|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/sarfatty/php/ |
Upload File : |
<?php
###############################################################
# Page Password Protect 2.13
###############################################################
# Visit http://www.zubrag.com/scripts/ for updates
###############################################################
#
# Usage:
# Set usernames / passwords below between SETTINGS START and SETTINGS END.
# Open it in browser with "help" parameter to get the code
# to add to all files being protected.
# Example: password_protect.php?help
# Include protection string which it gave you into every file that needs to be protected
#
# Add following HTML code to your page where you want to have logout link
# <a href="http://www.example.com/path/to/protected/page.php?logout=1">Logout</a>
#
###############################################################
/*
-------------------------------------------------------------------
SAMPLE if you only want to request login and password on login form.
Each row represents different user.
$LOGIN_INFORMATION = array(
'zubrag' => 'root',
'test' => 'testpass',
'admin' => 'passwd'
);
--------------------------------------------------------------------
SAMPLE if you only want to request only password on login form.
Note: only passwords are listed
$LOGIN_INFORMATION = array(
'root',
'testpass',
'passwd'
);
--------------------------------------------------------------------
*/
##################################################################
# SETTINGS START
##################################################################
// Add login/password pairs below, like described above
// NOTE: all rows except last must have comma "," at the end of line
$LOGIN_INFORMATION = array(
'[email protected]' => 'sarfatty',
'[email protected]' => 'guenther',
'[email protected]' => 'sepiashvili',
'[email protected]' => 'lome',
'[email protected]' => 'roberts-ahoni',
'[email protected]' => 'reese',
'[email protected]' => 'schmidt',
'[email protected]' => 'oats',
'[email protected]' => 'gazlay',
'[email protected]' => 'kothavale',
'[email protected]' => 'hinz',
'[email protected]' => 'barnes',
'[email protected]' => 'vitug',
'[email protected]' => 'heffner',
'[email protected]' => 'kilroy',
'[email protected]' => 'kim',
'[email protected]' => 'barak',
'[email protected]' => 'rust'
);
// request login? true - show login and password boxes, false - password box only
define('USE_USERNAME', true);
// User will be redirected to this page after logout
define('LOGOUT_URL', 'http://www.sarfatty.com/php/employee_logout.html');
// time out after NN minutes of inactivity. Set to 0 to not timeout
define('TIMEOUT_MINUTES', 0);
// This parameter is only useful when TIMEOUT_MINUTES is not zero
// true - timeout time from last activity, false - timeout time from login
define('TIMEOUT_CHECK_ACTIVITY', true);
##################################################################
# SETTINGS END
##################################################################
///////////////////////////////////////////////////////
// do not change code below
///////////////////////////////////////////////////////
// show usage example
if(isset($_GET['help'])) {
die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?>');
}
// timeout in seconds
$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);
// logout?
if(isset($_GET['logout'])) {
setcookie("verify", '', $timeout, '/'); // clear password;
header('Location: ' . LOGOUT_URL);
exit();
}
if(!function_exists('showLoginPasswordProtect')) {
// show login form
function showLoginPasswordProtect($error_msg) {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Sarfatty Associates | Contact | Employees</title>
<link href="../css/layout.css" rel="stylesheet" type="text/css" />
<script src="../js/jquery-1.2.6.min.js" type="text/javascript"></script>
<script type="text/javascript">
$(document).ready(function() {
$('div.leftnav> div').hide();
$('div.leftnav> div.menutabcurrent').show();
$('div.leftnav> h3').click(function() {
$(this).next('div').slideToggle('fast').siblings('div:visible').slideUp('fast');
});
});
</script>
</head>
<body>
<div class="vertical"> </div>
<div class="container">
<div class="header">
<img class="zeromargin" src="../images/headimage-newlogo.png"/>
<div class="navbar">
<ul>
<li id="home"><a href="../index.html">HOME</a></li>
<li id="about"><a href="../about.html">ABOUT</a></li>
<li id="projects"><a href="../projects.html">PROJECTS</a></li>
<li id="contact"><a href="../contact.html">CONTACT</a></li>
</ul>
</div> <!-- end of navbar -->
</div> <!-- end of header -->
<div class="maincontent">
<div class="leftnav">
<a href="../contactpages/careers.html"><h3>Careers +</h3></a>
<a href="../php/employees.php"><h3>Employee Area +</h3></a>
<!-- end of list -->
</div>
<!-- end of leftnav -->
<div class="spotlight">
<form method="post">
<h1>Employee Login</h1>
<font color="red"><?php echo $error_msg; ?></font><br />
<?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?>
<input type="password" name="access_password" /><p></p><br /><input type="submit" name="Submit" value="Submit" />
</form>
</div> <!-- end of spotlight -->
</div><!-- end of maincontent -->
</div><!-- end of container -->
</body>
<div id="footer">
<p style="text-align:center; font-size: 10px; color: 969696; margin-top:15px;"> Copyright © 2012 Sarfatty Associates, Ltd. </p>
</div>
</html>
<?php
// stop at this point
die();
}
}
// user provided password
if (isset($_POST['access_password'])) {
$login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
$pass = $_POST['access_password'];
if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
|| (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) )
) {
showLoginPasswordProtect("Incorrect password.");
}
else {
// set cookie if password was validated
setcookie("verify", md5($login.'%'.$pass), $timeout, '/');
// Some programs (like Form1 Bilder) check $_POST array to see if parameters passed
// So need to clear password protector variables
unset($_POST['access_login']);
unset($_POST['access_password']);
unset($_POST['Submit']);
}
}
else {
// check if password cookie is set
if (!isset($_COOKIE['verify'])) {
showLoginPasswordProtect("");
}
// check if cookie is good
$found = false;
foreach($LOGIN_INFORMATION as $key=>$val) {
$lp = (USE_USERNAME ? $key : '') .'%'.$val;
if ($_COOKIE['verify'] == md5($lp)) {
$found = true;
// prolong timeout
if (TIMEOUT_CHECK_ACTIVITY) {
setcookie("verify", md5($lp), $timeout, '/');
}
break;
}
}
if (!$found) {
showLoginPasswordProtect("");
}
}
?>