Committee sign-in is closed.

'; printFooter(); exit; } $vformar[1] = "lkalskjo24uakd"; $vformar[2] = "lkiqwje0913284"; $vformar[3] = "loj0923489wefs"; $errmsg = ""; if (isset($_POST['submit']) && ($_POST['submit'] == "Sign In")) { // Check for bad uname or pwd if (!preg_match("/^[\w\.\-\@]{5,30}$/",$_POST['uname']) || empty($_POST['upwd'])) { $errmsg = 'Username and/or password not valid. Please try again. If you continue to have a problem signing in, please contact the Program Chair.

'; } else { $lowusername = oc_strtolower($_POST['uname']); $q = "SELECT `reviewerid`, `name_last`, `name_first`, `password`, `onprogramcommittee` FROM `" . OCC_TABLE_REVIEWER . "` WHERE `username`='" . safeSQLstr($lowusername) . "'"; $r = ocsql_query($q) or err("Unable to query database ".mysql_errno()); // Check for multiple matching usernames if (($rnum=mysql_num_rows($r)) > 1) { printHeader("Sign In"); err("Multiple usernames"); } // Check for unknown username if ($rnum == 0) { $errmsg = 'Incorrect username or password. Please try again. If you continue to have a problem signing in, please contact the Program Chair.

'; } else { $p = mysql_fetch_array($r); // Check that sign-in is still open for user if (!$OC_statusAR['OC_rev_signin_open']) { if ($p['onprogramcommittee'] == "F") { signInClosed(); } elseif (!$OC_statusAR['OC_pc_signin_open']) { signInClosed(); } } // Check for bad pwd if ((hashPassword($_POST['upwd'], $p['password']) != $p['password']) && ((OCC_CHAIR_PWD_TRUMPS == 0) || (hashPassword($_POST['upwd'], $OC_configAR['OC_chair_pwd']) != $OC_configAR['OC_chair_pwd']))) { $errmsg = ' Incorrect username or password. Please try again below or click here to reset your password.

'; } else { // We have a winner! // If session timed out, is it same reviewer coming back? if (isset($_SESSION[OCC_SESSION_VAR_NAME]['acreviewerid']) && ($_SESSION[OCC_SESSION_VAR_NAME]['acreviewerid'] == $p['reviewerid'])) { $sameid = True; } else { $sameid = False; } // Set session vars $_SESSION[OCC_SESSION_VAR_NAME]['acusername'] = $lowusername; $_SESSION[OCC_SESSION_VAR_NAME]['name'] = $p['name_first'] . ' ' . $p['name_last']; $_SESSION[OCC_SESSION_VAR_NAME]['acreviewerid'] = $p['reviewerid']; $_SESSION[OCC_SESSION_VAR_NAME]['aclast'] = time(); $_SESSION[OCC_SESSION_VAR_NAME]['acpc'] = $p['onprogramcommittee']; $_SESSION[OCC_SESSION_VAR_NAME]['actoken'] = generateID(); // Route user to recover submission if timed out or onwards to main page if ($sameid && isset($_SESSION[OCC_SESSION_VAR_NAME]['POST']['submit'])) { $_SESSION[OCC_SESSION_VAR_NAME]['POST']['token'] = $_SESSION[OCC_SESSION_VAR_NAME]['actoken']; // reset token session_write_close(); header('Location: recover.php?' . strip_tags(SID)); } else { // Remove POST if set if (isset($_SESSION[OCC_SESSION_VAR_NAME]['POST'])) { unset($_SESSION[OCC_SESSION_VAR_NAME]['POST']); } session_write_close(); header('Location: reviewer.php?' . strip_tags(SID)); } exit; } } } // Weak attempt at catching multiple failed logins if ($_POST['validform'] == $vformar[1]) { $vform = $vformar[2]; } else { $vform = $vformar[3]; if ($_POST['validform'] == $vformar[3]) { $errmsg .= ' Hummm... 3+ failed attempts. Why don\'t you click the "I forgot it" link and we will be glad to help you out.

'; } } } else { $vform = $vformar[1]; } printHeader("Sign In",3); if (!empty($errmsg)) { print $errmsg; } elseif (isset($_GET['e']) && ($_GET['e'] == "exp")) { print '

Your session has timed out or you did not sign in properly. Please sign in again.

'; if (isset($_SESSION[OCC_SESSION_VAR_NAME]['POST']['submit'])) { print '

It appears you were filling out a review – by signing back in right now with the same username, you will have the option to save the review.

'; } } print '
Username:( forgot username? )
Password:( forgot password? )

'; if ($OC_configAR['OC_ReviewerTimeout'] > 0) { print '

Note: Session times out after ' . $OC_configAR['OC_ReviewerTimeout'] . ' minutes of inactivity

'; } printFooter(); ?>