Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class Auth {
- function Auth(){
- }
- function login ( username, password ){
- $query = sprintf("SELECT adminId FROM ".$glob['dbprefix']."CubeCart_admin_users WHERE username = %s AND password = %s", $db->mySQLSafe($_POST['username']), $db->mySQLSafe(md5($_POST['password'])));
- $result = $db->select($query);
- $query = "UPDATE ".$glob['dbprefix']."CubeCart_admin_users SET lang = ".$db->mySQLSafe($lang_now);
- $lang_update = $db->misc($query);
- // insert admin session log
- $data["username"] = $db->mySQLSafe($_POST['username']);
- $data["time"] = time();
- $data["ipAddress"] = $db->mySQLSafe($_SERVER['REMOTE_ADDR']);
- if($result == TRUE) {
- $data["success"] = 1;
- } else {
- $data["success"] = 0;
- }
- $insert = $db->insert($glob['dbprefix']."CubeCart_admin_sessions", $data);
- // if there is over max amount of login records delete last one
- // this prevents database attacks of bloating
- if($db->numrows("SELECT loginId FROM ".$glob['dbprefix']."CubeCart_admin_sessions")>250){
- $loginId = $db->select("SELECT max(loginId) as id FROM ".$glob['dbprefix']."CubeCart_admin_sessions");
- $db->delete($glob['dbprefix']."CubeCart_admin_sessions","loginId='".$loginId[0]['id']."'");
- }
- if($result == TRUE) {
- $_SESSION['ccAdmin'] = $result[0]['adminId'];
- // update no logins
- $increment['noLogins'] = "noLogins+1";
- $result = $db->update($glob['dbprefix']."CubeCart_admin_users", $increment, "adminId=".$result[0]['adminId'],$stripQuotes="");
- if(isset($_GET['goto']) && !empty($_GET['goto'])){
- header("Location: ".urldecode($_GET['goto']));
- } else {
- header("Location: ".$GLOBALS['rootRel']."admin/index.php?s_lang=".$lang_now);
- }
- } else {
- $msg = "<p class='warnText'>".$lang['admin']['other']['login_failed']."</p>";
- }
- }
- function logout (){
- }
- function change password ( old password, newpassword1, newpassword2) {
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement