Source for file login.php

Documentation is available at login.php

  1. <?php
  2. /**
  3. * Login Script
  4. *
  5. * Validates the login form, authenticates the user and
  6. * stores the user information in session variables
  7. * @package Phone2Dev
  8. * @author Stanislav Miroshnikov
  9. * @todo add template support
  10. */
  11. //start the session
  12. session_start();
  13. ?>
  14. <html>
  15. <head>
  16. <title>Phone2Dev Login</title>
  17. </head>
  18. <body>
  19. <h1>Phone2Dev</h1>
  20. <?php
  21. /**
  22. * Requires PEAR HTML_QuickForm package
  23. */
  24. require_once 'HTML/QuickForm.php';
  25.  
  26. $form =& new HTML_QuickForm();
  27.  
  28. $form->addElement('header','userInfo','Login');
  29.  
  30. // username
  31. $form->addElement('text', 'username', 'Username: ');
  32. // "required" rule
  33. $form->addRule('username','Please enter your username.', 'required');
  34. // "maxlength" rule
  35. $form->addRule('username'
  36. ,'Please enter a username between 3 and 30 characters.',
  37. 'rangelength',array(3, 30));
  38. // "alphanumeric" rule
  39. $form->addRule('username'
  40. ,'Your username can contain only letters and numbers.'
  41. , 'alphanumeric');
  42.  
  43. // passwords
  44. $form->addElement('password','password','Password:');
  45. // "required" rule
  46. $form->addRule('password','Please enter your password.', 'required');
  47. // "maxlength" rule
  48. $form->addRule('password'
  49. ,'Please enter a password between 6 and 12 characters.',
  50. 'rangelength', array(6, 12));
  51. // "alphanumeric" rule
  52. $form->addRule('password'
  53. ,'Your password can contain only letters and numbers.'
  54. , 'alphanumeric');
  55.  
  56. $form->addElement('submit', 'login', 'Login');
  57.  
  58. $form->applyFilter('__ALL__', 'trim');
  59.  
  60. if ($form->validate()) {
  61. // If the form validates, freeze and process the data
  62. $form->freeze();
  63. $form->process('login');
  64. } else {
  65. $form->display();
  66. }
  67.  
  68. /**
  69. * Authenticates the user
  70. * @param fields an associative array containing fields of the form
  71. * @todo login attempts counter
  72. * @todo a more secure way of keeping track of the user
  73. * that includes keeping track of user's IP address
  74. */
  75. function login($fields) {
  76. /**
  77. * Requires Phone2Dev class for database access
  78. */
  79. require_once 'phone2dev.php';
  80. $objP2D = &new Phone2Dev();
  81.  
  82. // connect to the database
  83. $objP2D->dbConnect();
  84.  
  85. // check if the username and password are correct
  86. $intUserId = $objP2D->authUserPass($fields['username'],
  87. $fields['password']);
  88. if($intUserId > 0) {
  89. // user was autheticated correctly
  90. // set the user's session variables
  91. $_SESSION['intUserId'] = $intUserId;
  92. $_SESSION['intMainMenuId'] = $objP2D->getMainMenuId($intUserId);
  93. $_SESSION['strUsername'] = $fields['username'];
  94. // redirect user to the main manu
  95. header("Location: http://" . $_SERVER['HTTP_HOST']
  96. . dirname($_SERVER['PHP_SELF'])
  97. . "/" . "menu.php");
  98. } else {
  99. // user have not authenticated correctly
  100. print "<h1>Login Error</h1>";
  101. print "<h2>Your username and/or password is invalid.</h2>";
  102. print "<p><a href=\"login.php\">Try Again</a></p>";
  103. }
  104. }
  105.  
  106. ?>
  107. <p> Register for Phone2Dev <a href="register.php">here</a>.</p>
  108. </body>
  109. </html>

Documentation generated on Tue, 4 Jan 2005 13:47:59 -0500 by phpDocumentor 1.3.0RC3