Login

authenticateUserByName($name, $pw)); if ($returnObject->success !== false) { return json_decode(json_encode($returnObject->result), JSON_OBJECT_AS_ARRAY); } else { return false; } } function redirectToLogin ($name = "") { if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") { header ("Location: https://".$_SERVER['HTTP_HOST'].dirname($_SERVER['SCRIPT_NAME'])."/login.php?name=".$name); } else { header ("Location: http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['SCRIPT_NAME'])."/login.php?name=".$name); } die; } ?> '; ?> Login "; echo ""; $name = $_REQUEST["name"]; $password = $_REQUEST["password"]; if(!isset($name) || $name == ''){ echo ""; } else{ echo ""; } ?> "; echo ""; if(!isset($name) || $name == '' || !isset($password) || $password == ''){ echo ""; } if(isset($name) && $name != '' && isset($password) && $password != ''){ require_once dirname(__FILE__)."/../../core/system.php"; $sql_count = "SELECT mb_user_login_count FROM mb_user WHERE mb_user_name = $1"; $params = array($name); $types = array('s'); $res_count = db_prep_query($sql_count,$params,$types); if($row = db_fetch_array($res_count)){ if($row["mb_user_login_count"] > MAXLOGIN){ echo "Permission denied. Login failed ".MAXLOGIN." times. Your account has been deactivated. Please contact your administrator!"; die; } } require_once dirname(__FILE__)."/../../lib/class_Mapbender.php"; require_once dirname(__FILE__)."/../../lib/class_Mapbender_session.php"; $row = auth_user($name, $password); // if given user data is found in database, set session data (db_fetch_array returns false if no row is found) if($row){ require_once dirname(__FILE__) . "/../../core/globalSettings.php"; # These lines will create a new session if a user logs in who is not the owner # of the session. However, in Geoportal-RLP this is intended, # # if (Mapbender::session()->get("mb_user_id") !== false && $row["mb_user_id"] !== Mapbender::session()->get("mb_user_id")) { # session_write_close(); # session_id(sha1(mt_rand())); # session_start(); # } include(dirname(__FILE__) . "/../../conf/session.conf"); } else { # not needed anymore, this is done in class user #$sql_set_cnt = "UPDATE mb_user SET mb_user_login_count = (mb_user_login_count + 1) WHERE mb_user_name = $1"; #$v = array($name); #$t = array('s'); #db_prep_query($sql_set_cnt,$v,$t); redirectToLogin($name); } if(Mapbender::session()->get("mb_user_id")){ if($row["mb_user_login_count"] <= MAXLOGIN){ $sql_del_cnt = "UPDATE mb_user SET mb_user_login_count = 0 WHERE mb_user_id = $1"; $v = array(Mapbender::session()->get('mb_user_id')); $t = array("i"); db_prep_query($sql_del_cnt, $v, $t); require_once(dirname(__FILE__)."/../php/mb_getGUIs.php"); $arrayGUIs = mb_getGUIs($row["mb_user_id"]); new mb_notice("login.setSession.mb_user_guis: ".serialize($arrayGUIs)." in session: " .session_id()); Mapbender::session()->set("mb_user_guis",$arrayGUIs); Mapbender::session()->set("mb_login",$login); # a gui is explicitly ordered if((isset($_REQUEST["mb_user_myGui"]) || Mapbender::session()->get("mb_user_myGui")) && in_array($_REQUEST["mb_user_myGui"], $arrayGUIs)){ unset($arrayGUIs); if(isset($_REQUEST["mb_user_myGui"])){ $arrayGUIs[0] = $_REQUEST["mb_user_myGui"];} else{ $arrayGUIs[0] = Mapbender::session()->set("mb_user_myGui");} } #only one gui is provided if(count($arrayGUIs) == 1){ if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") { $myURL = "Location: https://".$_SERVER['HTTP_HOST'].dirname($_SERVER['SCRIPT_NAME'])."/index.php?".strip_tags (SID)."&gui_id=".$arrayGUIs[0]; } else { $myURL = "Location: http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['SCRIPT_NAME'])."/index.php?".strip_tags (SID)."&gui_id=".$arrayGUIs[0]; } # remove name and password from url, because url params are parsed later and written in javascript $cleanUrl = preg_replace("/name=[^&]*&/","",$_SERVER["QUERY_STRING"]); $cleanUrl = preg_replace("/password=[^&]*&/","",$cleanUrl); $myURL .= "&".$cleanUrl; header ($myURL); die; } # list all guis of this user and his groups else{ require_once(dirname(__FILE__)."/../php/mb_listGUIs.php"); mb_listGUIs($arrayGUIs); } } } else { Mapbender::session()->kill(); $sql_set_cnt = "UPDATE mb_user SET mb_user_login_count = (mb_user_login_count + 1) WHERE mb_user_name = $1"; $v = array($name); $t = array('s'); db_prep_query($sql_set_cnt,$v,$t); redirectToLogin($name); } } ?>

Name:
Password:
	"; echo " Forgot your password?"; echo "