source: trunk/plog-admin/index.php @ 569

Revision 569, 1.9 KB checked in by sidtheduck, 2 years ago (diff)

+ Fix for ticket #185 - special characters in album name
+ Fix for ticket #181 - Edit comment form
+ Fix for ticket #180 - Manage Feedback notification issues
+ Fix for possible SQL injection vulnerability found by security tester (Thanks James of GulfTech?!)
+ Redirect to plog-upload if already logged in and navigating to plog-admin/index.php
Line 
1<?php
2// load configuration variables from database, plog-globals, & plog-includes/plog-functions
3require_once(dirname(dirname(__FILE__))."/plog-load-config.php");
4
5// if we're already logged in, redirect to the upload page
6if (isset($_SESSION['plogger_logged_in']) && $_SESSION['plogger_logged_in'] === true) {
7        header("Location: plog-upload.php");
8        exit;
9}
10
11$output = '';
12
13$output .= '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
14        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
15<html xmlns="http://www.w3.org/1999/xhtml">
16<head>
17        <title>' . plog_tr('Plogger Administrative Login') . '</title>
18        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
19        <link href="'.$config['gallery_url'].'plog-admin/css/admin.css" type="text/css" rel="stylesheet" />
20        <script type="text/javascript" src="'.$config['gallery_url'].'plog-admin/js/plogger.js"></script>
21</head>
22
23<body id="login-page" onload="focus_first_input()">
24
25<div id="login">
26
27<form action="plog-upload.php" method="post">
28
29<div style="text-align: center;">
30        <table width="350">';
31if (isset($_REQUEST["errorcode"])){
32        switch($_REQUEST["errorcode"]){
33                case 1:
34                $output .= "\n\t\t" . '<tr>
35                        <td colspan="2" class="login-error">' . plog_tr('Invalid login') . '</td>
36                </tr>' . "\n";
37                break;
38                }
39        }
40$output .= "\n\t\t" . '<tr>
41                        <td><label for="plog-username"><strong>' . plog_tr('Username') . ':</strong></label></td>
42                        <td><input type="text" name="plog-username" id="plog-username" /></td>
43                </tr>
44                <tr>
45                        <td><label for="plog-password"><strong>' . plog_tr('Password') . ':</strong></label></td>
46                        <td><input type="password" name="plog-password" id="plog-password" /></td>
47                </tr>
48                <tr>
49                        <td>&nbsp;</td>
50                        <td><input type="hidden" name="action" value="log_in" />
51                        <input class="submit" type="submit" value="' . plog_tr('Log In') . '" /></td>
52                </tr>
53        </table>
54</div>
55
56</form>
57</div><!-- /content -->
58
59</body>
60</html>';
61
62echo $output;
63
64?>
Note: See TracBrowser for help on using the repository browser.