0) {
$string .= dechex(mt_rand(0,15));
$length -= 1;
}
return $string;
}
public function check_login($user,$pass,$token) {
global $linkID;
$sql = "SELECT * FROM `users` WHERE `uuname` = '$user' AND `token` = '$token' LIMIT 1";
$result = $linkID->query($sql) or die($linkID->error.__LINE__);
$row = $result->fetch_assoc();
if($result->num_rows > 0) {
if (($row['uuname'] == $user) and ($row['token'] == $token)) {
// ok logged in
print "You are logged in!<br>\n";
}
} else {
/*
passes the user to the function login_form if they are not logged in.
*/
$error = "You are NOT logged in!";
$this->login_form($error);
}
}
public function login_form($error) {
if(isset($error)){
print "$error";
}
print "
<form action=\"index.php\" method=\"post\">
<input type=\"hidden\" name=\"section\" value=\"login\">
<table border=0 width=50%>
<tr><td>Username:</td><td><input type=\"text\" name=\"uuname\" size=40></td></tr>
<tr><td>Password:</td><td><input type=\"password\" name=\"uupass\" size=40></td></tr>
<tr><td> </td><td><input type=\"submit\" value=\"Login\"></td></tr>
</table>
</form>
";
}
}
?>
<?php
class General {
function __construct($linkID){}
public function destinations() {
global $linkID;
$sql = "
SELECT
`reserve`.`boats`.`fleet` AS 'fleet2',
`af_df`.`destinations`.*
FROM
`af_df`.`destinations`, `reserve`.`boats`
WHERE
`af_df`.`destinations`.`boatID` = `reserve`.`boats`.`boatID`
ORDER BY `reserve`.`boats`.`fleet` ASC, `af_df`.`destinations`.`name` ASC
";
print "<h2><u>Current Destination(s)</u></h2><br>\n";
print "<table border=0 width=80% cellpadding=3 cellspacing=0>
<tr><td><b>Destination</b></td><td><b>Title</b></td><td><b>Active</b></td><td> </td></tr>\n";
$result = $linkID->query($sql) or die($linkID->error.__LINE__);
if($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
print "<tr $bgcolor1><td>$row[name]</td><td>$row[title]</td><td>$row[active]</td><td>";
print "<a href=\"index.php?section=dest&part=add&update=1&id=$row[id]\">Edit</a> |
<a href=\"index.php?section=dest_del&id=$row[id]>\" onclick=\"return confirm('You are about to delete destination $row[name] from the database. Click OK to continue.')\">Delete</a>
</td></tr>";
}
} else {
print "<tr><td colspan=4><center><font color=blue>Sorry, there are no destinations defined. Please add a destination.</font></center></td></tr>\n";
}
print "</table>";
}
}
?>
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.