sven/ulogger-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add admin user

Browse Source
This commit is contained in:
Mark Campbell-Smith 2014-04-01 17:28:27 +11:00
parent 5a6901161d
commit 0ef0b52f3a
3 changed files with 22 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
auth.php
View File

@ -74,7 +74,6 @@ if ($require_authentication) {
</form> </form>
<div id="error">'.(($auth_error==1) ? $lang_authfail : "").'</div> <div id="error">'.(($auth_error==1) ? $lang_authfail : "").'</div>
</div> </div>
</body> </body>
</html>'; </html>';
$mysqli->close(); $mysqli->close();
@ -90,6 +89,7 @@ if ($require_authentication) {
$query->fetch(); $query->fetch();
$query->free_result(); $query->free_result();
//correct pass //correct pass
if (($user==$rec_user) && ($pass==$rec_pass)) { if (($user==$rec_user) && ($pass==$rec_pass)) {
// login successful // login successful
//delete old session //delete old session
@ -98,8 +98,12 @@ if ($require_authentication) {
// start new session // start new session
session_name('trackme'); session_name('trackme');
session_start(); session_start();
if (($user==$admin_user) and ($admin_user != "")) {
$_SESSION['auth'] = $admin_user;
}
else {
$_SESSION['auth'] = $rec_ID; $_SESSION['auth'] = $rec_ID;
}
$url = str_replace("//", "/", $_SERVER['HTTP_HOST'].dirname($_SERVER['SCRIPT_NAME'])."/index.php"); $url = str_replace("//", "/", $_SERVER['HTTP_HOST'].dirname($_SERVER['SCRIPT_NAME'])."/index.php");
header("Location: $ssl://$url"); header("Location: $ssl://$url");
exit; exit;

3
config.php
View File

@ -50,6 +50,9 @@ $salt = ""; // fill in random string here, it will increase security of password
// (0 = no, 1 = yes) // (0 = no, 1 = yes)
$require_authentication = 1; $require_authentication = 1;
// admin user who has access to all users locations
$admin_user = "";
// allow automatic registration of new users // allow automatic registration of new users
// (0 = no, 1 = yes) // (0 = no, 1 = yes)
$allow_registration = 0; $allow_registration = 0;

11
index.php
View File

@ -17,9 +17,10 @@
* License along with this program; if not, write to the Free Software * License along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/ */
require_once("config.php");
require_once("auth.php"); require_once("auth.php");
if ($auth) { if (($auth) and ($auth != $admin_user)) {
// get username // get username
$query = "SELECT username FROM users WHERE ID='$auth' LIMIT 1"; $query = "SELECT username FROM users WHERE ID='$auth' LIMIT 1";
$result = $mysqli->query($query); $result = $mysqli->query($query);
@ -30,8 +31,11 @@ if ($auth) {
$user_form = '<u>'.$lang_user.'</u><br />'.$user.' (<a href="logout.php">'.$lang_logout.'</a>)'; $user_form = '<u>'.$lang_user.'</u><br />'.$user.' (<a href="logout.php">'.$lang_logout.'</a>)';
} }
else { else {
// free access // free access or admin user
// prepare user select form // prepare user select form
if (($auth == $admin_user) and ($admin_user != "")) {
$user = $auth;
}
$user_form = ' $user_form = '
<u>'.$lang_user.'</u><br /> <u>'.$lang_user.'</u><br />
<form> <form>
@ -46,9 +50,9 @@ $user_form .= '
</select> </select>
</form> </form>
'; ';
$user_form .= '<u>'.$lang_user.'</u><br />'.$user.' (<a href="logout.php">'.$lang_logout.'</a>)';
} }
// prepare track select form // prepare track select form
$track_form = ' $track_form = '
<u>'.$lang_track.'</u><br /> <u>'.$lang_track.'</u><br />
@ -56,6 +60,7 @@ $track_form = '
<select name="track" onchange="selectTrack(this)">'; <select name="track" onchange="selectTrack(this)">';
$query = "SELECT * FROM trips WHERE FK_Users_ID='$auth' ORDER BY ID DESC"; $query = "SELECT * FROM trips WHERE FK_Users_ID='$auth' ORDER BY ID DESC";
$result = $mysqli->query($query); $result = $mysqli->query($query);
$trackid = ""; $trackid = "";
while ($row = $result->fetch_assoc()) { while ($row = $result->fetch_assoc()) {
if ($trackid == "") { $trackid = $row["ID"]; } // get first row if ($trackid == "") { $trackid = $row["ID"]; } // get first row