ttrss/login.php

<?
//	require_once "sessions.php";

	require_once "sanity_check.php";
	require_once "version.php"; 
	require_once "config.php";
	require_once "functions.php";

	$url_path = get_script_urlpath();

	if (ENABLE_LOGIN_SSL) {		
		$redirect_base = "https://" . $_SERVER["SERVER_NAME"] . $url_path;
	} else {
		$redirect_base = "http://" . $_SERVER["SERVER_NAME"] . $url_path;
	}

	if (SINGLE_USER_MODE) {
		header("Location: $redirect_base/tt-rss.php");
		exit;
	}

	$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);	

	$login = $_POST["login"];
	$password = $_POST["password"];
	$return_to = $_POST["rt"];

	if ($_COOKIE[get_session_cookie_name()]) {
		require_once "sessions.php";
		if ($_SESSION["uid"]) {
			initialize_user_prefs($link, $_SESSION["uid"]); 
			header("Location: $redirect_base/tt-rss.php");
			exit;
		}
	}

	if ($login && $password) {

		if ($_POST["remember_me"]) {
			session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER);
		} else {
			session_set_cookie_params(SESSION_COOKIE_LIFETIME);
		}
			
		require_once "sessions.php";

		if (authenticate_user($link, $login, $password)) {
			initialize_user_prefs($link, $_SESSION["uid"]); 

			if ($_POST["remember_me"]) {
				$_SESSION["cookie_lifetime"] = time() + SESSION_COOKIE_LIFETIME_REMEMBER;
			} else {
				$_SESSION["cookie_lifetime"] = time() + SESSION_COOKIE_LIFETIME;
			}

			setcookie("ttrss_cltime", $_SESSION["cookie_lifetime"], 
				$_SESSION["cookie_lifetime"]);

			if (!$return_to) {
				$return_to = "tt-rss.php";
			}
			header("Location: $redirect_base/$return_to");
			exit;
		}
	}

?>
<html>
<head>
	<title>Tiny Tiny RSS : Login</title>
	<link rel="stylesheet" type="text/css" href="tt-rss.css">
	<!--[if gte IE 5.5000]>
		<script type="text/javascript" src="pngfix.js"></script>
	<![endif]-->
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>

<body>

<script type="text/javascript">
function init() {

	if (arguments.callee.done) return;
	arguments.callee.done = true;		

	var login = document.forms["loginForm"].login;

	login.focus();

}
</script>

<script type="text/javascript">
if (document.addEventListener) {
	document.addEventListener("DOMContentLoaded", init, null);
}
window.onload = init;
</script>

<table width='100%' height='100%' class="loginForm">

	<tr><td align='center' valign='middle'>

	<form action="login.php" method="POST" name="loginForm">
	
	<table class="innerLoginForm">

	<tr><td valign="middle" align="center" colspan="2">
		<img src="images/ttrss_logo.png" alt="logo">
	</td></tr>
	
	<tr><td align="right">Login:</td>
		<td><input name="login"></td></tr>
	<tr><td align="right">Password:</td>
		<td><input type="password" name="password"></td></tr>
	<tr><td>&nbsp;</td><td>
			<input type="checkbox" name="remember_me" id="remember_me">
			<label for="remember_me">Remember me</label>
	</td></tr>
	<tr><td colspan="2" align="center">
		<input type="submit" class="button" value="Login">
		<input type="hidden" name="rt" value="<?= $_GET['rt'] ?>">
	</td></tr>
	
	</table>
	
	</form>

	</td></tr>
</table>

<? db_close($link); ?>

<script type="text/javascript">
	/* for IE */
	function statechange() {
		if (document.readyState == "interactive") init();
	}

	if (document.readyState) {	
		if (document.readyState == "interactive" || document.readyState == "complete") {
			init();
		} else {
			document.onreadystatechange = statechange;
		}
	}
</script>

</body>
</html>
actually add login.php 2005-11-18 03:50:47 +01:00			`<?`
remember me feature 2006-03-04 11:58:25 +01:00			`// require_once "sessions.php";`
actually add login.php 2005-11-18 03:50:47 +01:00
add some basic "did I forget to create config.php" sanity checks 2005-11-23 18:20:17 +01:00			`require_once "sanity_check.php";`
actually add login.php 2005-11-18 03:50:47 +01:00			`require_once "version.php";`
			`require_once "config.php";`
optional login form/http basic auth support 2005-11-18 07:21:24 +01:00			`require_once "functions.php";`
actually add login.php 2005-11-18 03:50:47 +01:00
option to redirect to https url for login, option ENABLE_LOGIN_SSL (fixes some non-absolute redirects) 2005-12-09 21:34:29 +01:00			`$url_path = get_script_urlpath();`
set redirect_base to https:// prefix when ENABLE_LOGIN_SSL is enabled (closes #71) 2006-06-14 09:24:15 +02:00
			`if (ENABLE_LOGIN_SSL) {`
			`$redirect_base = "https://" . $_SERVER["SERVER_NAME"] . $url_path;`
			`} else {`
			`$redirect_base = "http://" . $_SERVER["SERVER_NAME"] . $url_path;`
			`}`
option to redirect to https url for login, option ENABLE_LOGIN_SSL (fixes some non-absolute redirects) 2005-12-09 21:34:29 +01:00
login redirects to main page if SINGLE_USER_MODE 2005-11-21 05:25:48 +01:00			`if (SINGLE_USER_MODE) {`
option to redirect to https url for login, option ENABLE_LOGIN_SSL (fixes some non-absolute redirects) 2005-12-09 21:34:29 +01:00			`header("Location: $redirect_base/tt-rss.php");`
login redirects to main page if SINGLE_USER_MODE 2005-11-21 05:25:48 +01:00			`exit;`
			`}`

optional login form/http basic auth support 2005-11-18 07:21:24 +01:00			`$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);`

			`$login = $_POST["login"];`
			`$password = $_POST["password"];`
fix ?rt= handling in login.php 2006-03-17 06:11:45 +01:00			`$return_to = $_POST["rt"];`
optional login form/http basic auth support 2005-11-18 07:21:24 +01:00
mobile version uses separate sid 2006-05-23 07:07:38 +02:00			`if ($_COOKIE[get_session_cookie_name()]) {`
login: redirect to main page if user is already logged in 2006-03-17 03:55:38 +01:00			`require_once "sessions.php";`
			`if ($_SESSION["uid"]) {`
			`initialize_user_prefs($link, $_SESSION["uid"]);`
			`header("Location: $redirect_base/tt-rss.php");`
login: exit after redirect 2006-03-17 06:00:32 +01:00			`exit;`
login: redirect to main page if user is already logged in 2006-03-17 03:55:38 +01:00			`}`
			`}`

optional login form/http basic auth support 2005-11-18 07:21:24 +01:00			`if ($login && $password) {`
remember me feature 2006-03-04 11:58:25 +01:00
			`if ($_POST["remember_me"]) {`
			`session_set_cookie_params(SESSION_COOKIE_LIFETIME_REMEMBER);`
			`} else {`
			`session_set_cookie_params(SESSION_COOKIE_LIFETIME);`
			`}`

login.php: require sessions.php only once 2006-03-04 12:03:17 +01:00			`require_once "sessions.php";`
remember me feature 2006-03-04 11:58:25 +01:00
optional login form/http basic auth support 2005-11-18 07:21:24 +01:00			`if (authenticate_user($link, $login, $password)) {`
user manager 2005-11-18 10:00:18 +01:00			`initialize_user_prefs($link, $_SESSION["uid"]);`
some UI frontend cookies respect session cookie lifetime, misc cookie cleanups (closes #52) 2006-03-20 17:53:11 +01:00
			`if ($_POST["remember_me"]) {`
			`$_SESSION["cookie_lifetime"] = time() + SESSION_COOKIE_LIFETIME_REMEMBER;`
			`} else {`
			`$_SESSION["cookie_lifetime"] = time() + SESSION_COOKIE_LIFETIME;`
			`}`

			`setcookie("ttrss_cltime", $_SESSION["cookie_lifetime"],`
			`$_SESSION["cookie_lifetime"]);`

fix ?rt= handling in login.php 2006-03-17 06:11:45 +01:00			`if (!$return_to) {`
			`$return_to = "tt-rss.php";`
redirect back support for login.php 2005-11-19 12:31:35 +01:00			`}`
fix ?rt= handling in login.php 2006-03-17 06:11:45 +01:00			`header("Location: $redirect_base/$return_to");`
login: exit after redirect (2) 2006-03-17 06:02:37 +01:00			`exit;`
optional login form/http basic auth support 2005-11-18 07:21:24 +01:00			`}`
			`}`
actually add login.php 2005-11-18 03:50:47 +01:00
			`?>`
			`<html>`
			`<head>`
			`<title>Tiny Tiny RSS : Login</title>`
			`<link rel="stylesheet" type="text/css" href="tt-rss.css">`
			`<!--[if gte IE 5.5000]>`
			`<script type="text/javascript" src="pngfix.js"></script>`
			`<![endif]-->`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8">`
			`</head>`

			`<body>`

focus username input element on login form load (closes #70) 2006-06-14 09:32:10 +02:00			`<script type="text/javascript">`
			`function init() {`

			`if (arguments.callee.done) return;`
			`arguments.callee.done = true;`

			`var login = document.forms["loginForm"].login;`

			`login.focus();`

			`}`
			`</script>`

			`<script type="text/javascript">`
			`if (document.addEventListener) {`
			`document.addEventListener("DOMContentLoaded", init, null);`
			`}`
			`window.onload = init;`
			`</script>`

actually add login.php 2005-11-18 03:50:47 +01:00			`<table width='100%' height='100%' class="loginForm">`

			`<tr><td align='center' valign='middle'>`
login form fixed for konqueror 2005-11-25 08:28:27 +01:00
focus username input element on login form load (closes #70) 2006-06-14 09:32:10 +02:00			`<form action="login.php" method="POST" name="loginForm">`
actually add login.php 2005-11-18 03:50:47 +01:00
			`<table class="innerLoginForm">`

			`<tr><td valign="middle" align="center" colspan="2">`
			`<img src="images/ttrss_logo.png" alt="logo">`
			`</td></tr>`

			`<tr><td align="right">Login:</td>`
			`<td><input name="login"></td></tr>`
			`<tr><td align="right">Password:</td>`
			`<td><input type="password" name="password"></td></tr>`
remember me feature 2006-03-04 11:58:25 +01:00			`<tr><td> </td><td>`
			`<input type="checkbox" name="remember_me" id="remember_me">`
			`<label for="remember_me">Remember me</label>`
			`</td></tr>`
optional login form/http basic auth support 2005-11-18 07:21:24 +01:00			`<tr><td colspan="2" align="center">`
			`<input type="submit" class="button" value="Login">`
fix ?rt= handling in login.php 2006-03-17 06:11:45 +01:00			`<input type="hidden" name="rt" value="<?= $_GET['rt'] ?>">`
optional login form/http basic auth support 2005-11-18 07:21:24 +01:00			`</td></tr>`
actually add login.php 2005-11-18 03:50:47 +01:00
login form fixed for konqueror 2005-11-25 08:28:27 +01:00			`</table>`

			`</form>`
actually add login.php 2005-11-18 03:50:47 +01:00
login form fixed for konqueror 2005-11-25 08:28:27 +01:00			`</td></tr>`
			`</table>`
optional login form/http basic auth support 2005-11-18 07:21:24 +01:00
			`<? db_close($link); ?>`

focus username input element on login form load (closes #70) 2006-06-14 09:32:10 +02:00			`<script type="text/javascript">`
			`/* for IE */`
			`function statechange() {`
			`if (document.readyState == "interactive") init();`
			`}`

			`if (document.readyState) {`
			`if (document.readyState == "interactive" \|\| document.readyState == "complete") {`
			`init();`
			`} else {`
			`document.onreadystatechange = statechange;`
			`}`
			`}`
			`</script>`

actually add login.php 2005-11-18 03:50:47 +01:00			`</body>`
			`</html>`