Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (!($user -> LoggedIn()))
- {
- if (isset($_POST['doLogin']))
- {
- $username = $_POST['login-username'];
- $password = $_POST['login-password'];
- $errors = array();
- if (empty($username) || empty($password))
- {
- $errors[] = 'Пожалуйста, введите имя пользователя и пароль.';
- }
- if (!ctype_alnum($username) || strlen($username) < 4 || strlen($username) > 15)
- {
- $errors[] = ' Имя пользователя должно быть не более 4-15 символов и только буквенно-цифровое.';
- }
- if (empty($errors))
- {
- $SQLCheckLogin = $odb -> prepare("SELECT COUNT(*) FROM `users` WHERE `username` = :username");
- $SQLCheckLogin -> execute(array(':username' => $username));
- $countLogin = $SQLCheckLogin -> fetchColumn(0);
- if ($countLogin == 1)
- {
- $gethashSQL = $odb -> prepare("SELECT `password` FROM `users` WHERE `username` = :username");
- $gethashSQL -> execute(array(":username" => $username));
- $hash = $gethashSQL -> fetch();
- if (hash_equals($hash['password'], crypt($password, $hash['password'])))
- {
- $SQLGetInfo = $odb -> prepare("SELECT `username`, `ID`, `membership`, `status` FROM `users` WHERE `username` = :username");
- $SQLGetInfo -> execute(array(':username' => $username));
- $userInfo = $SQLGetInfo -> fetch(PDO::FETCH_ASSOC);
- $status = $userInfo['status'];
- $userid = $userInfo['ID'];
- $userip = $_SERVER['REMOTE_ADDR'];
- $ban = $odb -> query("SELECT `reason` FROM `bans` WHERE `username` = '$username'") -> fetchColumn(0);
- if(empty($ban))
- {
- $ban = "Причина отсутствует.";
- }
- if ($status == 0)
- {
- $username = $userInfo['username'];
- $_SESSION['username'] = $userInfo['username'];
- $_SESSION['ID'] = $userInfo['ID'];
- $ipcountry = json_decode(file_get_contents("http://www.geoplugin.net/json.gp?ip=".$ip)) -> {'geoplugin_countryName'};
- if (empty($ipcountry)) {$ipcountry = 'XX';}
- $SQL = $odb -> prepare('INSERT INTO `loginlogs` VALUES(NULL, :username, :ip, UNIX_TIMESTAMP(), :ipcountry)');
- $SQL -> execute(array(':ip' => $ip, ':username' => $username, ':ipcountry' => $ipcountry));
- setcookie("username", $userInfo['username'], time() + 720000);
- header('Location: home.php');
- setSessionPackage($userInfo['membership']);
- exit;
- echo '<div class="alert alert-success"><p><center>Авторизация успешна! Перенаправление...</center></p></div>';
- }
- else
- {
- echo ('<div class="alert alert-danger"><p><center>Ваша учётная запись заблокирована!</br>Причина: ' . htmlspecialchars($ban) . ' </center></p></div>' .htmlspecialchars($ban));
- }
- }
- else
- {
- echo '<div class="alert alert-danger"><p><center>Неверный пароль.</center></p></div>';
- }
- }
- else
- {
- echo '<div class="alert alert-danger"><p><center>Такого пользователя не существует.</center></p></div>';
- }
- }
- else
- {
- echo '<center><div class="alert alert-danger"><p><strong></strong>';
- foreach($errors as $error)
- {
- echo ''.$error.'';
- }
- echo '</div></center>';
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement