external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 09:43:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

started working on the login

Browse source
This commit is contained in:
eric 2004-06-19 20:19:42 +00:00
parent f478d7204f
commit 30aea4ec8c
6 changed files with 285 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

5
support/schema/aur-schema.sql
View file

@ -20,7 +20,7 @@ INSERT INTO AccountTypes (ID, AccountType) VALUES (3, 'Developer');
-- --
CREATE TABLE Users ( CREATE TABLE Users (
ID INTEGER UNSIGNED NOT NULL AUTO_INCREMENT, ID INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
AccountTypeID TINYINT UNSIGNED NOT NULL DEFAULT 1, AccountTypeID TINYINT UNSIGNED NOT NULL DEFAULT 1,
Suspended TINYINT UNSIGNED NOT NULL DEFAULT 0, Suspended TINYINT UNSIGNED NOT NULL DEFAULT 0,
Email CHAR(64) NOT NULL, Email CHAR(64) NOT NULL,
Passwd CHAR(32) NOT NULL, Passwd CHAR(32) NOT NULL,
@ -46,7 +46,8 @@ CREATE TABLE Sessions (
UsersID INTEGER UNSIGNED NOT NULL, UsersID INTEGER UNSIGNED NOT NULL,
SessionID CHAR(32) NOT NULL, SessionID CHAR(32) NOT NULL,
LastUpdateTS BIGINT UNSIGNED NOT NULL, LastUpdateTS BIGINT UNSIGNED NOT NULL,
FOREIGN KEY (UsersID) REFERENCES Users(ID) FOREIGN KEY (UsersID) REFERENCES Users(ID),
UNIQUE (SessionID)
); );

104
web/html/index.php
View file

@ -2,12 +2,110 @@
include("index_po.inc"); include("index_po.inc");
include("aur.inc"); include("aur.inc");
set_lang(); set_lang();
check_sid();
# Need to do the authentication prior to sending HTML
#
$login_error = "";
if (isset($_REQUEST["user"]) || isset($_REQUEST["pass"])) {
# Attempting to log in
#
if (!isset($_REQUEST['user'])) {
$login_error = __("You must supply a username.");
}
if (!isset($_REQUEST['pass'])) {
$login_error = __("You must supply a password.");
}
if (!$login_error) {
# Try and authenticate the user
#
$dbh = db_connect();
$q = "SELECT ID, Suspended FROM Users ";
$q.= "WHERE Email = '" . mysql_escape_string($_REQUEST["user"]) . "' ";
$q.= "AND Passwd = '" . mysql_escape_string($_REQUEST["pass"]) . "'";
$result = mysql_query($q, $dbh);
if (!$result) {
$login_error = __("Incorrect password for username %s.",
array($_REQUEST["user"]));
}
$row = mysql_fetch_row($result);
if ($row[1]) {
$login_error = __("Your account has been suspended.");
}
if (!$login_error) {
# Account looks good. Generate a SID and store it.
#
$logged_in = 0;
$num_tries = 0;
while (!$logged_in && $num_tries < 5) {
$new_sid = new_sid();
$q = "INSERT INTO Sessions (UsersID, SessionID, LastUpdateTS) ";
$q.="VALUES (". $row[0]. ", '" . $new_sid . "', UNIX_TIMESTAMP())";
$result = mysql_query($q, $dbh);
# Query will fail if $new_sid is not unique
#
if ($result) {
$logged_in = 1;
break;
}
$num_tries++;
}
if ($logged_in) {
# set our SID cookie
#
setcookie("AURSID", $new_sid, 0, "/");
header("Location: /index.php");
} else {
$login_error = __("Error trying to generate session id.");
}
}
}
}
# Any cookies have been sent, can now display HTML
#
html_header(); html_header();
print "<table border='0' cellpadding='0' cellspacing='3' width='90%'>\n";
print "<tr>\n";
print " <td align='left'>";
print __("This is where the intro text will go.");
print __("For now, it's just a place holder.");
print __("It's more important to get the login functionality finished.");
print __("After that, this can be filled in with more meaningful text.");
print " </td>";
print " <td align='right'>";
if (!isset($_COOKIE["AURSID"])) {
# the user is not logged in, give them login widgets
#
print "<form action='/index.php' method='post'>\n";
if ($login_error) {
print $login_error . "<br/>\n";
}
print "<table border='0' cellpadding='0' cellspacing='0' width='100%'>\n";
print "<tr>\n";
print "<td>".__("Username:")."</td>";
print "<td><input type='text' name='user' size='30' maxlength='64'></td>";
print "</tr>\n";
print "<tr>\n";
print "<td>".__("Password:")."</td>";
print "<td><input type='password' name='pass' size='30' maxlength='32'></td>";
print "</tr>\n";
print "<tr>\n";
print "<td colspan='2' align='right'>&nbsp;<br/>";
print "<input type='submit' value='".__("Login")."'></td>";
print "</tr>\n";
print "</table>\n";
print "</form>\n";
#$dbh = db_connect(); } else {
print "Connected...<br>\n"; print __("Currently logged in as: %h%s%h",
print "My LANG is: " . $LANG . "<br>\n"; array("<b>", username_from_sid($_COOKIE["AURSID"]), "</b>"));
}
print " </td>";
print "</tr>\n";
print "</table>\n";
html_footer("\$Id$"); html_footer("\$Id$");

13
web/html/timeout.php Normal file
View file

@ -0,0 +1,13 @@
<?
include("timeout_po.inc");
include("aur.inc");
set_lang();
html_header();
print __("Your session has timed out. You must log in again.");
print "<p>\n";
print __("Click on the Home link above to log in.");
print "</p>\n";
html_footer("\$Id$");
?>

65
web/lang/index_po.inc
View file

@ -16,4 +16,69 @@ $_t["en"]["Hi, this is worth reading!"] = "Hi, this is worth reading!";
# $_t["fr"]["Hi, this is worth reading!"] = "--> Traduction française ici. <--"; # $_t["fr"]["Hi, this is worth reading!"] = "--> Traduction française ici. <--";
# $_t["de"]["Hi, this is worth reading!"] = "--> Deutsche Übersetzung hier. <--"; # $_t["de"]["Hi, this is worth reading!"] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["You must supply a password."] = "You must supply a password.";
# $_t["es"]["You must supply a password."] = "--> Traducción española aquí. <--";
# $_t["fr"]["You must supply a password."] = "--> Traduction française ici. <--";
# $_t["de"]["You must supply a password."] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["You must supply a username."] = "You must supply a username.";
# $_t["es"]["You must supply a username."] = "--> Traducción española aquí. <--";
# $_t["fr"]["You must supply a username."] = "--> Traduction française ici. <--";
# $_t["de"]["You must supply a username."] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["Incorrect password for username %s."] = "Incorrect password for username %s.";
# $_t["es"]["Incorrect password for username %s."] = "--> Traducción española aquí. <--";
# $_t["fr"]["Incorrect password for username %s."] = "--> Traduction française ici. <--";
# $_t["de"]["Incorrect password for username %s."] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["After that, this can be filled in with more meaningful text."] = "After that, this can be filled in with more meaningful text.";
# $_t["es"]["After that, this can be filled in with more meaningful text."] = "--> Traducción española aquí. <--";
# $_t["fr"]["After that, this can be filled in with more meaningful text."] = "--> Traduction française ici. <--";
# $_t["de"]["After that, this can be filled in with more meaningful text."] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["Your account has been suspended."] = "Your account has been suspended.";
# $_t["es"]["Your account has been suspended."] = "--> Traducción española aquí. <--";
# $_t["fr"]["Your account has been suspended."] = "--> Traduction française ici. <--";
# $_t["de"]["Your account has been suspended."] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["Password:"] = "Password:";
# $_t["es"]["Password:"] = "--> Traducción española aquí. <--";
# $_t["fr"]["Password:"] = "--> Traduction française ici. <--";
# $_t["de"]["Password:"] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["Username:"] = "Username:";
# $_t["es"]["Username:"] = "--> Traducción española aquí. <--";
# $_t["fr"]["Username:"] = "--> Traduction française ici. <--";
# $_t["de"]["Username:"] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["It's more important to get the login functionality finished."] = "It's more important to get the login functionality finished.";
# $_t["es"]["It's more important to get the login functionality finished."] = "--> Traducción española aquí. <--";
# $_t["fr"]["It's more important to get the login functionality finished."] = "--> Traduction française ici. <--";
# $_t["de"]["It's more important to get the login functionality finished."] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["Currently logged in as: %h%s%h"] = "Currently logged in as: %h%s%h";
# $_t["es"]["Currently logged in as: %h%s%h"] = "--> Traducción española aquí. <--";
# $_t["fr"]["Currently logged in as: %h%s%h"] = "--> Traduction française ici. <--";
# $_t["de"]["Currently logged in as: %h%s%h"] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["For now, it's just a place holder."] = "For now, it's just a place holder.";
# $_t["es"]["For now, it's just a place holder."] = "--> Traducción española aquí. <--";
# $_t["fr"]["For now, it's just a place holder."] = "--> Traduction française ici. <--";
# $_t["de"]["For now, it's just a place holder."] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["This is where the intro text will go."] = "This is where the intro text will go.";
# $_t["es"]["This is where the intro text will go."] = "--> Traducción española aquí. <--";
# $_t["fr"]["This is where the intro text will go."] = "--> Traduction française ici. <--";
# $_t["de"]["This is where the intro text will go."] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["Error trying to generate session id."] = "Error trying to generate session id.";
# $_t["es"]["Error trying to generate session id."] = "--> Traducción española aquí. <--";
# $_t["fr"]["Error trying to generate session id."] = "--> Traduction française ici. <--";
# $_t["de"]["Error trying to generate session id."] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["Login"] = "Login";
# $_t["es"]["Login"] = "--> Traducción española aquí. <--";
# $_t["fr"]["Login"] = "--> Traduction française ici. <--";
# $_t["de"]["Login"] = "--> Deutsche Übersetzung hier. <--";
?> ?>

24
web/lang/timeout_po.inc Normal file
View file

@ -0,0 +1,24 @@
<?
# INSTRUCTIONS TO TRANSLATORS
#
# This file contains the i18n translations for a subset of the
# Arch Linux User-community Repository (AUR). This is a PHP
# script, and as such, you MUST pay great attention to the syntax.
# If your text contains any double-quotes ("), you MUST escape
# them with the backslash character (\).
#
include_once("translator.inc");
global $_t;
$_t["en"]["Click on the Home link above to log in."] = "Click on the Home link above to log in.";
# $_t["es"]["Click on the Home link above to log in."] = "--> Traducción española aquí. <--";
# $_t["fr"]["Click on the Home link above to log in."] = "--> Traduction française ici. <--";
# $_t["de"]["Click on the Home link above to log in."] = "--> Deutsche Übersetzung hier. <--";
$_t["en"]["Your session has timed out. You must log in again."] = "Your session has timed out. You must log in again.";
# $_t["es"]["Your session has timed out. You must log in again."] = "--> Traducción española aquí. <--";
# $_t["fr"]["Your session has timed out. You must log in again."] = "--> Traduction française ici. <--";
# $_t["de"]["Your session has timed out. You must log in again."] = "--> Deutsche Übersetzung hier. <--";
?>

80
web/lib/aur.inc
View file

@ -11,6 +11,84 @@ $SUPPORTED_LANGS = array(
"fr" => 1, # Français "fr" => 1, # Français
); );
# see if the visitor is already logged in
#
function check_sid() {
global $_COOKIE;
if (isset($_COOKIE["AURSID"])) {
$failed = 0;
# the visitor is logged in, try and update the session
#
$dbh = db_connect();
$q = "SELECT LastUpdateTS, UNIX_TIMESTAMP() FROM Sessions ";
$q.= "WHERE SessionID = '" . mysql_escape_string($_COOKIE["AURSID"]) . "'";
$result = mysql_query($q, $dbh);
if (!$result) {
$failed = 1;
} else {
if ($row[0] + 10 >= $row[1]) {
$failed = 1;
}
}
if ($failed) {
# visitor's session id either doesn't exist, or the timeout
# was reached and they must login again, send them back to
# the main page where they can log in again.
#
$q = "DELETE FROM Sessions WHERE SessionID = '";
$q.= mysql_escape_string($_COOKIE["AURSID"]) . "'";
mysql_query($q, $dbh);
setcookie("AURSID", "", time() - (60*60*24*30), "/");
header("Location: /timeout.php");
}
}
return;
}
# a new seed value for mt_srand()
#
function make_seed() {
list($usec, $sec) = explode(' ', microtime());
return (float) $sec + ((float) $usec * 10000);
}
# generate a (hopefully) unique session id
#
function new_sid() {
mt_srand(make_seed());
$ts = time();
$pid = getmypid();
$rand_num = mt_rand();
mt_srand(make_seed());
$rand_str = substr(md5(mt_rand()),2, 20);
$id = $rand_str . strtolower(md5($ts.$pid)) . $rand_num;
return strtoupper(md5($id));
}
# obtain the username if given their current SID
#
function username_from_sid($sid="") {
if (!$sid) {
return "";
}
$dbh = db_connect();
$q = "SELECT Email ";
$q.= "FROM Users, Sessions ";
$q.= "WHERE Users.ID = Sessions.UsersID ";
$q.= "AND SessionID = '" . mysql_escape_string($sid) . "'";
$result = mysql_query($q, $dbh);
if (!$result) {
return "";
}
$row = mysql_fetch_row($result);
return $row[0];
}
# connect to the database # connect to the database
# #
@ -155,7 +233,7 @@ function html_footer($ver="") {
print "</table>\n"; print "</table>\n";
print "<p>\n"; print "<p>\n";
if ($ver) { if ($ver) {
print "<table border='0' cellpadding='0' cellspacing='0' width='100%'>\n"; print "<table border='0' cellpadding='0' cellspacing='0' width='97%'>\n";
print "<tr><td align='right'><span class='fix'>".$ver."</span></td></tr>\n"; print "<tr><td align='right'><span class='fix'>".$ver."</span></td></tr>\n";
print "</table>\n"; print "</table>\n";
} }