Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if ($_SERVER['REQUEST_METHOD']=='POST') {
- $user=strtolower(sanitize_and_format_gpc($_POST,'user',TYPE_STRING,$__field2format[FIELD_TEXTFIELD],''));
- $pass=sanitize_and_format_gpc($_POST,'pass',TYPE_STRING,$__field2format[FIELD_TEXTFIELD],'');
- if (!empty($user) && !empty($pass)) {
- $log['level']='login';
- $log['user_id']=!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']['email']) ? $_SESSION[_LICENSE_KEY_]['user']['user_id'] : 0;
- $log['sess']=session_id();
- $log['user']=$user;
- $log['membership']=$_SESSION[_LICENSE_KEY_]['user']['membership'];
- $log['ip']=sprintf('%u',ip2long($_SERVER['REMOTE_ADDR']));
- log_user_action($log);
- rate_limiter($log);
- $query="SELECT a.`".USER_ACCOUNT_ID."` as `user_id`,b.`_user` as `user`,a.`status`,a.`membership`,UNIX_TIMESTAMP(a.`last_activity`) as `last_activity`,a.`email`,b.`status` as `pstat` FROM `".USER_ACCOUNTS_TABLE."` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`".USER_ACCOUNT_ID."`=b.`fk_user_id` WHERE a.`".USER_ACCOUNT_USER."`='$user' IN (user, email) AND a.`".USER_ACCOUNT_PASS."`=".PASSWORD_ENC_FUNC."('$pass')";
- if (!($res=@mysql_query($query))) {trigger_error(mysql_error(),E_USER_ERROR);}
Add Comment
Please, Sign In to add comment