// T// echnology Blogs - Blog Top Sites $language = 'en'; $checkSession = "false"; include_once("includes/library.php"); $auth = returnGlobal('auth','GET'); $loginForm = returnGlobal('loginForm','POST'); $passwordForm = returnGlobal('passwordForm','POST'); if ($logout == "true") { $tmpquery1 = "UPDATE ".$tableCollab["logs"]." SET connected='' WHERE login = '$loginSession'"; connectSql("$tmpquery1"); session_destroy(); session_start(); } $match = false; $ssl = false; if (!empty($SSL_CLIENT_CERT) && !$logout && $auth != "test") { $auth = "on"; $ssl = true; if (function_exists("openssl_x509_read")) { $x509 = openssl_x509_read($SSL_CLIENT_CERT); $cert_array = openssl_x509_parse($x509, true); $subject_array = $cert_array["subject"]; $ssl_email = $subject_array["Email"]; openssl_x509_free($x509); } else { $ssl_email = `echo "$SSL_CLIENT_CERT" | $pathToOpenssl x509 -noout -email`; } } else { //test blank fields in form if ($auth == "test") { if ($loginForm == "" && $passwordForm == "") { $error = $strings["login_username"]."
".$strings["login_password"]; } else if ($loginForm == "") { $error = $strings["login_username"]; } else if ($passwordForm == "") { $error = $strings["login_password"]; } else { $auth = "on"; if ($rememberForm == "on") { $oneyear = 22896000; $storePwd = get_password($passwordForm); setcookie("loginCookie", $loginForm, time() + $oneyear); setcookie("passwordCookie", $storePwd, time() + $oneyear); } else { setcookie("loginCookie"); setcookie("passwordCookie"); } } } if ($forcedLogin == "false") { if ($auth == "on" && !$loginForm && !$passwordForm) { $auth = "off"; $error = "Detecting variables poisoning ;-)"; } } } //authentification if ($auth == "on") { $loginForm = strip_tags($loginForm); $passwordForm = strip_tags($passwordForm); if ($demoMode != "true") { if ($ssl) { $tmpquery = "WHERE mem.email_work = '$ssl_email' AND mem.login != 'demo' AND mem.profil != '4'"; } else { $tmpquery = "WHERE mem.login = '$loginForm' AND mem.login != 'demo' AND mem.profil != '4'"; } } else { $tmpquery = "WHERE mem.login = '$loginForm' AND mem.profil != '4'"; } $loginUser = new request(); $loginUser->openMembers($tmpquery); $comptLoginUser = count($loginUser->mem_id); //test if user exits if ($comptLoginUser == "0") { $error = $strings["invalid_login"]; setcookie("loginCookie"); setcookie("passwordCookie"); } else { //test password if (!$ssl && !is_password_match($loginForm, $passwordForm, $loginUser->mem_password[0])) { $error = $strings["invalid_login"]; } else { $match = true; } if ($match == true) { //crypt password in session $r = substr($passwordForm, 0, 2); $passwordForm = crypt($passwordForm, $r); //set session variables $browserSession = $HTTP_USER_AGENT; $idSession = $loginUser->mem_id[0]; $timezoneSession = $loginUser->mem_timezone[0]; $languageSession = $languageForm; $loginSession = $loginForm; $passwordSession = $passwordForm; $nameSession = $loginUser->mem_name[0]; $profilSession = $loginUser->mem_profil[0]; $ipSession = $REMOTE_ADDR; $dateunixSession = date("U"); $dateSession = date("d-m-Y H:i:s"); $logouttimeSession = $loginUser->mem_logout_time[0]; session_register("browserSession","idSession","timezoneSession","languageSession","loginSession","passwordSession","nameSession","ipSession","dateunixSession","dateSession","profilSession","logouttimeSession"); //register demosession = true in session if user = demo if ($loginForm == "demo") { $demoSession = "true"; session_register("demoSession"); } //insert into or update log $ip=$REMOTE_ADDR; $tmpquery = "WHERE log.login = '$loginForm'"; $registerLog = new request(); $registerLog->openLogs($tmpquery); $comptRegisterLog = count($registerLog->log_id); $session=session_id(); if ($comptRegisterLog == "0") { $tmpquery1 = "INSERT INTO ".$tableCollab["logs"]."(login,password,ip,session,compt,last_visite) VALUES('$loginForm','$passwordForm','$ip','$session','1','$dateheure')"; connectSql("$tmpquery1"); } else { $lastvisiteSession = $registerLog->log_last_visite[0]; session_register("lastvisiteSession"); $increm = $registerLog->log_compt[0] + 1; $tmpquery1 = "UPDATE ".$tableCollab["logs"]." SET ip='$ip',session='$session',compt='$increm',last_visite='$dateheure' WHERE login = '$loginForm'"; connectSql("$tmpquery1"); } //redirect for external link to internal page if ($url != "") { if ($loginUser->mem_profil[0] == "3") { headerFunction("../projects_site/$url&updateProject=true&".session_name()."=".session_id()); } else { headerFunction("../$url&".session_name()."=".session_id()); } //redirect to last page required (with auto log out feature) } else if ($loginUser->mem_last_page[0] != "") { $tmpquery = "UPDATE ".$tableCollab["members"]." SET last_page='' WHERE login = '$loginForm'"; connectSql("$tmpquery"); headerFunction("../".$loginUser->mem_last_page[0]."&".session_name()."=".session_id()); //redirect to home or admin page (if user is administrator) } else { if ($loginUser->mem_profil[0] == "3") { headerFunction("index.php?".session_name()."=".session_id()); } else if ($loginUser->mem_profil[0] == "0") { headerFunction("administration/index.php?".session_name()."=".session_id()); } else { echo $loginUser->mem_profil[0]; headerFunction("index.php?".session_name()."=".session_id()); } } } } } if ($session == "false" && $url == "") { $error = $strings["session_false"]; } if ($logout == "true") { $msg = "logout"; } if ($demoMode == "true") { $loginForm = "demo"; $passwordForm = "demo"; } $notLogged = "true"; $bodyCommand = "onLoad=\"document.loginForm.loginForm.focus();\""; include_once("lib/dbsql.lib"); include_once("lib/main.lib"); include_once("lib/Date.class.php"); include_once("lib/Calendar.php"); $ORAKONS=new oraclekonsulent; $DB=new DBSQL; $DB->DB(); $ORAKONS->printHeader(); if (!isset($_REQUEST['blog_id'])) { $result = $DB->database_query("SELECT * FROM pro_htmltags WHERE page = 'index' AND language='$language'"); while ($therow = $DB->database_fetch_row($result)) { if (page=='index') { print($therow[1]); print($therow[2]); } else { print($therow[1]); print($therow[2]); echo " "; print($therow[3]); print($therow[4]); } } } else { $result = $DB->database_query("SELECT post_title FROM pro_posts WHERE id = $blog_id"); while ($therow = $DB->database_fetch_row($result)) { echo ""; print($therow[0]); echo ""; $sub_header = $therow[0]; } } $ORAKONS->printMeta(); $ORAKONS->printCSS(); $blockPage = new block(); ?>