-
Notifications
You must be signed in to change notification settings - Fork 11
/
login.html
107 lines (85 loc) · 3 KB
/
login.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
<%once>
use CGI::Cookie;
use MIME::Base64;
use utils;
</%once>
% if(!( defined($username) && defined($password) &&
% length($username)>1 && length($password)>1 )) {
<font size="+3">jbovlaste Login</font>
<hr />
<& loginform &>
% } else {
<%perl>
use Digest::MD5 qw(md5_hex);
our $dbh;
my $userquery = $dbh->prepare("SELECT * FROM users WHERE username=? AND password=?");
# If you change this munging, change changepass.html and new
# account.html
$password =~ y/A-Za-z/N-ZA-Mn-za-m/;
$userquery->execute($username, md5_hex($password));
my $userresult = $userquery->fetchrow_hashref;
our(%session) = (username => $userresult->{'username'},
userid => $userresult->{'userid'},
logintime => time);
</%perl>
% if(defined($userresult) && defined($session{'username'})) {
<p>Ah, welcome back <% $userresult->{'realname'} %>.</p>
<p>We're trying to set a cookie in your browser, now. Please accept it,
as otherwise I'm not going to think you're logged in after this page.</p>
<p>I promise to be really nice with the cookie. It is set to expire in
30 days, and will only be relayed to exactly this host. The only thing
I'm tracking with it is your user ID, and the time of your
login.</p>
% if(length($backto)>1) {
<p><a href="<% $backto %>">Return to where you were</a>.</p>
% }
<%perl>
# Create and set the cookie.
my $time = time;
my $data = join(":",
length($userresult->{'userid'})+
length($userresult->{'username'})+
length($time),
$userresult->{'userid'},
$userresult->{'username'},
$time);
my $wrappeddata = encode_base64(utils::encrypt($data), '');
my $cookie = new CGI::Cookie(-name => 'jbovlastesessionid',
-value => $wrappeddata,
-expires => '+30d',
-domain => 'lojban.org'
);
$r->headers_out->add('Set-cookie' => $cookie);
</%perl>
% } else {
<p>I hate to have to tell you, but there was some sort of problem with your
login. Either the user name you just tried is invalid, or the password
you tried was incorrect. I'm not allowed to tell you which, sorry. If
you are absolutely sure you've reached this message in error, please
<a href="mailto:[email protected]">submit a bug</a>.</p>
<p>If you'd really like, you can try to log in again:</p>
<& loginform &>
% }
% }
<%def loginform>
<form method="post" action="login.html">
<input type="hidden" name="backto" value="<% $r->headers_in->{'Referer'} %>">
<table>
<tr><td align="right">Login:</td>
<td align="left"><input size="32" name="username" type="text"></td></tr>
<tr><td align="right">Password:</td>
<td align="left"><input size="32" name="password" type="password"></td></tr>
<tr><td colspan="3"> </td></tr>
<tr><td></td>
<td align="right"><input type="submit"></td></tr>
</table>
</form>
</%def>
<%args>
$username => undef
$password => undef
$backto => undef
</%args>
<%method title>
Login
</%method>