From f6be9edd401664d95e60ae3c81aeaf36723ba891 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sun, 8 Feb 2009 04:48:53 +0000 Subject: added login capability --- check_user.php | 18 +++++++++++ data.php | 24 ++++---------- db.class.php | 100 +++++++++++++++++++++++++-------------------------------- index.php | 31 +++++++++++++----- login.php | 40 +++++++++++++++++++++++ map.css | 15 ++++++++- map.js | 73 +++++++++++++++++++++++++++++++++++++++++ 7 files changed, 218 insertions(+), 83 deletions(-) create mode 100644 check_user.php create mode 100644 login.php diff --git a/check_user.php b/check_user.php new file mode 100644 index 0000000..4b89267 --- /dev/null +++ b/check_user.php @@ -0,0 +1,18 @@ +escape_string($username); + + $db->query("SELECT password FROM person WHERE email='".$escaped_username."'"); + $data = $db->getNextObject(); + if($data->password == md5($password)) + return true; + + return false; +} +?> diff --git a/data.php b/data.php index 284e65e..adcdbfa 100644 --- a/data.php +++ b/data.php @@ -1,21 +1,5 @@ - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ +session_start(); require_once("db.class.php"); require_once("ipmatch.php"); @@ -28,6 +12,12 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); $db = new DB($conf['db']['user'], $conf['db']['password'], $conf['db']['host'], $conf['db']['database']); $conf['acl']['auth'] = match_network($conf['acl']['range'],$_SERVER[REMOTE_ADDR]); +if(!$conf['acl']['auth'] ) +{ + if (isset($_SESSION['logged_in']) && $_SESSION['logged_in']) + $conf['acl']['auth'] = true; +} + $x_startpoint = 4080; $lng_startpoint = 15.43844103813; $dx_dLng = 50675.5176; diff --git a/db.class.php b/db.class.php index 6603804..28dba49 100644 --- a/db.class.php +++ b/db.class.php @@ -1,61 +1,47 @@ - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - class DB { - var $user, $pass, $host, $dbname; - var $db; - var $res; - - function DB($user, $pass, $host, $dbname) { - $this->user = $user; - $this->pass = $pass; - $this->host = $host; - $this->dbname = $dbname; - - $this->connect(); - } - - function connect() { - $this->db = mysql_connect($this->host, $this->user, $this->pass) - or $this->error("Verbindungsaufbau fehlgeschlagen"); - - mysql_select_db($this->dbname); - } - - function error($msg) { - die($msg . ": " . @mysql_error()); - } - - function query($query) { - $this->res = mysql_query($query, $this->db) - or $this->error("Fehler bei Datenbankanfrage"); - } - - function numObjects() { - return mysql_num_rows($this->res); - } - - function getNextObject() { - if (!$this->res) { - return; - } - return mysql_fetch_object($this->res); - } +var $user, $pass, $host, $dbname; +var $db; +var $res; + +function DB($user, $pass, $host, $dbname) { + $this->user = $user; + $this->pass = $pass; + $this->host = $host; + $this->dbname = $dbname; + $this->connect(); +} + +function connect() { + $this->db = mysql_connect($this->host, $this->user, $this->pass) + or $this->error("Verbindungsaufbau fehlgeschlagen"); + mysql_select_db($this->dbname); +} + +function error($msg) { + die($msg . ": " . @mysql_error()); +} + +function query($query) { + $this->res = mysql_query($query, $this->db) + or $this->error("Fehler bei Datenbankanfrage"); } + +function escape_string($string) { + return mysql_real_escape_string($string, $this->db); +} + +function numObjects() { + return mysql_num_rows($this->res); +} + +function getNextObject() { + if (!$this->res) { + return; + } + return mysql_fetch_object($this->res); + } +} + + ?> diff --git a/index.php b/index.php index aed6a1a..8233594 100644 --- a/index.php +++ b/index.php @@ -1,4 +1,6 @@ -
- Adresse suchen: -
-

- - -

-
+
+
+ +
+
+ Adresse suchen: +
+

+ + +

+
+
diff --git a/login.php b/login.php new file mode 100644 index 0000000..02015e7 --- /dev/null +++ b/login.php @@ -0,0 +1,40 @@ +\n"; +echo "\n"; + +if (isset($_POST['login'])) +{ + if(check_user($_POST['username'], $_POST['password'])) + { + $_SESSION['logged_in'] = true; + $_SESSION['username'] = $_POST['username']; + } + else + { + echo ''."\n"; + } +} +else if (isset($_POST['logout'])) +{ + session_destroy(); + $_SESSION['logged_in'] = false; +} + +if (isset($_SESSION['logged_in']) && $_SESSION['logged_in']) +{ + echo ''."\n"; + echo ''."\n"; +} +else +{ + echo ''."\n"; +} +echo ""; diff --git a/map.css b/map.css index 02fdea9..0466143 100644 --- a/map.css +++ b/map.css @@ -55,10 +55,23 @@ div.box { margin-right: 0; } -#addressbox { +#southeastcontainer { position: absolute; right: 10px; bottom: 10px; + padding: 0; +} + +#loginbox { + margin-top: 0; + margin-left: auto; + marign-right: 0; +} + +#addressbox { + margin-top: 1ex; + margin-left: auto; + margin-bottom: 0; } #distboxouter { diff --git a/map.js b/map.js index 6edc21c..3ac9685 100644 --- a/map.js +++ b/map.js @@ -364,6 +364,79 @@ function setNewMarker(point) { marker.openInfoWindowHtml(addNewNodeText(point)); } +function fflogin(username, password) { + var postbody = "username=" + encodeURIComponent(username) + "&password=" + encodeURIComponent(password) + "&login=Einloggen#"; + GDownloadUrl("login.php", onFFLogin, postbody); +} + +function onFFLogin(data, responseCode) { + if (responseCode < 200 || responseCode > 299) { + return alert("Fehler: Konnte die Daten nicht laden!\n(Server Antwort-Code: " + responseCode + ")"); + } + xmlData = GXml.parse(data); + + var error = xmlData.getElementsByTagName("error"); + if(error.length > 0) { + alert(error[0].getAttribute("string")); + } + else { + var status = xmlData.getElementsByTagName("status"); + if(status[0].getAttribute("code") == "logged_in") { + var username = xmlData.getElementsByTagName("username")[0].getAttribute("name"); + showFFLogout(username); + + reloadcon.started(); + GDownloadUrl("data.php", onData); + } + } +} + +function showFFLogin() { + var html = '
'; + html += ''; + html += ''; + html += ''; + html += ''; + html += ''; + html += ''; + html += ''; + html += '
Benutzername:
Passwort:
'; + + document.getElementById("loginbox").innerHTML = html; +} + +function fflogout() { + var postbody = "logout=Ausloggen#"; + GDownloadUrl("login.php", onFFLogout, postbody); +} + +function onFFLogout(data, responseCode) { + if (responseCode < 200 || responseCode > 299) { + return alert("Fehler: Konnte die Daten nicht laden!\n(Server Antwort-Code: " + responseCode + ")"); + } + xmlData = GXml.parse(data); + + var error = xmlData.getElementsByTagName("error"); + if(error.length > 0) { + alert(error[0].getAttribute("string")); + } + else { + showFFLogin(); + + reloadcon.started(); + GDownloadUrl("data.php", onData); + } +} + +function showFFLogout(username) { + var html = '
'; + html += 'Sie sind eingeloggt als:
'; + html += ''+username+'   ' + html += '
'; + + document.getElementById("loginbox").innerHTML = html; +} + function showAddress(address) { if (geocoder) { address += ", Graz, Austria"; -- cgit v1.2.1