session_name("endoflex");session_start();include ("includes/mysql.inc.php");

1. session_name("endoflex");
2. session_start();
3. include ("includes/mysql.inc.php");
4. include ("includes/functions.php");
5. include ("includes/functions.inc.php");
6. $login = filter_input(INPUT_POST, 'client', FILTER_SANITIZE_STRING);
7. $passwd = filter_input(INPUT_POST, 'passwd', FILTER_SANITIZE_EMAIL);
8. if (isset($client) && isset($passwd"]) {
9.         $sql = "SELECT *
10.         from base_users
11.         WHERE (code_client = '" . $login . "'
12.         AND passwd = '" . md5($passwd) . "')";
13.     $result = mysqli_query($mysqli, $sql);
14.     if (mysqli_num_rows($result) == '1') {
15.         if (check_var($_POST["remember"])) {
16.             setcookie('client', $login, time()+(84600*90), null, null, false, true);
17.             setcookie('passwd', md5($passwd), time()+(84600*90), null, null, false, true);
18.         }
19.         $user = mysqli_fetch_object($result);
20.         $user_id = $user->code_client;
21.         $ville = $user->ville;
22.         $level = $user->level;
23.         $_SESSION["user_id"] = $user_id;
24.         $_SESSION["ville"] = $ville;
25.         $_SESSION["level"] = $level;
26.         $_SESSION["auth"] = 1;
27.         mysqli_free_result($result);
28.         date_default_timezone_set('France/Paris');
29.         $last_connect = new Datetime('now');
30.         $last_connect = $last_connect->format('Y-m-d H:i:s');
31.         $sql = "UPDATE base_users set `last_connect` = '" . $last_connect . "' WHERE (`code_client` = '" . $_SESSION["user_id"] . "')";
32.         mysqli_query($mysqli, $sql) or die("mysqli Error T_T LOGIN POST".$mysqli->error);
33.     } else {
34.         $loginTentative = 1;
35.     }
36. }
37. $clogin = filter_input(INPUT_COOKIE, 'client', FILTER_SANITIZE_STRING);
38. $cpasswd = filter_input(INPUT_COOKIE, 'passwd', FILTER_SANITIZE_EMAIL);
39. if (isset($clogin) && isset($cpasswd) && $_SESSION["auth"] != 1) {
40.         $sql = "SELECT *
41.         from base_users
42.         WHERE (code_client = '" . $clogin . "'
43.         AND passwd = '" . $cpasswd . "')";
44.         $result = mysqli_query($mysqli, $sql);
45.     if (mysqli_num_rows($result) == '1') {
46.         $user = mysqli_fetch_object($result);
47.         $user_id = $user->code_client;
48.         $ville = $user->ville;
49.         $level = $user->level;
50.         $_SESSION["user_id"] = $user_id;
51.         $_SESSION["ville"] = $ville;
52.         $_SESSION["level"] = $level;
53.         $_SESSION["auth"] = 1;
54.         mysqli_free_result($result);
55.         date_default_timezone_set('France/Paris');
56.         $last_connect = new Datetime('now');
57.         $last_connect = $last_connect->format('Y-m-d H:i:s');
58.         $sql = "UPDATE base_users set `last_connect` = '" . $last_connect . "' WHERE (`code_client` = '" . $_SESSION["user_id"] . "')";
59.         mysqli_query($mysqli, $sql) or die("mysqli Error T_T LOGIN COOKIE".$mysqli->error);
60.         setcookie("client", $login, time()+(84600*90), null, null, false, true);
61.         setcookie("passwd", $passwd, time()+(84600*90), null, null, false, true);
62.     }
63. }
64.  
65. if (check_var($_POST["logout"])) {
66.     session_destroy();
67.     setcookie("client", "plouf", time()-42000, null, null, false, true);
68.     setcookie("passwd", "plouf", time()-42000, null, null, false, true);
69.     session_name("endoflex");
70.     session_start();
71. }