<?php$ipAddr = $_SERVER['REMOTE_ADDR'];$ipAddrS = substr(0,strrpos($ipAddr

1. <?php
2.  
3. $ipAddr = $_SERVER['REMOTE_ADDR'];
4. $ipAddrS = substr(0,strrpos($ipAddr,'.'),$ipAddr);
5.  
6. Function destroySession($typ=1){
7. setcookie('hc', '', time()-30*24*3600, '/', KML_COOKIES);
8. setcookie('hd', '', time()-30*24*3600, '/', KML_COOKIES);
9. setcookie('hb', '', time()-30*24*3600, '/', KML_COOKIES);
10. setcookie('hi', '', time()-30*24*3600, '/', KML_COOKIES);
11. session_destroy();
12. if($typ==1){
13. header('Location: index.php?'.str_replace('&amp;', '&', KML_LINK_SL2));
14. exit;
15. }
16. }
17.  
18. Function hash_cookie($inf){
19. return $inf;
20. $hash = md5($inf.time());
21. $hash2 = md5(strrev($inf).time());
22. return strrev(substr($hash,0,3).$inf.substr($hash2,0,3));
23. }
24.  
25. Function unhash_cookie($inf){
26. return $inf;
27. return substr(substr(strrev($inf),5),0,strlen($inf)-7);
28. }
29.  
30. if($_GET['op'] == 'logout') destroySession();
31. elseif($_POST['remember']=='on' || ($_COOKIE['hc'] && $_COOKIE['hd'])){
32. if($_POST['remember']){
33. $hp = hash_cookie($_POST['passw']);
34. $hl = hash_cookie($_POST['login']);
35. # $hb = $_SERVER['HTTP_USER_AGENT'];
36. $hi = $ipAddrS;
37. # echo $hp.'|'.$hl.'|'.$hb.'|'.$hi.'<br/>';
38. }else{
39. $hp = $_COOKIE['hd'];
40. $hl = $_COOKIE['hc'];
41. # $hb = $_COOKIE['hb'];
42. $hi = $_COOKIE['hi'];
43. # echo $hp.'|'.$hl.'|'.$hb.'|'.$hi.'<br/>';
44. }
45. setcookie('hc', $hl, time()+30*24*3600, '/', KML_COOKIES);
46. setcookie('hd', $hp, time()+30*24*3600, '/', KML_COOKIES);
47. # setcookie('hb', $hb, time()+30*24*3600, '/', KML_COOKIES);
48. setcookie('hi', $hi, time()+30*24*3600, '/', KML_COOKIES);
49. }
50.  
51. if($_GET['op']!='logout'){
52. if($_POST['login'] && $_POST['passw']){
53. $login = $_POST['login'];
54. $passw = $_POST['passw'];
55. $ltype = 'post';
56. }elseif($_COOKIE['hc'] && $_COOKIE['hd']){
57. $login = unhash_cookie($_COOKIE['hc']);
58. $passw = unhash_cookie($_COOKIE['hd']);
59. $ltype = 'cookies';
60. }
61. }
62.  
63. if(!session_is_registered('dl_login') || !session_is_registered('dl_grants')){
64. if(!empty($login) || !empty($passw)){
65. if(banned($ipAddr)) destroySession();
66. $qry = SQL('SELECT iduser, grants, login, timezone FROM '.KML_PREFIX.'_users WHERE login=%s AND pass=%s', $login, md5($passw));
67. $rsl = query(__FILE__,__FUNCTION__,__LINE__,$qry,0);
68. $all = mysql_num_rows($rsl);
69. if($all != 1){
70. $status = $lang['log_inc'];
71. $status_error = 1;
72. destroySession(0);
73. }else{
74. $row = mysql_fetch_assoc($rsl);
75. foreach($row as $ky=>$vl) $row[$ky] = intoBrowser($vl);
76. $_SESSION['dl_login'] = $row['iduser'];
77. $_SESSION['dl_name'] = $row['login'];
78. $_SESSION['dl_timezone'] = $row['timezone'];
79. $_SESSION['dl_grants']['main'] = $row['grants'];
80. if($ltype=='cookies') $_SESSION['dl_secure']['ip'] = $_COOKIE['hi'];
81. else $_SESSION['dl_secure']['ip'] = $ipAddrShort;
82. if($ltype=='cookies') $_SESSION['dl_secure']['agent'] = $_COOKIE['hb'];
83. else $_SESSION['dl_secure']['agent'] = $_SERVER['HTTP_USER_AGENT'];
84. $gqry = 'SELECT service, wgrant FROM '.KML_PREFIX.'_grants WHERE iduser='.$row['iduser'];
85. $grsl = query(__FILE__,__FUNCTION__,__LINE__,$gqry,0);
86. while($grow = mysql_fetch_assoc($grsl)) $_SESSION['dl_grants'][$grow['service']] = $grow['wgrant'];
87. $cqry = 'SELECT p.idc, p.function, c.tag FROM '.KML_PREFIX.'_player AS p, '.KML_PREFIX.'_clan AS c WHERE (p.function="C" OR p.function="W") AND p.approve_user="Y" AND c.idc=p.idc AND p.iduser='.$row['iduser'];
88. $crsl = query(__FILE__,__FUNCTION__,__LINE__,$cqry,0);
89. if(mysql_num_rows($crsl)>0){
90. while($crow=mysql_fetch_assoc($crsl)){
91. $_SESSION['dl_clan'][$crow['idc']] = array($crow['function'],$crow['tag']);
92. }
93. }
94. $cqry = 'SELECT tag, idc, "C" AS function FROM '.KML_PREFIX.'_clan WHERE iduser='.$row['iduser'];
95. $crsl = query(__FILE__,__FUNCTION__,__LINE__,$cqry,0);
96. if(mysql_num_rows($crsl)>0){
97. while($crow=mysql_fetch_assoc($crsl)){
98. $_SESSION['dl_clan'][$crow['idc']] = array($crow['function'],$crow['tag']);
99. }
100. }
101. if(is_array($_SESSION['dl_clan'])){
102. $kclans = array_keys($_SESSION['dl_clan']);
103. $_SESSION['dl_config']['idc'] = $kclans[0];
104. }
105. $qry = 'UPDATE '.KML_PREFIX.'_users SET lastlog="'.time().'" WHERE iduser="'.$row['iduser'].'"';
106. query(__FILE__,__FUNCTION__,__LINE__,$qry,0);
107. if(ereg('add_user', $_SERVER['HTTP_REFERER']) || ereg('auth', $_SERVER['HTTP_REFERER'])) $location = 'index.php?'.str_replace('&amp;', '&', KML_LINK_SL2);
108. elseif($ltype=='post') $location = $_SERVER['HTTP_REFERER'];
109. else $location = $_SERVER['REQUEST_URI'];
110. header('Location: '.$location);
111. exit;
112. }
113. }else $status_error = 1;
114. }#elseif(isset($_SESSION['dl_login'])){
115. # if($_SESSION['dl_secure']['ip'] != $ipAddrShort || $_SESSION['dl_secure']['agent'] != $_SERVER['HTTP_USER_AGENT'] || banned($ipAddr)) destroySession();
116. #}
117.  
118. ?>