add admin user
This commit is contained in:
Mark Campbell-Smith
parent
5a6901161d
commit
0ef0b52f3a
14
auth.php
14
auth.php
@ -74,13 +74,12 @@ if ($require_authentication) {
|
||||
</form>
|
||||
<div id="error">'.(($auth_error==1) ? $lang_authfail : "").'</div>
|
||||
</div>
|
||||
|
||||
</body>
|
||||
</html>';
|
||||
$mysqli->close();
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
// username submited
|
||||
if ((!$auth) && ($user)){
|
||||
$query = $mysqli->prepare("SELECT ID,username,password FROM users WHERE username=? LIMIT 1");
|
||||
@ -90,6 +89,7 @@ if ($require_authentication) {
|
||||
$query->fetch();
|
||||
$query->free_result();
|
||||
//correct pass
|
||||
|
||||
if (($user==$rec_user) && ($pass==$rec_pass)) {
|
||||
// login successful
|
||||
//delete old session
|
||||
@ -98,8 +98,12 @@ if ($require_authentication) {
|
||||
// start new session
|
||||
session_name('trackme');
|
||||
session_start();
|
||||
$_SESSION['auth'] = $rec_ID;
|
||||
|
||||
if (($user==$admin_user) and ($admin_user != "")) {
|
||||
$_SESSION['auth'] = $admin_user;
|
||||
}
|
||||
else {
|
||||
$_SESSION['auth'] = $rec_ID;
|
||||
}
|
||||
$url = str_replace("//", "/", $_SERVER['HTTP_HOST'].dirname($_SERVER['SCRIPT_NAME'])."/index.php");
|
||||
header("Location: $ssl://$url");
|
||||
exit;
|
||||
@ -117,7 +121,7 @@ if ($require_authentication) {
|
||||
header("Location: $ssl://$url$error");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
/* end of authentication */
|
||||
}
|
||||
?>
|
||||
|
||||
@ -50,6 +50,9 @@ $salt = ""; // fill in random string here, it will increase security of password
|
||||
// (0 = no, 1 = yes)
|
||||
$require_authentication = 1;
|
||||
|
||||
// admin user who has access to all users locations
|
||||
$admin_user = "";
|
||||
|
||||
// allow automatic registration of new users
|
||||
// (0 = no, 1 = yes)
|
||||
$allow_registration = 0;
|
||||
|
||||
15
index.php
15
index.php
@ -17,9 +17,10 @@
|
||||
* License along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
*/
|
||||
require_once("config.php");
|
||||
require_once("auth.php");
|
||||
|
||||
if ($auth) {
|
||||
|
||||
if (($auth) and ($auth != $admin_user)) {
|
||||
// get username
|
||||
$query = "SELECT username FROM users WHERE ID='$auth' LIMIT 1";
|
||||
$result = $mysqli->query($query);
|
||||
@ -30,8 +31,11 @@ if ($auth) {
|
||||
$user_form = '<u>'.$lang_user.'</u><br />'.$user.' (<a href="logout.php">'.$lang_logout.'</a>)';
|
||||
}
|
||||
else {
|
||||
// free access
|
||||
// free access or admin user
|
||||
// prepare user select form
|
||||
if (($auth == $admin_user) and ($admin_user != "")) {
|
||||
$user = $auth;
|
||||
}
|
||||
$user_form = '
|
||||
<u>'.$lang_user.'</u><br />
|
||||
<form>
|
||||
@ -45,9 +49,9 @@ else {
|
||||
$user_form .= '
|
||||
</select>
|
||||
</form>
|
||||
';
|
||||
';
|
||||
$user_form .= '<u>'.$lang_user.'</u><br />'.$user.' (<a href="logout.php">'.$lang_logout.'</a>)';
|
||||
}
|
||||
|
||||
|
||||
// prepare track select form
|
||||
$track_form = '
|
||||
@ -56,6 +60,7 @@ $track_form = '
|
||||
<select name="track" onchange="selectTrack(this)">';
|
||||
$query = "SELECT * FROM trips WHERE FK_Users_ID='$auth' ORDER BY ID DESC";
|
||||
$result = $mysqli->query($query);
|
||||
|
||||
$trackid = "";
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
if ($trackid == "") { $trackid = $row["ID"]; } // get first row
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user