<?PHP
/* Example Login.php page. Receives the USERNAME and PASSWORD fields, and calls StartAuth to authenticate it.
If Error, Will display a login error, else will display a link to home.php
This uses the Smarty Template system. This isn't necessary but I'd seriously recommend it.
The REMEMBER field is used to determine whether or not the user wants to use Cookies to remember his details on the system.
If he does, it will register the cookie for 1 month. (Set in Authentication.php)
*/
require_once 'common.php';
/*
Initialize Smarty Template
*/
$tpl = new Smarty;
/*
Call Authentication Class
*/
$auth = new Authentication($db);
if($auth->CheckAuth()) {
/*
This calls the CheckAuth() fuction before anything else.
If this is TRUE, the user IS using Cookie Authentication, and has unexpired sessions on his machine. We can redirect him
to a member page because he's already logged in so there's no use even showing him the login page.
*/
/*
Take me home!
*/
header("Location:home.php");
}
elseif(isset($_POST['Submit'])) {
/*
We get here if he either doesn't have valid cookies on his machine, the cookies have expired,
or he has chosen not to remember his details.
*/
/*
Call Authentication Class
*/
$auth = new Authentication($db);
/*
Start Authentication -- Pass the Class the values of the Form Posting.
The third (Remember) field is optional, and is assumed FALSE if no value is given.
If it is passed, and StartAuth is successful, COOKIES will be registered on the user's machine.
*/
$auth->StartAuth($_POST['username'],$_POST['password'],$_POST['remember']);
/*
We call CheckAuth.
*/
if(!$auth->CheckAuth()) {
/*
We get here if CheckAuth fails.
CheckAuth returns FALSE when Authentication was not successful. -- Incorrect details have been entered.
*/
/*
Redirect them back to the login page to try again.
*/
header("Location:login.php?failed=1");
} else {
/*
We'd make it here if this is a first time Authentication, or the user is choosing not to use Cookie Authentication.
Once he's here, the CheckAuth() has returned TRUE and he's a valid user. The sessions and/or cookies have been
registered and the user may now continue into his members section.
*/
/*
Take me home!
*/
header("Location:home.php");
}
} else {
/*
We get here if the user has no Authentication, and no form has yet been posted.
*/
/*
Assign specific fields in the template.
It is not mandatory to use the Smarty template, however, it is strongly advised. If you don't wish to,
you may remove the Smarty code and place an HTML form here.
*/
$tpl->assign("title","Please enter your Login details.");
$tpl->assign("form_action",$_SERVER['PHP_SELF']);
$tpl->assign("header","Please enter your Login details below.");
$tpl->assign("form_username","username");
$tpl->assign("form_password","password");
$tpl->assign("form_remember","remember");
$tpl->assign("remember_checked","");
$tpl->assign("form_submit","Submit");
/*
Finish assigning variables.
*/
}
if(isset($_GET['failed'])) {
/*
We get here when CheckAuth() has returned false, meaning there's been an error Authenticating the user.
Tell them there's been an error by assigning the error_message field in the template with some error
message of relevance.
*/
$tpl->assign("error_message","Oops! We have encountered an error. Please re-enter your details.");
}
/*
Display the Smarty template.
*/
$tpl->display("login.tpl");
if($_GET['method'] == 'logout') {
/*
This may be called by login.php?method=logout
If this is called, Sessions & Cookies are destroyed.
This will expire the cookies on the machine, so the user will have to log in again if he wants the system to remember
his details again.
*/
Authentication::AuthKill();
/*
Redirects the user back to login.php
*/
header("Location:login.php");
}
?>
|