<?phpinclude("config.php");if ($_POST['systemCall'] == "checkLogin") { $

1. <?php
2. include("config.php");
3.  
4. if ($_POST['systemCall'] == "checkLogin") {
5. $username = mysql_real_escape_string(stripslashes($_POST['username']));
6. $password = md5($_POST['password']);
7. $date = date('Y')."-".date('j')."-".date('d')."T".date('H').":".date('i').":".date('s').".".date('u');
8. $query = mysql_query("SELECT * FROM es_users WHERE username='$username' AND password='$password' LIMIT 1");
9. $user_count = mysql_num_rows($query);
10. $user = mysql_fetch_assoc($query);
11. if ($user_count > 0) {
12. if($user['activated'] == 1){
13. mysql_query("UPDATE es_users SET lastlogin='$date' WHERE username='$username' AND password='$password'") or die(mysql_error());
14. print "systemResult=User login Successful.";
15. } else {
16. print "systemResult=User is not Activated.";
17. }
18. } else if($user_count == 0) {
19. print "systemResult=User does not Exist.";
20. }
21. }
22.  
23. if ($_POST['systemCall'] == "Register") {
24. $username = mysql_real_escape_string(stripslashes($_POST['username']));
25. $password2 = $_POST['password'];
26. $password = md5($_POST['password']);
27. $email = $_POST['email'];
28. $ip = $_SERVER['REMOTE_ADDR'];
29. $query = mysql_query("SELECT * FROM es_users WHERE username='$username' AND password='$password' LIMIT 1");
30. $user_count = mysql_num_rows($query);
31.  
32. if ($user_count > 0) {
33. print "systemResult=User already Exists.";
34.  
35. } else {
36. mysql_query("INSERT INTO es_users(username, password, email, ip) VALUES('".$username."', '".$password."', '".$email."', '".$ip."')") or die(mysql_error());
37. print "systemResult=Registration Complete.";
38. }
39.  
40. }
41.  
42. if ($_POST['systemCall'] == "Check4Updates") {
43. $query = mysql_query("SELECT * FROM es_settings LIMIT 1");
44. $settings = mysql_fetch_assoc($query);
45. print "newVersion=".$settings['newVersion']."&newVUrl=".$settings['newVUrl'];
46. }
47. ?>