$login){ $user = $_POST; if(($user["user"] == $login["user"]) && ($user["pass"] == $login["pass"])) { $is_logged = true; $_SESSION["logged_in"] = true; $_SESSION["user_id"] = $id; $url = $login["redirect"]; } } if(!$is_logged){ echo "These login credentials do not match any valid accounts. Please try again."; } //if none of the $logins arrays matched the input, give an error } if ($_SESSION["logged_in"]) { if (!$url) { $url = substr($_SERVER["REQUEST_URI"], 1); $url = strstr($url, '?', true) ?: $url; if ($url == 'login.php') { $url = $logins[$_SESSION["user_id"]]["redirect"]; } if ($logins[$_SESSION["user_id"]]["access"] != substr($url, 0, strlen($logins[$_SESSION["user_id"]]["access"]))) { header("HTTP/1.0 404 Not Found"); readfile("custom_404.htm"); exit; } if (!file_exists($url)) { header("HTTP/1.0 404 Not Found"); readfile("custom_404.htm"). exit; } } else { header("Location: {$logins[$_SESSION["user_id"]]["redirect"]}"); exit; } $finfo = new finfo(FILEINFO_MIME); $content_type = $finfo->file($url); // there is a bug with finfo_file(); // https://bugs.php.net/bug.php?id=53035 // hard coding the correct mime types for presently needed file extensions $extension = pathinfo($url, PATHINFO_EXTENSION); switch($extension){ case 'css': $content_type = 'text/css'; break; case 'js': $content_type = 'application/javascript'; default: break; } header('Content-Type: '.$content_type); readfile($url); exit; } else { ?>

Log in to STC's Documentation Portal