<?phpob_start();require_once('./inc/core.php');if(Login($_SESSION['use

1. <?php
2.  
3. ob_start();
4. require_once('./inc/core.php');
5.  
6. if(Login($_SESSION['username'], $_SESSION['password'], true)){
7. header("LOCATION: ". PATH ."/me.php");
8. exit;
9. }
10.  
11. if(isset($_POST['username']) && isset($_POST['password'])){
12.  
13.  
14. $_SESSION['LOGIN_USERNAME'] = filter($_POST['username']);
15. $_SESSION['LOGIN_PASSWORD'] = filter($_POST['password']);
16.  
17. $username = filter($_POST['username']);
18. $password = str_replace("\\'", "'", $_POST['password']);
19.  
20. if(empty($username)){
21. header("LOCATION: /goto?error");
22. }
23. elseif(empty($password)){
24. header("LOCATION: /goto?error");
25. }
26.  
27. if(empty($username) || empty($password)){
28. header("LOCATION: /goto?error");
29. }
30. elseif(CheckBanned($username, $remote_ip)){
31. $error = CheckBanned($username, $remote_ip);
32. }
33. elseif(Login($username, $password)){
34.  
35. $_SESSION['username'] = getuser($username, $password, "username");
36. $_SESSION['password'] = HoloHash($password, $username);
37.  
38. mysql_query("UPDATE users SET last_used = '". time() ."' WHERE username = '{$username}'");
39.  
40. header("LOCATION: ". PATH ."/me.php");
41.  
42. exit;
43. }
44.  
45. else{
46.  
47. $error = "Tu contrase&ntilde;a y nombre de usuario no coinciden.";
48.  
49.  
50.  
51. $_SESSION['LOGIN_ERROR'] = $error;
52.  
53. header("LOCATION: /goto?error");
54.  
55. exit;
56. }
57. }
58. else{
59.  
60. header("LOCATION: ". PATH ."/");
61.  
62. exit;
63.  
64. }
65.  
66. ob_end_flush();
67. ?>