add admin user
This commit is contained in:
Mark Campbell-Smith
parent
5a6901161d
commit
0ef0b52f3a
14
auth.php
14
auth.php
@ -74,13 +74,12 @@ if ($require_authentication) {
|
|||||||
</form>
|
</form>
|
||||||
<div id="error">'.(($auth_error==1) ? $lang_authfail : "").'</div>
|
<div id="error">'.(($auth_error==1) ? $lang_authfail : "").'</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
</html>';
|
</html>';
|
||||||
$mysqli->close();
|
$mysqli->close();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
// username submited
|
// username submited
|
||||||
if ((!$auth) && ($user)){
|
if ((!$auth) && ($user)){
|
||||||
$query = $mysqli->prepare("SELECT ID,username,password FROM users WHERE username=? LIMIT 1");
|
$query = $mysqli->prepare("SELECT ID,username,password FROM users WHERE username=? LIMIT 1");
|
||||||
@ -90,6 +89,7 @@ if ($require_authentication) {
|
|||||||
$query->fetch();
|
$query->fetch();
|
||||||
$query->free_result();
|
$query->free_result();
|
||||||
//correct pass
|
//correct pass
|
||||||
|
|
||||||
if (($user==$rec_user) && ($pass==$rec_pass)) {
|
if (($user==$rec_user) && ($pass==$rec_pass)) {
|
||||||
// login successful
|
// login successful
|
||||||
//delete old session
|
//delete old session
|
||||||
@ -98,8 +98,12 @@ if ($require_authentication) {
|
|||||||
// start new session
|
// start new session
|
||||||
session_name('trackme');
|
session_name('trackme');
|
||||||
session_start();
|
session_start();
|
||||||
$_SESSION['auth'] = $rec_ID;
|
if (($user==$admin_user) and ($admin_user != "")) {
|
||||||
|
$_SESSION['auth'] = $admin_user;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$_SESSION['auth'] = $rec_ID;
|
||||||
|
}
|
||||||
$url = str_replace("//", "/", $_SERVER['HTTP_HOST'].dirname($_SERVER['SCRIPT_NAME'])."/index.php");
|
$url = str_replace("//", "/", $_SERVER['HTTP_HOST'].dirname($_SERVER['SCRIPT_NAME'])."/index.php");
|
||||||
header("Location: $ssl://$url");
|
header("Location: $ssl://$url");
|
||||||
exit;
|
exit;
|
||||||
@ -117,7 +121,7 @@ if ($require_authentication) {
|
|||||||
header("Location: $ssl://$url$error");
|
header("Location: $ssl://$url$error");
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* end of authentication */
|
/* end of authentication */
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|||||||
@ -50,6 +50,9 @@ $salt = ""; // fill in random string here, it will increase security of password
|
|||||||
// (0 = no, 1 = yes)
|
// (0 = no, 1 = yes)
|
||||||
$require_authentication = 1;
|
$require_authentication = 1;
|
||||||
|
|
||||||
|
// admin user who has access to all users locations
|
||||||
|
$admin_user = "";
|
||||||
|
|
||||||
// allow automatic registration of new users
|
// allow automatic registration of new users
|
||||||
// (0 = no, 1 = yes)
|
// (0 = no, 1 = yes)
|
||||||
$allow_registration = 0;
|
$allow_registration = 0;
|
||||||
|
|||||||
15
index.php
15
index.php
@ -17,9 +17,10 @@
|
|||||||
* License along with this program; if not, write to the Free Software
|
* License along with this program; if not, write to the Free Software
|
||||||
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||||
*/
|
*/
|
||||||
|
require_once("config.php");
|
||||||
require_once("auth.php");
|
require_once("auth.php");
|
||||||
|
|
||||||
if ($auth) {
|
if (($auth) and ($auth != $admin_user)) {
|
||||||
// get username
|
// get username
|
||||||
$query = "SELECT username FROM users WHERE ID='$auth' LIMIT 1";
|
$query = "SELECT username FROM users WHERE ID='$auth' LIMIT 1";
|
||||||
$result = $mysqli->query($query);
|
$result = $mysqli->query($query);
|
||||||
@ -30,8 +31,11 @@ if ($auth) {
|
|||||||
$user_form = '<u>'.$lang_user.'</u><br />'.$user.' (<a href="logout.php">'.$lang_logout.'</a>)';
|
$user_form = '<u>'.$lang_user.'</u><br />'.$user.' (<a href="logout.php">'.$lang_logout.'</a>)';
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
// free access
|
// free access or admin user
|
||||||
// prepare user select form
|
// prepare user select form
|
||||||
|
if (($auth == $admin_user) and ($admin_user != "")) {
|
||||||
|
$user = $auth;
|
||||||
|
}
|
||||||
$user_form = '
|
$user_form = '
|
||||||
<u>'.$lang_user.'</u><br />
|
<u>'.$lang_user.'</u><br />
|
||||||
<form>
|
<form>
|
||||||
@ -45,9 +49,9 @@ else {
|
|||||||
$user_form .= '
|
$user_form .= '
|
||||||
</select>
|
</select>
|
||||||
</form>
|
</form>
|
||||||
';
|
';
|
||||||
|
$user_form .= '<u>'.$lang_user.'</u><br />'.$user.' (<a href="logout.php">'.$lang_logout.'</a>)';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// prepare track select form
|
// prepare track select form
|
||||||
$track_form = '
|
$track_form = '
|
||||||
@ -56,6 +60,7 @@ $track_form = '
|
|||||||
<select name="track" onchange="selectTrack(this)">';
|
<select name="track" onchange="selectTrack(this)">';
|
||||||
$query = "SELECT * FROM trips WHERE FK_Users_ID='$auth' ORDER BY ID DESC";
|
$query = "SELECT * FROM trips WHERE FK_Users_ID='$auth' ORDER BY ID DESC";
|
||||||
$result = $mysqli->query($query);
|
$result = $mysqli->query($query);
|
||||||
|
|
||||||
$trackid = "";
|
$trackid = "";
|
||||||
while ($row = $result->fetch_assoc()) {
|
while ($row = $result->fetch_assoc()) {
|
||||||
if ($trackid == "") { $trackid = $row["ID"]; } // get first row
|
if ($trackid == "") { $trackid = $row["ID"]; } // get first row
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user