summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorneoraider <devnull@localhost>2006-01-14 03:14:01 +0100
committerneoraider <devnull@localhost>2006-01-14 03:14:01 +0100
commitc630a2d50349c57660cfc98eb13ec71444b27610 (patch)
tree4fa7ad9b755a4d8ae9045062cb4fefab248187e4
parent8b89c8c8a9001c5f5b38465ceb58306fc6f0659e (diff)
downloadneon-c630a2d50349c57660cfc98eb13ec71444b27610.tar
neon-c630a2d50349c57660cfc98eb13ec71444b27610.zip
Login implementiert. Puh... Und dabei auch den Handler phpexec und die Nav-Pages eingebaut.
Diffstat
-rw-r--r--code/links.inc.php44
-rw-r--r--code/message.inc.php3
-rw-r--r--code/nav.inc.php9
-rw-r--r--code/pages.inc.php17
-rw-r--r--code/user.inc.php68
-rw-r--r--handlers/phpexec.inc.php29
-rw-r--r--index.php2
-rw-r--r--lang/de.inc.php1
-rw-r--r--styles/GreenGrid/style.css20
9 files changed, 162 insertions, 31 deletions
diff --git a/code/links.inc.php b/code/links.inc.php
index 39a1ae2..2e8d551 100644
--- a/code/links.inc.php
+++ b/code/links.inc.php
@@ -2,33 +2,59 @@
if(!defined('LINKS_INC')) {
define('LINKS_INC', 1);
+ include('code/user.inc.php');
+
class Links {
function GetNeonLink($page) {
- if($GLOBALS['pages']->HasAccess($page))
+ if($GLOBALS['pages']->HasAccess($page, 'c')) {
+ if($GLOBALS['user']->GetLoginType() == 'url')
+ return 'index.php?page=' . $page . '&login=' . $GLOBALS['user']->GetLoginKey();
+
return 'index.php?page=' . $page;
+ }
+
return '';
}
function GetExternalLink($link) {
- return $link;
+ return $link;
}
function GetMailtoLink($address) {
- return 'mailto:' . $address;
+ return 'mailto:' . $address;
+ }
+
+ function GetNavPage($page) {
+ if($GLOBALS['pages']->HasAccess($page, 'n')) {
+ $page = $GLOBALS['pages']->Get($page, 'n');
+ return $page['content'];
+ }
+
+ return '';
}
- function ParseNavLink($link) {
- if(!$link) return '';
+ function ParseNavLink($text, $link) {
+ if(!$link) return $text;
switch($link[0]) {
case ':':
- return $this->GetNeonLink(substr($link, 1));
+ $ret = $this->GetNeonLink(substr($link, 1));
+
+ if($ret)
+ return '<a href="' . $ret . '">' . $text . '</a>';
+
+ return $text;
case '@':
- return $this->GetMailtoLink(substr($link, 1));
+ return '<a href="' . $this->GetMailtoLink(substr($link, 1)) . '">' . $text . '</a>';
case '!':
- return '';
+ $ret = $this->GetNavPage(substr($link, 1));
+
+ if($ret)
+ return $ret;
+
+ return $text;
default:
- return $this->GetExternalLink($link);
+ return '<a href="' . $this->GetExternalLink($link) . '">' . $text . '</a>';
}
}
}
diff --git a/code/message.inc.php b/code/message.inc.php
index e3c648b..a3957d5 100644
--- a/code/message.inc.php
+++ b/code/message.inc.php
@@ -7,9 +7,10 @@
include('code/util.inc.php');
$message['Error'] = 'Error';
- $message['PageNotFound'] = 'The page \'$page\' does not exist.';
+ $message['PageNotFound'] = 'The page \'$page\' does not exist.';
$message['Forbidden'] = 'The page \'$page\' is protected.';
$message['InternalError'] = 'An internal error has occourred.';
+ $message['LoginError'] = 'Login failed. Username or password is wrong.';
if($config['language'] != 'en') @include('lang/' . $config['language'] . '.inc.php');
diff --git a/code/nav.inc.php b/code/nav.inc.php
index 245e208..59f4c8d 100644
--- a/code/nav.inc.php
+++ b/code/nav.inc.php
@@ -68,12 +68,9 @@
$ccount = 0;
$ret = '<li>';
- $link = $GLOBALS['links']->ParseNavLink($this->link);
+ $a = $GLOBALS['links']->ParseNavLink($this->text, $this->link);
- if($link)
- $ret .= '<a href="' . $link . '">' . $this->text . '</a>';
- else
- $ret .= $this->text;
+ $ret .= $a;
if(count($this->children) > 0) {
$ret .= '<ul>';
@@ -91,7 +88,7 @@
$ret .= '</ul>';
}
- if(!$ccount && !$link)
+ if(!$ccount && $a == $this->text)
return '';
return $ret . '</li>';
diff --git a/code/pages.inc.php b/code/pages.inc.php
index d529602..541b0ea 100644
--- a/code/pages.inc.php
+++ b/code/pages.inc.php
@@ -7,8 +7,8 @@
include('code/handlers.inc.php');
class Pages {
- function Get($name) {
- if(!$this->Exists($name)) {
+ function Get($name, $type) {
+ if(!$this->Exists($name, $type)) {
$message = $GLOBALS['handlers']['default']->HandleErrorMessage('PageNotFound', array('page' => $name));
if(!$message['title']) $message['title'] = $name;
@@ -16,9 +16,9 @@
return $message;
}
- $res = DBQuery('SELECT handler, data FROM pages WHERE name = ?', $name);
+ $res = DBQuery('SELECT handler, data FROM pages WHERE name = ? AND type = ?', array($name, $type));
- if(!$this->HasAccess($name)) {
+ if(!$this->HasAccess($name, $type)) {
$message = $GLOBALS['handlers'][$res->fields[0]]->HandleErrorMessage('Forbidden', array('page' => $name));
if(!$message['title']) $message['title'] = $name;
@@ -27,21 +27,22 @@
}
parse_str($res->fields[1], $data);
+ $data = array_map('stripslashes', $data);
$data['_page'] = $name;
return $GLOBALS['handlers'][$res->fields[0]]->HandleContentData($data);
}
- function Exists($name) {
- $res = DBQuery('SELECT id FROM pages WHERE name = ?', $name);
+ function Exists($name, $type) {
+ $res = DBQuery('SELECT id FROM pages WHERE name = ? AND type = ?', array($name, $type));
return ($res->RecordCount() > 0);
}
- function HasAccess($name) {
+ function HasAccess($name, $type) {
$user = $GLOBALS['user'];
- $res = DBQuery('SELECT access FROM pages WHERE name = ?', $name);
+ $res = DBQuery('SELECT access FROM pages WHERE name = ? AND type = ?', array($name, $type));
return ((($user->GetUid() != 0) && ($user->GetGid() == 0))
|| ($res->fields[0] & (1 << $user->GetGid())) != 0);
diff --git a/code/user.inc.php b/code/user.inc.php
index 00c7355..34b12f2 100644
--- a/code/user.inc.php
+++ b/code/user.inc.php
@@ -6,19 +6,69 @@
class User {
var $uid = 0, $gid = 0;
+ var $key = '', $type = '';
function User() {
- if($_GET['id'] && $_GET['sid']) {
- $res = DBQuery('SELECT id, gid FROM users WHERE id = ? AND sid = ?',
- array($_GET['id'],$_GET['sid']));
-
- if($res->RecordCount()) {
+ if($_COOKIE['login']) {
+ $res = DBQuery('SELECT id, gid, sid FROM users WHERE id = ? AND sid = ?',
+ array(substr($_COOKIE['login'], 32),
+ substr($_COOKIE['login'], 0, 32)));
+
+ if($res->RecordCount() && $res->fields[2]) {
$this->uid = $res->fields[0];
$this->gid = $res->fields[1];
+
+ $this->type = 'cookie';
+ $this->key = $_COOKIE['login'];
+ }
+ }
+
+ if($this->uid == 0 && $_GET['login']) {
+ $res = DBQuery('SELECT id, gid, sid FROM users WHERE id = ? AND sid = ?',
+ array(substr($_GET['login'], 32),
+ substr($_GET['login'], 0, 32)));
+
+ if($res->RecordCount() && $res->fields[2]) {
+ $this->uid = $res->fields[0];
+ $this->gid = $res->fields[1];
+
+ $this->type = 'url';
+ $this->key = $_GET['login'];
}
}
}
+ function Login($name, $pass) {
+ $res = DBQuery('SELECT id, gid FROM users WHERE user = ? AND password = ?', array($name, $pass));
+
+ if($res->RecordCount()) {
+ $id = $res->fields[0];
+ $sid = md5(uniqid($name . " * " . $pass . " * " . rand()));
+
+ DBQuery('UPDATE users SET sid = ? WHERE id = ?', array($sid, $id));
+
+ $this->uid = $id;
+ $this->gid = $res->fields[1];
+
+ $this->type = 'url';
+ $this->key = $sid . $id;
+
+ return $id;
+ }
+
+ return 0;
+ }
+
+ function Logout() {
+ DBQuery('UPDATE users SET sid = \'\' WHERE id = ?', $this->uid);
+
+ $this->uid = 0;
+ $this->gid = 0;
+
+ $this->type = '';
+ $this->key = '';
+ }
+
function GetUid() {
return $this->uid;
}
@@ -26,6 +76,14 @@
function GetGid() {
return $this->gid;
}
+
+ function GetLoginType() {
+ return $this->type;
+ }
+
+ function GetLoginKey() {
+ return $this->key;
+ }
}
$user = new User;
diff --git a/handlers/phpexec.inc.php b/handlers/phpexec.inc.php
new file mode 100644
index 0000000..76ac18e
--- /dev/null
+++ b/handlers/phpexec.inc.php
@@ -0,0 +1,29 @@
+<?PHP
+ include('code/message.inc.php');
+
+ class phpexec_handler {
+ function HandleContentData($data) {
+ $tr = array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;', "\n" => '<br />', "\r" => '');
+
+ if($data['title'])
+ $title = strtr($data['title'], $tr);
+ else
+ $title = strtr($data['_page'], array(':' => ' - '));
+
+ ob_start();
+
+ eval('?>' . $data['code']);
+
+ $content = ob_get_contents();
+ ob_end_clean();
+
+ return array('title' => $title, 'content' => $content);
+ }
+
+ function HandleErrorMessage($type, $data = array()) {
+ return array('content' => '<span class="error">' . Message($type, $data) . '</span>', 'title' => Message('error'));
+ }
+ }
+
+ $handlers['phpexec'] = new phpexec_handler;
+?>
diff --git a/index.php b/index.php
index b511b8c..995f7e9 100644
--- a/index.php
+++ b/index.php
@@ -17,7 +17,7 @@
$template_data = join('', file('templates/' . $template));
- $data = $pages->Get($page);
+ $data = $pages->Get($page, 'c');
echo Subst($template_data, array('title' => $config['title'] . $data['title'],
'stylesheet' => 'styles/' . $style . '/style.css',
diff --git a/lang/de.inc.php b/lang/de.inc.php
index 8a1ab22..8c6b21b 100644
--- a/lang/de.inc.php
+++ b/lang/de.inc.php
@@ -3,4 +3,5 @@
$message['PageNotFound'] = 'Die Seite \'$page\' existiert nicht.';
$message['Forbidden'] = 'Die Seite \'$page\' ist geschützt.';
$message['InternalError'] = 'Ein interner Fehler ist aufgetreten.';
+ $message['LoginError'] = 'Login fehlgeschlagen. Username oder Passwort ist falsch.';
?>
diff --git a/styles/GreenGrid/style.css b/styles/GreenGrid/style.css
index a46151d..6a91eb0 100644
--- a/styles/GreenGrid/style.css
+++ b/styles/GreenGrid/style.css
@@ -38,7 +38,7 @@ div#content {
}
div#nav {
- position:absolute;
+ position:fixed;
width:9.40em;
padding:0 0.8em;
border:solid #008000 1px;
@@ -70,6 +70,24 @@ div#nav ul li ul li ul {
padding-left:0.8em;
}
+div#nav div.login {
+ width:9em;
+}
+
+div#nav div.login input {
+ width:100%;
+ margin-bottom:0.8em;
+}
+
+div#nav div.login div.login_submit {
+ text-align:right;
+}
+
+div#nav div.login div.login_submit input {
+ width:auto;
+ margin:0;
+}
+
h1, h2, h3, h4, h5, h6 {
margin-top:0;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-12 06:09:19 +0200