PHP Classes

File: login.php

Recommend this page to a friend!
  Classes of Abed Nego Ragil Putra   Giga CMS   login.php   Download  
File: login.php
Role: Example script
Content type: text/plain
Description: Example script
Class: Giga CMS
Multi-user content management system
Author: By
Last change:
Date: 7 years ago
Size: 13,298 bytes
 

Contents

Class file image Download
<?php include "inc/init.php"; if($user->islg()) { // if it's alreadt logged in redirect to the main page header("Location: $set->url"); exit; } $page->title = "Login to ". $set->site_name; $page->description = "login to $set->site_name"; $page->keyword = ""; if($_POST && isset($_SESSION['token']) && ($_SESSION['token'] == $_POST['token'])) { // we validate the data if(isset($_GET['forget'])) { $email = $_POST['email']; if(!$options->isValidMail($email)) $page->error = "Email address is not valid."; if(!isset($page->error) && !($usr = $db->getRow("SELECT `userid` FROM `".MLS_PREFIX."users` WHERE `email` = ?s", $email))) $page->error = "This email address doesn't exist in our database !"; if(!isset($page->error)) { $key = sha1(rand()); $db->query("UPDATE `".MLS_PREFIX."users` SET `key` = ?s WHERE `userid` = ?i", $key, $usr->userid); $link = $set->url."/login.php?key=".$key."&userid=".$usr->userid; $from ="From: not.reply@".$set->url; $sub = "New Password !"; $msg = "Hello,<br> You requested for a new password. To confirm <a href='$link'>click here</a>.<br>If you can't access copy this to your browser<br/>$link <br><br>Regards<br><small>Note: Dont reply to this email. If you got this email by mistake then ignore this email.</small>"; if($options->sendMail($email, $sub, $msg, $from)) $page->success = "An email with instructions was sent !"; } } else if(isset($_GET['key'])) { if($_GET['key'] == '0') { header("Location: $set->url"); exit; } if($usr = $db->getRow("SELECT `userid` FROM `".MLS_PREFIX."users` WHERE `key` = ?s", $_GET['key'])) { if($db->query("UPDATE `".MLS_PREFIX."users` SET `password` = ?s WHERE `userid` = ?i", sha1($_POST['password']), $usr->userid)) { $db->query("UPDATE `".MLS_PREFIX."users` SET `key` = '0' WHERE `userid` = ?i", $usr->userid); $page->success = "Password was updated !"; } } } else { $name = $_POST['name']; $password = $_POST['password']; if(!($usr = $db->getRow("SELECT `userid` FROM `".MLS_PREFIX."users` WHERE `username` = ?s AND `password` = ?s", $name, sha1($password)))) $page->error = "<div class='col-md-6 col-md-offset-2 col-sm-8 col-sm-offset-2'><div id='login-alert' class='alert alert-danger'>Username or password are wrong !</div></div>"; else { if($_POST['r'] == 1){ $path_info = parse_url($set->url); setcookie("user", $name, time() + 3600 * 24 * 30, $path_info['path']); // set setcookie("pass", sha1($password), time() + 3600 * 24 * 30, $path_info['path']); // set } $_SESSION['user'] = $usr->userid; header("Location: $set->url/admin");// link to if success exit; } } } else if($_POST) $page->error = "Invalid request !"; // connect to the database $servername = "$set->db_host"; $username = "$set->db_user"; $password = "$set->db_pass"; $dbname = "$set->db_name"; // Create connection $conn = new mysqli($servername, $username, $password, $dbname); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } ?> <!DOCTYPE html> <!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]--> <!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]--> <!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js"> <!--<![endif]--> <head> <!-- Meta --> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <!-- SEO --> <title><?php echo $page->title; ?></title> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content="<?php echo $page->description; ?>"> <meta name="keywords" content="<?php echo $page->keyword; ?>"> <?php // get results from database $result = mysqli_query($conn, "SELECT * FROM `".MLS_PREFIX."seo` WHERE `id`='1'") or die(mysqli_error()); // loop through results of database query, displaying them in the table while($row = mysqli_fetch_array( $result )) { ?> <meta name="google-site-verification" content="<?php echo $row['google_webmaster']; ?>" /> <meta name="msvalidate.01" content="<?php echo $row['bing_webmaster']; ?>" /> <meta name="alexaVerifyID" content="<?php echo $row['alexa']; ?>" /> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','https://www.google-analytics.com/analytics.js','ga'); ga('create', '<?php echo $row['google_analytic']; ?>', 'auto'); ga('send', 'pageview'); </script> <meta name="revisit-after" content="<?php echo $row['revisit_after']; ?>"> <meta name="robots" content="<?php echo $row['robots']; ?>"> <!-- SEO --> <?php } ?> <!-- CSS --> <link rel="stylesheet" href="<?php echo $set->url; ?>/bootstrap/css/bootstrap.min.css"> <!-- Javascript --> <script src="js/jquery.min.js"></script> <script src="<?php echo $set->url; ?>/js/303ccf41dc.js"></script> <script src="<?php echo $set->url; ?>/tinymce/tinymce.min.js"></script> <link href='https://fonts.googleapis.com/css?family=Roboto+Condensed:400,300,700' rel='stylesheet' type='text/css'> <script> tinymce.init({ selector : "textarea#textareas_edit", theme: 'modern', skin: 'lightgray', height: 300, // =========================================== // INCLUDE THE PLUGIN // =========================================== plugins: [ 'advlist autolink link image lists charmap print preview hr anchor pagebreak spellchecker', 'searchreplace wordcount visualblocks visualchars code fullscreen insertdatetime media nonbreaking', 'save table contextmenu directionality emoticons template paste textcolor' ], // =========================================== // PUT PLUGIN'S BUTTON on the toolbar // =========================================== toolbar: 'insertfile undo redo | styleselect | bold italic | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image | print preview media fullpage | forecolor backcolor emoticons', // =========================================== // SET RELATIVE_URLS to FALSE (This is required for images to display properly) // =========================================== content_css: 'css/content.css' }); </script> </head> <body> <br> <?php if($user->data->banned) { // we delete the expired banned $_unban = $db->getAll("SELECT `userid` FROM `".MLS_PREFIX."banned` WHERE `until` < ".time()); if($_unban) foreach ($_unban as $_usr) { $db->query("DELETE FROM `".MLS_PREFIX."banned` WHERE `userid` = ?i", $_usr->userid); $db->query("UPDATE `".MLS_PREFIX."users` SET `banned` = '0' WHERE `userid` = ?i", $_usr->userid); } $_banned = $user->getBan(); if($_banned) $options->error("You were banned by <a href='$set->url/profile.php?u=$_banned->by'>".$user->showName($_banned->by)."</a> for `<i>".$options->html($_banned->reason)."</i>`. Your ban will expire in ".$options->tsince($_banned->until, "from now.")." "); } if($user->islg() && $set->email_validation && ($user->data->validated != 1)) { $options->fError("Your account is not yet acctivated ! Please check your email !"); } if(file_exists('install.php')) { $options->fError("You have to delete the install.php file before you start using this app."); } if(isset($_SESSION['success'])){ $options->success($_SESSION['success']); unset($_SESSION['success']); } if(isset($_SESSION['error'])){ $options->error($_SESSION['error']); unset($_SESSION['error']); } flush(); // we flush the content so the browser can start the download of css/js $_SESSION['token'] = sha1(rand()); // random token echo "<div class='container'> <div class='col-md-9 col-md-offset-1'> <div class='row'>"; if(isset($page->error)) $options->error($page->error); else if(isset($page->success)) $options->success($page->success); if(isset($_GET['forget'])) { echo " <div id='loginbox' style='margin-top:50px;' class='mainbox col-md-8 col-md-offset-2 col-sm-8 col-sm-offset-2'> <div class='panel panel-info'> <div class='panel-heading'> <div class='panel-title'>Recover</div> </div> <div style='padding-top:30px' class='panel-body' > <div style='display:none' id='login-alert' class='alert alert-danger col-sm-12'></div> <form class='form-horizontal' action='#' method='post'> <div class='form-group'> <label class='col-md-2 control-label'>Email</label> <div class='col-md-9'> <input type='text' placeholder='john.doe@domain.com' name='email' class='form-control'> </div> </div> <input type='hidden' name='token' value='".$_SESSION['token']."'> <div class='form-group'> <div class='col-md-offset-2 col-md-9'> <button type='submit' id='submit' class='btn btn-primary'>Recover </button> <a href='login.php' class='btn btn-default'> Login</a> </div>"; } else if(isset($_GET['key']) && !isset($page->success)) { if($_GET['key'] == '0') { echo "<div class=\"alert alert-error\">Error !</div>"; exit; } if($usr = $db->getRow("SELECT `userid` FROM `".MLS_PREFIX."users` WHERE `key` = ?s AND `userid` = ?i", $_GET['key'], $_GET['userid'])) { echo " <form class='form-horizontal' action='#' method='post'> <fieldset> <legend>Reset</legend> <div class='form-group'> <label class='col-sm-2 control-label'>New password</label> <div class='col-sm-10'> <input type='password' name='password' class='form-control'> </div> </div> <input type='hidden' name='token' value='".$_SESSION['token']."'> <div class='form-group'> <div class='col-sm-10'> <button type='submit' id='submit' class='btn btn-primary'>Save</button> </div> </div> </fieldset>"; } else { echo "<div class=\"alert alert-error\">Error bad key !</div>"; } }else { echo " <div id='loginbox' style='margin-top:50px;' class='mainbox col-md-8 col-md-offset-2 col-sm-8 col-sm-offset-2'> <div class='panel panel-info'> <div class='panel-heading'> <div class='panel-title'>Sign In</div> <div style='float:right; font-size: 80%; position: relative; top:-10px'><a href='?forget=1'>Forgot Password</a></div> </div> <div style='padding-top:30px' class='panel-body' > <form class='form-horizontal' action='?' method='post'> <div style='margin-bottom: 25px' class='input-group'> <span class='input-group-addon'><i class=\"fa fa-user\" aria-hidden=\"true\"></i></span> <input type='text' placeholder='User Name' name='name' class='form-control'> </div> <div style='margin-bottom: 25px' class='input-group'> <span class='input-group-addon'><i class=\"fa fa-key\" aria-hidden=\"true\"></i></span> <input type='password' placeholder='Your Password' name='password' class='form-control'> </div> <div class='input-group'> <div class='checkbox'> <label> <input type='checkbox' name='r' value='1' id='r'> Remember me </label> </div> </div> <input type='hidden' name='token' value='".$_SESSION['token']."'> <div style='margin-top:10px' class='form-group'> <div class='col-sm-12 controls'> <button type='submit' id='submit' class='btn btn-primary'>Login </button> <a href='index.php' class='btn btn-primary'> Back to Site </a> </div> </div> <div class='form-group'> <div class='col-md-12 control'> <div style='border-top: 1px solid#888; padding-top:15px; font-size:85%' > Don't have an account! <a href='register.php'> Sign Up Here </a> </div> </div> </div> </form> </div> </div> </div>"; } echo " </div>"; ?> <script src="<?php echo $set->url;?>/js/jquery.min.js"></script> <script>window.jQuery || document.write('<script src="<?php echo $set->url;?>/js/jquery-1.11.3.min.js"><\/script>')</script> <script src="<?php echo $set->url;?>/bootstrap/js/bootstrap.min.js"></script> <!-- Validate Plugin --> <script src="<?php echo $set->url;?>/js/vendor/jquery.validate.min.js"></script> <script src="<?php echo $set->url;?>/js/main.js"></script> </body> </html>