Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Soubory nutne pro beh stranky
- require_once './functions/database.php';
- // Zacatek nove relace
- @session_start();
- // Prebrat uzivatelsky vstup
- $username = $_POST['username'];
- $password = md5($_POST['password']); // Heslo putuje primo do hashe kvuli bezpecnosti
- $fingerprint = $_POST['fingerprint'];
- // Kontrola, jestli jsou zadane udaje
- if (isset($username) && isset($password) && isset($fingerprint)) {
- // Prvni probehne overeni otisku (prisel uzivatel z loginu?)
- if ($fingerprint == $_SESSION['fingerprint']) {
- // Kontrola delky uzivatelskeho jmena
- if (strlen($username) < 60 && strlen($username) > 0) {
- $db = new cDatabase; // Novy objekt pro praci s DB
- $db->connect(); // Navazani spojeni s databazi
- $username = mysql_real_escape_string($username); // Protekce proti sql injekcim
- // Pokus o nalezeni existujiciho uzivatele
- $trylogin = $db->query("SELECT login FROM uzivatel WHERE login LIKE '$username' AND passw LIKE '$password'");
- // Nalezen existujici uzivatel
- if (mysql_num_rows($trylogin) == 1) {
- // Zaregistrovani novych promennych prenasenych v relaci
- $_SESSION['logged_in'] = 1;
- $_SESSION['username'] = $username;
- // Odregistrovani uz nepotrebnych promennych
- @session_unregister('fingerprint');
- // Odeslani headeru, ze login probehl v poradku a presmerovani uzivatele na hlavni stranku
- header('HTTP/1.1 200 OK');
- header('location: admin.php');
- } // END OF: Nalezen existujici uzivatel
- else { // Existujici uzivatel NEBYL nalezen
- header('HTTP/1.1 401 Unauthorized');
- header('location: index.php');
- exit();
- } // END OF: Existujici uzivatel NEBYL nalezen
- $db->close(); // Uzavreni spojeni s DB
- $db = null; // Void objektu pro praci s DB
- } // END OF: Kontrola delky uzivatelskeho jmena
- } // END OF: Prvni probehne overeni otisku (prisel uzivatel z loginu?)
- } // END OF: Kontrola, jestli jsou zadane udaje
- else { // Udaje NEJSOU zadane
- header('HTTP/1.1 401 Unauthorized');
- header('location: index.php');
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement