--- a/HTMLrequester.html Fri Jun 18 15:53:48 2010 +0000
+++ b/HTMLrequester.html Fri Jun 18 18:23:30 2010 +0000
@@ -1,8 +1,15 @@
-<html>
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
<head>
+ <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
+ <title>N4C Summer 2010 Trial</title>
+ <meta name="generator" content="Amaya, see http://www.w3.org/Amaya/" />
</head>
+
<body>
- <form action="/HTMLrequester/index.php"
- </form>
+<p>Sorry - you do not have access to this. Please return to the portal (<a href="http://village.n4c.eu/portal/index.php">portal</a>)
</body>
</html>
+
--- a/details.php Fri Jun 18 15:53:48 2010 +0000
+++ b/details.php Fri Jun 18 18:23:30 2010 +0000
@@ -52,7 +52,8 @@
// $sid2 = '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa';
$currSID2 = $sid2;
}
-
+ $view_mode == "public"
+ $view_order == "pend"
$status = $_GET['alert'];
$view_mode = $_GET['view_mode'];
$view_order = $_GET['view_order'];
@@ -264,11 +265,9 @@
else
{
-#$data = http_get('http://...')
-#$response = http_get("'http://village.n4c.eu/portal:8080'. '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&' . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2");
-#print "<span class='result_output'><a href='". 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&' . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
+print "<span class='result_output'><a href='". 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&' . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
-print "<span class='result_output'><a href='". 'http://village.n4c.eu/portal'. '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&' . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
+#print "<span class='result_output'><a href='". 'http://village.n4c.eu/portal'. '/router_stage/' . $db_field['req_ID'] . '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&' . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
#print "<span class='result_output'><a href='". 'http://village.n4c.eu/portal:8080'. '/' . remove_http($db_field['req_val'] . '?' . 'uid=' . $uid . '&' . 'sid1=' . $sid1 . '&' . 'sid2=' . $sid2) ."' target='_blank'>View website</a></span>";
#print "<span class='result_output'><a href='". $response ."' target='_blank'>View website</a></span>";
--- a/index.php Fri Jun 18 15:53:48 2010 +0000
+++ b/index.php Fri Jun 18 18:23:30 2010 +0000
@@ -71,6 +71,7 @@
}
if (!isset($_COOKIE['sid2']))
{
+// $sid2 = '06D5VlLQTbM57LL7IBMW38yHkFpb1XVa';
$sid2 = $tsid2;
}
}
@@ -183,9 +184,12 @@
# $real_password = password;
$mysql = new mysqli("localhost", "www-data", "www-data", "members");
-$result = $mysql->query("SELECT uid,password_md5 FROM creds WHERE username='$username'");
-$row = $result->fetch_assoc();
-$real_password = $row["password_md5"];
+ if (!isset($_COOKIE['uid']))
+ {
+ $result = $mysql->query("SELECT uid,password_md5 FROM creds WHERE username='$username'");
+ $row = $result->fetch_assoc();
+ $real_password = $row["password_md5"];
+ }
create_session($mysql, $uid, $real_password);
$result->close();