diff options
| author | Jules Laplace <carbon@melanarchy.org> | 2013-08-02 17:14:41 -0500 |
|---|---|---|
| committer | Jules Laplace <carbon@melanarchy.org> | 2013-08-02 17:14:41 -0500 |
| commit | e9192b3d42660a5781101df4357d276318151e8a (patch) | |
| tree | 059eb6ace6147cf9559af74ed1ab5e221c80e280 /cgi-bin/login | |
| parent | 79670053c7247d3a49b607960efd284e93f057e5 (diff) | |
cgi-bin & lib
Diffstat (limited to 'cgi-bin/login')
| -rwxr-xr-x | cgi-bin/login | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/cgi-bin/login b/cgi-bin/login new file mode 100755 index 0000000..0335549 --- /dev/null +++ b/cgi-bin/login @@ -0,0 +1,86 @@ +#!/usr/bin/perl +######################################### +# login +# no input: print form +# input: set cookie, send along to index +######################################### + +if (-e "/var/www/vhosts/carbonpictures.com/bucky/lock") + { + print "Content-type: text/html\nPragma: no-cache\n\n"; + print "<center><big><b><br>" . $BUCKY_CONFIG->{BUCKY_NAME} . " is down for maintenance!<p>please check back in a bit.</b></big></center>"; + exit(0); + } + +if (! exists $ENV{'HTTPS'} || $ENV{'HTTPS'} ne "on") + { + print "Location: https://www.carbonpictures.com/cgi-bin/bucky/index\n\n"; + exit; + } +use localbucky; + +$dbh = DBI->connect ($dsn); + +# Check to see if user has supplied a username for login +if (exists($input->{username})) + { + if ($DEBUG) + { header("login"); } + + # Look up user, based on username and password + my ($USER) = auth( $input->{username}, crypt($input->{password}, lc($input->{username}) ) ); + + # No such user, or password failed, so redirect to logout + if ($USER == -1) + { print "password failed<br>\n" if $DEBUG; logout(); } + + # User successfully logged in! Update the last login time + update_lastsession( $USER->{username} ); + $USER->{lastsession} = $USER->{lastseen}; + + if ($DEBUG) + { + print "<div class=\"message\">\n"; + print "uid: $USER->{id}\n<p>username: $USER->{username}\n<p>\n"; + print "</div>\n"; + footer(); + } + + nice_redirect(); + } + +# Else, if there's an i=1 query string, redirect to adduser program +elsif (exists($input->{i}) && $input->{i} == 1) + { redirect("$BUCKY/adduser?i=1"); } + +# Else, no username, so just display the login page +else + { + header("login"); + print qq{<hr color="$BUCKY_COLOR_HR" style="padding: 0px; margin: 2px;"><br><br><br><center><div class=message>}; + + # Display any login errors + if ($input->{error} == 1) + { print "bad username/password!<br>"; } + elsif ($input->{error} == 2) + { print "illegal traversal!<br>"; } + + print "<b>$BUCKY_LOGIN_WELCOME</b>"; + print qq{</b><br>\n<hr color="$BUCKY_COLOR_HR">\n\n}; + + login_form(); + + print qq(<p>\n<small>\n); +# print qq(<a href="$BUCKY/index"><b>tour</b> the hacklab</a>); +# print qq(<p>want an account?<br><a href="$BUCKY/invite">request one</a><br>); + print qq(</small></div></center>\n\n); + + footer(); + } + +$dbh->disconnect (); +print "Login: " . &report_time() . "\n" if $timer; + + +######################################### + |