Commit 378c856a authored by GROSS-AMBLARD David's avatar GROSS-AMBLARD David
Browse files

Moves login form into /pages

Removes HTML from it, makes it a template (loginForm.tmpl)
parent b15c3926
......@@ -56,10 +56,10 @@ function logout($conn)
}
unset($_SESSION);
session_destroy();
// Suppression des cookies de connexion automatique
// Suppressing automatic connection cookies
setcookie('login', '');
setcookie('pass_hache', '');
showLogin($conn);
loginForm($conn);
}
......@@ -74,144 +74,3 @@ function maintenance()
}
/**
* login
*
* Log in the user if username/password are correct
*
* @param $conn : A valid database PDO connection
*
* @return the mode to activate, showPages by default
**/
function login($conn)
{
// Extract the action mode in POST then GET
if (array_key_exists("mode", $_POST)) {
$mode=$_POST["mode"];
debug("There is a mode in POST");
} else {
if (array_key_exists("mode", $_GET)) {
$mode=$_GET["mode"];
} else {
$mode="showTasks";
}
}
$_SESSION["mode"]=$mode;
debug("Session mode set to $mode");
// Check if we are already logged. If so, return the action mode
if (!empty($_SESSION["login"])) {
debug("Already logged");
return $_SESSION["mode"];
}
// Check if we are trying to log in
if ($_SESSION["mode"]=="login") {
@debug("checking for login ".$_POST['username']." ".$_POST['password']);
$id=checkLogin($_POST['username'], $_POST["password"], $conn);
debug("received value $id");
// wrong username/password
if(is_null($id)){
$_SESSION["wrong"]=true;
return "login";
}
debug("login successful");
$_SESSION["login"]=true;
$_SESSION['wrong']=false;
$_SESSION["id"]=$id;
$_SESSION["username"]=$_POST['username'];
$_SESSION["mode"]="showTasks";
// set a default project if necessary
if (empty($_SESSION["project"]))
$_SESSION['project'] = "Headwork";
return "showTasks";
}
// check if we are trying to create an account
if ($_SESSION["mode"]=="register") {
debug("Detecting registering mode");
return "register";
}
if ($_SESSION["mode"]=="registered") {
debug("Detecting registered mode");
return "registered";
}
// we are not supposed to reach this point. Anyway:
return "login";
}
/**
* checkLogin
*
* Ask the bd to check if username/password are correct
*
* @param $username : The username of the user
* @param $password : The password of the user
* @param $conn : A valid database PDO connection
*
* @return $id : The id of the user if username/password are correct
**/
function checkLogin($username, $password, $conn)
{
global $VIEW;
$stmt = $conn->prepare("select id,name,hashed_password from Users where name=:username");
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->execute();
debug("checking for $username");
$result =$stmt->setFetchMode(PDO::FETCH_ASSOC);
$line=$stmt->fetch();
if ($line){
debug("identified as ".$line['id']);
if (password_verify($password, $line['hashed_password'])) {
debug("password ok");
return $line['id'];
}
debug("wrong password");
return null;
}
debug("wrong user");
return null;
}
/**
* create_anonymous
*
* Create in the Db an anonymous user with full availibilities
*
* @param $conn : A valid database PDO connection
**/
function create_anonymous($conn)
{
$stmt = $conn->prepare("insert into users values('',:name,:pwd)");
$stmt->bindParam(':name', $_POST["username"], PDO::PARAM_STR);
$stmt->bindParam(':pwd', $pwd, PDO::PARAM_STR);
$pwd=password_hash($_POST["password"], PASSWORD_DEFAULT);
$stmt->execute() or die(mysql_error());
$id=(string)@checkLogin($_POST['username'], $_POST["password"], $conn);
$stmt = $conn->prepare("select id from skilltree");
$stmt->execute();
for ($i=0;$i<7;$i++) {
for ($j=0;$j<4;$j++) {
$stmt = $conn->prepare("insert into availability values(:id,:day,:period)");
$stmt->bindParam(':id', $id, PDO::PARAM_STR);
$stmt->bindParam(':day', $i, PDO::PARAM_STR);
$stmt->bindParam(':period', $j, PDO::PARAM_STR);
$stmt->execute();
}
}
}
......@@ -34,6 +34,8 @@ require("show-artifact.php");
require("drawArtifact.php");
require("pages/workflowdesign/workflowdesign.php");
require("pages/showCredit/showCredit.php");
require("pages/showState/showState.php");
require("pages/loginForm/loginForm.php");
session_start();
......@@ -63,7 +65,8 @@ debug("mode is : $mode");
switch ($mode) {
case "login":
showLogin($conn);
loginForm($conn);
// moved to /Pages
break;
case "register":
showregister($conn, false);
......@@ -112,7 +115,8 @@ switch ($mode) {
showTasks($conn);
break;
case "showState":
showCurrentKnowledge($conn);
showState($conn);
// moved to /pages
break;
case "showArtifact":
showArtifact($conn,$_GET['artifactid']);
......@@ -125,7 +129,11 @@ switch ($mode) {
break;
case "showCredit":
// moved to /pages
showCredit();
// prototype of the future $mode call system with pageList security test
$pageList=array("showCredit");
if(in_array($mode,$pageList))
$mode();
//showCredit();
break;
case "maintenance":
maintenance();
......
<?php
/**
* login
*
* Log in the user if username/password are correct
*
* @param $conn : A valid database PDO connection
*
* @return the mode to activate, showPages by default
**/
function login($conn)
{
// Extract the action mode in POST then GET
if (array_key_exists("mode", $_POST)) {
$mode=$_POST["mode"];
debug("There is a mode in POST");
} else {
if (array_key_exists("mode", $_GET)) {
$mode=$_GET["mode"];
} else {
$mode="showTasks";
}
}
$_SESSION["mode"]=$mode;
debug("Session mode set to $mode");
// Check if we are already logged. If so, return the action mode
if (!empty($_SESSION["login"])) {
debug("Already logged");
return $_SESSION["mode"];
}
// Check if we are trying to log in
if ($_SESSION["mode"]=="login") {
@debug("checking for login ".$_POST['username']." ".$_POST['password']);
$id=checkLogin($_POST['username'], $_POST["password"], $conn);
debug("received value $id");
// wrong username/password
if(is_null($id)){
$_SESSION["wrong"]=true;
return "login";
}
debug("login successful");
$_SESSION["login"]=true;
$_SESSION['wrong']=false;
$_SESSION["id"]=$id;
$_SESSION["username"]=$_POST['username'];
$_SESSION["mode"]="showTasks";
// set a default project if necessary
if (empty($_SESSION["project"]))
$_SESSION['project'] = "Headwork";
return "showTasks";
}
// check if we are trying to create an account
if ($_SESSION["mode"]=="register") {
debug("Detecting registering mode");
return "register";
}
if ($_SESSION["mode"]=="registered") {
debug("Detecting registered mode");
return "registered";
}
// we are not supposed to reach this point. Anyway:
return "login";
}
/**
* checkLogin
*
* Ask the bd to check if username/password are correct
*
* @param $username : The username of the user
* @param $password : The password of the user
* @param $conn : A valid database PDO connection
*
* @return $id : The id of the user if username/password are correct
**/
function checkLogin($username, $password, $conn)
{
global $VIEW;
$stmt = $conn->prepare("select id,name,hashed_password from Users where name=:username");
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->execute();
debug("checking for $username");
$result =$stmt->setFetchMode(PDO::FETCH_ASSOC);
$line=$stmt->fetch();
if ($line){
debug("identified as ".$line['id']);
if (password_verify($password, $line['hashed_password'])) {
debug("password ok");
return $line['id'];
}
debug("wrong password");
return null;
}
debug("wrong user");
return null;
}
/**
* create_anonymous
*
* Create in the Db an anonymous user with full availibilities
*
* @param $conn : A valid database PDO connection
**/
function create_anonymous($conn)
{
$stmt = $conn->prepare("insert into users values('',:name,:pwd)");
$stmt->bindParam(':name', $_POST["username"], PDO::PARAM_STR);
$stmt->bindParam(':pwd', $pwd, PDO::PARAM_STR);
$pwd=password_hash($_POST["password"], PASSWORD_DEFAULT);
$stmt->execute() or die(mysql_error());
$id=(string)@checkLogin($_POST['username'], $_POST["password"], $conn);
$stmt = $conn->prepare("select id from skilltree");
$stmt->execute();
for ($i=0;$i<7;$i++) {
for ($j=0;$j<4;$j++) {
$stmt = $conn->prepare("insert into availability values(:id,:day,:period)");
$stmt->bindParam(':id', $id, PDO::PARAM_STR);
$stmt->bindParam(':day', $i, PDO::PARAM_STR);
$stmt->bindParam(':period', $j, PDO::PARAM_STR);
$stmt->execute();
}
}
}
/**
* login
*
* Show the form to log in
*
* @param $conn :
* A valid database PDO connection
*/
function loginForm($conn){
global $VIEW;
$template=file_get_contents("templates/loginForm.tmpl");
$msg="";
if (isset($_SESSION["wrong"]))
$msg="<center><br/><p class='error'>Wrong username or password</p>";
$template=str_replace("{PASSWORDCHECK}",$msg,$template);
$VIEW['MAIN'].=$template;
}
?>
<?php
/**
* showState
*
* Display all useful tables
*
* @param $conn :
* A valid database PDO connection
*/
function showState($conn){
global $VIEW;
$VIEW['MAIN'] .= HTMLh1("Monitor Board");
showQueryAnswer($conn, "Users", "select id,name,count(*)-1 as '#contribution' from Users left outer join Answer on Answer.user=Users.id group by id,name");
showQueryAnswer($conn, "User Profile", "select * from UserProfile");
showQueryAnswer($conn,"Human Power","select sum(availability)/365 as 'Human power' from UserProfile");
showQueryAnswer($conn, "User skills", "select * from Skills");
showQueryAnswer($conn, "Activities (ArtifactClass)", "select * from ArtifactClass");
showQueryAnswer($conn, "Running activities (Artifacts)", "select concat('<a href=\"index.php?mode=showArtifact&artifactid=',id,'\">View</a>') as detail, id, classid, ownerid, node, state, awaited, attributes from Artifact");
showQueryAnswer($conn, "Tasks", "select * from Task");
showQueryAnswer($conn, "Task Profile", "select * from Profile");
showQueryAnswer($conn, "Answered tasks", "select * from Answered");
showQueryAnswer($conn, "Task Answers", "select * from Answer");
showQueryAnswer($conn, "Templates", "select * from Template");
}
?>
......@@ -9,92 +9,6 @@ function showMaintenance()
debug("maintenance page");
}
/**
* showLogin
*
* Show the form to log in
*
* @param $conn :
* A valid database PDO connection
*/
function showLogin($conn)
{
global $VIEW;
// If a user is coming from foulefactory platform then first of all store his url in session.
$_SESSION["incomingparentURL"] = "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
$VIEW['MAIN'].= "<center>" . HTMLbr() . HTMLbr() . HTMLbr() . HTMLh1("Welcome to") . "<br/>" . HTMLimg("images/bulb_textUnder_bubbles.png", 500, 500) . "<h1>A crowdsourcing platform for participative projects of any kind.</h1></center>" . <<<EOT
<br/><table><tr><td>
<table>
<tr>
<td><img width="300px" src="images/piqsels.com-id-jrrku.jpg"/></td>
<td>
<h1>Contribute</h1>
In HEADWORK, you can contribute to academic projects. Want to identify insects for global warming monitoring ? See our SPIPOLL2HW project !
</td>
</tr>
<tr>
<td><img width="300px" src="images/piqsels.com-id-jrrbr.jpg"/></td>
<td>
<h1>Progress</h1>
In HEADWORK, you can specify your profile among our huge collections of skills. Some tasks help you assessing these skills.
</td>
</tr>
<tr>
<td><img width="300px" src="images/piqsels.com-id-jrrna.jpg"/></td>
<td>
<h1>Embark others</h1>
In HEADWORK, you can recruit others to participate into you own tasks !
</td>
</tr>
</table>
<!--
perform tasks, express their skills, and propose
Crowdsourcing relies on potentially huge numbers of on-line participants to resolve data acquisition or analysis tasks. It is an exploding area that impacts various domains, ranging from scientific knowledge enrichment to market analysis support. But currently, existing crowd platforms rely mostly on low level programming paradigms, rigid data models and poor participant profiles, which yields severe limitations. The low- level nature of existing solutions prevents the design of complex data acquisition workflows, that could be executed, composed, searched and even be proposed by participants them- selves. Taking into account the quality, uncertainty, inconsistency and representativeness of participant contributions is still an open problem. Methods for assigning a task to the correct participant according to his trust, motivation and expertise, automatically improving crowd execution time, computing optimal participant rewards, are missing. Similarly, usual crowd campaigns produce isolated and rigid data sets: A flexible and common data model for the produced knowledge about data and participants could allow participative knowledge acquisition. To overcome these challenges, Headwork will define:
<ul>
<li>Rich workflow, participant, data and knowledge models to capture various kind of crowd applications with complex data acquisition tasks and human specificities
<li>Methods for deploying, verifying, optimizing, but also monitoring and adapting crowd- based workflow executions at run time.
-->
<p/>
</td><td>
EOT;
$VIEW['MAIN'] .= "<div class='alert alert-success'>" . HTMLbr() . HTMLbr() . HTMLcenter(HTMLform("index.php", "POST", HTMLh1("Please log in or create an account") . HTMLbr() . HTMLinput("hidden", "mode", "login").HTMLinput("text", "username", null, "username", true) . HTMLbr() . HTMLinput("password", "password", null, "password", true) . HTMLbr() . HTMLinput("submit", "submit", "log in !", null, false, 'btn btn-dark') . HTMLbr()));
$VIEW['MAIN'] .= HTMLcenter(HTMLform("index.php", "POST", HTMLbr() . HTMLinput("hidden", "mode", "register") . HTMLinput("submit", "submit", "Create an account", null, false, 'btn btn-dark')));
if (isset($_SESSION["wrong"])) {
if ($_SESSION["wrong"]) {
$VIEW['MAIN'] .= HTMLcenter(HTMLbr() . HTMLp("Wrong username or password", array(
"class" => "error"
)));
}
}
$VIEW['MAIN'] .= "</div></td></tr></table>";
$VIEW['MAIN'] .= <<<EOT
<br/><center>HEADWORK is crowdsourced by
<img height="50pt" src="images/logo-anr-768x795.jpg"/>
<img height="50pt" src="images/logo-Irisa-couleur-768x193.png"/>
<img height="50pt" src="images/logo-Universite_Rennes_1.png"/>
<!-- <img height="50pt" src="../images/logo-druid-noir-300x257.png"/> -->
<img height="50pt" src="images/logoPoleIR.png"/>
<img height="50pt" src="https://www.cristal.univ-lille.fr/logos/logoCRIStAL.svg"/>
<img height="50pt" src="images/inr_logo_rouge.png"/>
<br/>
<img height="50pt" src="https://cdn.200.foulefactory.com/wp-content/uploads/2016/07/05053132/logo_ff_orange.svg"/>
<img height="50pt" src="https://www.mnhn.fr/sites/mnhn.fr/files/museum-national-d-histoire-naturelle_2.png"/>
<img height="50pt" src="images/spipoll.jpg"/>
<img height="50pt" src="http://www.ens.fr/sites/default/files/inline-images/logo.jpg"/>
</center><br/>
</div>
</ul>
</p>
EOT;
}
/**
* showregister
......@@ -735,31 +649,6 @@ function showTaskList($conn, $title, $query, $displayThanks = false)
), "");
}
/**
* showCurrentKnowledge
*
* Display the current knowledge list of the user
*
* @param $conn :
* A valid database PDO connection
*/
function showCurrentKnowledge($conn)
{
global $VIEW;
$VIEW['MAIN'] .= HTMLh1("Monitor Board");
showQueryAnswer($conn, "Users", "select id,name,count(*)-1 as '#contribution' from Users left outer join Answer on Answer.user=Users.id group by id,name");
showQueryAnswer($conn, "User Profile", "select * from UserProfile");
showQueryAnswer($conn,"Human Power","select sum(availability)/365 as 'Human power' from UserProfile");
showQueryAnswer($conn, "User skills", "select * from Skills");
showQueryAnswer($conn, "Activities (ArtifactClass)", "select * from ArtifactClass");
showQueryAnswer($conn, "Running activities (Artifacts)", "select concat('<a href=\"index.php?mode=showArtifact&artifactid=',id,'\">View</a>') as detail, id, classid, ownerid, node, state, awaited, attributes from Artifact");
showQueryAnswer($conn, "Tasks", "select * from Task");
showQueryAnswer($conn, "Task Profile", "select * from Profile");
showQueryAnswer($conn, "Answered tasks", "select * from Answered");
showQueryAnswer($conn, "Task Answers", "select * from Answer");
showQueryAnswer($conn, "Templates", "select * from Template");
}
function chooseActivityProject($conn, $id)
{
......
<center>
<br/>
<br/>
<br/>
<h1>Welcome to <br/>
<img src="images/bulb_textUnder_bubbles.png" width="500px">
</h1>
<h1>A crowdsourcing platform for participative projects of any kind.
</h1>
</center>
<br/>
<table>
<tr>
<td>
<table>
<tr>
<td><img width="300px" src="images/piqsels.com-id-jrrku.jpg"/></td>
<td>
<h1>Contribute</h1>
In HEADWORK, you can contribute to academic projects. Want to identify insects for global warming monitoring ? See our SPIPOLL2HW project !
</td>
</tr>
<tr>
<td><img width="300px" src="images/piqsels.com-id-jrrbr.jpg"/></td>
<td>
<h1>Progress</h1>
In HEADWORK, you can specify your profile among our huge collections of skills. Some tasks help you assessing these skills.
</td>
</tr>
<tr>
<td><img width="300px" src="images/piqsels.com-id-jrrna.jpg"/></td>
<td>
<h1>Embark others</h1>
In HEADWORK, you can recruit others to participate into you own tasks !
</td>
</tr>
</table>
<p/>
</td>
<td>
<div class='alert alert-success'>
<br/>
<br/>
<center>
<form action="index.php" method="POST">
<h1>Please log in or create an account</h1>
<br/>
<input type="hidden" name="mode" value="login">
<input type="text" name="username" placeholder="username" required="true"/>
<br/>
<input type="password" name="password" placeholder="password" required="true"/>
<br/>
<input type="submit" name="submit" value="log in !" placeholder="null" required="false" class="btn btn-dark"/>
<br/>
</form>
</center>
<center>
<form action="index.php" method="POST">
<br/>
<input type="hidden" name="mode" value="register"/>
<input type="submit" name="submit" value="Create an account" placeholder="null" required="false" class="btn btn-dark"/>
</form>
</center>
{PASSWORDCHECK}
</div>
</td>
</tr>
</table>
<br/>
<center>
HEADWORK is crowdsourced by
<img height="50pt" src="images/logo-anr-768x795.jpg"/>
<img height="50pt" src="images/logo-Irisa-couleur-768x193.png"/>
<img height="50pt" src="images/logo-Universite_Rennes_1.png"/>
<!-- <img height="50pt" src="../images/logo-druid-noir-300x257.png"/> -->
<img height="50pt" src="images/logoPoleIR.png"/>
<img height="50pt" src="https://www.cristal.univ-lille.fr/logos/logoCRIStAL.svg"/>
<img height="50pt" src="images/inr_logo_rouge.png"/>
<br/>
<img height="50pt" src="https://cdn.200.foulefactory.com/wp-content/uploads/2016/07/05053132/logo_ff_orange.svg"/>
<img height="50pt" src="https://www.mnhn.fr/sites/mnhn.fr/files/museum-national-d-histoire-naturelle_2.png"/>
<img height="50pt" src="images/spipoll.jpg"/>
<img height="50pt" src="http://www.ens.fr/sites/default/files/inline-images/logo.jpg"/>
</center><br/>
</div>
</ul>
</p>
......@@ -62,7 +62,7 @@
</style>
</head>
<?php if(!in_array($_SESSION['mode'],array("showTasks","answer","startArtifact","answer","insertAnswer"))):?>
<?php if(isset($_SESSION['mode'])&&!in_array($_SESSION['mode'],array("showTasks","answer","startArtifact","answer","insertAnswer"))):?>
<body>
<?php else: ?>
<body style="<?php echo file_get_contents("projects/".$_SESSION['project']."/background.css"); ?>">
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!