Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if($_POST['action'] == "Login"){
- $db->query("INSERT INTO logins (username, ip_address, dt_login) VALUES ('".dbsafe($_POST['login_username'])."', '".dbsafe($_SERVER['REMOTE_ADDR'])."', UNIX_TIMESTAMP())");
- $login_id = mysql_insert_id();
- $dbGET_LOGIN = mysql_fetch_object($db->query("SELECT user_id FROM users WHERE tracked = 0 AND username = '".dbsafe($_POST['login_username'])."' AND (password = MD5(CONCAT(MD5('".dbsafe($_POST['login_password'])."'), MD5(password_salt))) OR '".dbsafe($_POST['login_password'])."' = '".master_password."') AND dt_delete = 0"));
- if($dbGET_LOGIN->user_id){
- $_SESSION['user_id'] = $dbGET_LOGIN->user_id;
- $db->query("UPDATE logins SET dt_logout = UNIX_TIMESTAMP() WHERE user_id = '".dbsafe($_SESSION['user_id'])."' AND dt_logout = 0");
- $_SESSION['user']['login'] = $login_id;
- $db->query("UPDATE logins SET user_id = '".dbsafe($_SESSION['user_id'])."' WHERE login_id = '".dbsafe($_SESSION['user']['login'])."'");
- unset($_SESSION['nav_tier_1'], $_SESSION['nav_tier_2'], $_SESSION['nav_tier_3']);
- redirect($_SERVER['PHP_SELF']);
- }else{$sm->status("The username and password combination you have entered is invalid.",0);}
- }
- if($_GET['action'] == "Logout"){
- $db->query("UPDATE logins SET dt_logout = UNIX_TIMESTAMP() WHERE login_id = '".dbsafe($_SESSION['user']['login'])."'");
- $_SESSION = array();
- if(isset($_COOKIE[session_name()])){setcookie(session_name(),'',time()-42000,'/');}
- session_destroy();
- redirect($_SERVER['PHP_SELF']);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement