b2evolution

Multilingual multiuser multiblog engine

Home About Demo Download Hosting Extend Docs Support
b2evolution Technical Documentation (0.9.x) [ class tree: htsrv ] [ index: htsrv ] [ all elements ]

Source for file login.php

Documentation is available at login.php

  1. <?php
  2. /**
  3.  * This is the login screen
  4.  *
  5.  * b2evolution - {@link http://b2evolution.net/}
  6.  * Released under GNU GPL License - {@link http://b2evolution.net/about/license.html}
  7.  * @copyright (c)2003-2005 by Francois PLANQUE - {@link http://fplanque.net/}
  8.  *
  9.  * @package htsrv
  10.  */
  11.  
  12. /**
  13.  * Includes:
  14.  */
  15. require_oncedirname(__FILE__).'/../conf/_config.php' );
  16. require_oncedirname(__FILE__)."/$htsrv_dirout/$core_subdir/_main.php);
  17.  
  18. param'action''string''' );
  19. param'mode''string''' );
  20. // bookmarklet stuff:
  21. param'text''html''' );
  22. param'popupurl''string''' );
  23. param'popuptitle''string''' );
  24.  
  25. switch($action)
  26. {
  27.     case 'logout':
  28.         /*
  29.          * Logout:
  30.          */
  31.         // Do the log out!
  32.         logout();
  33.  
  34.         header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
  35.         header("Last-Modified: " gmdate("D, d M Y H:i:s"" GMT");
  36.         header("Cache-Control: no-cache, must-revalidate")// for HTTP/1.1
  37.         header("Pragma: no-cache");
  38.  
  39.         param'redirect_to''string'$_SERVER['HTTP_REFERER');
  40.         $location empty($redirect_to$baseurl.'/' $redirect_to;
  41.         header('Refresh:0;url='.str_replace('&amp;''&'$location));
  42.         exit();
  43.         break// case 'logout'
  44.  
  45.  
  46.     case 'lostpassword':
  47.         /*
  48.          * Lost password:
  49.          */
  50.         param'redirect_to''string'$admin_url.'/b2edit.php' );
  51.         // Display retrieval form:
  52.         requiredirname(__FILE__).'/_lostpass_form.php' );
  53.         exit();
  54.         break// case 'lostpassword'
  55.  
  56.  
  57.  
  58.     case 'retrievepassword':
  59.         /*
  60.          * Retrieve lost password:
  61.          */
  62.         param'log''string'true );
  63.         param'redirect_to''string'$admin_url.'/b2edit.php' );
  64.         // echo 'login: ', $log;
  65.  
  66.         if$demo_mode && ($log == 'demouser' || $log == 'admin') )
  67.         {
  68.             $notes T_('You cannot reset this account in demo mode.')."<br />\n";
  69.         }
  70.         else
  71.         {
  72.             $user_data    get_userdatabylogin($log);
  73.             $user_email    $user_data['user_email'];
  74.  
  75.             locale_temp_switch$user_data['user_locale');
  76.  
  77.             // echo 'email: ', $user_email;
  78.             // echo 'locale: '.$user_data['locale'];
  79.  
  80.             ifempty($user_email) )
  81.             {    // pretend that the email is sent for avoiding guessing user_login
  82.                 $notes T_('An email with the new password was sent successfully to your email address.')."<br />\n";
  83.             }
  84.             else
  85.             {
  86.                 $random_password substr(md5(uniqid(microtime())),0,6);
  87.  
  88.                 $message  T_('Login:')." $log\r\n";
  89.                 $message .= T_('New Password:')." $random_password\r\n";
  90.                 $message .= "\r\n".T_('You can login here:')."\r\n".$admin_url."/\r\n";
  91.  
  92.                 // DEBUG!
  93.                 // echo $message.' (password not set yet, only when sending email does not fail);
  94.  
  95.                 if!send_mail$user_emailT_('your weblog\'s login/password')$message$notify_from ) )
  96.                 {
  97.                     $notes T_('The email could not be sent.')."<br />\n"
  98.                                     .T_('Possible reason: your host may have disabled the mail() function...');
  99.                 }
  100.                 else
  101.                 {
  102.                     $DB->query"UPDATE $tableusers
  103.                                             SET user_pass = 'md5($random_password"'
  104.                                             WHERE user_login = '$log');
  105.                     $notes T_('An email with the new password was sent successfully to your email address.')."<br />\n";
  106.                 }
  107.  
  108.             }
  109.  
  110.             locale_restore_previous();
  111.         }
  112.  
  113.     default:
  114.         /*
  115.          * Default: login form:
  116.          */
  117.         ifis_logged_in() )
  118.         {    // The user is already logged in...
  119.             // TODO: use $login_error to be clear
  120.             
  121.             $error is_string($error$error.'<br />' '';
  122.             $error .= T_('Note: You are already logged in!');
  123.  
  124.             // Note: if $redirect_to is already set, param() will not touch it.
  125.             param'redirect_to''string'$ReqURI );
  126.             ifstrstr$redirect_to'login.php' ) )
  127.             // avoid "endless loops"
  128.                 $redirect_to $admin_url.'/';
  129.             }
  130.             $error .= ' <a href="'.$redirect_to.'">'.T_('Continue...').'</a>';
  131.         }
  132.  
  133.         // Display login form:
  134.         requiredirname(__FILE__).'/_login_form.php' );
  135.         debug_info();
  136.         exit();
  137.  
  138. // switch
  139.  
  140. ?>
htsrv

Packages

main
admin
conf
evocore
evoskins
htsrv
install
plugins
xmlsrv

Documentation generated on Tue, 20 May 2008 01:51:48 +0200 by phpDocumentor 1.4.2