[simpleinvoices commit] r1759 - in branches/current-stable-release: . config extensions/gene/modules/invoices extensions/...
codesite...@google.com
Date: Sat Jul 19 01:40:47 2008
New Revision: 1759
Added:
branches/current-stable-release/extensions/school/modules/invoices/save.php
- copied, changed from r1758, /branches/current-stable-release/modules/invoices/save.php
branches/current-stable-release/modules/auth/
branches/current-stable-release/modules/auth/login.php
- copied, changed from r1758, /branches/current-stable-release/login.php
branches/current-stable-release/templates/default/auth/
branches/current-stable-release/templates/default/auth/login.tpl
- copied, changed from r1758, /branches/current-stable-release/login.php
Modified:
branches/current-stable-release/config/config.php
branches/current-stable-release/extensions/gene/modules/invoices/save.php
branches/current-stable-release/extensions/school/include/acl.php
branches/current-stable-release/extensions/school/include/check_permissions.php
branches/current-stable-release/extensions/school/include/init.php
branches/current-stable-release/extensions/school/include/sql_queries.php
branches/current-stable-release/extensions/school/install/school.sql
branches/current-stable-release/extensions/school/modules/invoices/manage.php
branches/current-stable-release/extensions/school/templates/default/menu.tpl
branches/current-stable-release/include/auth/auth.php
branches/current-stable-release/include/init.php
branches/current-stable-release/include/sql_queries.php
branches/current-stable-release/index.php
branches/current-stable-release/login.php
branches/current-stable-release/logout.php
branches/current-stable-release/modules/invoices/save.php
Log:
auth page changes
Modified: branches/current-stable-release/config/config.php
==============================================================================
--- branches/current-stable-release/config/config.php (original)
+++ branches/current-stable-release/config/config.php Sat Jul 19
01:40:47 2008
@@ -8,7 +8,7 @@
/* Authentication options */
#####################
//if you want to make Simple Invoices secure and require a username
and password set this to true
-$authenticationOn = "false"; // "true"
+$authenticationOn = "true"; // "true"
//if you are using a .httaccess file
$http_auth = ""; //value: "name:password@"
Modified: branches/current-stable-release/extensions/gene/modules/invoices/save.php
==============================================================================
---
branches/current-stable-release/extensions/gene/modules/invoices/save.php (original)
+++
branches/current-stable-release/extensions/gene/modules/invoices/save.php
Sat Jul 19 01:40:47 2008
@@ -34,7 +34,7 @@
if ($_POST['action'] == "insert" ) {
- if(insertInvoice($type)) {
+ if(invoice::insertInvoice($type)) {
$invoice_id = mysql_insert_id();
// saveCustomFieldValues($_POST['categorie'],$invoice_id);
$saved = true;
Modified: branches/current-stable-release/extensions/school/include/acl.php
==============================================================================
--- branches/current-stable-release/extensions/school/include/acl.php (original)
+++ branches/current-stable-release/extensions/school/include/acl.php
Sat Jul 19 01:40:47 2008
@@ -7,7 +7,25 @@
$acl->addRole(new Zend_Acl_Role('branch_administrator'));
$acl->addRole(new Zend_Acl_Role('administrator'));
+$acl->add(new Zend_Acl_Resource('auth'));
$acl->add(new Zend_Acl_Resource('customers'));
+$acl->add(new Zend_Acl_Resource('invoices'));
+$acl->add(new Zend_Acl_Resource('course'));
+$acl->add(new Zend_Acl_Resource('biller'));
+$acl->add(new Zend_Acl_Resource('products'));
+$acl->add(new Zend_Acl_Resource('enrollment'));
+$acl->add(new Zend_Acl_Resource('payments'));
+$acl->add(new Zend_Acl_Resource('reports'));
+$acl->add(new Zend_Acl_Resource('teacher'));
+$acl->add(new Zend_Acl_Resource('certificate'));
+$acl->add(new Zend_Acl_Resource('todo'));
+$acl->add(new Zend_Acl_Resource('system_defaults'));
+$acl->add(new Zend_Acl_Resource('custom_fields'));
+$acl->add(new Zend_Acl_Resource('subject'));
+$acl->add(new Zend_Acl_Resource('user'));
+$acl->add(new Zend_Acl_Resource('tax_rates'));
+$acl->add(new Zend_Acl_Resource('preferences'));
+$acl->add(new Zend_Acl_Resource('payment_types'));
/* alternatively, the above could be written:
$acl->allow('guest', null, 'view');
@@ -17,6 +35,7 @@
//$acl->allow('student', null, array('customers'));
//$acl->deny('student');
+$acl->allow(null,'auth');
$acl->allow('student', 'customers', 'view');
// Editor inherits view, edit, submit, and revise privileges from staff,
Modified: branches/current-stable-release/extensions/school/include/check_permissions.php
==============================================================================
---
branches/current-stable-release/extensions/school/include/check_permissions.php (original)
+++
branches/current-stable-release/extensions/school/include/check_permissions.php
Sat Jul 19 01:40:47 2008
@@ -2,10 +2,9 @@
$auth_session = new Zend_Session_Namespace('Zend_Auth');
-print_r($_SESSION);
+//print_r($_SESSION);
-echo $checkPermission = $acl->isAllowed($auth_session->role_name,
$module, $_GET['action']) ? "allowed" : "denied"; // allowed
+$checkPermission = $acl->isAllowed($auth_session->role_name, $module,
$_GET['action']) ? "allowed" : "denied"; // allowed
//echo $module." :: ".$_GET['action'];
$checkPermission == "denied" ? exit($LANG['denied_page']) :"" ;
-
-?>
\ No newline at end of file
+?>
Modified: branches/current-stable-release/extensions/school/include/init.php
==============================================================================
--- branches/current-stable-release/extensions/school/include/init.php (original)
+++ branches/current-stable-release/extensions/school/include/init.php
Sat Jul 19 01:40:47 2008
@@ -22,7 +22,6 @@
checkConnection();
-include('./include/include_auth.php');
include_once('./include/manageCustomFields.php');
include_once("./include/validation.php");
*/
Modified: branches/current-stable-release/extensions/school/include/sql_queries.php
==============================================================================
---
branches/current-stable-release/extensions/school/include/sql_queries.php (original)
+++
branches/current-stable-release/extensions/school/include/sql_queries.php
Sat Jul 19 01:40:47 2008
@@ -664,6 +664,44 @@
class school_invoice extends invoice{
+ function insertInvoice($type) {
+
+ global $auth_session;
+
+ $sql = "INSERT
+ INTO
+ ".TB_PREFIX."invoices (
+ id,
+ biller_id,
+ customer_id,
+ type_id,
+ preference_id,
+ date,
+ note,
+ custom_field1,
+ custom_field2,
+ custom_field3,
+ custom_field4,
+ branch_id
+ )
+ VALUES
+ (
+ NULL,
+ '$_POST[biller_id]',
+ '$_POST[customer_id]',
+ '$type',
+ '$_POST[preference_id]',
+ '$_POST[date]',
+ '$_POST[note]',
+ '$_POST[customField1]',
+ '$_POST[customField2]',
+ '$_POST[customField3]',
+ '$_POST[customField4]',
+ '$auth_session->user_domain'
+ )";
+ //echo $sql;
+ return mysqlQuery($sql);
+ }
function
insertinvoiceitem($invoice_id,$quantity,$product_id,$tax_id,$description="",
$student_id, $start_reason_id, $dropped_reason_id, $dropped_date)
{
Modified: branches/current-stable-release/extensions/school/install/school.sql
==============================================================================
---
branches/current-stable-release/extensions/school/install/school.sql (original)
+++
branches/current-stable-release/extensions/school/install/school.sql
Sat Jul 19 01:40:47 2008
@@ -282,7 +282,7 @@
`id` INT NOT NULL AUTO_INCREMENT ,
`name` VARCHAR( 255 ) NOT NULL ,
PRIMARY KEY ( `id` )
-)
+);
INSERT
INTO `si_user_role` (
@@ -296,3 +296,4 @@
)
;
+ALTER TABLE `si_invoices` ADD `branch_id` INT( 11 ) NOT NULL ;
Modified: branches/current-stable-release/extensions/school/modules/invoices/manage.php
==============================================================================
---
branches/current-stable-release/extensions/school/modules/invoices/manage.php (original)
+++
branches/current-stable-release/extensions/school/modules/invoices/manage.php
Sat Jul 19 01:40:47 2008
@@ -23,6 +23,12 @@
<title>{$title} :: {$LANG['manage_invoices']}</title>
EOD;*/
+echo "Role:".$auth_session->role_name;
+if($auth_session->role_name == "branch_administrator")
+{
+ $limit = " AND iv.branch_id = ".$auth_session->user_domain;
+}
+
if (empty($_GET['action']))
{
$sql = "SELECT iv.id, b.name As biller, c.name As customer,
c.first_name as first_name, c.middle_name as middle_name,
@@ -42,7 +48,7 @@
IF(isnull(@apmt), 0, @apmt) As paid_format,
(select (total - paid_format)) as owing
FROM ".TB_PREFIX."invoices iv, ".TB_PREFIX."biller
b, ".TB_PREFIX."customers c, ".TB_PREFIX."preferences pf
- WHERE iv.customer_id = c.id AND iv.biller_id = b.id AND
iv.preference_id = pf.pref_id
+ WHERE iv.customer_id = c.id AND iv.biller_id = b.id AND
iv.preference_id = pf.pref_id $limit
GROUP BY iv.id
ORDER BY iv.id DESC";
} else {
@@ -77,7 +83,7 @@
IF(isnull(@apmt), 0, @apmt) As paid_format,
(select (total - paid_format)) as owing
FROM ".TB_PREFIX."invoices iv, ".TB_PREFIX."biller
b, ".TB_PREFIX."customers c, ".TB_PREFIX."preferences pf
- WHERE iv.customer_id = c.id AND iv.biller_id = b.id AND
iv.preference_id = pf.pref_id $search_sql
+ WHERE iv.customer_id = c.id AND iv.biller_id = b.id AND
iv.preference_id = pf.pref_id $search_sql $limit
GROUP BY iv.id
ORDER BY iv.id DESC";
Copied:
branches/current-stable-release/extensions/school/modules/invoices/save.php
(from r1758, /branches/current-stable-release/modules/invoices/save.php)
==============================================================================
--- /branches/current-stable-release/modules/invoices/save.php (original)
+++
branches/current-stable-release/extensions/school/modules/invoices/save.php
Sat Jul 19 01:40:47 2008
@@ -34,7 +34,7 @@
if ($_POST['action'] == "insert" ) {
- if(insertInvoice($type)) {
+ if(school_invoice::insertInvoice($type)) {
$invoice_id = mysql_insert_id();
// saveCustomFieldValues($_POST['categorie'],$invoice_id);
$saved = true;
Modified: branches/current-stable-release/extensions/school/templates/default/menu.tpl
==============================================================================
---
branches/current-stable-release/extensions/school/templates/default/menu.tpl (original)
+++
branches/current-stable-release/extensions/school/templates/default/menu.tpl
Sat Jul 19 01:40:47 2008
@@ -265,10 +265,10 @@
</ul>
</li>
{if $authenticationOn == "true"}
- {if $smarty.session.db_is_logged_in == null}
+ {if $smarty.session.Zend_Auth.user_id == null}
<li><a href="login.php">{$LANG.login}</a></li>
{else}
- <li><a href="logout.php">{$LANG.logout}</a></li>
+ <li><a href="login.php?logout">{$LANG.logout}</a></li>
{/if}
{/if}
</ul>
Modified: branches/current-stable-release/include/auth/auth.php
==============================================================================
--- branches/current-stable-release/include/auth/auth.php (original)
+++ branches/current-stable-release/include/auth/auth.php Sat Jul 19
01:40:47 2008
@@ -4,21 +4,24 @@
//session_start();
// is the one accessing this page logged in or not?
-if (!isset($_SESSION['db_is_logged_in']) ||
$_SESSION['db_is_logged_in'] !== true) {
+if (!isset($_SESSION['Zend_Auth']['user_id']))
+{
+ if ($_GET['module'] !== "auth")
+ {
- if ($_GET['location'] == 'pdf' ) {
- // not logged in, and coming from the pdf converter move to login page
- header('Location: ../login.php');
- exit;
- }
-
- else if ($_GET['location'] !== 'pdf' ) {
- // not logged in, move to login page
- header('Location: login.php');
- exit;
- }
-
- else {};
+ if ($_GET['location'] == 'pdf' ) {
+ // not logged in, and coming from the pdf converter move to login page
+ header('Location: ../index.php?module=auth&view=login');
+ exit;
+ }
+
+ else if ($_GET['location'] !== 'pdf' ) {
+ // not logged in, move to login page
+ header('Location: index.php?module=auth&view=login');
+ exit;
+ }
+ else {};
+ }
}
?>
Modified: branches/current-stable-release/include/init.php
==============================================================================
--- branches/current-stable-release/include/init.php (original)
+++ branches/current-stable-release/include/init.php Sat Jul 19
01:40:47 2008
@@ -62,6 +62,8 @@
$config = new
Zend_Config_Ini('./config/'.$environment.'.config.ini', $environment);
}
+include_once('./include/include_auth.php');
+
include_once("./include/sql_queries.php");
include_once('./include/language.php');
@@ -70,7 +72,6 @@
checkConnection();
-include('./include/include_auth.php');
include_once('./include/manageCustomFields.php');
include_once("./include/validation.php");
Modified: branches/current-stable-release/include/sql_queries.php
==============================================================================
--- branches/current-stable-release/include/sql_queries.php (original)
+++ branches/current-stable-release/include/sql_queries.php Sat Jul 19
01:40:47 2008
@@ -756,41 +756,6 @@
-function insertInvoice($type) {
-
- $sql = "INSERT
- INTO
- ".TB_PREFIX."invoices (
- id,
- biller_id,
- customer_id,
- type_id,
- preference_id,
- date,
- note,
- custom_field1,
- custom_field2,
- custom_field3,
- custom_field4
- )
- VALUES
- (
- NULL,
- '$_POST[biller_id]',
- '$_POST[customer_id]',
- '$type',
- '$_POST[preference_id]',
- '$_POST[date]',
- '$_POST[note]',
- '$_POST[customField1]',
- '$_POST[customField2]',
- '$_POST[customField3]',
- '$_POST[customField4]'
- )";
- //echo $sql;
- return mysqlQuery($sql);
-}
-
function updateInvoice($invoice_id) {
$sql = "UPDATE
@@ -812,6 +777,41 @@
}
class invoice {
+
+ function insertInvoice($type) {
+
+ $sql = "INSERT
+ INTO
+ ".TB_PREFIX."invoices (
+ id,
+ biller_id,
+ customer_id,
+ type_id,
+ preference_id,
+ date,
+ note,
+ custom_field1,
+ custom_field2,
+ custom_field3,
+ custom_field4
+ )
+ VALUES
+ (
+ NULL,
+ '$_POST[biller_id]',
+ '$_POST[customer_id]',
+ '$type',
+ '$_POST[preference_id]',
+ '$_POST[date]',
+ '$_POST[note]',
+ '$_POST[customField1]',
+ '$_POST[customField2]',
+ '$_POST[customField3]',
+ '$_POST[customField4]'
+ )";
+ //echo $sql;
+ return mysqlQuery($sql);
+ }
function
insertInvoiceItem($invoice_id,$quantity,$product_id,$tax_id,$description="") {
Modified: branches/current-stable-release/index.php
==============================================================================
--- branches/current-stable-release/index.php (original)
+++ branches/current-stable-release/index.php Sat Jul 19 01:40:47 2008
@@ -114,6 +114,7 @@
exit(0);
}
+
$path = "$module/$view";
/*
@@ -126,10 +127,13 @@
/*
* TODO: fix the javascript or move datapicker to extjs to fix this
hack - not nice
*/
+if($module !== "auth")
+{
if ($view == "manage")
$smarty -> display("../templates/default/headerm.tpl");
else
$smarty -> display("../templates/default/header.tpl");
+}
/*
* Prep the page - load the header stuff - end
*/
@@ -214,7 +218,9 @@
/*
* Menu : If extension has custom menu use it else use default - start
*/
-
+
+if($menu == "true")
+{
$extensionMenu = 0;
foreach($extension as $tplKey=>$tplValue)
{
@@ -237,6 +243,7 @@
{
$smarty -> display("../templates/default/menu.tpl");
}
+}
/*
* Menu : If extension has custom menu use it else use default - end
*/
Modified: branches/current-stable-release/login.php
==============================================================================
--- branches/current-stable-release/login.php (original)
+++ branches/current-stable-release/login.php Sat Jul 19 01:40:47 2008
@@ -17,7 +17,7 @@
// we must never forget to start the session
//so config.php works ok without using index.php define browse
define("BROWSE","browse");
-
+print_r($_SESSION);
set_include_path(get_include_path() . PATH_SEPARATOR . "./library/");
require_once './library/Zend/Loader.php';
Zend_Loader::loadClass('Zend_Db_Table');
@@ -27,7 +27,7 @@
Zend_Loader::loadClass('Zend_Config_Ini');
Zend_Session::start();
-
+echo substr($_SERVER['SCRIPT_FILENAME'], -9, 5);
require_once 'include/init.php';
// Create an in-memory SQLite database connection
Modified: branches/current-stable-release/logout.php
==============================================================================
--- branches/current-stable-release/logout.php (original)
+++ branches/current-stable-release/logout.php Sat Jul 19 01:40:47 2008
@@ -18,12 +18,10 @@
// i will keep yelling this
// DON'T FORGET TO START THE SESSION !!!
-session_start();
+Zend_Session::start();
-// if the user is logged in, unset the session
-if (isset($_SESSION['db_is_logged_in'])) {
- unset($_SESSION);
-}
+ Zend_Session::destroy(true);
+ header('Location: login.php');
// now that the user is logged out,
// go to login page
Copied: branches/current-stable-release/modules/auth/login.php (from
r1758, /branches/current-stable-release/login.php)
==============================================================================
--- /branches/current-stable-release/login.php (original)
+++ branches/current-stable-release/modules/auth/login.php Sat Jul 19
01:40:47 2008
@@ -1,23 +1,18 @@
<?php
-
/*
* Script: login.php
* Login page
*
-* Authors:
-* Justin Kelly, Nicolas Ruflin
-*
-* Last edited:
-* 2007-07-18
-*
* License:
* GPL v2 or above
*/
+$menu = false;
// we must never forget to start the session
//so config.php works ok without using index.php define browse
define("BROWSE","browse");
-
+//print_r($_SESSION);
+/*
set_include_path(get_include_path() . PATH_SEPARATOR . "./library/");
require_once './library/Zend/Loader.php';
Zend_Loader::loadClass('Zend_Db_Table');
@@ -25,11 +20,12 @@
Zend_Loader::loadClass('Zend_Auth');
Zend_Loader::loadClass('Zend_Session');
Zend_Loader::loadClass('Zend_Config_Ini');
-
+*/
Zend_Session::start();
-
+/*
+echo substr($_SERVER['SCRIPT_FILENAME'], -9, 5);
require_once 'include/init.php';
-
+*/
// Create an in-memory SQLite database connection
require_once 'Zend/Db/Adapter/Pdo/Mysql.php';
//$dbAdapter = new Zend_Db_Adapter_Pdo_Mysql(array('dbname' => ':memory:'));
@@ -51,7 +47,7 @@
if (isset($_GET['logout']))
{
Zend_Session::destroy(true);
- header('Location: login.php');
+ header('Location: index.php?module=auth&view=login');
}
@@ -113,93 +109,8 @@
}
-}
-?>
-<html>
-<head>
-
-
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<title>Simple Invoices Login</title>
-<link rel="stylesheet" type="text/css" href="./templates/default/css/login.css">
-
-</head>
-
-<body class="login" >
- <div class="Container">
-
-
-<?php
-
-if ($errorMessage != '') {
-?>
-<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
-<?php
}
-?>
-<div id="Dialog">
-
-<h1>Simple Invoices</h1>
+$smarty->assign("errorMessage",$errorMessage);
- <form action="" method="post" name="frmLogin" id="frmLogin" <?php
if($MD5Auth==True){?>onSubmit="return login(this);"<?php }?>>
- <input type="hidden" name="action" value="login" />
- <input type="hidden" name="cookieverify" value="" />
- <input type="hidden" name="redirect" value="" />
-
- <?php if($MD5Auth==True){?>
- <input type="hidden" name="md5" value="">
- <?php }?>
- <?php if($ChallengeLife>0){?>
- <input type="hidden" name="ChallengeKey" value="<?php
echo $Challenge_Key;?>">
- <?php }?>
-
- <dl>
- <dt>Email:</dt>
- <dd><input name="user" type="text" id="user" value="" /></dd>
-
- <dt>Password:</dt>
- <dd>
- <input name="pass" type="password" id="pass" value="" />
- <!--
- <span>(<a href="login.php">I forgot my password/username</a>)</span>
- -->
- </dd>
-<!--TODO add language select drop down here -->
-<!--
- <dd><input type="checkbox" name="remember_me" /> Remember me
on this computer</dd>
--->
- <dd> <input type="submit" value="login" /></dd>
-
-
-<!-- <dd><input type="submit" value="Sign in" /></dd> -->
-<!--
- <label for="username">Username</label>
- <input name="user" type="text" id="user"/>
- <BR>
- <label for="password">Password</label>
- <input name="pass" type="password" id="pass"/>
--->
- <!--
- <label for="language">Language</label>
- <select id="language" name="language">
- <option value="en" SELECTED="yes">English (United States)</option>
-
- </select>
- -->
-<!--
- <div class="form_actions">
- <dd> <input type="submit" value="login" /></dd>
- </div>
--->
- </dl>
- </form>
-
- </div>
-
- <dd>Powered by <a href="http://www.simpleinvoices.org">Simple Invoices</a></dd>
-
- </div>
-
-</body>
-</html>
+?>
Modified: branches/current-stable-release/modules/invoices/save.php
==============================================================================
--- branches/current-stable-release/modules/invoices/save.php (original)
+++ branches/current-stable-release/modules/invoices/save.php Sat Jul
19 01:40:47 2008
@@ -34,7 +34,7 @@
if ($_POST['action'] == "insert" ) {
- if(insertInvoice($type)) {
+ if(invoice::insertInvoice($type)) {
$invoice_id = mysql_insert_id();
// saveCustomFieldValues($_POST['categorie'],$invoice_id);
$saved = true;
Copied:
branches/current-stable-release/templates/default/auth/login.tpl (from
r1758, /branches/current-stable-release/login.php)
==============================================================================
--- /branches/current-stable-release/login.php (original)
+++ branches/current-stable-release/templates/default/auth/login.tpl
Sat Jul 19 01:40:47 2008
@@ -1,159 +1,19 @@
-<?php
-
-/*
-* Script: login.php
-* Login page
-*
-* Authors:
-* Justin Kelly, Nicolas Ruflin
-*
-* Last edited:
-* 2007-07-18
-*
-* License:
-* GPL v2 or above
-*/
-
-// we must never forget to start the session
-//so config.php works ok without using index.php define browse
-define("BROWSE","browse");
-
-set_include_path(get_include_path() . PATH_SEPARATOR . "./library/");
-require_once './library/Zend/Loader.php';
-Zend_Loader::loadClass('Zend_Db_Table');
-Zend_Loader::loadClass('Zend_Debug');
-Zend_Loader::loadClass('Zend_Auth');
-Zend_Loader::loadClass('Zend_Session');
-Zend_Loader::loadClass('Zend_Config_Ini');
-
-Zend_Session::start();
-
-require_once 'include/init.php';
-
-// Create an in-memory SQLite database connection
-require_once 'Zend/Db/Adapter/Pdo/Mysql.php';
-//$dbAdapter = new Zend_Db_Adapter_Pdo_Mysql(array('dbname' => ':memory:'));
-/*
-$dbAdapter = new Zend_Db_Adapter_Pdo_Mysql(array(
- 'host' => $config->database->params->host,
- 'username' => $config->database->params->username,
- 'password' => $config->database->params->password,
- 'dbname' => $config->database->params->dbname
-));
-*/
-$dbAdapter = Zend_Db::factory($config->database->adapter, array(
- 'host' => $config->database->params->host,
- 'username' => $config->database->params->username,
- 'password' => $config->database->params->password,
- 'dbname' => $config->database->params->dbname)
-);
-
-if (isset($_GET['logout']))
-{
- Zend_Session::destroy(true);
- header('Location: login.php');
-}
-
-
-$errorMessage = '';
-if (isset($_POST['user']) && isset($_POST['pass'])) {
-
- require_once 'Zend/Auth/Adapter/DbTable.php';
-
- // Configure the instance with constructor parameters...
- //$authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter, 'users', 'username', 'password');
-
- // ...or configure the instance with setter methods
- $authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter);
- $authAdapter->setTableName(TB_PREFIX.'users')
- ->setIdentityColumn('user_email')
- ->setCredentialColumn('user_password')
- ->setCredentialTreatment('MD5(?)');
-
- $userEmail = $_POST['user'];
- $password = $_POST['pass'];
-
- // Set the input credential values (e.g., from a login form)
- $authAdapter->setIdentity($userEmail)
- ->setCredential($password);
-
- // Perform the authentication query, saving the result
- $result = $authAdapter->authenticate();
-
- if ($result->isValid()) {
-
- Zend_Session::start();
-
- /*
- * grab user data from the datbase
- */
- $result = $dbAdapter->fetchRow('
- SELECT
- u.user_id, u.user_email, u.user_name, u.user_group, r.name as
role_name, u.user_domain
- FROM
- si_users u, si_user_role r
- WHERE
- user_email = ? AND u.user_group = r.id', $userEmail
- );
-
- /*
- * chuck the user details sans password into the Zend_auth session
- */
- $authNamespace = new Zend_Session_Namespace('Zend_Auth');
- foreach ($result as $key => $value)
- {
- $authNamespace->$key = $value;
- }
-
- header('Location: .');
-
- } else {
-
- $errorMessage = 'Sorry, wrong user / password';
-
- }
-
-}
-?>
-<html>
-<head>
-
-
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-<title>Simple Invoices Login</title>
<link rel="stylesheet" type="text/css" href="./templates/default/css/login.css">
-</head>
-
<body class="login" >
<div class="Container">
-<?php
-
-if ($errorMessage != '') {
-?>
-<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
-<?php
-}
-?>
+{if $errorMessage != ''}
+<p align="center"><strong><font color="#990000">{$errorMessage}</font></strong></p>
+{/if}
<div id="Dialog">
<h1>Simple Invoices</h1>
- <form action="" method="post" name="frmLogin" id="frmLogin" <?php
if($MD5Auth==True){?>onSubmit="return login(this);"<?php }?>>
+ <form action="" method="post" name="frmLogin" id="frmLogin">
<input type="hidden" name="action" value="login" />
- <input type="hidden" name="cookieverify" value="" />
- <input type="hidden" name="redirect" value="" />
-
- <?php if($MD5Auth==True){?>
- <input type="hidden" name="md5" value="">
- <?php }?>
- <?php if($ChallengeLife>0){?>
- <input type="hidden" name="ChallengeKey" value="<?php
echo $Challenge_Key;?>">
- <?php }?>
-
<dl>
<dt>Email:</dt>
<dd><input name="user" type="text" id="user" value="" /></dd>