{USERNAME} Replaced with the username previously entered when the user failed to successfully authenticate the first time.. {REDIRECT_URL} Set to the URL of the application that redirect
Trang 1All the error messages that the login.phpapplication generates are taken from the login.errorsfile shown in Listing 5-4.
Listing 5-4: login.errors
<?php
// Errors for Login application
$ERRORS[‘US’][‘MISSING_CODE’] = “No error message found”;
$ERRORS[‘US’][‘INVALID_DATA’] = “Invalid data.”;
?>
The login.phpapplication displays the login menu using the login.ihtmlfile, which is shown in Listing 5-5 The $LOGIN_TEMPLATE is set to point to
login.ihtmlin the login.conffile.
Listing 5-5: login.ihtml
<html>
<head><title>Login</title></head>
<body>
<! BEGIN mainBlock >
<center>
<form action=”{SELF_PATH}” method=”POST”>
<table border=0 cellpadding=3 cellspacing=0 width=30%>
<tr>
<td bgcolor=”#cccccc” colspan=2>Login</td>
</tr>
<tr>
<td>Email</td>
<td><input type=text
name=”email”
value=”{USERNAME}”
size=30 maxsize=50>
</td>
</tr>
<tr>
<td>Password</td>
<td><input type=password name=”password” size=30 maxsize=50></td>
</tr>
<tr>
Trang 2<input type=submit value=”Login”>
<input type=reset value=”Reset”>
</td>
</tr>
</table>
<input type=hidden name=”url”
value=”{REDIRECT_URL}”>
</form>
<font size=2>Login attempt {ATTEMPT}.</font>
</center>
<! END mainBlock >
</body>
</html>
The login.ihtmltemplate has a set of template tag variables that are replaced
by the login.phpapplication These template tag variables are explained in Table 5-2.
TABLE5-2 TEMPLATE TAG VARIABLES IN LOGIN TEMPLATE
{SELF_PATH} Set as a form action The login application replaces this with the
relative path to the login application itself This allows the login menu form to be submitted to the login application itself.
{USERNAME} Replaced with the username previously entered when the user
failed to successfully authenticate the first time This saves the user from having to type the username again and again when she doesn’t remember the password correctly This is a user-friendly feature.
{REDIRECT_URL} Set to the URL of the application that redirected the user to the
login application.
{ATTEMPT} Displays the number of login attempts the user has made.
When the login attempts exceed the number of attempts set in the
$MAX_ATTEMPTS variable in the login.conf file, the user is redirected to the
$WARNING_URLpage, which is shown in Listing 5-6.
Trang 3Listing 5-6: warning.html
<html>
<head>
<title>Invalid Login Attempts</title>
</head>
<body>
<h1>Excessive Invalid Login Attempts</h1>
<hr>
You have attempted to login too many times
</body>
</html>
The warning page can be any page For example, you can set
$WARNING_URLto your privacy or network usage policy page to alert the user of your policies on resource usage.
Creating the Central Logout Application
The central logout application terminates the user session A flowchart of such an application is shown in Figure 5-6.
Figure 5-6: A flowchart for the logout application.
Start
Stop
Yes
No Is user already
authenticated?
Logout the user by terminating the session and redirect the user to the
home URL.
Show alert message stating that user is not logged in.
Trang 4The logout application checks to see whether the user is logged in If the user is not logged in, she is warned of her status If the user is logged in, her session is ter-minated and the user is redirected to a home URL Listing 5-7 implements this flow-chart in logout.php.
Listing 5-7: logout.php
<?php
require_once “login.conf”;
require_once “login.errors”;
/*
Session variables must be defined before session_start() method is called
*/
$count = 0;
class loginApp extends PHPApplication {
function run() {
global $MIN_USERNAME_SIZE, $MIN_PASSWORD_SIZE, $MAX_ATTEMPTS;
global $WARNING_URL, $APP_MENU;
$email = $this->getRequestField(‘email’);
$password = $this->getRequestField(‘password’) ;
$url = $this->getRequestField(‘url’);
$emailLen = strlen($email);
$passwdLen = strlen($password);
$this->debug(“Login attempts : “
$this->getSessionField(‘SESSION_ATTEMPTS’));
if ($this->is_authenticated()) {
// return to caller HTTP_REFERRER
$this->debug(“User already authenticated.”);
$this->debug(“Redirecting to $url.”);
$url = (isset($url)) ? $url : $this->getServer();
header(“Location: $url”);
Continued
Trang 5Listing 5-7 (Continued)
} else if (strlen($email) < $MIN_USERNAME_SIZE ||
strlen($password) < $MIN_PASSWORD_SIZE) { // display the login interface
$this->debug(“Invalid Email or password.”);
$this->display_login();
$_SESSION[“SESSION_ATTEMPTS”] =
$this->getSessionField(“SESSION_ATTEMPTS”) + 1;
} else {
// Prepare the email with domain name
if (!strpos($email, ‘’)) {
$hostname = explode(‘.’, $_SERVER[‘SERVER_NAME’]);
if (sizeof($hostname) > 1) {
$email = ‘’ $hostname[1] ‘.’ $hostname[2];
} }
// authenticate user
$this->debug(“Authenticate user: $email with password $password”);
if ($this->authenticate($email, $password)) {
$this->debug(“User is successfully authenticated.”);
$_SESSION[“SESSION_USERNAME”] = $email;
$_SESSION[“SESSION_PASSWORD”] = $password;
$_SESSION[“SESSION_USER_ID”] = $this->getUID();
if (empty($url)) {
$url = $APP_MENU;
}
// Log user activity
$thisUser = new User($this->dbi, $this->getUID());
$thisUser->logActivity(LOGIN);
$this->debug(“Location $url”);
header(“Location: $url”);