Alternc
3.2
Alternc logiel libre pour l'hébergement
Main Page
Related Pages
Data Structures
Files
File List
Globals
All
Data Structures
Namespaces
Files
Functions
Variables
Pages
adm_login.php
Go to the documentation of this file.
1
<?php
2
/*
3
$Id: adm_login.php,v 1.4 2005/04/01 17:13:10 benjamin Exp $
4
----------------------------------------------------------------------
5
AlternC - Web Hosting System
6
Copyright (C) 2002 by the AlternC Development Team.
7
http://alternc.org/
8
----------------------------------------------------------------------
9
Based on:
10
Valentin Lacambre's web hosting softwares: http://altern.org/
11
----------------------------------------------------------------------
12
LICENSE
13
14
This program is free software; you can redistribute it and/or
15
modify it under the terms of the GNU General Public License (GPL)
16
as published by the Free Software Foundation; either version 2
17
of the License, or (at your option) any later version.
18
19
This program is distributed in the hope that it will be useful,
20
but WITHOUT ANY WARRANTY; without even the implied warranty of
21
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22
GNU General Public License for more details.
23
24
To read the license please visit http://www.gnu.org/copyleft/gpl.html
25
----------------------------------------------------------------------
26
Original Author of file: Benjamin Sonntag
27
Purpose of file: Connect a super-user to another account
28
----------------------------------------------------------------------
29
*/
30
require_once(
"../class/config.php"
);
31
32
/*
33
We come into this page in two situations :
34
* with a user id to go to (we check the current account is admin and is allowed to connect to this account)
35
* with no parameter when the admin want to go back to his admin account.
36
*/
37
38
$fields
= array (
39
"id"
=> array (
"request"
,
"integer"
,
""
),
40
);
41
getFields
(
$fields
);
42
43
// * with no parameter when the admin want to go back to his admin account.
44
if
( empty($id) &&
isset
($_COOKIE[
"oldid"
]) && !empty($_COOKIE[
"oldid"
])) {
45
// We check the cookie's value :
46
list($newuid,$passcheck)=explode(
"/"
,$_COOKIE[
"oldid"
]);
47
$newuid=intval($newuid);
48
if
(!$newuid) {
49
$error
=_(
"Your authentication information are incorrect"
);
50
include(
"index.php"
);
51
exit
();
52
}
53
$admin->enabled=
true
;
54
$r
=$admin->get($newuid);
55
if
($passcheck!=md5(
$r
[
"pass"
])) {
56
$error
=_(
"Your authentication information are incorrect"
);
57
include(
"index.php"
);
58
exit
();
59
}
60
61
if
(
$r
[
'lastip'
] !=
get_remote_ip
() ) {
62
$error
=_(
"Your IP is incorrect."
);
63
include(
"index.php"
);
64
exit
();
65
}
66
// FIXME we should add a peremption date on the cookie
67
68
// Ok, so we remove the cookie :
69
setcookie(
'oldid'
,
''
,0,
'/'
);
70
unset($_COOKIE[
'oldid'
]);
71
72
// And we go back to the former administrator account :
73
if
(!
$mem
->setid($newuid)) {
74
$error
=
$err
->errstr();
75
include(
"index.php"
);
76
exit
();
77
}
78
79
include_once(
"adm_list.php"
);
80
exit
();
81
}
82
83
84
// * with a user id to go to (we check the current account is admin and is allowed to connect to this account)
85
if
(!$admin->enabled) {
86
__
(
"This page is restricted to authorized staff"
);
87
exit
();
88
}
89
90
// Depending on subadmin_restriction, a subadmin can (or cannot) connect to account he didn't create
91
$subadmin
=
variable_get
(
"subadmin_restriction"
);
92
if
(
$subadmin
==0 && !$admin->checkcreator($id)) {
93
__
(
"This page is restricted to authorized staff"
);
94
exit
();
95
}
96
97
if
(!
$r
=$admin->get($id)) {
98
$error
=
$err
->errstr();
99
}
else
{
100
$oldid
=
$cuid
.
"/"
.md5(
$mem
->user[
"pass"
]);
101
setcookie(
'oldid'
,
$oldid
,0,
'/'
);
102
$_COOKIE[
'oldid'
]=
$oldid
;
103
104
if
(!
$mem
->setid($id)) {
105
$error
=
$err
->errstr();
106
include(
"index.php"
);
107
exit
();
108
}
109
// Now we are the other user :)
110
include_once(
"main.php"
);
111
exit
();
112
}
113
114
// If there were an error, let's show it :
115
include_once(
"head.php"
);
116
117
?>
118
<h3><?php
__
(
"Member login"
); ?></h3>
119
<?php
120
121
if
(
isset
(
$error
) &&
$error
) {
122
echo
"<p class=\"alert alert-danger\">$error</p>"
;
123
}
124
include_once(
"foot.php"
);
125
?>
code
alternc
bureau
admin
adm_login.php
Generated on Mon Mar 24 2014 17:14:20 for Alternc by
1.8.1.2