include("index_po.inc"); include("aur.inc"); set_lang(); check_sid(); # Need to do the authentication prior to sending any HTML (including header) # $login_error = ""; if (isset($_REQUEST["user"]) || isset($_REQUEST["pass"])) { # Attempting to log in # if (!isset($_REQUEST['user'])) { $login_error = __("You must supply a username."); } if (!isset($_REQUEST['pass'])) { $login_error = __("You must supply a password."); } if (!$login_error) { # Try and authenticate the user # #md5 hash it $_REQUEST["pass"] = md5($_REQUEST["pass"]); $dbh = db_connect(); $q = "SELECT ID, Suspended FROM Users "; $q.= "WHERE Username = '" . mysql_escape_string($_REQUEST["user"]) . "' "; $q.= "AND Passwd = '" . mysql_escape_string($_REQUEST["pass"]) . "'"; $result = db_query($q, $dbh); if (!$result) { $login_error = __("Error looking up username, %s.", array($_REQUEST["user"])); } else { $row = mysql_fetch_row($result); if (empty($row)) { $login_error = __("Incorrect password for username, %s.", array($_REQUEST["user"])); } elseif ($row[1]) { $login_error = __("Your account has been suspended."); } } if (!$login_error) { # Account looks good. Generate a SID and store it. # $logged_in = 0; $num_tries = 0; while (!$logged_in && $num_tries < 5) { $new_sid = new_sid(); $q = "INSERT INTO Sessions (UsersID, SessionID, LastUpdateTS) "; $q.="VALUES (". $row[0]. ", '" . $new_sid . "', UNIX_TIMESTAMP())"; $result = db_query($q, $dbh); # Query will fail if $new_sid is not unique # if ($result) { $logged_in = 1; break; } $num_tries++; } if ($logged_in) { # set our SID cookie # setcookie("AURSID", $new_sid, 0, "/"); header("Location: /index.php"); } else { $login_error = __("Error trying to generate session id."); } } } } # Any cookies have been sent, can now display HTML # html_header(); # Big Top Level Table (Table 1) print "
";
print " ".__("Welcome to the AUR! Please read the %hAUR User Guidelines%h and %hAUR TU Guidelines%h for more information.", array('', '', '', ''))." ".__("If you have feedback about the AUR, please leave it in %hFlyspray%h.", array('', ''))." ".__("Though we can't vouch for their contents, we provide a %hlist of user repositories%h for your convenience.", array('', ''))." "; print "\n"; # PACKAGE COUNTS $q = "SELECT count(*) FROM Packages,PackageLocations WHERE Packages.LocationID = PackageLocations.ID AND PackageLocations.Location = 'unsupported'"; $result = db_query($q, $dbh); $row = mysql_fetch_row($result); $unsupported_count = $row[0]; $q = "SELECT count(*) FROM Packages,PackageLocations WHERE Packages.LocationID = PackageLocations.ID AND PackageLocations.Location = 'community'"; $result = db_query($q, $dbh); $row = mysql_fetch_row($result); $community_count = $row[0]; $q = "SELECT count(*) from Users"; $result = db_query($q, $dbh); $row = mysql_fetch_row($result); $user_count = $row[0]; $q = "SELECT count(*) from Users,AccountTypes WHERE Users.AccountTypeID = AccountTypes.ID AND AccountTypes.AccountType = 'Trusted User'"; $result = db_query($q, $dbh); $row = mysql_fetch_row($result); $tu_count = $row[0]; print "
| ";
print " "; print " | \n";
# Now present the user login stuff
if (!isset($_COOKIE["AURSID"])) {
# the user is not logged in, give them login widgets
#
if ($login_error) {
print "" . $login_error . " \n"; } print " | ";
print "