-
Notifications
You must be signed in to change notification settings - Fork 6
/
user.login_server.php
executable file
·123 lines (116 loc) · 5.39 KB
/
user.login_server.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<?php
session_start();
error_reporting(E_ALL);
require_once 'constants.php';
ini_set('display_errors', 1);
$user_in = filter_input(INPUT_POST, "user", FILTER_SANITIZE_STRING);
$pw_in = filter_input(INPUT_POST, "pw", FILTER_SANITIZE_STRING);
$currentPath = getcwd();
$user = validateUser($user_in);
$pw = validatePassword($pw_in);
validateLogin($user, $pw);
//=========================================================
// Functions used to validate login credentials.
//---------------------------------------------------------
function validateLogin($user, $pw){
global $currentPath;
if(doesUserDirectoryExist($user)){
// User Exists
$userDir = "users/".$user."/";
$pwFile = "users/".$user."/pw.txt";
if (file_exists($userDir)) {
if(file_get_contents($pwFile) === $pw) {
$_SESSION['logged_on'] = 1;
$_SESSION['user'] = $user;
echo "<font color=\"green\"><b>SUCCESS: User is now logged in.</b></font><br>\n";
echo "(Main page will reload shortly...)<br>\n";
echo "<script type=\"text/javascript\">\nreload_page=function() {\n\tlocation.replace(\"panel.user.php\");\n}\n";
echo "var intervalID = window.setInterval(reload_page, 1000);\n</script>\n";
} else {
echo "<font color=\"red\"><b>ERROR: Input did not match a registed username & password combination.</b></font><br>\n";
echo "(Main page will reload shortly...)<br>\n";
echo "<script type=\"text/javascript\">\nreload_page=function() {\n\tlocation.replace(\"panel.user.php\");\n}\n";
echo "var intervalID = window.setInterval(reload_page, 1000);\n</script>\n";
}
} else {
echo "<font color=\"red\"><b>ERROR: Input did not match a registed username & password combination.</b></font><br>\n";
echo "(Main page will reload shortly...)<br>\n";
echo "<script type=\"text/javascript\">\nreload_page=function() {\n\tlocation.replace(\"panel.user.php\");\n}\n";
echo "var intervalID = window.setInterval(reload_page, 1000);\n</script>\n";
}
} else {
//User doesn't exist
echo "<font color=\"red\"><b>ERROR: Input did not match a registered username & password combination.</b></font><br>\n";
echo "(Main page will reload shortly...)<br>\n";
echo "<script type=\"text/javascript\">\nreload_page=function() {\n\tlocation.replace(\"panel.user.php\");\n}\n";
echo "var intervalID = window.setInterval(reload_page, 1000);\n</script>\n";
}
}
function doesUserDirectoryExist($user){
$dir = "users/".$user."/";
return file_exists($dir);
}
//=========================================================
// Functions used to validate entered user name.
//---------------------------------------------------------
function validateUser($user){
$MIN_USER_LENGTH = 6;
$MAX_USER_LENGTH = 24;
// MIN LENGTH CHECK
if(strlen($user) < $MIN_USER_LENGTH){
echo "<font color=\"red\"><b>ERROR: Usernames must be at least $MIN_USER_LENGTH characters long.</b></font><br>\n";
echo "(Main page will reload shortly...)<br>\n";
echo "<script type=\"text/javascript\">\nreload_page=function() {\n\tlocation.replace(\"panel.user.php\");\n}\n";
echo "var intervalID = window.setInterval(reload_page, 1000);\n</script>\n";
return "";
}
// MAX LENGTH CHECK
if(strlen($user) > $MAX_USER_LENGTH){
echo "<font color=\"red\"><b>ERROR: Usernames must be at most $MAX_USER_LENGTH characters long.</b></font><br>\n";
echo "(Main page will reload shortly...)<br>\n";
echo "<script type=\"text/javascript\">\nreload_page=function() {\n\tlocation.replace(\"panel.user.php\");\n}\n";
echo "var intervalID = window.setInterval(reload_page, 1000);\n</script>\n";
return "";
}
//CHECK FOR NON ALPHANUMERIC CHARACTERS
if(checkForAlphanumericCharacters($user)){
echo "<font color=\"red\"><b>ERROR: Your username contains non-alphanumeric characters.</b></font><br>\n";
echo "(Main page will reload shortly...)<br>\n";
echo "<script type=\"text/javascript\">\nreload_page=function() {\n\tlocation.replace(\"panel.user.php\");\n}\n";
echo "var intervalID = window.setInterval(reload_page, 1000);\n</script>\n";
return "";
}
//RETURN user
return $user;
}
function checkForAlphanumericCharacters($string){
return preg_match( "/^[a-zA-Z0-9]$/", $string);
}
//=========================================================
// Function used to validate entered user password.
//---------------------------------------------------------
function validatePassword($pw){
$MIN_PASSWORD_LENGTH = 6;
$MAX_PASSWORD_LENGTH = 24;
// MIN LENGTH CHECK
if(strlen($pw) < $MIN_PASSWORD_LENGTH){
echo "<font color=\"red\"><b>ERROR: Passwords must be at least $MIN_PASSWORD_LENGTH.</b></font><br>\n";
echo "(Main page will reload shortly...)<br>\n";
echo "<script type=\"text/javascript\">\nreload_page=function() {\n\tlocation.replace(\"panel.user.php\");\n}\n";
echo "var intervalID = window.setInterval(reload_page, 1000);\n</script>\n";
return "";
}
// MAX LENGTH CHECK
if(strlen($pw) > $MAX_PASSWORD_LENGTH){
echo "<font color=\"red\"><b>ERROR: Passwords must be at most $MAX_PASSWORD_LENGTH.</b></font><br>\n";
echo "(Main page will reload shortly...)<br>\n";
echo "<script type=\"text/javascript\">\nreload_page=function() {\n\tlocation.replace(\"panel.user.php\");\n}\n";
echo "var intervalID = window.setInterval(reload_page, 1000);\n</script>\n";
return "";
}
return md5($pw);
}
?>
<script type="text/javascript">
parent.location.reload();
</script>