index.php 3.23 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
<?php
/* Skynet - Automated "Cloud" Security Scanner                                *#
#* Copyright (C) 2014-present  Jason Frisvold <friz@godshell.com>             *#
#*                                                                            *#
#* This program is free software; you can redistribute it and/or modify       *#
#* it under the terms of the GNU General Public License as published by       *#
#* the Free Software Foundation; either version 2 of the License, or          *#
#* (at your option) any later version.                                        *#
#*                                                                            *#
#* This program is distributed in the hope that it will be useful,            *#
#* but WITHOUT ANY WARRANTY; without even the implied warranty of             *#
#* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the              *#
#* GNU General Public License for more details.                               *#
#*                                                                            *#
#* You should have received a copy of the GNU General Public License          *#
#* along with this program; if not, write to the Free Software                *#
#* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA */

   // Define skynet (to allow access to files)
   define('skynet', 1);

   // Define usesmarty (to indicate that config needs to load smarty)
   define('usesmarty', 1);

   // Load the configuration file
   require_once("config.php");

   // Connect to the database server
   $sqlhdlr = new mysqli($skynet_dbHost,  $skynet_dbUser,  $skynet_dbPass,
                         $skynet_dbName);
   
   // Make sure we have a connection
   if (mysqli_connect_errno()) {
      die( '<p>Unable to connect to the database server at this time: ' .
            mysqli_connect_error() . ' </p>' );      
   }

   // Some global variables
   $skynet_nameRegex = '/^[a-zA-Z0-9_\-]{1,15}\z/';
   $skynet_pwdRegex = '/^[a-zA-Z0-9@#$%\^&\*\/]{4,15}\z/';

   // Check to see if this is a login attempt
   if (isset($_REQUEST['username']) && isset($_REQUEST['password'])) {
      if (preg_match($skynet_nameRegex, $_REQUEST['username']) &&
          preg_match($skynet_pwdRegex, $_REQUEST['password'])) {
         $authenticated = login($_REQUEST['username'], $_REQUEST['password']);
      } else {
         $authenticated = 0;
      }
   }

   // If the user is authenticated, jump them to the main page
   if ((isset($authenticated) && ($authenticated == 1)) ||
       ($user_obj = authenticate())) {
      if (isset($_SESSION['redirect'])) {
         header('Location: ' . $_SESSION['redirect']);
      } else {
         //header('Location: ' . $skynet_serveruri .
         //       dirname($_SERVER['PHP_SELF']) . '/main.php');
         header('Location: ' . $skynet_serveruri .
                join_paths(dirname($_SERVER['PHP_SELF']), '/main.php'));
      }
      unset($_SESSION['redirect']);

   // Otherwise show the login page
   } else {
      // If the previous attempt was a failure, show it properly
      if (isset($authenticated) && ($authenticated == 0)) {
         $smarty->assign('failed', 1);
      }

      // Display the template
      $smarty->display('index.tpl');
   }

   $sqlhdlr->close();

?>