Project

General

Profile

« Previous | Next » 

Revision 432

Added by doc almost 18 years ago

Security enhancement (reduced number of login trials from 50 to 3).

View differences:

login.php
1
<?php
2

  
3
// $Id$
4

  
5
/*
6

  
7
 Website Baker Project <http://www.websitebaker.org/>
8
 Copyright (C) 2004-2007, Ryan Djurovich
9

  
10
 Website Baker is free software; you can redistribute it and/or modify
11
 it under the terms of the GNU General Public License as published by
12
 the Free Software Foundation; either version 2 of the License, or
13
 (at your option) any later version.
14

  
15
 Website Baker is distributed in the hope that it will be useful,
16
 but WITHOUT ANY WARRANTY; without even the implied warranty of
17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18
 GNU General Public License for more details.
19

  
20
 You should have received a copy of the GNU General Public License
21
 along with Website Baker; if not, write to the Free Software
22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23

  
24
*/
25

  
26
require_once("../config.php");
27

  
28
// Make sure the login is enabled
29
if(!FRONTEND_LOGIN) {
30
	if(INTRO_PAGE) {
31
		header('Location: '.WB_URL.PAGES_DIRECTORY.'/index'.PAGE_EXTENSION);
32
		exit(0);
33
	} else {
34
		header('Location: '.WB_URL.'/index'.PAGE_EXTENSION);
35
		exit(0);
36
	}
37
}
38

  
39
// Required page details
40
$page_id = 0;
41
$page_description = '';
42
$page_keywords = '';
43
define('PAGE_ID', 0);
44
define('ROOT_PARENT', 0);
45
define('PARENT', 0);
46
define('LEVEL', 0);
47
define('PAGE_TITLE', 'Please login');
48
define('MENU_TITLE', 'Please login');
49
define('VISIBILITY', 'public');
50
// Set the page content include file
51
define('PAGE_CONTENT', WB_PATH.'/account/login_form.php');
52

  
53
require_once(WB_PATH.'/framework/class.login.php');
54

  
55
// Create new login app
56
$thisApp = new Login(
57
							array(
58
									"MAX_ATTEMPS" => "50",
59
									"WARNING_URL" => ADMIN_URL."/login/warning.html",
60
									"USERNAME_FIELDNAME" => 'username',
61
									"PASSWORD_FIELDNAME" => 'password',
62
									"REMEMBER_ME_OPTION" => SMART_LOGIN,
63
									"MIN_USERNAME_LEN" => "2",
64
									"MIN_PASSWORD_LEN" => "2",
65
									"MAX_USERNAME_LEN" => "30",
66
									"MAX_PASSWORD_LEN" => "30",
67
									"LOGIN_URL" => WB_URL."/account/login".PAGE_EXTENSION.'?redirect='.$_REQUEST['redirect'],
68
									"DEFAULT_URL" => WB_URL.PAGES_DIRECTORY."/index".PAGE_EXTENSION,
69
									"TEMPLATE_DIR" => ADMIN_PATH."/login",
70
									"TEMPLATE_FILE" => "template.html",
71
									"FRONTEND" => true,
72
									"FORGOTTEN_DETAILS_APP" => WB_URL."/account/forgot.php".PAGE_EXTENSION,
73
									"USERS_TABLE" => TABLE_PREFIX."users",
74
									"GROUPS_TABLE" => TABLE_PREFIX."groups",
75
									"REDIRECT_URL" => $_REQUEST['redirect']
76
							)
77
					);
78

  
79
// Set extra outsider var
80
$globals[] = 'thisApp';
81

  
82
// Include the index (wrapper) file
83
require(WB_PATH.'/index.php');
84

  
85

  
1
<?php

2

  
3
// $Id$

4

  
5
/*

6

  
7
 Website Baker Project <http://www.websitebaker.org/>

8
 Copyright (C) 2004-2007, Ryan Djurovich

9

  
10
 Website Baker is free software; you can redistribute it and/or modify

11
 it under the terms of the GNU General Public License as published by

12
 the Free Software Foundation; either version 2 of the License, or

13
 (at your option) any later version.

14

  
15
 Website Baker is distributed in the hope that it will be useful,

16
 but WITHOUT ANY WARRANTY; without even the implied warranty of

17
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

18
 GNU General Public License for more details.

19

  
20
 You should have received a copy of the GNU General Public License

21
 along with Website Baker; if not, write to the Free Software

22
 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

23

  
24
*/

25

  
26
require_once("../config.php");

27

  
28
// Make sure the login is enabled

29
if(!FRONTEND_LOGIN) {

30
	if(INTRO_PAGE) {

31
		header('Location: '.WB_URL.PAGES_DIRECTORY.'/index'.PAGE_EXTENSION);

32
		exit(0);

33
	} else {

34
		header('Location: '.WB_URL.'/index'.PAGE_EXTENSION);

35
		exit(0);

36
	}

37
}

38

  
39
// Required page details

40
$page_id = 0;

41
$page_description = '';

42
$page_keywords = '';

43
define('PAGE_ID', 0);

44
define('ROOT_PARENT', 0);

45
define('PARENT', 0);

46
define('LEVEL', 0);

47
define('PAGE_TITLE', 'Please login');

48
define('MENU_TITLE', 'Please login');

49
define('VISIBILITY', 'public');

50
// Set the page content include file

51
define('PAGE_CONTENT', WB_PATH.'/account/login_form.php');

52

  
53
require_once(WB_PATH.'/framework/class.login.php');

54

  
55
// Create new login app

56
$thisApp = new Login(

57
							array(

58
									"MAX_ATTEMPS" => "3",

59
									"WARNING_URL" => ADMIN_URL."/login/warning.html",

60
									"USERNAME_FIELDNAME" => 'username',

61
									"PASSWORD_FIELDNAME" => 'password',

62
									"REMEMBER_ME_OPTION" => SMART_LOGIN,

63
									"MIN_USERNAME_LEN" => "2",

64
									"MIN_PASSWORD_LEN" => "2",

65
									"MAX_USERNAME_LEN" => "30",

66
									"MAX_PASSWORD_LEN" => "30",

67
									"LOGIN_URL" => WB_URL."/account/login".PAGE_EXTENSION.'?redirect='.$_REQUEST['redirect'],

68
									"DEFAULT_URL" => WB_URL.PAGES_DIRECTORY."/index".PAGE_EXTENSION,

69
									"TEMPLATE_DIR" => ADMIN_PATH."/login",

70
									"TEMPLATE_FILE" => "template.html",

71
									"FRONTEND" => true,

72
									"FORGOTTEN_DETAILS_APP" => WB_URL."/account/forgot.php".PAGE_EXTENSION,

73
									"USERS_TABLE" => TABLE_PREFIX."users",

74
									"GROUPS_TABLE" => TABLE_PREFIX."groups",

75
									"REDIRECT_URL" => $_REQUEST['redirect']

76
							)

77
					);

78

  
79
// Set extra outsider var

80
$globals[] = 'thisApp';

81

  
82
// Include the index (wrapper) file

83
require(WB_PATH.'/index.php');

84

  
85

  
86 86
?>

Also available in: Unified diff