f2daz/web-development
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
web-development/zoesch.de/galerie/identification.php
Felix Zösch 07c290a453 Initial commit: Backup der Webseiten 
- zoesch.de
- blitzkiste.net
- gruene-hassberge (norbert.zoesch.de)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-13 01:17:15 +01:00

146 lines
5.5 KiB
PHP
Raw Permalink Blame History

<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based photo gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2016 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
//--------------------------------------------------------------------- include
define('PHPWG_ROOT_PATH','./');
include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
// +-----------------------------------------------------------------------+
// | Check Access and exit when user status is not ok |
// +-----------------------------------------------------------------------+
check_status(ACCESS_FREE);
// but if the user is already identified, we redirect to gallery home
// instead of displaying the log in form
if (!is_a_guest())
{
redirect(get_gallery_home_url());
}
trigger_notify('loc_begin_identification');
//-------------------------------------------------------------- identification
// security (level 1): the redirect must occur within Piwigo, so the
// redirect param must start with the relative home url
if (isset($_POST['redirect']))
{
$_POST['redirect_decoded'] = urldecode($_POST['redirect']);
}
check_input_parameter('redirect_decoded', $_POST, false, '{^'.preg_quote(cookie_path()).'}');
$redirect_to = '';
if ( !empty($_GET['redirect']) )
{
$redirect_to = urldecode($_GET['redirect']);
if ( $conf['guest_access'] and !isset($_GET['hide_redirect_error']))
{
$page['errors'][] = l10n('You are not authorized to access the requested page');
}
}
if (isset($_POST['login']))
{
if (!isset($_COOKIE[session_name()]))
{
$page['errors'][] = l10n('Cookies are blocked or not supported by your browser. You must enable cookies to connect.');
}
else
{
if ($conf['insensitive_case_logon'] == true)
{
$_POST['username'] = search_case_username($_POST['username']);
}
$redirect_to = isset($_POST['redirect']) ? urldecode($_POST['redirect']) : '';
$remember_me = isset($_POST['remember_me']) and $_POST['remember_me']==1;
if ( try_log_user($_POST['username'], $_POST['password'], $remember_me) )
{
// security (level 2): force redirect within Piwigo. We redirect to
// absolute root url, including http(s)://, without the cookie path,
// concatenated with $_POST['redirect'] param.
//
// example:
// {redirect (raw) = /piwigo/git/admin.php}
// {get_absolute_root_url = http://localhost/piwigo/git/}
// {cookie_path = /piwigo/git/}
// {host = http://localhost}
// {redirect (final) = http://localhost/piwigo/git/admin.php}
$root_url = get_absolute_root_url();
redirect(
empty($redirect_to)
? get_gallery_home_url()
: substr($root_url, 0, strlen($root_url) - strlen(cookie_path())).$redirect_to
);
}
else
{
$page['errors'][] = l10n('Invalid username or password!');
}
}
}
//----------------------------------------------------- template initialization
//
// Start output of page
//
$title = l10n('Identification');
$page['body_id'] = 'theIdentificationPage';
$template->set_filenames( array('identification'=>'identification.tpl') );
$template->assign(
array(
'U_REDIRECT' => $redirect_to,
'F_LOGIN_ACTION' => get_root_url().'identification.php',
'authorize_remembering' => $conf['authorize_remembering'],
));
if (!$conf['gallery_locked'] && $conf['allow_user_registration'])
{
$template->assign('U_REGISTER', get_root_url().'register.php' );
}
if (!$conf['gallery_locked'])
{
$template->assign('U_LOST_PASSWORD', get_root_url().'password.php' );
}
// include menubar
$themeconf = $template->get_template_vars('themeconf');
if (!$conf['gallery_locked'] && (!isset($themeconf['hide_menu_on']) OR !in_array('theIdentificationPage', $themeconf['hide_menu_on'])))
{
include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
}
//----------------------------------------------------------- html code display
include(PHPWG_ROOT_PATH.'include/page_header.php');
trigger_notify('loc_end_identification');
flush_page_messages();
$template->pparse('identification');
include(PHPWG_ROOT_PATH.'include/page_tail.php');
?>
Reference in New Issue View Git Blame Copy Permalink