2002-04-30 22:22:54 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
require_once("db.inc");
|
2003-02-12 23:06:49 +00:00
|
|
|
require_once("project.inc");
|
2002-04-30 22:22:54 +00:00
|
|
|
|
2002-12-06 21:37:30 +00:00
|
|
|
// Sends the authenticator to the given email address
|
2002-12-19 18:08:43 +00:00
|
|
|
//
|
2002-12-06 21:37:30 +00:00
|
|
|
function send_auth_email($email_addr, $auth) {
|
2002-12-19 18:08:43 +00:00
|
|
|
mail($email_addr, PROJECT." new account confirmation",
|
2003-02-07 09:00:35 +00:00
|
|
|
"This email confirms the creation of your ".PROJECT." account.
|
2003-02-27 22:30:31 +00:00
|
|
|
|
2003-02-07 09:00:35 +00:00
|
|
|
".PROJECT." URL: ".MASTER_URL."
|
2003-02-19 20:34:33 +00:00
|
|
|
|
2002-12-19 18:08:43 +00:00
|
|
|
Your account key: $auth\n
|
2003-02-19 20:34:33 +00:00
|
|
|
|
|
|
|
Please save this email.
|
|
|
|
You will need your account key to log in to the ".PROJECT." web site."
|
2002-12-19 18:08:43 +00:00
|
|
|
);
|
2002-12-06 21:37:30 +00:00
|
|
|
}
|
|
|
|
|
2002-12-04 19:22:58 +00:00
|
|
|
// Initializes the session and returns the authenticator
|
|
|
|
// for the session (if any)
|
2002-12-19 18:08:43 +00:00
|
|
|
//
|
2002-12-04 19:22:58 +00:00
|
|
|
function init_session() {
|
|
|
|
session_start();
|
|
|
|
return $_SESSION["authenticator"];
|
|
|
|
}
|
|
|
|
|
2002-12-19 18:08:43 +00:00
|
|
|
// if not logged in, put up login form and exit
|
|
|
|
//
|
2002-12-16 21:41:41 +00:00
|
|
|
function require_login($user) {
|
|
|
|
if (!$user) {
|
|
|
|
print_login_form();
|
|
|
|
exit();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2002-12-04 19:22:58 +00:00
|
|
|
function get_user_from_auth($auth) {
|
|
|
|
if ($auth) return lookup_user_auth($auth);
|
|
|
|
return NULL;
|
|
|
|
}
|
2002-04-30 22:22:54 +00:00
|
|
|
|
2003-03-21 04:38:55 +00:00
|
|
|
function get_logged_in_user($must_be_logged_in=true) {
|
2003-03-19 21:01:32 +00:00
|
|
|
$authenticator = init_session();
|
|
|
|
$user = get_user_from_auth($authenticator);
|
2003-03-21 04:38:55 +00:00
|
|
|
if ($must_be_logged_in) {
|
|
|
|
require_login($user);
|
|
|
|
}
|
2003-03-19 21:01:32 +00:00
|
|
|
return $user;
|
|
|
|
}
|
|
|
|
|
2002-04-30 22:22:54 +00:00
|
|
|
function show_login($user) {
|
2002-08-07 18:56:55 +00:00
|
|
|
if ($user) {
|
2002-11-12 17:01:16 +00:00
|
|
|
echo "Logged in as %s.\n", $user->name;
|
2002-12-19 18:08:43 +00:00
|
|
|
echo "<br><a href=login_form.php>Log in as someone else.</a>\n";
|
2002-08-07 18:56:55 +00:00
|
|
|
} else {
|
2002-11-12 17:01:16 +00:00
|
|
|
echo "Not logged in";
|
2002-08-07 18:56:55 +00:00
|
|
|
}
|
2002-04-30 22:22:54 +00:00
|
|
|
}
|
|
|
|
|
2003-02-08 02:06:35 +00:00
|
|
|
function page_head($title, $user=null) {
|
2003-03-17 22:37:49 +00:00
|
|
|
echo "<head><title>$title</title><body bgcolor=ffffff>\n";
|
2002-11-08 17:21:45 +00:00
|
|
|
|
2003-02-12 23:06:49 +00:00
|
|
|
project_banner($user);
|
2002-11-08 17:21:45 +00:00
|
|
|
|
2002-04-30 22:22:54 +00:00
|
|
|
}
|
|
|
|
|
2002-12-11 00:12:42 +00:00
|
|
|
function page_tail() {
|
2002-12-11 23:09:22 +00:00
|
|
|
|
2003-02-07 09:00:35 +00:00
|
|
|
echo "<br><hr><center><a href=index.php>Return to ".PROJECT." main page</a><br>\n";
|
2002-11-25 22:14:05 +00:00
|
|
|
|
2002-11-08 17:21:45 +00:00
|
|
|
// put your copyright notice etc. here
|
|
|
|
|
2003-02-07 09:00:35 +00:00
|
|
|
echo "<br><br>Copyright (c) 2003 ".PROJECT."</center>\n";
|
2002-04-30 22:22:54 +00:00
|
|
|
}
|
|
|
|
|
2003-03-04 19:13:21 +00:00
|
|
|
function db_error_page() {
|
|
|
|
page_head("Database error");
|
|
|
|
echo "<h2>Database error</h2>
|
|
|
|
A database error occurred while handling your request.
|
|
|
|
<br>Please try again later.
|
|
|
|
<br>If the error persists, please submit a
|
|
|
|
<a href=bug_report_form.php>problem report</a>.
|
|
|
|
";
|
|
|
|
page_tail();
|
|
|
|
}
|
|
|
|
|
2002-04-30 22:22:54 +00:00
|
|
|
function date_str($when) {
|
|
|
|
return date("g:i A, l M j", $when);
|
|
|
|
}
|
|
|
|
|
|
|
|
function time_str($x) {
|
|
|
|
if ($x == 0) return "---";
|
|
|
|
return strftime("%T %b %e, %Y", $x);
|
|
|
|
}
|
|
|
|
|
|
|
|
function start_table() {
|
2003-03-17 22:37:49 +00:00
|
|
|
echo "<table border=1 cellpadding=5>";
|
2003-03-04 19:13:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
function end_table() {
|
|
|
|
echo "</table>\n";
|
|
|
|
}
|
|
|
|
|
2003-03-17 22:37:49 +00:00
|
|
|
function row1($x, $ncols=2) {
|
|
|
|
echo "<tr><td bgcolor=cccccc colspan=$ncols><b>$x</b></td></tr>\n";
|
2002-04-30 22:22:54 +00:00
|
|
|
}
|
|
|
|
|
2002-08-12 22:16:34 +00:00
|
|
|
function row2($x, $y) {
|
2003-03-06 17:42:49 +00:00
|
|
|
if ($x=="") $x="<br>";
|
2003-03-20 02:05:25 +00:00
|
|
|
if ($y=="") $y="<br>";
|
2003-03-03 19:13:16 +00:00
|
|
|
echo "<tr><td bgcolor=eeeeee width=50% align=right valign=top>$x</td><td valign=top><b>$y</b></td></tr>\n";
|
2002-09-05 22:19:23 +00:00
|
|
|
}
|
2003-03-06 17:42:49 +00:00
|
|
|
function row2_init($x, $y) {
|
|
|
|
echo "<tr><td bgcolor=eeeeee width=50% align=right valign=top>$x</td><td valign=top><b>$y\n";
|
|
|
|
}
|
2002-09-05 22:19:23 +00:00
|
|
|
|
2003-03-21 04:38:55 +00:00
|
|
|
function row2_plain($x, $y) {
|
|
|
|
echo "<tr><td>$x</td><td>$y</td></tr>\n";
|
|
|
|
}
|
|
|
|
|
2002-08-12 22:16:34 +00:00
|
|
|
function row3($x, $y, $z) {
|
2002-08-12 23:31:43 +00:00
|
|
|
echo "<tr><td width=30% valign=top align=right>$x</td><td>$y</td><td>$z</td></tr>\n";
|
2002-08-12 22:16:34 +00:00
|
|
|
}
|
|
|
|
|
2002-04-30 22:22:54 +00:00
|
|
|
function random_string() {
|
|
|
|
return md5(uniqid(rand()));
|
|
|
|
}
|
|
|
|
|
2003-03-06 17:42:49 +00:00
|
|
|
function print_country_select($country="None") {
|
2002-11-09 20:26:50 +00:00
|
|
|
$x = posix_getcwd();
|
2002-12-19 18:08:43 +00:00
|
|
|
PassThru("$x/country_select '$country'");
|
2002-11-09 20:26:50 +00:00
|
|
|
}
|
|
|
|
|
2003-03-06 17:42:49 +00:00
|
|
|
function print_login_form_aux($next_url, $user) {
|
2003-02-14 00:05:56 +00:00
|
|
|
echo "<form method=post action=login_action.php>
|
|
|
|
<input type=hidden name=next_url value='$next_url'>
|
|
|
|
";
|
2003-03-06 17:42:49 +00:00
|
|
|
start_table();
|
|
|
|
row1("Log in");
|
|
|
|
row2("Your account key:
|
|
|
|
<br><font size=-1>
|
2003-02-14 00:05:56 +00:00
|
|
|
If you don't know your account key,
|
|
|
|
<a href=get_passwd.php>click here</a>.
|
2003-03-06 17:42:49 +00:00
|
|
|
</font>",
|
|
|
|
"<input name=authenticator size=40>"
|
|
|
|
);
|
|
|
|
row2("",
|
|
|
|
"<input type=submit value='Log in'>"
|
|
|
|
);
|
|
|
|
if ($user) {
|
|
|
|
row1("Log out");
|
|
|
|
row2("You are logged in as $user->name",
|
|
|
|
"<a href=logout.php>Log out</a>"
|
|
|
|
);
|
|
|
|
}
|
|
|
|
end_table();
|
2003-02-14 00:05:56 +00:00
|
|
|
}
|
|
|
|
|
2003-02-14 22:59:25 +00:00
|
|
|
function print_login_form() {
|
2002-11-11 19:40:22 +00:00
|
|
|
page_head("Please log in");
|
2003-02-14 00:05:56 +00:00
|
|
|
echo "
|
|
|
|
<h3>Please log in</h3>
|
|
|
|
This function requires that you log in.
|
|
|
|
";
|
2003-02-14 22:59:25 +00:00
|
|
|
$next_url = $_SERVER[REQUEST_URI];
|
2003-03-06 17:42:49 +00:00
|
|
|
print_login_form_aux($next_url, null);
|
2002-11-11 19:40:22 +00:00
|
|
|
page_tail();
|
|
|
|
}
|
|
|
|
|
2003-03-26 00:48:56 +00:00
|
|
|
// Look for an element in a line of XML text
|
|
|
|
// If it's a single-tag element, and it's present, just return the tag
|
2002-11-09 20:26:50 +00:00
|
|
|
//
|
|
|
|
function parse_element($xml, $tag) {
|
|
|
|
$element = null;
|
|
|
|
$x = strstr($xml, $tag);
|
|
|
|
if ($x) {
|
2003-03-26 00:48:56 +00:00
|
|
|
if (strstr($tag, "/>")) return $tag;
|
2002-11-09 20:26:50 +00:00
|
|
|
$y = substr($x, strlen($tag));
|
|
|
|
$n = strpos($y, "<");
|
|
|
|
if ($n) {
|
|
|
|
$element = substr($y, 0, $n);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $element;
|
|
|
|
}
|
|
|
|
|
|
|
|
// look for a particular element in the config.xml file
|
|
|
|
//
|
|
|
|
function parse_config($tag) {
|
|
|
|
$element = null;
|
|
|
|
$fp = fopen("config.xml", "r");
|
|
|
|
while (1) {
|
|
|
|
$buf = fgets($fp, 1024);
|
|
|
|
if ($buf == null) break;
|
|
|
|
$element = parse_element($buf, $tag);
|
|
|
|
if ($element) break;
|
|
|
|
}
|
|
|
|
fclose($fp);
|
|
|
|
return $element;
|
2002-04-30 22:22:54 +00:00
|
|
|
}
|
|
|
|
|
2002-12-19 05:11:25 +00:00
|
|
|
// Call this if for dynamic pages
|
|
|
|
//
|
|
|
|
function no_cache() {
|
|
|
|
header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
|
|
|
|
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified
|
|
|
|
header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
|
|
|
|
header ("Pragma: no-cache"); // HTTP/1.0
|
|
|
|
}
|
|
|
|
|
2003-02-19 04:10:23 +00:00
|
|
|
// A few functions relating to email-address munging
|
|
|
|
// A "munged" email address is of the form @X_Y,
|
|
|
|
// where X is a valid email address and Y is a random string.
|
|
|
|
// When an email address hasn't been validated yet, it's munged.
|
|
|
|
// (Used during account creation and email address changes)
|
|
|
|
|
|
|
|
// a valid email address is of the form A@B.C
|
2003-02-24 21:25:16 +00:00
|
|
|
// where A, B, C are nonempty,
|
|
|
|
// A and B don't contain @ or .,
|
|
|
|
// and C doesn't contain @
|
2003-02-19 04:10:23 +00:00
|
|
|
//
|
|
|
|
function is_valid_email_addr($addr) {
|
|
|
|
$x = strstr($addr, "@");
|
|
|
|
if (!$x) return false;
|
|
|
|
if (strlen($x) == strlen($addr)) return false;
|
|
|
|
$x = substr($x, 1);
|
|
|
|
if (strstr($x, "@")) return false;
|
|
|
|
$y = strstr($x, ".");
|
|
|
|
if (!$y) return false;
|
|
|
|
if (strlen($y) == strlen($x)) return false;
|
|
|
|
if (strlen($y) == 1) return false;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
function munge_email_addr($email, $string) {
|
2003-02-19 20:34:33 +00:00
|
|
|
return "@".$email."_".$string;
|
2003-02-19 04:10:23 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// if email_addr is of the form @X_Y, split out the X and return true.
|
|
|
|
// otherwise return false
|
|
|
|
//
|
|
|
|
function split_munged_email_addr($addr, $string, &$email) {
|
2003-02-19 20:34:33 +00:00
|
|
|
if (substr($addr, 0, 1) != "@") return false;
|
|
|
|
$x = strrchr($addr, "_");
|
|
|
|
if (!$x) return false;
|
|
|
|
$y = substr($x, 1);
|
|
|
|
if ($y != $string) return false;
|
|
|
|
$email = substr($addr, 1, strlen($addr)-strlen($x)-1);
|
|
|
|
return true;
|
2003-02-19 04:10:23 +00:00
|
|
|
}
|
|
|
|
|
2002-08-13 00:08:08 +00:00
|
|
|
?>
|