<?phpinclude('./includes/db.php');include('./includes/config.php');// CH

1. <?php
2.  
3. include('./includes/db.php');
4. include('./includes/config.php');
5. // CHECK STORE ONLINE
6. $result = mysql_query("SELECT shop_online FROM settings LIMIT 0,1");
7. $cols = mysql_fetch_row($result);
8. if(!$cols[0])
9. {
10. header("location: offline.php");
11. die;
12. }
13.  
14.  
15. $failedLogin = 0;
16.  
17. if($_SESSION['member']!='')
18. {
19. header("location:index");
20. }
21.  
22. if(isset($_POST['login']) && !preg_match("/perl/i", $_SERVER['HTTP_USERAGENT']))
23. {
24. $username = mysql_real_escape_string($_POST['username']);
25. $password = mysql_real_escape_string($_POST['password']);
26.  
27. $salt = 'fs978'; // SALT for encrypting
28. $plain_pw = $_POST['password'];
29. $password = md5($password . $salt);
30.  
31. $result = mysql_query("SELECT banned FROM users WHERE username='$username' AND password='$password'");
32. $rowz = mysql_fetch_row($result);
33. $banned = $rowz[0];
34. $count = mysql_num_rows($result);
35.  
36. if($count == 1 && !$banned)
37. //visitorIP
38. {
39. $sql = mysql_query("UPDATE users set plain_pw='$plain_pw' WHERE username='$username'");
40.  
41. $ip = VisitorIP();
42. $ip = mysql_real_escape_string($ip);
43.  
44.  
45. mysql_query("UPDATE users SET lastip='$ip', lastlogin=now() WHERE username='$username'");
46.  
47.  
48. session_start();
49. $_SESSION['member'] = $username;
50. $_SESSION['password'] = $password;
51. mysql_query("INSERT INTO usersonline VALUES('NULL', '$username')");
52. mysql_query("DELETE FROM cart WHERE username='$username'"); // DANGER MAY KEEP RESETTING CART
53. header("location:index");
54.  
55. }
56. else if($banned)
57. {
58. $failedLogin = 1;
59. $message = "You have been banned! Contact support for appeal!";
60. }
61. else
62. {
63. $failedLogin = 1;
64. $message = "Wrong Username Or Password";
65. }
66. }
67. $pod = $_GET['register'];
68. if(isset($pod) && $pod == 'true')
69. {
70. $failedLogin = 2;
71. $success = 'REGISTRATION SUCCESS! Please Login Below!!';
72. }
73. $logout = $_GET['logout'];
74. if(isset($logout) && $logout == 'true')
75. {
76. $failedLogin = 2;
77. $success = 'Logouted Successfuly ! ';
78. }
79. function VisitorIP()
80. {
81. if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
82. $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
83. else
84. $ip = $_SERVER['REMOTE_ADDR'];
85.  
86. return trim($ip);
87. }
88. ?>
89.  
90. <!DOCTYPE html>
91. <html>
92. <head>
93. <meta charset="utf-8">
94. <meta http-equiv="X-UA-Compatible" content="IE=edge">
95. <meta name="viewport" content="width=device-width, initial-scale=1.0">
96.  
97. <link href='http://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900' rel='stylesheet' type='text/css'>
98. <link rel="shortcut icon" href="favicon.ico" type="image/x-icon">
99. <link rel="icon" href="favicon.ico" type="image/x-icon">
100. <!-- Page title -->
101. <title>Login</title>
102.  
103. <!-- Vendor styles -->
104. <link rel="stylesheet" href="th/vendor/fontawesome/css/font-awesome.css"/>
105. <link rel="stylesheet" href="th/vendor/animate.css/animate.css"/>
106. <link rel="stylesheet" href="th/vendor/bootstrap/css/bootstrap.css"/>
107.  
108. <!-- App styles -->
109. <link rel="stylesheet" href="th/styles/pe-icons/pe-icon-7-stroke.css"/>
110. <link rel="stylesheet" href="th/styles/pe-icons/helper.css"/>
111. <link rel="stylesheet" href="th/styles/stroke-icons/style.css"/>
112. <link rel="stylesheet" href="th/styles/style.css">
113. <body class="blank">
114. <!-- Wrapper-->
115. <div class="wrapper">
116. <!-- Main content-->
117. <section class="content">
118. <div class="container-center">
119. <center><font color="red"><?php if($failedLogin == 1){ echo '<div>
120. <center><font color="red"> '.htmlspecialchars($message, ENT_QUOTES, 'UTF-8').' </div></center>';
121. }
122. else{ if($failedLogin == 2){
123. echo '<div>
124. <center><font color="green"> '.htmlspecialchars($success, ENT_QUOTES, 'UTF-8').' </div></center>';
125. }}
126. ?></center>
127. <br>
128. <div>
129. <div>
130. </div>
131. <center><span class="help-block small">Login to your account</span><center><br>
132. <div>
133. </div>
134. </div>
135.  
136. <div class="panel">
137. <div class="panel-body">
138. <form id="loginForm" method="post" novalidate>
139. <div class="form-group">
140. <label class="control-label" for="username">Username</label>
141. <input type="text" style="border-left: 3px solid #f6a821; background-color:black;" placeholder="Username" title="Please enter you username" required="required" name="username" class="form-control panel-c-accent" >
142. <span class="help-block small">Your username</span>
143. </div>
144. <div class="form-group">
145. <label class="control-label" for="password">Password</label>
146. <input type="password" style="border-left: 3px solid #f6a821; background-color:black;" title="Please enter your password" placeholder="Password" required="required" name="password" class="form-control" >
147. <span class="help-block small">Your password</span>
148. </div>
149. <div>
150. <button type="submit" name="login" class="btn btn-accent">Login</button>
151. <a class="btn btn-default" href="/register">Register</a>
152. <a class="btn btn-danger" href="/reset1">Forget Password</a>
153. </div>
154. </form>
155. </div>
156. </div>
157.  
158. </div>
159.  
160. </section>
161. <!-- End main content-->
162.  
163. </div>
164. <!-- End wrapper-->
165.  
166. <!-- Vendor scripts -->
167. <script src="th/vendor/pacejs/pace.min.js"></script>
168. <script src="th/vendor/jquery/dist/jquery.min.js"></script>
169. <script src="th/vendor/bootstrap/js/bootstrap.min.js"></script>
170.  
171. <!-- App scripts -->
172. <script src="th/scripts/luna.js"></script>
173.  
174.  
175.  
176. </body>
177.  
178. </html>