Untitled

<?php
if(isset($_GET['lang'])){
	$_COOKIE['LANG_addorre'] = $_GET['lang'];
	$_COOKIE['LANG_'] = $_GET['lang'];
	setcookie('LANG_' . 'addorre', $_GET['lang']);
}
define("_VALID_PHP", true);
require_once("../autoload.php");

$getip = $_SERVER['REMOTE_ADDR'];
$beforeTime = date("Y-m-d h:i:s",strtotime("-15 minutes"));
$checkip = $db->getValue("count(id)", TABLE_ADMIN_LOGINS, "date > date_sub(now(), interval 3 minute) AND ip='$getip'");
if($checkip >= '5') {

	$databan['banned'] = '1';
	$db->update(TABLE_ADMIN_LOGINS, $databan, "ip='$getip' ORDER BY id DESC LIMIT 1");
	echo 'Your IP address is BANNED!';
	exit();
}

$sites = $api->request('get_sites');

if ($user->logged_in) {
	if ($user->is_Admin() && isset($_SESSION['site_id'])) {
		redirect_to("index.php");
	} else {
		redirect_to(SITEURL);
		exit;
	}
}

$login_msg = array();
if(post('login')) {
	$result = $api->request('login', array('email' => post('email'), 'password' => post('password')), 'json');
	$result = json_decode($result);
	$data['username'] = post('email');
	//Login successful
	if ($result->status == 1) {
		unset($_SESSION['site_id']);
		if(!isset($_SESSION['site_id'])) {
			$_SESSION['site_id'] = post('site_id');
		}

			$data['ip'] = $_SERVER['REMOTE_ADDR'];
			$data['date'] = date("Y-m-d H:i:s");
			$data['browser'] = $_SERVER['HTTP_USER_AGENT'];
			$data['site_id'] = post('site_id');
			$data['success'] = '1';

			$db->insert(TABLE_ADMIN_LOGINS, $data);
		redirect_to("index.php");
	} elseif($result->status == 2) {
        redirect_to("2factor.php");
    } else {
		if(isset($result->error_fields)){
			foreach($result->error_fields as $key => $error_field){
				$login_msg[$key] = $error_field;
			}
			$data['ip'] = $_SERVER['REMOTE_ADDR'];
			$data['date'] = date("Y-m-d H:i:s");
			$data['browser'] = $_SERVER['HTTP_USER_AGENT'];
			$data['site_id'] = post('site_id');
			$data['success'] = '0';

			$db->insert(TABLE_ADMIN_LOGINS, $data);
		} elseif(isset($result->msg)) {
            $login_msg[] = $result->msg;
        }
	}
}
$getip = $_SERVER['REMOTE_ADDR'];
$beforeTime = date("Y-m-d h:i:s",strtotime("-15 minutes"));
$checkip = $db->getValue("count(id)", TABLE_ADMIN_LOGINS, "date > date_sub(now(), interval 3 minute) AND ip='$getip' ORDER BY id DESC");
if($checkip >= '5') {
	echo 'You are banned for 5 minutes!';
	exit();
}

?>
<!DOCTYPE html>
<!--[if IE 8]> <html lang="en" class="ie8 no-js"> <![endif]-->
<!--[if IE 9]> <html lang="en" class="ie9 no-js"> <![endif]-->
<!--[if !IE]><!-->
<html lang="en">
    <!--<![endif]-->
    <!-- BEGIN HEAD -->

    <head>
        <meta charset="utf-8" />
        <title><?php echo _LOGIN;?></title>
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta content="width=device-width, initial-scale=1" name="viewport" />
        <meta content="Expozy CMS" name="description" />
        <meta content="" name="author" />

		<script type="text/javascript">
		var SITEURL = "<?php echo SITEURL;?>";
		var ADMINURL = "<?php echo ADMINURL;?>";
		</script>

        <!-- BEGIN GLOBAL MANDATORY STYLES -->
        <link href="http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all" rel="stylesheet" type="text/css" />
        <link href="<?php echo ADMINURL;?>/assets/global/plugins/font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css" />
        <link href="<?php echo ADMINURL;?>/assets/global/plugins/simple-line-icons/simple-line-icons.min.css" rel="stylesheet" type="text/css" />
        <link href="<?php echo ADMINURL;?>/assets/global/plugins/bootstrap/css/bootstrap.min.css" rel="stylesheet" type="text/css" />
        <link href="<?php echo ADMINURL;?>/assets/global/plugins/bootstrap-switch/css/bootstrap-switch.min.css" rel="stylesheet" type="text/css" />
        <!-- END GLOBAL MANDATORY STYLES -->
        <!-- BEGIN PAGE LEVEL PLUGINS -->
        <link href="<?php echo ADMINURL;?>/assets/global/plugins/select2/css/select2.min.css" rel="stylesheet" type="text/css" />
        <link href="<?php echo ADMINURL;?>/assets/global/plugins/select2/css/select2-bootstrap.min.css" rel="stylesheet" type="text/css" />
        <!-- END PAGE LEVEL PLUGINS -->
        <!-- BEGIN THEME GLOBAL STYLES -->
        <link href="<?php echo ADMINURL;?>/assets/global/css/components-md.min.css" rel="stylesheet" id="style_components" type="text/css" />
        <link href="<?php echo ADMINURL;?>/assets/global/css/plugins-md.min.css" rel="stylesheet" type="text/css" />
        <!-- END THEME GLOBAL STYLES -->
        <!-- BEGIN PAGE LEVEL STYLES -->
        <link href="<?php echo ADMINURL;?>/assets/pages/css/login.min.css" rel="stylesheet" type="text/css" />
        <!-- END PAGE LEVEL STYLES -->
        <!-- BEGIN THEME LAYOUT STYLES -->
        <!-- END THEME LAYOUT STYLES -->
        <link rel="shortcut icon" href="favicon.ico" /> </head>
    <!-- END HEAD -->

    <body class=" login">
        <!-- BEGIN LOGO -->
        <div class="logo">
            <a href="index.php">
				<img src="/admin/assets/global/img/logo-admin.png" />
			</a>
        </div>
        <!-- END LOGO -->
        <!-- BEGIN LOGIN -->
        <div class="content">
            <!-- BEGIN LOGIN FORM -->
            <form id="login-form" class="login-form" action="" method="post">
				<input type="hidden" name="login" value="1">

                <h3 class="form-title font-green"><?php echo _LOGIN;?></h3>

				<?php if(!$sites) { ?>
					<div class="alert alert-danger text-center">
						<span><?php echo _ERROR_NO_SITES;?></span>
					</div>
				<?php } else {
				?>

					<?php
						if($login_msg){
							foreach($login_msg as $login_error) {
								?>
									<div class="alert alert-danger">
										<button class="close" data-close="alert"></button>
										<span> <?php echo $login_error;?> </span>
									</div>
								<?php
							}
						}
					?>

					<div class="alert alert-danger display-hide">
						<button class="close" data-close="alert"></button>
						<span> <?php echo _EMPTY_FIELD;?> </span>
					</div>

					<div class="form-group">
						<select class="form-control form-control-solid selectpicker" name="site_id">
							<option selected disabled><?php echo _LOGIN_SELECT_SITE;?></option>
							<?php foreach($sites as $site) { ?>
								<option value="<?php echo $site['site_id'];?>" <?php echo get_selected($site['site_id'], $core->site_id);?>><?php echo $site['site_name'];?></option>
							<?php } unset($site); ?>
						</select>
					</div>
					<div class="form-group">
						<!--ie8, ie9 does not support html5 placeholder, so we just show field title for that-->
						<label class="control-label visible-ie8 visible-ie9"><?php echo _USER_EMAIL;?></label>
						<input class="form-control form-control-solid placeholder-no-fix" type="text" autocomplete="off" placeholder="<?php echo _USER_EMAIL;?>" name="email" />
					</div>
					<div class="form-group">
						<label class="control-label visible-ie8 visible-ie9"><?php echo _PASSWORD;?></label>
						<input class="form-control form-control-solid placeholder-no-fix" type="password" autocomplete="off" placeholder="<?php echo _PASSWORD;?>" name="password" />
					</div>
					<div class="form-actions text-center">
						<a href="javascript:;" class="btn green uppercase" onclick="document.getElementById('login-form').submit();"><?php echo _LOGIN;?></a>
						<div class="row">
							<div class="col-md-12 text-center">
							<br />
								<a href="/admin/lost-password.php"><?php echo _LOST_PASSWORD; ?></a>
							</div>
						</div>
					</div>


				<?php } ?>


				<div class="row">
                    <!-- languages -->
                    <?php $langs = $db->getResults("*", "languages", "id != 0 ORDER BY id asc");

                    if(count($langs) < 3){
                        foreach($langs as $l):?>
                            <div class="col-md-4 text-center">
                                <a href="?lang=<? echo $l['code'];?>"><? echo $l['title'];?></a>
                            </div>
                        <?endforeach;?>
                    <? }else{
                        for($i = 0; $i < 2; $i++):?>
                        <div class="col-md-3 text-center">
                            <a href="?lang=<? echo $l['code'];?>"><? echo $l['title'];?></a>
                        </div>
                        <? endfor;?>
                        <div class="col-md-3 text-center">
                            <a href="javascript;:">...</a>
                        </div>
                    <?} ?>


				</div>
            </form>
            <!-- END LOGIN FORM -->
        </div>
        <div class="copyright"> <?php echo date("Y"); ?> © Expozy </div>
        <!--[if lt IE 9]>
		<script src="../assets/global/plugins/respond.min.js"></script>
		<script src="../assets/global/plugins/excanvas.min.js"></script>
		<script src="../assets/global/plugins/ie8.fix.min.js"></script>
		<![endif]-->
        <!-- BEGIN CORE PLUGINS -->
        <script src="<?php echo ADMINURL;?>/assets/global/plugins/jquery.min.js" type="text/javascript"></script>
        <script src="<?php echo ADMINURL;?>/assets/global/plugins/bootstrap/js/bootstrap.min.js" type="text/javascript"></script>
        <script src="<?php echo ADMINURL;?>/assets/global/plugins/js.cookie.min.js" type="text/javascript"></script>
        <script src="<?php echo ADMINURL;?>/assets/global/plugins/jquery-slimscroll/jquery.slimscroll.min.js" type="text/javascript"></script>
        <script src="<?php echo ADMINURL;?>/assets/global/plugins/jquery.blockui.min.js" type="text/javascript"></script>
        <script src="<?php echo ADMINURL;?>/assets/global/plugins/bootstrap-switch/js/bootstrap-switch.min.js" type="text/javascript"></script>
        <!-- END CORE PLUGINS -->
        <!-- BEGIN PAGE LEVEL PLUGINS -->
        <script src="<?php echo ADMINURL;?>/assets/global/plugins/jquery-validation/js/jquery.validate.min.js" type="text/javascript"></script>
        <script src="<?php echo ADMINURL;?>/assets/global/plugins/jquery-validation/js/additional-methods.min.js" type="text/javascript"></script>
        <script src="<?php echo ADMINURL;?>/assets/global/plugins/select2/js/select2.full.min.js" type="text/javascript"></script>
        <!-- END PAGE LEVEL PLUGINS -->
        <!-- BEGIN THEME GLOBAL SCRIPTS -->
        <script src="<?php echo ADMINURL;?>/assets/global/scripts/app.min.js" type="text/javascript"></script>
        <!-- END THEME GLOBAL SCRIPTS -->
        <!-- BEGIN PAGE LEVEL SCRIPTS -->
        <script src="<?php echo ADMINURL;?>/assets/pages/scripts/login.min.js" type="text/javascript"></script>
        <!-- END PAGE LEVEL SCRIPTS -->
		<script>
			document.getElementById('login-form').addEventListener('keypress', function(event) {
				if (event.keyCode == 13) {
					event.preventDefault();
				}
			});
		</script>
    </body>

</html>