cacert-webdb/includes/loggedin.php

106 lines
3.4 KiB
PHP
Raw Normal View History

2004-11-10 06:12:43 +00:00
<? /*
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
This file is part of CAcert.
CAcert has been released under a CAcert Source license
which can be found included with these source files or can
be downloaded from the internet from the following address:
http://www.cacert.org/src-lic.php
CAcert is distributed WITHOUT ANY WARRANTY; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the License for more details.
*/
2004-12-06 21:53:35 +00:00
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0)
2004-12-06 14:02:02 +00:00
{
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
$_SESSION['profile']['loggedin'] = 1;
}
2004-12-06 21:53:35 +00:00
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] == 0)
2004-11-10 06:12:43 +00:00
{
$query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$row['memid']."'"));
$_SESSION['profile']['loggedin'] = 1;
} else {
$_SESSION['profile']['loggedin'] = 0;
unset($_SESSION['_config']['oldlocation']);
foreach($_GET as $key => $val)
{
if($_SESSION['_config']['oldlocation'])
$_SESSION['_config']['oldlocation'] .= "&";
$_SESSION['_config']['oldlocation'] .= "$key=$val";
}
$_SESSION['_config']['oldlocation'] = "account.php?".$_SESSION['_config']['oldlocation'];
header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=4");
exit;
}
}
2004-12-06 21:53:35 +00:00
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] <= 0 || $_SESSION['profile']['loggedin'] == 0))
2004-11-10 06:12:43 +00:00
{
2004-12-06 21:53:35 +00:00
header("location: https://".$_SESSION['_config']['normalhostname']);
2004-11-10 06:12:43 +00:00
exit;
}
2004-12-06 21:53:35 +00:00
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0)
2004-11-10 06:12:43 +00:00
{
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
$res = mysql_query($query);
$row = mysql_fetch_assoc($res);
$_SESSION['profile']['points'] = $row['total'];
if($_SESSION['profile']['language'] == "")
{
$query = "update `users` set `language`='".$_SESSION['_config']['language']."'
where `id`='".$_SESSION['profile']['id']."'";
mysql_query($query);
} else {
$_SESSION['_config']['language'] = $_SESSION['profile']['language'];
putenv("LANG=".$_SESSION['_config']['language']);
setlocale(LC_ALL, $_SESSION['_config']['language']);
$domain = 'messages';
2004-12-06 21:53:35 +00:00
bindtextdomain("$domain", $_SESSION['_config']['filepath']."/locale");
2004-11-10 06:12:43 +00:00
textdomain("$domain");
}
}
if($id == "logout")
{
$_SESSION['profile']['loggedin'] = 0;
header("location: https://".$_SERVER['HTTP_HOST']."/index.php");
exit;
}
if($_SESSION['profile']['loggedin'] < 1)
{
unset($_SESSION['_config']['oldlocation']);
foreach($_GET as $key => $val)
{
if($_SESSION['_config']['oldlocation'])
$_SESSION['_config']['oldlocation'] .= "&";
$_SESSION['_config']['oldlocation'] .= "$key=$val";
}
$_SESSION['_config']['oldlocation'] = "account.php?".$_SESSION['_config']['oldlocation'];
header("location: https://".$_SERVER['HTTP_HOST']."/index.php?id=4");
exit;
}
?>