API tools faq
paste
Advertisement
Guest User

login.php

a guest
May 18th, 2013
111
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.44 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. require_once 'include.php';
  3. $error = '';
  4. if ( isset( $_POST['login'] ) )
  5. {
  6. if ( !$_POST['username'] or !$_POST['password'] )
  7. {
  8. $error = "Please enter your username and password.";
  9. }
  10. else
  11. {
  12. $idType = 'username';
  13. $id = $_POST['username'];
  14. $_member = NULL;
  15.  
  16. if ( $_member = $db->query( "SELECT * FROM members WHERE username='". $db->escape_string( $_POST['username'] ) ."'" )->fetch_array() )
  17. {
  18. $idType = 'id';
  19. $id = $_member['connect_id'];
  20. }
  21.  
  22. $login = file_get_contents( $masterUrl . '?' . http_build_query( array( 'act' => 'login', 'idType' => $idType, 'id' => $id, 'password' => md5( $_POST['password'] ) ) ) );
  23. if ( $login = @json_decode( $login, TRUE ) )
  24. {
  25. switch ( $login['connect_status'] )
  26. {
  27. case 'SUCCESS':
  28. // Load local member
  29. $member = $db->query( "SELECT * FROM members WHERE connect_id=". intval( $login['connect_id'] ) )->fetch_array();
  30.  
  31. // If we can't load based of the connect ID, but we already loaded off the username, update the connect ID
  32. if ( isset( $_member['id'] ) and !isset( $member['id'] ) )
  33. {
  34. $member = $_member;
  35. $db->query( "UPDATE members SET connect_id=". intval( $login['connect_id'] ) ." WHERE id={$_member['id']};" );
  36. }
  37.  
  38. // If we don't have a member, create one
  39. if ( !isset( $member['id'] ) )
  40. {
  41. $db->query( "INSERT INTO members ( username, email, password, connect_id ) VALUES ( '". $db->escape_string( $login['connect_username'] ) ."', '". $db->escape_string( $login['connect_email'] ) ."', '". md5( $_POST['password'] ) ."', ". intval( $login['connect_id'] ) ." )" );
  42. }
  43. // Or update our existing one
  44. else
  45. {
  46. $db->query( "UPDATE members SET username='". $db->escape_string( $login['connect_username'] ) ."', email='". $db->escape_string( $login['connect_email'] ) ."', password='".md5( $_POST['password'] )."' WHERE id={$member['id']};" );
  47. }
  48.  
  49.  
  50. // Log the user in ....
  51. setcookie( 'ipsce_user', $login['connect_username'], time()+60*60*24*30 );
  52. setcookie( 'ipsce_pass', md5( $_POST['password'] ), time()+60*60*24*30 );
  53.  
  54. // And redirect
  55. $redirect = base64_encode( str_replace( 'login.php', 'index.php', $_SERVER['HTTP_ORIGIN'] . $_SERVER['PHP_SELF'] ) );
  56. header( 'Location: ' . $masterUrl . '?' . http_build_query( array( 'act' => 'login', 'idType' => $idType, 'id' => $id, 'password' => md5( $_POST['password'] ), 'key' => md5( $masterKey . $id ), 'redirect' => $redirect, 'redirectHash' => md5( $masterKey . $redirect ), 'noparams' => '1' ) ) );
  57. exit;
  58.  
  59. case 'WRONG_AUTH':
  60. $error = "Password incorrect.";
  61. break;
  62.  
  63. case 'NO_USER':
  64. $error = "Could not locate a user with that username.";
  65. break;
  66.  
  67. case 'ACCOUNT_LOCKED':
  68. $minutes = ceil( $login['connect_unlock'] / 60 );
  69. $error = "Your account is locked. Please try again in {$minutes} minutes.";
  70. break;
  71.  
  72. case 'VALIDATING':
  73. $error = "You must validate your account before you can log in. <a href='{$login['connect_revalidate_url']}' target='_blank'>Resend Validation Email</a>";
  74. break;
  75.  
  76. case 'MISSING_DATA':
  77. default:
  78. $error = "We could not log you in. Please try again later.";
  79. break;
  80. }
  81. }
  82. else
  83. {
  84. $error = "We could not log you in. Please try again later.";
  85. }
  86. }
  87. }
  88. ?>
  89. <!DOCTYPE html>
  90. <html>
  91. <head>
  92. <title>IPS Connect - Slave Example</title>
  93. <meta charset='utf-8' />
  94. <link rel='stylesheet' href='resources/ipb_styles.css' media='all' />
  95. </head>
  96. <body id='ipboard_body'>
  97. <div id='header_bar' class='clearfix'>
  98. <div class='main_width'>
  99. <ul id='admin_bar' class='ipsList_inline left'>
  100. <li><a href='index.php'>Home</a></li>
  101. </ul>
  102. </div>
  103. </div>
  104. <div id='content'>
  105. <?php if ( isset( $_GET['register'] ) ): ?>
  106. <div class='message'>
  107. Account created successfully. You can now log in.
  108. </div>
  109. <br />
  110. <?php endif; ?>
  111. <form action='login.php' method='post'>
  112. <input type='hidden' name='login' value='1' />
  113. <div class='ipsBox_container ipsPad'>
  114. <ul class='ipsForm ipsForm_vertical'>
  115. <li class='ipsField'>
  116. <label class='ipsField_title'>Username <span class='ipsForm_required'>*</span></label>
  117. <div class='ipsField_content'>
  118. <input class='input_text' name='username' value='<?= ( isset( $_POST['username'] ) ? $_POST['username'] : '' ) ?>' />
  119. </div>
  120. </li>
  121. <li class='ipsField'>
  122. <label class='ipsField_title'>Password <span class='ipsForm_required'>*</span></label>
  123. <div class='ipsField_content'>
  124. <input class='input_text' name='password' type='password' value='<?= ( isset( $_POST['password'] ) ? $_POST['password'] : '' ) ?>' />
  125. <?php if ( $error ): ?>
  126. <br />
  127. <span class='error'><?= $error ?></span>
  128. <?php endif; ?>
  129. </div>
  130. </li>
  131. </ul>
  132. </div>
  133. <fieldset class='submit'>
  134. <input type='submit' class='input_submit' value='Submit' />
  135. </fieldset>
  136. </form>
  137. </div>
  138. </body>
  139. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!