diff options
author | Moritz helios Rudert <helios@planetcyborg.de> | 2011-06-01 12:13:39 +0200 |
---|---|---|
committer | Moritz helios Rudert <helios@planetcyborg.de> | 2011-06-01 12:13:39 +0200 |
commit | 75448045cfe70054c8f4bae1bcfaf9bb0f70d330 (patch) | |
tree | 6a4d3d35019cdf933c1816e8522dc5d2557f5238 /www-ssl/nonpublic/auth.php | |
parent | 12e0b0d809c29d435a247798d7318cc9835980ea (diff) |
fixes
Diffstat (limited to 'www-ssl/nonpublic/auth.php')
-rw-r--r--[-rwxr-xr-x] | www-ssl/nonpublic/auth.php | 96 |
1 files changed, 31 insertions, 65 deletions
diff --git a/www-ssl/nonpublic/auth.php b/www-ssl/nonpublic/auth.php index 3356a81c..2bd6f86f 100755..100644 --- a/www-ssl/nonpublic/auth.php +++ b/www-ssl/nonpublic/auth.php @@ -1,66 +1,32 @@ -<?PHP -header('Content-Type: application/json'); - -include ("../../../camp2011/includes/config.php"); -include ("../../../camp2011/includes/config_db.php"); - -$User = $_POST['user']; -$Pass = $_POST['pw']; -$SourceOuth = $_POST['so']; - -/* -$User = $_GET['user']; -$Pass = $_GET['pw']; -$SourceOuth = $_GET['so']; -*/ - -/* -$User = "admin"; -$Pass = "21232f297a57a5a743894a0e4a801fc3"; // "admin"; -$SourceOuth = 23; -*/ - -if ( isset($CurrentExternAuthPass) && - ($SourceOuth == $CurrentExternAuthPass) ) -{ // User ist noch nicht angemeldet - $sql = "SELECT * FROM `User` WHERE `Nick`='". $User. "'"; - $Erg = mysql_query( $sql, $con); - - if ( mysql_num_rows( $Erg) == 1) - { // Check, ob User angemeldet wird... - if (mysql_result( $Erg, 0, "Passwort") == $Pass) - { // Passwort ok... - // Session wird eingeleitet und Session-Variablen gesetzt.. - $UID = mysql_result( $Erg, 0, "UID"); - - // get CVS import Data - $SQL = "SELECT * FROM `UserCVS` WHERE `UID`='". $UID. "'"; - $Erg_CVS = mysql_query($SQL, $con); - $CVS = mysql_fetch_array($Erg_CVS); - - $msg = array( - 'status' => 'success', - 'rights' => $CVS - ); - echo json_encode($msg); - - } - else - { - echo json_encode(array('status' => 'failed')); - } - } - else - { - echo json_encode(array('status' => 'failed')); - } -} -else -{ - echo json_encode(array('status' => 'failed')); -} - - +<?php + header("Content-Type: application/json"); + + include "../../../camp2011/includes/config.php"; + include "../../../camp2011/includes/config_db.php"; + + $User = $_POST['user']; + $Pass = $_POST['pw']; + $SourceOuth = $_POST['so']; + + if(isset($CurrentExternAuthPass) && $SourceOuth == $CurrentExternAuthPass) { + $sql = "SELECT * FROM `User` WHERE `Nick`='" . $User . "'"; + $Erg = mysql_query($sql, $con); + + if(mysql_num_rows($Erg) == 1) { + if(mysql_result($Erg, 0, "Passwort") == $Pass) { + $UID = mysql_result($Erg, 0, "UID"); + + // get CVS import Data + $SQL = "SELECT * FROM `UserCVS` WHERE `UID`='" . $UID . "'"; + $Erg_CVS = mysql_query($SQL, $con); + $CVS = mysql_fetch_array($Erg_CVS); + + $msg = array('status' => 'success', 'rights' => $CVS); + echo json_encode($msg); + } else + echo json_encode(array('status' => 'failed')); + } else + echo json_encode(array('status' => 'failed')); + } else + echo json_encode(array('status' => 'failed')); ?> - - |