--- a/HTMLrequester.html	Fri Jun 18 15:53:48 2010 +0000
+++ b/HTMLrequester.html	Fri Jun 18 18:23:30 2010 +0000
@@ -1,8 +1,15 @@
-<html>
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+      "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
 <head>
+  <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
+  <title>N4C Summer 2010 Trial</title>
+  <meta name="generator" content="Amaya, see http://www.w3.org/Amaya/" />
 </head>
+
 <body>
-	<form action="/HTMLrequester/index.php" 
-	</form>
+<p>Sorry - you do not have access to this. Please return to the portal (<a href="http://village.n4c.eu/portal/index.php">portal</a>)
 </body>
 </html>
+

--- a/details.php	Fri Jun 18 15:53:48 2010 +0000
+++ b/details.php	Fri Jun 18 18:23:30 2010 +0000
@@ -52,7 +52,8 @@
 //                        $sid2 = '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa';
 			$currSID2 = $sid2;
                         }
-	
+        $view_mode == "public"
+        $view_order == "pend"
 	$status = $_GET['alert'];
 	$view_mode = $_GET['view_mode'];
 	$view_order = $_GET['view_order'];
@@ -264,11 +265,9 @@
 else
 {
 
-#$data = http_get('http://...')
-#$response = http_get("'http://village.n4c.eu/portal:8080'. '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2");
-#print "<span class='result_output'><a href='". 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
+print "<span class='result_output'><a href='". 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
 
-print "<span class='result_output'><a href='". 'http://village.n4c.eu/portal'. '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
+#print "<span class='result_output'><a href='". 'http://village.n4c.eu/portal'. '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
 #print "<span class='result_output'><a href='". 'http://village.n4c.eu/portal:8080'. '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&'  . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
 
 #print "<span class='result_output'><a href='". $response ."' target='_blank'>View website</a></span>";

--- a/index.php	Fri Jun 18 15:53:48 2010 +0000
+++ b/index.php	Fri Jun 18 18:23:30 2010 +0000
@@ -71,6 +71,7 @@
                 	}
         	if (!isset($_COOKIE['sid2']))
                		{
+//			$sid2 = '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa';
                         $sid2 = $tsid2;
                 	}
                }
@@ -183,9 +184,12 @@
 #	$real_password = password;
 
 $mysql = new mysqli("localhost", "www-data", "www-data", "members");
-$result = $mysql->query("SELECT uid,password_md5 FROM creds WHERE username='$username'");
-$row = $result->fetch_assoc();
-$real_password = $row["password_md5"];
+        if (!isset($_COOKIE['uid']))
+                {
+		$result = $mysql->query("SELECT uid,password_md5 FROM creds WHERE username='$username'");
+		$row = $result->fetch_assoc();
+		$real_password = $row["password_md5"];
+		}
 create_session($mysql, $uid, $real_password);
 $result->close();