1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101
|
<?php
/*******************************************************************************
** Basic Analysis and Security Engine (BASE)
** Copyright (C) 2004 BASE Project Team
** Copyright (C) 2000 Carnegie Mellon University
**
** (see the file 'base_main.php' for license details)
**
** Project Leads: Kevin Johnson <kjohnson@secureideas.net>
** Built upon work by Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
**
** Purpose: Determines if a login is needed. If not, will redirect you
** to base_main.php
********************************************************************************
** Authors:
********************************************************************************
** Kevin Johnson <kjohnson@secureideas.net
**
********************************************************************************
*/
/* Check to see if the base_conf.php file exists and is big enough...
if not redirect to the setup/index.php page */
if ( !file_exists( 'base_conf.php' ) || filesize( 'base_conf.php' ) < 10 ) {
header( 'Location: setup/index.php' );
exit();
}
include("base_conf.php");
include("$BASE_path/includes/base_include.inc.php");
include_once("$BASE_path/base_db_common.php");
$errorMsg = "";
$displayError = 0;
$noDisplayMenu = 1;
// Redirect to base_main.php if auth system is off
if ( $Use_Auth_System == 0 )
{
header("Location: base_main.php");
}
if (isset($_POST['submit']))
{
$debug_mode = 0; // wont login with debug_mode
$BASEUSER = new BaseUser();
$user = filterSql($_POST['login']);
$pwd = filterSql($_POST['password']);
if (($BASEUSER->Authenticate($user, $pwd)) == 0)
{
header("Location: base_main.php");
} else
{
$displayError = 1;
$errorMsg = _LOGINERROR;
}
}
?>
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<!-- <?php echo(_TITLE . $BASE_VERSION); ?> -->
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=<?php echo(_CHARSET); ?>" />
<META HTTP-EQUIV="pragma" CONTENT="no-cache">
<TITLE><?php echo(_TITLE . $BASE_VERSION); ?></TITLE>
<LINK rel="stylesheet" type="text/css" HREF="styles/<?php echo($base_style); ?>">
</HEAD>
<BODY>
<TABLE WIDTH="100%" BORDER=0 CELLSPACING=0 CELLPADDING=5>
<TR>
<TD class="mainheader">   </TD>
<TD class="mainheadertitle">
<?php echo _TITLE; ?>
</TD>
</TR>
</TABLE>
<br>
<?php
if ($displayError == 1)
{
printf("<DIV class='errorMsg' align='CENTER'>" . $errorMsg . "</DIV>");
}
?>
<form action="index.php" method="post" name="loginform">
<table width="75%" border=0 cellspacing=0 cellpadding=0 align="center">
<tr><td align="right" width="50%"><?php echo _FRMLOGIN; ?> </td>
<td align="left" width="50%"><input type="text" name="login"></td></tr>
<tr><td align="right"><?php echo _FRMPWD; ?> </td>
<td align="left"><input type="password" name="password"></td></tr>
<tr><td colspan=2" align="center"><input type="submit" name="submit" value="Login"><input type="reset" name="reset"></td></tr>
</table>
</form>
<P>
<?php
include("$BASE_path/base_footer.php");
?>
</BODY>
</HTML>
|