$OPEP="gessql.php:sql_getlogname";
$logname=NULL;
-$cookie=$_COOKIE['mailleur'];
+$expire=NULL;
+$cookie=$_COOKIE[getenv("APPNAME")];
+$cookie=htmlspecialchars($cookie);
$phase=0;
$proceed=true;
while ($proceed==true) {
$phase=999;
break;
case 1 : //is the cookie within database
- $cookie=htmlspecialchars($cookie);
$stmt=$dbsql->Select("Select * from cookies where cookuuid='$cookie'");
$expire=$stmt->fetch(PDO::FETCH_ASSOC)['expire'];
- rou_alert(0,"$OPEP, cookie expire=<$expire>");
+ if ($expire==null) {
+ rou_alert(0,"$OPEP, cookie <$cookie> expire not found in DB!");
+ $phase=999;
+ }
+ break;
+ case 2 : //checking if cookie expired
+ $texpire=strtotime($expire);
+ if (time()>$texpire) {
+ rou_alert(0,"$OPEP, cookie <$cookie> time limite");
+ $phase=999;
+ }
break;
- case 2 : //extracting logname
+ case 3 : //extracting logname
$stmt=$dbsql->Select("Select * from cookies where cookuuid='$cookie'");
$logname=$stmt->fetch(PDO::FETCH_ASSOC)['email'];
- rou_alert(0,"$OPEP, cookie logname=<$logname>");
if ($logname==NULL) { //is user known?
rou_alert(0,"$OPEP, cookie <$cookie> not found in DB");
$phase=999;
//section to generate the main screen body
//
-//define('JMPDBG','1');
-function body($action,$user,$pass)
+function body()
{
//including screen function
Mailleur
</FONT></STRONG></CENTER>
$login
-USERNAME=$user
$footer
</BODY>
</HTML>
return $STR;
}
-$logname="U1";
-$pass="P1";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$pass=$_POST["passwd"];
$logname=$_POST["email"];
}
//display main screen
-echo body($action,$logname,$pass);
+echo body();
?>
vps2: / jmp / mailleur / commitdiff