diff options
Diffstat (limited to 'www-ssl')
-rw-r--r-- | www-ssl/index.php | 10 | ||||
-rw-r--r-- | www-ssl/nonpublic/auth.php | 45 |
2 files changed, 12 insertions, 43 deletions
diff --git a/www-ssl/index.php b/www-ssl/index.php index 7c65abb2..214ec54a 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -22,6 +22,10 @@ sql_connect($config['host'], $config['user'], $config['pw'], $config['db']); load_auth(); +// JSON Authorisierung gewünscht? +if (isset ($_REQUEST['auth'])) + json_auth_service(); + // Gewünschte Seite/Funktion $p = isset ($user) ? "news" : "start"; if (isset ($_REQUEST['p'])) @@ -89,15 +93,15 @@ if (in_array($p, $privileges)) { elseif ($p == "admin_groups") { require_once ('includes/pages/admin_groups.php'); $content = admin_groups(); - } + } elseif ($p == "admin_faq") { require_once ('includes/pages/admin_faq.php'); $content = admin_faq(); - } + } elseif ($p == "admin_language") { require_once ('includes/pages/admin_language.php'); $content = admin_language(); - } + } elseif ($p == "admin_log") { require_once ('includes/pages/admin_log.php'); $content = admin_log(); diff --git a/www-ssl/nonpublic/auth.php b/www-ssl/nonpublic/auth.php index 7d58988c..143ea8c8 100644 --- a/www-ssl/nonpublic/auth.php +++ b/www-ssl/nonpublic/auth.php @@ -1,43 +1,8 @@ <?php -require_once ('../bootstrap.php'); -header("Content-Type: application/json"); - -include "includes/config.php"; -include "includes/config_db.php"; - -$User = $_POST['user']; -$Pass = $_POST['pw']; -$SourceOuth = $_POST['so']; - -if (isset ($CurrentExternAuthPass) && $SourceOuth == $CurrentExternAuthPass) { - $sql = "SELECT * FROM `User` WHERE `Nick`='" . $User . "'"; - $Erg = mysql_query($sql, $con); - - if (mysql_num_rows($Erg) == 1) { - if (mysql_result($Erg, 0, "Passwort") == $Pass) { - $UID = mysql_result($Erg, 0, "UID"); - - // get CVS import Data - $SQL = "SELECT * FROM `UserCVS` WHERE `UID`='" . $UID . "'"; - $Erg_CVS = mysql_query($SQL, $con); - $CVS = mysql_fetch_array($Erg_CVS); - - $msg = array ( - 'status' => 'success', - 'rights' => $CVS - ); - echo json_encode($msg); - } else - echo json_encode(array ( - 'status' => 'failed' - )); - } else - echo json_encode(array ( - 'status' => 'failed' - )); -} else - echo json_encode(array ( - 'status' => 'failed' - )); +// Bleibt erstmal, damit Benutzer, die die Schnittstelle nutzen mitkriegen, dass diese Umgezogen ist +echo json_encode(array ( + 'status' => 'failed', + 'error' => "JSON Service moved to https://engelsystem.de/?auth&user=<user>&pw=<password>&so=<key>" +)); ?> |