summaryrefslogtreecommitdiffstats
path: root/web/html/index.php
diff options
context:
space:
mode:
Diffstat (limited to 'web/html/index.php')
-rw-r--r--web/html/index.php98
1 files changed, 1 insertions, 97 deletions
diff --git a/web/html/index.php b/web/html/index.php
index 2a1a4893..99cccbc6 100644
--- a/web/html/index.php
+++ b/web/html/index.php
@@ -2,78 +2,12 @@
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib' . PATH_SEPARATOR . '../lang');
-include("index_po.inc");
+# include("index_po.inc");
include("pkgfuncs_po.inc"); # Add to handle the i18n of My Packages
include("aur.inc");
set_lang();
check_sid();
-# Need to do the authentication prior to sending any HTML (including header)
-#
-$login_error = "";
-if (isset($_REQUEST["user"]) || isset($_REQUEST["pass"])) {
- # Attempting to log in
- #
- if (!isset($_REQUEST["user"])) {
- $login_error = __("You must supply a username.");
- }
- if (!isset($_REQUEST["pass"])) {
- $login_error = __("You must supply a password.");
- }
- if (!$login_error) {
- # Try and authenticate the user
- #
-
- #md5 hash it
- $_REQUEST["pass"] = md5($_REQUEST["pass"]);
- $dbh = db_connect();
- $q = "SELECT ID, Suspended FROM Users ";
- $q.= "WHERE Username = '" . mysql_real_escape_string($_REQUEST["user"]) . "' ";
- $q.= "AND Passwd = '" . mysql_real_escape_string($_REQUEST["pass"]) . "'";
- $result = db_query($q, $dbh);
- if (!$result) {
- $login_error = __("Error looking up username, %s.",
- array(htmlspecialchars($_REQUEST["user"])));
- } else {
- $row = mysql_fetch_row($result);
- if (empty($row)) {
- $login_error = __("Incorrect password for username, %s.",
- array(htmlspecialchars($_REQUEST["user"])));
- } elseif ($row[1]) {
- $login_error = __("Your account has been suspended.");
- }
- }
-
- if (!$login_error) {
- # Account looks good. Generate a SID and store it.
- #
- $logged_in = 0;
- $num_tries = 0;
- while (!$logged_in && $num_tries < 5) {
- $new_sid = new_sid();
- $q = "INSERT INTO Sessions (UsersID, SessionID, LastUpdateTS) ";
- $q.="VALUES (". $row[0]. ", '" . $new_sid . "', UNIX_TIMESTAMP())";
- $result = db_query($q, $dbh);
- # Query will fail if $new_sid is not unique
- #
- if ($result) {
- $logged_in = 1;
- break;
- }
- $num_tries++;
- }
- if ($logged_in) {
- # set our SID cookie
- #
- setcookie("AURSID", $new_sid, 0, "/");
- header("Location: /index.php");
- } else {
- $login_error = __("Error trying to generate session id.");
- }
- }
- }
-}
-
# Any cookies have been sent, can now display HTML
#
html_header();
@@ -97,36 +31,6 @@ print __("The most popular packages will be provided as binary packages in [comm
print "</td>";
print "<td class='boxSoft' valign='top'>";
-# Now present the user login stuff
-if (!isset($_COOKIE["AURSID"])) {
- # the user is not logged in, give them login widgets
- #
- if ($login_error) {
- print "<span class='error'>" . $login_error . "</span><br />\n";
- }
- print "<table border='0' cellpadding='0' cellspacing='0' width='100%'>\n";
- print "<form action='/index.php' method='post'>\n";
- print "<tr>\n";
- print "<td>".__("Username:")."</td>";
- print "<td><input type='text' name='user' size='30' maxlength='64'></td>";
- print "</tr>\n";
- print "<tr>\n";
- print "<td>".__("Password:")."</td>";
- print "<td><input type='password' name='pass' size='30' maxlength='32'></td>";
- print "</tr>\n";
- print "<tr>\n";
- print "<td colspan='2' align='right'>&nbsp;<br />";
- print "<input type='submit' class='button'";
- print " value='".__("Login")."'></td>";
- print "</tr>\n";
- print "</form>\n";
- print "</table>\n";
-
-} else {
- print __("Logged-in as: %h%s%h",
- array("<b>", username_from_sid($_COOKIE["AURSID"]), "</b>"));
-}
-
# MAIN: Bottom Left
print "</td>";
print "</tr>";