-
Notifications
You must be signed in to change notification settings - Fork 0
/
mmauth.php
111 lines (98 loc) · 2.82 KB
/
mmauth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php // mmauth.php
require_once 'mmsession.php';
use mondrakeNG\mm\classes\MMUser;
use mondrakeNG\mm\classes\MMUserLogin;
require_once 'mmexchdl.php';
// get appenv
$appEnv = NULL;
if (isset($_GET['appenv']))
$appEnv = $_GET['appenv'];
else if (isset($_POST['appenv']))
$appEnv = $_POST['appenv'];
if(!$appEnv)
die("Missing parameter.");
// session already authenticated, go to mmmain
if (isset($_SESSION['mmToken'])) {
$_SESSION['mmAppEnv'] = $appEnv;
header("Location: mmmain.php");
die;
}
// authentication required
$mmUserLogin = new MMUserLogin;
$authParms = array();
$authParms['mmTokenSecsToExpiration'] = 8*24*3600;
$authParms['mmClient'] = 3;
// authentication via cookie
if (isset($_COOKIE['mmToken'])) {
$mmToken = $_COOKIE['mmToken'];
$authParms['mmToken'] = $mmToken;
// MMDb::beginTransaction();
$res = $mmUserLogin->userAuthenticate($authParms);
// MMDb::commit();
if ($res == TRUE) {
$_SESSION['mmAppEnv'] = $appEnv;
$_SESSION['mmToken'] = $mmToken;
setcookie("mmToken", $mmToken, strtotime($authParms['mmTokenExpirationTs']));
header("Location: mmmain.php");
die;
}
else {
$error = $authParms[authMsg];
}
}
// authentication via login
if (isset($_POST['mmUser'])) {
$user = sanitizeString($_POST['mmUser']);
$pass = sanitizeString($_POST['mmPass']);
if ($user == "" || $pass == "") {
$error[] = "Not all fields were entered";
}
else {
$authParms['mmLoginUser'] = $user;
$authParms['mmLoginPass'] = $pass;
// MMDb::beginTransaction();
$res = $mmUserLogin->userAuthenticate($authParms);
// MMDb::commit();
if ($res == TRUE) {
$_SESSION['mmAppEnv'] = $appEnv;
$_SESSION['mmToken'] = $authParms['mmToken'];
setcookie("mmToken", $authParms['mmToken'], strtotime($authParms['mmTokenExpirationTs']));
header("Location: mmmain.php");
die;
}
else {
$error = $authParms['authMsg'];
}
}
}
else {
$error = array("");
$user = $pass = "";
}
echo <<<_END
<html>
<style>
.login { border: 1px solid #999999; font: normal 14px verdana; color:#444444; }
.apptop { font: normal 20px verdana; }
</style>
<head><title>$appName</title></head>
<body>
<table class="apptop" border="0" cellpadding="2" cellspacing="5">
<th>$appName ($appEnv)</th>
</table>
<form method='post' action='mmauth.php'>
_END;
foreach($error as $a) print "$a<br/>";
echo <<<_END
<input type='hidden' name='appenv' value='$appEnv'/>
<table class="login" border="0" cellpadding="2" cellspacing="5" bgcolor="#eeeeee">
<tr><td colspan="2" align="center">Login</td></tr>
<tr><td>Username</td><td><input type='text' maxlength='16' name='mmUser' value='$user' /></td></tr>
<tr><td>Password</td><td><input type='password' maxlength='16' name='mmPass' value='$pass' /></td></tr>
<tr><td colspan="2" align="center"><input type='submit' value='Login' /></td></tr>
</table>
</form>
</body>
</form>
_END;
?>