HCoop / clinton / MarylandElectronicPetitionSignature.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update follow_up_emails.php
[clinton/MarylandElectronicPetitionSignature.git] / admin / login.php
1 <?PHP
2 include_once('/var/www/secure.php');
3 include_once('../slack.php');
4
5 function check_user($email,$pass){
6 global $petition;
7 $res = $petition->query("SELECT * FROM users WHERE email = '$email'");
8 $user = mysqli_fetch_array($res,MYSQLI_ASSOC);
9 if ($user['email'] != ''){
10 $encrypted = $user['pass'];
11 $explode = explode(':',$encrypted);
12 $hash = $explode[0];
13 $salt = $explode[1];
14 $test = md5($pass.$salt);
15 if( $test == $hash ){
16 setcookie("id", $user['id']);
17 setcookie("name", $user['name']);
18 setcookie("email", $user['email']);
19 setcookie("level", $user['sec_level']);
20 setcookie("group_id", $user['group_id']);
21 header('Location: index.php');
22 }else{
23 slack_general('ADMIN: Wrong Password','md-petition');
24 return "Wrong Password.";
25 }
26 }else{
27 slack_general('ADMIN: E-Mail Address Not Found','md-petition');
28 return "E-Mail Address Not Found.";
29 }
30 }
31
32 if (isset($_POST['email']) && isset($_POST['password'])){
33 $message = check_user($_POST['email'],$_POST['password']);
34 }else{
35 slack_general('ADMIN: Login Page Loaded','md-petition');
36 }
37
38 ?>
39
40 <div class="slate">
41 <form method="post" accept-charset="utf-8">
42 <table>
43 <?PHP if (isset($message)){ ?>
44 <tr>
45 <td>Message</td>
46 <td><?PHP echo $message;?></td>
47 </tr>
48 <?PHP } ?>
49 <tr>
50 <td>E-Mail Address</td>
51 <td><input type="text" name="email" value="" /></td>
52 </tr>
53 <tr>
54 <td>Password</td>
55 <td><input type="password" name="password" value="" /></td>
56 </tr>
57 <tr>
58 <td>&nbsp;</td>
59 <td><input type="submit" name="loginGo" value="Log In" /> or <a href='reset.php'>Reset Password</a></td>
60 </tr>
61 </table>
62 </form>
63 </div>
Unnamed repository; edit this file 'description' to name the repository.