Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //error_reporting( E_ALL | E_STRICT ); ini_set( 'display_errors', true );
- if(isset($_GET['act']) && $_GET['act'] == "logout")
- {
- session_start();
- session_unset();
- session_destroy();
- setcookie("ukey", "", time()-60*60*24*365);
- header('Location: login.php');
- exit;
- }
- require "header.php";
- $user = new user();
- if($gbaccID)
- {
- header('Location: account.php');
- exit;
- }
- if( isset($_GET['act']) && $_GET['act'] == "auth" && isset($_POST['password']) )
- {
- $username = $db->real_escape_string($_POST['login']);
- $password = md5($_POST['password']); // Old accounts will have to use forgotten password and reset it.
- if($user->login_check($username, $password))
- {
- $query = "SELECT $account_table.email, $account_table.accid, $account_table.access FROM $account_table JOIN $user_table ON $user_table.accid=$account_table.accid WHERE $user_table.login = '$username'";
- $result = $db->query($query);
- $row = $result->fetch_assoc();
- $accID = $row['accid'];
- $email = $row['email'];
- $access = $row['access'];
- if( $row['email'] != '' )
- {
- //$_SESSION['login'] = $username;
- //$_SESSION['email'] = $email;
- $_SESSION['ohsnap'] = 'here is your problem.';
- $_SESSION['password'] = $password;
- $_SESSION['accid'] = $accID;
- $_SESSION['access'] = $access;
- $banned = $user->check_bans($email);
- $_SESSION['banned'] = $banned;
- $curdate = mktime();
- $curip = $db->real_escape_string($_SERVER['REMOTE_ADDR']);
- $query = "UPDATE $user_table SET last_login = '$curdate', last_ip='$curip' WHERE login = '$username'";
- $db->query($query) or die($db->error);
- $key = substr( ($curdate.$password), 0, 25 );
- $query = "UPDATE $account_table SET ukey = '$key' WHERE email = '$email' AND password = '$password'";
- $db->query($query) or die($db->error);
- setcookie("ukey", $key, time()+60*60*24*90);
- header('Location: login.php');
- exit;
- }
- } else {
- echo "Error, wrong username/password combination.";
- }
- }
- echo '</head><body>'.$top_bar;
- ?>
- <br />
- <div id="inputContainer" style="width:230px;">
- <h2>Login</h2>
- <form action="login.php?act=auth" method="post" name="loginform" id="loginform">
- <label for="login">Username</label>
- <input type="text" class="text input" name="login" style="width: 225px;">
- <label for="password">Password</label>
- <input type="password" class="text input" name="password" style="width: 225px;">
- <input type="submit" name="submit" value="Log In" class="submit-btn" />
- <div class="clear"></div>
- <a href="register.php">Register</a> / <a href="settings.php?act=recover_password" id="recover-password">Recover Lost Password</a>
- </form>
- </div>
- <?php echo $footer; ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement