<?phpsession_start();require("mainconfig.php");$msg_type = "nothing";$co

1. <?php
2. session_start();
3. require("mainconfig.php");
4. $msg_type = "nothing";
5. $cookie = $_COOKIE['cookie'];
6.  
7. if (isset($_SESSION['user'])) {
8. header("Location: ".$cfg_baseurl);
9. } else {
10. if ($cookie <> "") {
11. $check_user = mysqli_query($db, "SELECT * FROM users WHERE cookie = '$cookie'");
12. $data_user = mysqli_fetch_assoc($check_user);
13. if (mysqli_num_rows($check_user) == 1) {
14. $_SESSION['user'] = $data_user;
15. header("Location: ".$cfg_baseurl);
16. } else {
17. header("Location: ".$cfg_baseurl."logout.php");
18. }
19. } else {
20. if (isset($_POST['login'])) {
21. $post_username = mysqli_real_escape_string($db, trim($_POST['username']));
22. $post_password = mysqli_real_escape_string($db, trim($_POST['password']));
23. $post_remember = $_POST['remember'];
24. if (empty($post_username) || empty($post_password)) {
25. $msg_type = "error";
26. $msg_content = "<b>Failed:</b> Please fill all input.";
27. } else {
28. $check_user = mysqli_query($db, "SELECT * FROM users WHERE username = '$post_username'");
29. if (mysqli_num_rows($check_user) == 0) {
30. $msg_type = "error";
31. $msg_content = "<b>Failed:</b> Incorrect username or password. $post_remember";
32. } else {
33. $data_user = mysqli_fetch_assoc($check_user);
34. if ($post_password <> $data_user['password']) {
35. $msg_type = "error";
36. $msg_content = "<b>Failed:</b> Incorrect username or password.";
37. } else if ($data_user['status'] == "Suspended") {
38. $msg_type = "error";
39. $msg_content = "<b>Failed:</b> Account suspended.";
40. } else if ($post_password == $data_user['password']) {
41. if ($post_remember == 1) {
42. $rand_key = random(20);
43. setcookie("cookie", $rand_key, time() + (86400 * 30));
44. mysqli_query($db, "UPDATE users SET cookie = '$rand_key' WHERE username = '$post_username'");
45. }
46. $_SESSION['user'] = $data_user;
47. header("Location: ".$cfg_baseurl);
48. }
49. }
50. }
51. }
52. }
53. include("lib/header.php");
54. ?>