Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (!defined('CN_INIT_LOGINBOX')) {
- // Define variables and constants and include files
- define('CN_INIT_LOGINBOX', true);
- $cutepath = dirname(__FILE__);
- chdir($cutepath);
- if (isset($_GET['action'])) {
- $action = $_GET['action'];
- } elseif (isset($_POST['action'])) {
- $action = $_POST['action'];
- } else {
- $action = '';
- }
- require_once($cutepath.'/inc/functions.inc.php');
- // Start Session
- session_start();
- // Log user out if requested
- if ($action == 'logout') {
- session_destroy();
- session_unset();
- setcookie(session_name(), '');
- unset($_SESSION);
- $message = '<div style="color: green;">Logged Out</div>';
- }
- // Detect IP
- $ip = '';
- if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
- $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
- } elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
- $ip = $_SERVER['HTTP_CLIENT_IP'];
- }
- if ($ip == '') {
- $ip = $_SERVER['REMOTE_ADDR'];
- }
- if ($ip == '') {
- $ip = 'not detected';
- }
- $all_users = file($cutepath.'/data/users.db.php');
- $is_logged_in = false;
- if ($action == 'login') {
- $md5_password = md5($password);
- if (check_login($username, $md5_password)) {
- $_SESSION['username'] = $username;
- $_SESSION['md5_password'] = $md5_password;
- $_SESSION['ip'] = $ip;
- $_SESSION['login_referer'] = $HTTP_REFERER;
- $is_logged_in = true;
- $name = $_POST['name'] = $member_db[4];
- $mail = $_POST['mail'] = $member_db[5];
- $old_users_db = file($cutepath.'/data/users.db.php');
- $modified_users = fopen($cutepath.'/data/users.db.php', 'w');
- foreach ($old_users_db as $old_users_db_line) {
- $old_users_db_arr = explode('|', $old_users_db_line);
- if ($member_db[0] != $old_users_db_arr[0]) {
- fwrite($modified_users, $old_users_db_line);
- } else {
- fwrite($modified_users, $old_users_db_arr[0].'|'.$old_users_db_arr[1].'|'.$old_users_db_arr[2].'|'.$old_users_db_arr[3].'|'.$old_users_db_arr[4].'|'.$old_users_db_arr[5].'|'.$old_users_db_arr[6].'|'.$old_users_db_arr[7].'|'.$old_users_db_arr[8].'|'.time().'||'.chr(10));
- }
- }
- fclose($modified_users);
- } else {
- $message = '<div style="color: red;">Invalid login</div>';
- }
- } elseif (isset($_SESSION['username'])) {
- if (check_login($_SESSION['username'], $_SESSION['md5_password'])) {
- if ($_SESSION['ip'] != $ip) {
- $message = '<div style="color: red;">Session IP doesn\'t match.</div>';
- } else {
- $is_logged_in = true;
- $name = $_POST['name'] = $member_db[4];
- $mail = $_POST['mail'] = $member_db[5];
- }
- } else {
- $message = '<div style="color: red;">Invalid login</div>';
- }
- }
- chdir(dirname($_SERVER['SCRIPT_FILENAME']));
- } else {
- if ($is_logged_in) {
- ?>
- <p>
- You are logged in as <?=htmlentities($_SESSION['username'])?>, <a href="<?=$PHP_SELF?>?action=logout">Log Out</a>
- </p>
- <?php
- } else {
- ?>
- <form name="login" action="<?=htmlentities($PHP_SELF)?>" method="post">
- <input type="hidden" name="action" value="login" />
- <?=$message?>
- <label for="username">Username:</label>
- <br />
- <input type="text" name="username" id="username" value="<?=htmlentities($_SESSION['lastusername'])?>" style="width: 140px;" />
- <br />
- <label for="password">Password:</label>
- <br />
- <input type="password" name="password" id="password" style="width: 140px;" />
- <br />
- <input type="submit" style="width: 75px;" value='Login' accesskey="s" />
- </form>
- <?php
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement