'] and add this check to the line * where you find isset($_POST["twg_user"]). * By default this line looks like: * if ( isset($_POST["twg_user"]) && isset($_POST["twg_pass"])){ * Afterwards something like: * if ( isset($_POST["twg_user"]) && isset($_POST["twg_pass"]) && isset($_SESSION[''])){ * You can of course do more than simply checking if the variable exists. You can e.g. get this variable and * check in your db is it is o.k. It's up to you and your existing system how you solve it! * Only be aware that you have to do something! * ---------------------------- */ /** * Start parameters - don't remove the parameters part - * The paramters are needed even if you implement your own * authentification It makes sure that the flash is the client */ $user = parseInputParameter($_POST['twg_user']); $pass = parseInputParameter($_POST['twg_pass']); $rn = parseInputParameter($_POST['twg_rn']); $rn = substr(session_id(), 0, 5) . $rn . session_id(); include $install_path . "tfu_config.php"; /** * end parameters - now you can implement your own authentification and autorisation */ /** * AUTHENTIFICATION * * This part is interesting if you want to use the login! */ /** * TFU has a very simply user managment included - * add users/folders/paths at .htusers.php. * The password is encrypted - please use the password generator that is included. * Read the "Important" part on top! */ if (($login == "auth" || $login == "reauth") && $user != "") { include ($install_path . ".htusers.php"); foreach ($GLOBALS["users"] as $userarray) { // you have to use sha1 encrypted passwords if you want to use the // included login mechanism - see the provided password generator. if ($user == $userarray[0] && $pass == $userarray[1]) { $login = "true"; $folder = $userarray[2]; if ($userarray[3] != "") { $show_delete = $userarray[3]; } if ($userarray[4] != "") { $enable_folder_browsing = $enable_folder_creation = $userarray[4]; $enable_folder_deletion = $enable_folder_rename = $userarray[4]; } break; } else { $login = "reauth"; } } } /* Here the $login variable has to be finally set if you do your own authentification */ // some dynamic settings need to be stored in the session setSessionVariables(); // Sending and checking the registration infos - check is done in the flash therefore // we have to send part of the registration infos to the flash! $license_file = $install_path . "../../twg.lic.php"; if (file_exists($license_file)) { ob_start(); include $license_file; ob_end_clean(); // we encrypt the license data since 1.7 to enhance security! $d = tfu_enc($d, $rn); $l = tfu_enc($l, $rn); $m = tfu_enc($m, $rn); $s = tfu_enc($s, $rn, 50); $reg_infos = "&d=" . $d . "&s=" . $s . "&m=" . $m . "&l=" . $l; } else { $reg_infos = ""; // means freeware version! } store_temp_session(); // send the config data to the flash sendConfigData(); } else { include $install_path . "tfu_config.php"; printServerInfo(); } ?>