Added logout, refined login and took it back out of the lib. Added timers to forward after 5 seconds after logout & register. Looks good imo

This commit is contained in:
Quitta 2013-06-26 16:35:33 +02:00
parent 8735e2f7e6
commit 577d68a6d9
10 changed files with 183 additions and 164 deletions

View file

@ -295,44 +295,6 @@ class Users{
} }
public function login($params){
$webhost = $params["webhost"];
$webport = $params["webport"];
$webdbname = $params["webdbname"];
$webusername = $params["webusername"];
$webpassword = $params["webpassword"];
try{
$dbw = new PDO("mysql:host=$webhost;port=$webport;dbname=$webdbname", $webusername, $webpassword);
$dbw->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$statement = $dbw->prepare("SELECT * FROM ams_user WHERE Login=:user");
$statement->execute(array('user' => $params['name']));
$count = $statement->rowCount();
if ($count==1) {
$row = $statement->fetch();
$salt = substr($row['Password'],0,2);
$hashed_input_pass = crypt($params["pass"], $salt);
if($hashed_input_pass == $row['Password']){
//handle successful login
print("nice welcome!");
$_SESSION['user'] = $params['name'];
$_SESSION['permission'] = $row['Permission'];
print( $_SESSION['user']);
return "success";
}else{
//handle login failure
print("Login failed");
return "failure";
}
}
}catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
exit;
}
}
} }

View file

@ -4,13 +4,22 @@
[home] [home]
[login] [login]
login_info = "Please login with your Username and Password."
login_error_message = "The filled in username/password were not correct!"
[logout]
logout_message = "You've been logged out successfully!"
login_title = "Login"
login_timer = "You will be redirected to the login page in "
login_text = "Or click here if you don't want to wait!"
[register_feedback] [register_feedback]
status_ok = "You registered like a baws!" status_ok = "You registered like a baws!"
status_shardoffline = "It seems the shard is offline, you can use the web-account, but you will need to wait for the shard." status_shardoffline = "It seems the shard is offline, you can use the web-account, but you will need to wait for the shard."
status_liboffline = "You can't register an account at this time" status_liboffline = "You can't register an account at this time"
login_title = "Next step: Login" login_title = "Login"
login_text = "Click here if you want to log in!" login_timer = "You will be redirected to the login page in "
login_text = "Or click here if you don't want to wait!"
[register] [register]
title = "RYZOM CORE INGAME REGISTRATION" title = "RYZOM CORE INGAME REGISTRATION"

View file

@ -0,0 +1,7 @@
<?php
session_unset();
session_destroy();
$pageElements['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'logout', $pageElements);
exit();

View file

@ -1,71 +0,0 @@
<?php
require( '../config.php' );
// check if values exist
if ( isset( $_POST["Username"] ) and isset( $_POST["Password"] ) and isset( $_POST["Email"] ) )
{
// check values
$user = users :: checkUser( $_POST["Username"] );
$pass = users :: checkPassword( $_POST["Password"] );
$cpass = users :: confirmPassword();
$email = users :: checkEmail( $_POST["Email"] );
}else{
$user = "";
$pass = "";
$cpass = "";
$email = "";
}
// if all are good then create user
if ( ( $user == "success" ) and ( $pass == "success" ) and ( $cpass == "success" ) and ( $email == "success" ) and ( isset( $_POST["TaC"] ) ) ){
$edit = array(
'name' => $_POST["Username"],
'pass' => $_POST["Password"],
'mail' => $_POST["Email"],
'init' => $_POST["Email"],
'unhashpass' => $_POST["Password"],
'status' => 1,
'access' => REQUEST_TIME
);
user_save( NULL, $edit );
header( 'Location: email_sent.php' );
exit;
}else{
$pageElements = array(
'GAME_NAME' => $GAME_NAME,
'WELCOME_MESSAGE' => $WELCOME_MESSAGE,
'USERNAME' => $user,
'PASSWORD' => $pass,
'CPASSWORD' => $cpass,
'EMAIL' => $email
);
if ( $user != "success" ){
$pageElements['USERNAME_ERROR'] = 'TRUE';
}else{
$pageElements['USERNAME_ERROR'] = 'FALSE';
}
if ( $pass != "success" ){
$pageElements['PASSWORD_ERROR'] = 'TRUE';
}else{
$pageElements['PASSWORD_ERROR'] = 'FALSE';
}
if ( $cpass != "success" ){
$pageElements['CPASSWORD_ERROR'] = 'TRUE';
}else{
$pageElements['CPASSWORD_ERROR'] = 'FALSE';
}
if ( $email != "success" ){
$pageElements['EMAIL_ERROR'] = 'TRUE';
}else{
$pageElements['EMAIL_ERROR'] = 'FALSE';
}
if ( isset( $_POST["TaC"] ) ){
$pageElements['TAC_ERROR'] = 'FALSE';
}else{
$pageElements['TAC_ERROR'] = 'TRUE';
}
if ( helpers :: check_if_game_client() ){
helpers :: loadtemplate( 'register', $pageElements );
}else{
helpers :: loadtemplate( 'register', $pageElements );
}
}

View file

@ -0,0 +1,43 @@
<?php
function login(){
global $WEBDBHOST;
global $WEBDBPORT;
global $WEBDBNAME;
global $WEBDBUSERNAME;
global $WEBDBPASSWORD;
try{
$dbw = new PDO("mysql:host=$WEBDBHOST;port=$WEBDBPORT;dbname=$WEBDBNAME", $WEBDBUSERNAME, $WEBDBPASSWORD);
$dbw->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$statement = $dbw->prepare("SELECT * FROM ams_user WHERE Login=:user");
$statement->execute(array('user' => $_POST['Username']));
$row = $statement->fetch();
$salt = substr($row['Password'],0,2);
$hashed_input_pass = crypt($_POST["Password"], $salt);
if($hashed_input_pass == $row['Password']){
//handle successful login
$_SESSION['user'] = $_POST["Username"];
$_SESSION['permission'] = $row['Permission'];
//go back to the index page.
header( 'Location: index.php' );
exit;
}else{
//handle login failure
$result['login_error'] = 'TRUE';
$result['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'login', $result);
exit;
}
}catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
exit;
}
}

View file

@ -27,8 +27,13 @@ if ( isset( $_POST["function"] ) ){
function loadpage ( $page ){ function loadpage ( $page ){
require_once( 'autoload/' . $page . '.php' ); $filename = 'autoload/' . $page . '.php';
if(is_file($filename)){
require_once($filename);
} }
}
loadpage($page);
//Set permission //Set permission
if(isset($_SESSION['permission'])){ if(isset($_SESSION['permission'])){
@ -40,7 +45,7 @@ if(isset($_SESSION['permission'])){
//hide sidebar + topbar in case of login/register //hide sidebar + topbar in case of login/register
if($page == 'login' || $page == 'register'){ if($page == 'login' || $page == 'register' || $page == 'logout'){
$return['no_visible_elements'] = 'TRUE'; $return['no_visible_elements'] = 'TRUE';
}else{ }else{
$return['no_visible_elements'] = 'FALSE'; $return['no_visible_elements'] = 'FALSE';

View file

@ -4,5 +4,6 @@
<li style="margin-left: -2px;" class="active"><a class="ajax-link" href="?page=home"><i class="icon-home"></i><span class="hidden-tablet"> Dashboard</span></a></li> <li style="margin-left: -2px;" class="active"><a class="ajax-link" href="?page=home"><i class="icon-home"></i><span class="hidden-tablet"> Dashboard</span></a></li>
<li class="nav-header hidden-tablet">Sample Section</li> <li class="nav-header hidden-tablet">Sample Section</li>
<li style="margin-left: -2px;"><a href="?page=login"><i class="icon-lock"></i><span class="hidden-tablet"> Login Page</span></a></li> <li style="margin-left: -2px;"><a href="?page=login"><i class="icon-lock"></i><span class="hidden-tablet"> Login Page</span></a></li>
<li style="margin-left: -2px;"><a href="?page=logout"><i class="icon-off"></i><span class="hidden-tablet"> Logout </span></a></li>
{/block} {/block}

View file

@ -10,7 +10,7 @@
<div class="row-fluid"> <div class="row-fluid">
<div class="well span5 center login-box"> <div class="well span5 center login-box">
<div class="alert alert-info"> <div class="alert alert-info">
Please login with your Username and Password. {$login_info}
</div> </div>
<form method="post" action="index.php" class="form-horizontal"> <form method="post" action="index.php" class="form-horizontal">
<fieldset> <fieldset>
@ -35,6 +35,13 @@
</p> </p>
</fieldset> </fieldset>
</form> </form>
{if isset($login_error) and $login_error eq "TRUE"}
<div class="alert alert-error">
<button type="button" class="close" data-dismiss="alert">×</button>
<strong>{$login_error_message}</strong>
</div>
{/if}
<div class="alert alert-info"> <div class="alert alert-info">
<strong>Register</strong> <strong>Register</strong>
If you dont have an account yet, create one <a href="?page=register">here</a>! If you dont have an account yet, create one <a href="?page=register">here</a>!

View file

@ -0,0 +1,40 @@
{extends file="layout.tpl"}
{block name=content}
<div class="row-fluid">
<div class="span12 center login-header">
<img src="img/mainlogo.png"/>
</div><!--/span-->
</div><!--/row-->
<div class="row-fluid">
<div class="well span5 center login-box">
<div class="alert alert-success">
{$logout_message}
</div>
<div class="alert alert-info">
<strong>{$login_title}</strong>
<p>{$login_timer}<span id="seconds">5</span></p>
<p><a href="index.php">{$login_text}</a></p>
</div>
<script>
var seconds = 5;
setInterval(
function(){
if (seconds <= 1) {
window.location = 'index.php';
}
else {
document.getElementById('seconds').innerHTML = --seconds;
}
},
1000
);
</script>
</div><!--/span-->
</div>
{/block}

View file

@ -25,8 +25,24 @@
<div class="alert alert-info"> <div class="alert alert-info">
<strong>{$login_title}</strong> <strong>{$login_title}</strong>
<a href="index.php?page=register">{$login_text}</a> <p>{$login_timer}<span id="seconds">5</span></p>
<p><a href="index.php">{$login_text}</a></p>
</div> </div>
<script>
var seconds = 5;
setInterval(
function(){
if (seconds <= 1) {
window.location = 'index.php';
}
else {
document.getElementById('seconds').innerHTML = --seconds;
}
},
1000
);
</script>
</div><!--/span--> </div><!--/span-->
</div> </div>
{/block} {/block}