<?phpsession_start();?><?php include("include/config.php");incl

1. <?php
2. session_start();
3. ?>
4.  
5. <?php
6.  
7.  
8. include("include/config.php");
9. include("include/functions/import.php");
10.  
11. $redirect = stripslashes($_REQUEST['redirect']);
12. $r = base64_decode($redirect);
13. STemplate::assign('r',$r);
14.  
15. if ($_SESSION['USERID'] != "" && $redirect != "")
16. {
17. header("Location:$redirect");exit;
18. }
19.  
20. if($_REQUEST['logsub']!="")
21. {
22. $username = htmlentities(strip_tags($_REQUEST['username']), ENT_COMPAT, "UTF-8");
23. $password = htmlentities(strip_tags($_REQUEST['password']), ENT_COMPAT, "UTF-8");
24.  
25. if($username=="")
26. {
27. $error=$lang['4'];
28. }
29. elseif($password=="")
30. {
31. $error=$lang['5'];
32. }
33. else
34. {
35. if(!verify_valid_email($username))
36. {
37. $encryptedpassword = md5($password);
38. $query="SELECT status,USERID,email,username,verified,filter,mylang from members WHERE username='".mysql_real_escape_string($username)."' and password='".mysql_real_escape_string($encryptedpassword)."'";
39. $result=$conn->execute($query);
40.  
41. if($result->recordcount()<1)
42. {
43. $error=$lang['26'];
44. }
45. elseif($result->fields['status']=="0")
46. {
47. $error = $lang['30'];
48. }
49.  
50. if($error=="")
51. {
52. $query="update members set lastlogin='".time()."', lip='".$_SERVER['REMOTE_ADDR']."' WHERE username='".mysql_real_escape_string($username)."'";
53. $conn->execute($query);
54. $_SESSION['USERID']=$result->fields['USERID'];
55. $_SESSION['EMAIL']=$result->fields['email'];
56. $_SESSION['USERNAME']=$result->fields['username'];
57. $_SESSION['VERIFIED']=$result->fields['verified'];
58. $_SESSION['FILTER']=$result->fields['filter'];
59. $setlang = $result->fields['mylang'];
60. if($setlang != "")
61. {
62. $addlang = "?language=".$setlang;
63. }
64. if($_REQUEST["remember"]=="yes")
65. {
66. create_slrememberme();
67. }
68.  
69. if($redirect == "")
70. {
71. header("Location:$config[baseurl]/settings".$addlang);exit;
72. }
73. else
74. {
75. header("Location:$redirect");exit;
76. }
77.  
78. }
79. }
80. else
81. {
82. $encryptedpassword = md5($password);
83. $query="SELECT status,USERID,email,username,verified,filter,mylang from members WHERE email='".mysql_real_escape_string($username)."' and password='".mysql_real_escape_string($encryptedpassword)."'";
84. $result=$conn->execute($query);
85.  
86. if($result->recordcount()<1)
87. {
88. $error=$lang['37'];
89. }
90. elseif($result->fields['status']=="0")
91. {
92. $error = $lang['30'];
93. }
94.  
95. if($error=="")
96. {
97. $query="update members set lastlogin='".time()."', lip='".$_SERVER['REMOTE_ADDR']."' WHERE username='".mysql_real_escape_string($username)."'";
98. $conn->execute($query);
99. $_SESSION['USERID']=$result->fields['USERID'];
100. $_SESSION['EMAIL']=$result->fields['email'];
101. $_SESSION['USERNAME']=$result->fields['username'];
102. $_SESSION['VERIFIED']=$result->fields['verified'];
103. $_SESSION['FILTER']=$result->fields['filter'];
104. $setlang = $result->fields['mylang'];
105. if($setlang != "")
106. {
107. $addlang = "?language=".$setlang;
108. }
109. if($_REQUEST["remember"]=="yes")
110. {
111. create_slrememberme();
112. }
113.  
114. if($redirect == "")
115. {
116. header("Location:$config[baseurl]/settings".$addlang);exit;
117. }
118. else
119. {
120. header("Location:$redirect");exit;
121. }
122.  
123. }
124. }
125. }
126. }
127.  
128. $pagetitle = $lang['11'];
129. STemplate::assign('pagetitle',$pagetitle);
130. STemplate::assign('error',$error);
131.  
132. //TEMPLATES BEGIN
133. STemplate::display('login.tpl');
134. //TEMPLATES END
135. ?>