Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $noredirect = true;
- require 'init.inc.php';
- require 'mssql.php';
- require 'db_config.inc.php';
- include 'header.inc.php';
- echo '<CENTER><h1>United Base Players RCon 2.6</h1></CENTER>';
- if ($_GET['logoff'] == '1'){
- $_SESSION['rcon_rights'] = 0;
- session_destroy();
- }
- $username = $_POST['user'];
- $password = $_POST['pass'];
- if (!empty($username) && !empty($password)) {
- $_SESSION['rcon_rights'] = 0;
- // does the user exist in the database?
- $username = trim($username);
- // Update 10.11.2009 - Elwoodini (start)
- // Open database connection here
- $db_con = sql_db(DB_HOST, DB_USERNAME, DB_PASSWORD, DB_NAME);
- $sql = sprintf('SELECT user_id FROM C240025_logbook.' . TABLE_USERS . ' WHERE username=' . $username);
- // Added Semicolon, 10.12.09 -Raven
- $user_id = "";
- $user_id = sql_query($sql);
- // Check to see if the user name exists
- if ( ! $user_id = "" )
- {
- return false;
- }
- else
- {
- // Check to see if the user's password matches the one in the form
- $sql = sprintf( 'SELECT TOP 1 user_md5_pw FROM C240025_logbook.' . TABLE_USERS . ' WHERE user_id=' . $user_id );
- $md5_pw = sql_query($sql);
- if ( ! $md5_pw = md5($password) )
- {
- return false;
- }
- else
- {
- // Checks to see if the user is a founder
- $sql = sprintf( 'SELECT COUNT(user_id) FROM C240025_logbook.' . TABLE_GROUPS . ' WHERE user_id=' . $username . ' AND group_id=' . GROUP_FO );
- $founder_flag = sql_query($sql);
- // Checks to see if the user is a DL
- $sql = sprintf( 'SELECT COUNT(user_id) FROM C240025_logbook.' . TABLE_GROUPS . ' WHERE user_id=' . $username . ' AND group_id=' . GROUP_DL );
- $dl_flag = sql_query($sql);
- // Checks to see if the user is an admin
- $sql = sprintf( 'SELECT COUNT(user_id) FROM C240025_logbook.' . TABLE_GROUPS . ' WHERE user_id=' . $username . ' AND group_id=' . GROUP_AD );
- $admin_flag = sql_query($sql);
- if ( $founder_flag = 1 || $dl_flag = 1 )
- {
- $_SESSION['user'] = $username;
- $_SESSION['rcon_rights'] = 1;
- $_SESSION['lang'] = 'en';
- require 'language.inc.php';
- }
- else if ( $admin_flag = 1 )
- {
- $_SESSION['user'] = $username;
- $_SESSION['rcon_rights'] = 0;
- $_SESSION['lang'] = 'en';
- require 'language.inc.php';
- }
- else
- {
- return false;
- }
- }
- }
- // $result = mysql_query($sql);
- // if ($row = mysql_fetch_assoc($result)) {
- // $db_password = $row['password'];
- // $db_salt = $row['salt'];
- // if ($db_password === md5($db_salt . $password)) {
- // $_SESSION['user'] = $username;
- // if (!empty($row['lang'])) $interface_language = $_SESSION['lang'] = $row['lang'];
- // $_SESSION['rcon_rights'] = $row['access_rights'];
- // $_SESSION['rcon_appdir'] = getcwd();
- // require 'language.inc.php';
- // }
- //}
- // Close DB connection here, end of edits.
- // mysql_close($db_con);
- sql_close();
- // Update 10.11.2009 - Elwoodini (end)
- }
- if (isset($_SESSION['rcon_rights']) && $_SESSION['rcon_rights'] > 0) {
- function InsertLink($name, $link) {
- echo '<a href="'.$link.'">'.$name.'</a><br>';
- }
- echo '<h2>'.$lang['login_logged_as'].': '.$_SESSION['sess_rcon_user']
- .(($userconfig_enable)?' | <a href="userconfig.php">['.$lang['login_userconfig'].']</a>':'')
- .' | <a href="'.$_SERVER['PHP_SELF'].'?logoff=1">['.$lang['login_logout'].']</a>'
- .'</h2><br>';
- if (count($servers)>1)
- {
- foreach ($servers as $i=>$n)
- {
- $n = explode(' ',$n,3);
- InsertLink('PHP RCon: '.$n[2],'index.php?server='.$i);
- }
- }
- else {
- InsertLink('PHP RCon','index.php');
- }
- } else {
- echo '<CENTER>
- <h2>'.$lang['login_please_enter'].'.</h2>
- <form action="'.$_SERVER['PHP_SELF'].'" method="POST">
- <table><tr>
- <td width="60">'.$lang['login_name'].':</td>
- <td><input class=query type="text" name="user" size="25"></td>
- <td width="40"> </td>
- </tr><tr>
- <td>'.$lang['login_password'].':</td>
- <td><input class=query type="password" name="pass" size="25"></td>
- <td width="40"> </td>
- </tr><tr>
- <td colspan="3" align="right"><input class="button" type="submit" value="'.$lang['confirm'].'"></td>
- </tr></table></form></CENTER>
- ';
- }
- include 'footer.inc.php';
- ?>
Add Comment
Please, Sign In to add comment