* [errors] * [user name] * * * If the user is not logged on or the login fails, the user name is empty. * * Errors may be on the form * * [error text] * ... * * * Author: Hans S. Toemmerholt, INF5270 V05 * * See also: * logout.php - Script for logging out the user * login.xsl - Style sheet for handling XML output from this script * diw-lib.php - Library for common functions and variables. */ include_once("diw-lib.php"); $userName = ""; $password = ""; $session_id = ""; if($_SERVER['REQUEST_METHOD']=='HEAD') exit; /* Have we got any CGI data? */ if ( isset($_REQUEST["userName"]) && isset($_REQUEST["password"]) ) { /* Catch errors with our own tailor made handler */ set_error_handler(XMLErrorHandler); /* XXX Should change these!! */ connectToDB( "yukon", "musicdb", "candy06", "V1lle*Je%ere"); /* Get CGI data */ $userName = utf8_encode($_REQUEST["userName"]); $password = utf8_encode($_REQUEST["password"]); /*Should clean these for invalid/dangerous input*/ /* Attempt to login */ $session_id = login($userName, $password ); /* XXX Move contents of login function here? */ restore_error_handler(); if ($session_id) { /*Set cookie*/ setcookie( 'diw-user', $userName ); setcookie( 'diw-session_id', $session_id ); } else { $userName = ""; //Login failed } /*Attempt to retrieve cookie*/ } else if ( isset( $_COOKIE['diw-user']) ) { $userName = $_COOKIE['diw-user']; } /* Have we got any errors */ if ( isset($mssqlerr) ) { $mssqlerr = "$mssqlerr"; } else { $mssqlerr = ""; } /*Print result XML*/ printXMLData( " $mssqlerr $userName ", 'login.xsl', false ); /* header("Content-type: text/xml; charset=UTF-8"); header("Cache-Control: must-revalidate, max-age=0"); print XMLHEADER; print utf8_encode( << $mssqlerr $userName XML ); */ ?>