-
Notifications
You must be signed in to change notification settings - Fork 0
/
verify.php
68 lines (62 loc) · 2.39 KB
/
verify.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?php ob_start();
#set_magic_quotes_runtime (1)
extract($_POST);
extract($_GET);
$cid = $_COOKIE["threed_id"];
settype ($cid, integer);
$cpassword = $_COOKIE["threed_password"];
if (!$cpassword) { $cpassword = "nuffin"; }
############ Put your web proxy here or use "" for no proxy #########
#$webproxy = "casr.adelaide.edu.au:80";
$webproxy = "";
#####################################################################
############ Put the full path to the file store directory ##########
#$filestore = "/Library/WebServer/threedfiles/";
$filestore = "/data/webfiles/";
#####################################################################
# Needs the following in httpd.conf
# Uncomment rewrite module lines
# RewriteEngine on
# RewriteRule ^/threedfile/(.*)$ /database/download.php?xname=$1
#
# Also, need to make sure the (virtual)host configutration contains
# AllowOverride All
# (the default is None & the URL re-writing won't work with that!)
############ Also need these in php.ini #############################
# post_max_size = 110M
# upload_max_filesize = 100M
# max_execution_time = 300
# error_reporting = E_ALL & ~E_NOTICE
# display_errors = On
# magic_quotes_gpc = On
#####################################################################
$db = pg_Connect ("host=localhost dbname=threed user=www password=tree");
if (!$db) { echo "Oops - Database Failure - Things really are not working well - sigh"; exit; }
$q = "'";
$t = "t";
$query = "SELECT * FROM users WHERE id = $q$cid$q AND password = $q$cpassword$q AND active = $q$t$q;";
$result = pg_query($db, $query);
$num = pg_num_rows($result);
if ($num != 1) {
header("Location: http://".$_SERVER['HTTP_HOST'] .dirname($_SERVER['PHP_SELF']) ."/login.php");
exit;
}
$user = pg_Fetch_array($result, 0, PGSQL_ASSOC);
if ($user["admin"] == "t") { $admin = 1; } else { $admin = 0; }
if ($user["adminbook"] == "t") { $adminbook = 1; } else { $adminbook = 0; }
$uquery = "SELECT * FROM users;";
$uresult = pg_query($db, $uquery);
$numusers = pg_num_rows($uresult);
for ($i=0;$i<$numusers;$i++) {
$ur = pg_Fetch_array($uresult, $i, PGSQL_ASSOC);
$a = $ur["first"];
if ($ur["first"] && $ur["last"]) { $a .= " "; }
$a .= $ur["last"];
if (!$a) { $a = $ur["username"]; }
$name[$ur["id"]] = htmlentities($a);
$userid[$i] = $ur["id"];
$namelist[$i] = htmlentities($a);
$namelistU[$i] = strtoupper(htmlentities($a));
}
array_multisort ($namelistU, $namelist, $userid);
?>