Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- require_once "includes/config.php";
- require_once "includes/functions.php";
- if(isset($_SESSION['status']))
- {
- if($_SESSION['status'] == 'authenticated')
- {
- header("Location: index.php");
- exit;
- }
- }
- request_clean(true,true,true,false);
- if(isset($_POST['login']) && isset($_POST['pass']) && isset($_POST['verif_box'])) {
- //sleep(2);
- $username = $_POST['login'];
- $pass = $_POST['pass'];
- $tm_flag['verif_box'] = $_POST["verif_box"];
- if(!valid_user($username)){
- $tm_flag['valid_username']="0";
- echo "er1";
- exit();
- }
- elseif(valid_pass($pass,$pass)!="1"){
- $tm_flag['valid_pass']="0";
- echo "er2";
- exit();
- }
- elseif(img_validate($tm_flag['verif_box'])) {
- echo "gg";
- exit();
- mysql_connect(DB_HOST,DB_USER,DB_PASS) or die(writeErrors(mysql_error(),$_SERVER['REMOTE_ADDR'],date("m.d.Y h:iA T"),__FILE__,__LINE__));
- mysql_select_db(DB_NAME) or die(writeErrors(mysql_error(),$_SERVER['REMOTE_ADDR'],date("m.d.Y h:iA T"),__FILE__,__LINE__));
- /* Checking weather username exisets in the database */
- $pass = md5(md5($pass));
- $result = mysql_query("SELECT * FROM usernames WHERE username='$username' and password='$pass';") or die(writeErrors(mysql_error(),$_SERVER['REMOTE_ADDR'],date("m.d.Y h:iA T"),__FILE__,__LINE__));
- if($result != false)
- {
- $numrows = mysql_num_rows($result);
- $result = mysql_fetch_assoc($result);
- if($numrows > 0)
- {
- //create session
- $_SESSION['status'] = "authenticated";
- $_SESSION['id'] = $result['id'];
- $_SESSION['username'] = $result['username'];
- $_SESSION['email'] = $result['email'];
- $_SESSION['icq'] = $result['icq'];
- $_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
- $_SESSION['user_agent'] = $_SERVER["HTTP_USER_AGENT"];
- //update ip, access date, user agent
- mysql_query("UPDATE usernames SET ip='".$_SERVER['REMOTE_ADDR']."',acc_dat='".time()."',user_agent='".$_SERVER["HTTP_USER_AGENT"]."' WHERE id='".$_SESSION['id']." LIMIT 1';") or die(writeErrors(mysql_error(),$_SERVER['REMOTE_ADDR'],date("m.d.Y h:iA T"),__FILE__,__LINE__));
- header("Location: index.php");
- exit;
- }
- }
- else {
- $tm_flag['bad_username']="1";
- }
- }
- }
- require('template/t_login.php');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement