aboutsummaryrefslogtreecommitdiffstats
path: root/config/filemgr
diff options
context:
space:
mode:
Diffstat (limited to 'config/filemgr')
-rw-r--r--config/filemgr/rbfminc/session.php48
1 files changed, 37 insertions, 11 deletions
diff --git a/config/filemgr/rbfminc/session.php b/config/filemgr/rbfminc/session.php
index 7cfc133d..b616643f 100644
--- a/config/filemgr/rbfminc/session.php
+++ b/config/filemgr/rbfminc/session.php
@@ -1,17 +1,43 @@
<?php
+/*
+ session.php
+ part of pfSense (https://www.pfSense.org/)
+ Copyright (C) 2010 Tom Schaefer <tom@tomschaefer.org>
+ Copyright (C) 2015 ESF, LLC
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
session_name("file_manager_session");
+// Create session
session_start();
-
-/*************************************************************************************************/
-//create session
-if($_POST['login'] == 'login' and $_POST['username'] and $_POST['password']){
+if (($_POST['login'] == 'login') && ($_POST['username']) && ($_POST['password'])) {
$_SESSION = array();
- $_SESSION['username']=$_POST['username'];
- $_SESSION['password']=$_POST['password'];
+ $_SESSION['username'] = $_POST['username'];
+ $_SESSION['password'] = $_POST['password'];
}
-if($_GET['logout'] == "logout"){
+if ($_GET['logout'] == "logout") {
setcookie('url_field', '', time()-3600);
setcookie('current_folder', '', time()-3600);
$_SESSION = array();
@@ -21,11 +47,11 @@ if($_GET['logout'] == "logout"){
}
-if($_SESSION['username'] and $_SESSION['password']){
- if($_SESSION['username'] == $username and $_SESSION['password'] == $password){
+if (($_SESSION['username']) && ($_SESSION['password'])) {
+ if (($_SESSION['username'] == $username) && ($_SESSION['password'] == $password)) {
$user_login = 'ok';
- }else{
- $error_message = "Incorect username or password!";
+ } else {
+ $error_message = "Incorrect username or password!";
}
}