Tryag File Manager
Home
-
Turbo Force
Current Path :
/
home
/
cluster1
/
data
/
bu01
/
1121861
/
jlex
/
php4
/
Upload File :
New :
File
Dir
//home/cluster1/data/bu01/1121861/jlex/php4/login.php4
<? include_once("db_connection.php4"); include_once("query_object.php4"); include_once("account_manager.php4"); $ACCESS_CODES_FILE = "access_codes.txt"; session_start(); function get_access_codes($file) { $access_codes = array(); $in = fopen($file,"r"); while($line = fgets($in)) { $line = trim($line); if($line != "") { $parts = explode(" = ",$line); $access_codes[$parts[0]] = $parts[1]; } } return $access_codes; } $function = trim($_POST["function"]); if($function == "") { $function = $_GET["function"]; } if(!array_key_exists("project",$_SESSION)) { $project = $_POST["project"]; if($project == "") { $project == $_GET["project"]; } if($project == "") { die("NO PROJECT SPECIFIED"); } else { $_SESSION["project"] = $project; } } $ma = new account_manager(); if($function == "create_account") { $username = $_POST["username"]; $password = $_POST["password"]; $passwords = get_passwords($PASSWORDS_FILE); $access_code = $_POST["access_code"]; if(in_array($access_code,$access_codes)) { $result = $ma->create_account($_POST,$access_codes); if($result == $ma->USERNAME_TAKEN) { echo "<B><FONT color='red'>Username $username is taken.</B></FONT color='red'><BR><BR>"; $in = fopen("../nahuatl/login.html","r"); while($line = fgets($in)) { echo $line; } fclose($in); } else { if($result == $ma->CREATED_ADMIN) { $_SESSION["admin"] = $username; } $_SESSION["username"] = $username; header("Location: ../nahuatl/mydictionary_search.html"); } } else { echo "I'm sorry, you do not have permission to create an account. Please email "; echo "<a href='mailto:jonatha.amith@yale.edu'>Jonathan Amith</a> to get the access code."; } } else if($function == "login") { $username = $_POST["username"]; $password = $_POST["password"]; $result = $ma->verify_password($username,$password); if($result == $ma->INVALID_PASSWORD) { echo "<B><FONT color='red'>The password you have entered is not valid. Please try again.</FONT></B><BR>"; $in = fopen("../nahuatl/login.html","r"); while($line = fgets($in)) { echo $line; } fclose($in); } else if ($result == $ma->INVALID_USERNAME) { echo "<B><FONT color='red'>No user with username '$username' exists. Please try a different user name.</FONT></B><BR>"; $in = fopen("../nahuatl/login.html","r"); while($line = fgets($in)) { echo $line; } fclose($in); } else { if($result == $ma->VALID_ADMIN) { $_SESSION["admin"] = $username; } $_SESSION["username"] = $username; $ma->update_login_info($username); header("Location: ../nahuatl/mydictionary_search.html"); } } else if($function == "logout") { $username = $_SESSION["username"]; if(array_key_exists("admin",$_SESSION)) { $admin = $_SESSION["admin"]; if($username != $admin) { $_SESSION["username"] = $admin; header("Location: ../nahuatl/mydictionary_search.html"); } else { unset($_SESSION["admin"]); $_SESSION["username"] = ""; header("Location: ../nahuatl/nahuatl_search.html"); } } else { $_SESSION["username"] = ""; header("Location: ../nahuatl/nahuatl_search.html"); } } else if($function == "list_accounts") { if(array_key_exists("admin",$_SESSION)) { $admin = $_SESSION["admin"]; $_SESSION["username"] = $admin; $ma->list_accounts("../user/account_manager.xsl"); } else { echo "Access Denied!"; } } else if($function == "delete_accounts") { if(array_key_exists("admin",$_SESSION)) { $admin = $_SESSION["admin"]; $_SESSION["username"] = $admin; $usernames = $_POST["usernames"]; $ma->delete_accounts($usernames); $ma->list_accounts("../user/account_manager.xsl"); } else { echo "Access Denied!"; } } ?>