);
CREATE INDEX aliases_id_ndx ON aliases(email);
+//List all currently opened cookies
+CREATE TABLE cookies (
+ cookuuid TEXTUNIQUE, //cookies unique id
+ email TEXT, //user email address
+ expire DBTIMESTAMP //cookies date limit
+ );
+
+//List emails address with admin capablities
+CREATE TABLE admins (
+ email TEXT //user email address
+ );
+
//--------------------------------------------------------------
//Defining TRIGGER fonctions according database type
//--------------------------------------------------------------
--- /dev/null
+<!DOCTYPE html>
+<?php
+ setcookie("Auction_Item", "cheap Car",time()+2*24*60*60,"/");
+?>
+<html>
+<body>
+ <?php
+ if (isset($_COOKIE["Auction_Item"]))
+ {
+ echo "Auction Item is a " . $_COOKIE["Auction_Item"];
+ }
+ else
+ {
+ echo "No items for auction.";
+ }
+ ?>
+ <p>
+ <strong>Note:</strong>
+ You might have to reload the
+ page to see the value of the cookie.
+ </p>
+
+</body>
+</html>
+
// vim: smarttab tabstop=8 shiftwidth=2 expandtab
//==============================================================
//
-// To dispatch all data base access according database type
+// To do data access basic function
//
//==============================================================
include_once "subrou.php";
+include_once "unienv.php";
class devsql {
public $connection = null;
// Select a row/s in a Database Table
public function Select($statement = "",$parameters = []) {
try {
- $stmt=$this->executeStatement($statement,$parameters);
- return $stmt->fetch(PDO::FETCH_ASSOC)['password'];
+ return $this->executeStatement($statement,$parameters);
} catch(Exception $e) {
throw new Exception($e->getMessage());
}
}
-include_once "subrou.php";
-
?>
--- /dev/null
+<?php
+// vim: smarttab tabstop=8 shiftwidth=2 expandtab
+//==============================================================
+//
+// To access data within the database
+//
+//==============================================================
+include_once "subrou.php";
+include_once "devsql.php";
+
+//==============================================================
+//
+// Function to check if password is the right one
+//
+//==============================================================
+function checkpassword($dbsql,$logname,$password)
+
+{
+$OPEP="gessql.php:checkpassword";
+
+$isgood=false;
+$phase=0;
+$proceed=true;
+while ($proceed==true) {
+ rou_alert(0,"$OPEP, JMPDBG phase=$phase");
+ switch ($phase) {
+ case 0 : //do we have both logname and password
+ if ($logname=="" || $password=="") {
+ rou_alert(0,"$OPEP, logname=<$logname> or password=<$password> missing!");
+ $phase=999; //trouble trouble
+ }
+ break;
+ case 1 : //extracting crypted password
+ $stmt=$dbsql->Select("Select * from emails where email='$logname'");
+ $dbpass=$stmt->fetch(PDO::FETCH_ASSOC)['password'];
+ if ($dbpass==null) { //is user known?
+ rou_alert(0,"$OPEP, logname=<$logname> missing from database");
+ $phase=999; //user unknown, trouble trouble
+ }
+ break;
+ case 2 : //extracting user crypted password
+ rou_alert(0,"$OPEP, JMPDBG dbpass=$dbpass");
+ break;
+ case 3 : //compare crypted password adn given password
+ break;
+ case 4 : //everything fine
+ $isgood=true;
+ break;
+ default : //SAFE Guard
+ $proceed=false;
+ break;
+ }
+ $phase++;
+ }
+return $isgood;
+}
+
+?>
include_once "subrou.php";
include_once "unienv.php";
include_once "scrfun.php";
-include_once "devsql.php";
-
-//==============================================================
-//
-// Function to check if password is OK
-//
-//==============================================================
-function checkpass($logname,$passwd)
-
-{
-$phase=0;
-$proceed=true;
-while ($proceed==true) {
- switch ($phase) {
- case 0 : //do we have
- if ($logname=="" || $passwd=="") {
- echo "<script>";
- echo "alert('username or password missing. Please try again.');";
- echo "</script>";
- $phase=999;
- }
- break;
- case 1 : //extracting user passwd
- $dbsql=sql_connect();
- $data=$dbsql->Select("Select * from emails where email='$logname'");
- sql_close($dbsql);
- setcookie("ABC","myuuid",time()+(86400*1),"/");
- header('Location: mailleur.php');
- break;
- default :
- $proceed=false;
- break;
- }
- $phase++;
- }
-}
+include_once "gessql.php";
//section to generate the main screen body
//
$logname="U1";
$pass="P1";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
- $dbsql=sql_connect();
- $data=$dbsql->Select("Select * from emails where email='$logname'");
- sql_close($dbsql);
$pass=$_POST["passwd"];
$logname=$_POST["email"];
- checkpass($logname,$pass);
+ $dbsql=sql_connect();
+ $isok=checkpassword($dbsql,$logname,$pass);
+ sql_close($dbsql);
+ switch ($isok) {
+ case false : //trouble report
+ echo "<script>";
+ echo "alert('wrong username or password. Please try again.');";
+ echo "</script>";
+ break;
+ default :
+ setcookie("ABC","myuuid",time()+(86400*1),"/");
+ header('Location: mailleur.php');
+ break;
+ }
}
//display main screen
vps2: / jmp / mailleur / commitdiff