Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function check_login_cp($admin,$url)
- {
- global $db;
- global $db_admin;
- if (!$_SERVER['HTTP_REFERER']) { header('Location: index.php'); die( "Hacking attempt!" ); exit; }
- if (!isset($_SESSION["adm_ident"])) { header('Location: index.php'); die( "Hacking attempt!" ); exit; }
- if (!isset($_SESSION['admin_login'])) { header('Location: index.php'); die( "Hacking attempt!" ); exit; }
- $sql = 'SELECT * FROM ' . $db_admin . ' '
- . 'WHERE login="' . $_SESSION['admin_login'] . '"';
- $r_auth = $db->query($sql);
- $f_auth = $db->fetcharray($r_auth);
- if ($f_auth['login'] == $_SESSION['admin_login']
- and $f_auth['password'] == $_SESSION['admin_pass']
- and mysql_numrows($r_auth) == '1')
- {
- mysql_free_result($r_auth);
- $_SESSION['name_admin'] = $f_auth['name'];
- $_SESSION['admin_login'] = $f_auth['login'];
- $_SESSION['icq_admin'] = $f_auth['icq'];
- $_SESSION['phone_admin'] = $f_auth['phone'];
- $_SESSION['adress_admin'] = $f_auth['adress'];
- $menu_start=explode("#", $f_auth['menu']);
- $_SESSION['menu'] = $menu_start[1];
- $_SESSION['menu_punkt'] = $menu_start[0];
- $_SESSION['num_admin'] = $f_auth['num'];
- }
- else
- {
- $_SESSION = array();
- $_SESSION ['url'] = $url;
- header('Location: index.php');
- die();
- exit;
- return;
- }
- }
- if ($_GET["REQ"] == "auth")
- {
- if (!isset($_SESSION["adm_ident"]))
- {
- session_start();
- $vid_login = trim(htmlspecialchars(strip_tags($_POST["login"])));
- $vid_password = trim(htmlspecialchars(strip_tags($_POST["pass"])));
- if ($vid_login!='' and $vid_password!='') {
- $_SESSION["admin_login"] = $vid_login;
- $_SESSION["admin_pass"] = md5($vid_password);
- $_SESSION["adm_ident"] = time();
- }
- }
- check_login_cp('0_1','main.php');
- header('Location: /');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement