Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*************** PHP LOGIN SCRIPT V 2.3*********************
- (c) Balakrishnan 2009. All Rights Reserved
- Usage: This script can be used FREE of charge for any commercial or personal projects. Enjoy!
- Limitations:
- - This script cannot be sold.
- - This script should have copyright notice intact. Dont remove it please...
- - This script may not be provided for download except from its original site.
- For further usage, please contact me.
- ***********************************************************/
- include 'dbc.php';
- $err = array();
- foreach($_GET as $key => $value) {
- $get[$key] = filter($value); //get variables are filtered.
- }
- if ($_POST['doLogin']=='Login')
- {
- foreach($_POST as $key => $value) {
- $data[$key] = filter($value); // post variables are filtered
- }
- $user_email = $data['usr_email'];
- $pass = $data['pwd'];
- if (strpos($user_email,'@') === false) {
- $user_cond = "user_name='$user_email'";
- } else {
- $user_cond = "user_email='$user_email'";
- }
- $result = mysql_query("SELECT `id`,`pwd`,`full_name`,`approved`,`user_level` FROM users WHERE
- $user_cond
- AND `banned` = '0'
- ") or die (mysql_error());
- $num = mysql_num_rows($result);
- // Match row found with more than 1 results - the user is authenticated.
- if ( $num > 0 ) {
- list($id,$pwd,$full_name,$approved,$user_level) = mysql_fetch_row($result);
- if(!$approved) {
- //$msg = urlencode("Account not activated. Please check your email for activation code");
- $err[] = "Your account hasn't been approved yet. Please contact an administrator with a request of doing this.";
- //header("Location: login.php?msg=$msg");
- //exit();
- }
- //check against salt
- if ($pwd === PwdHash($pass,substr($pwd,0,9))) {
- if(empty($err)){
- // this sets session and logs user in
- session_start();
- session_regenerate_id (true); //prevent against session fixation attacks.
- // this sets variables in the session
- $_SESSION['user_id']= $id;
- $_SESSION['user_name'] = $full_name;
- $_SESSION['user_level'] = $user_level;
- $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
- //update the timestamp and key for cookie
- $stamp = time();
- $ckey = GenKey();
- mysql_query("update users set `ctime`='$stamp', `ckey` = '$ckey' where id='$id'") or die(mysql_error());
- //set a cookie
- if(isset($_POST['remember'])){
- setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*COOKIE_TIME_OUT, "/");
- setcookie("user_key", sha1($ckey), time()+60*60*24*COOKIE_TIME_OUT, "/");
- setcookie("user_name",$_SESSION['user_name'], time()+60*60*24*COOKIE_TIME_OUT, "/");
- }
- header("Location: hub.php");
- }
- }
- else
- {
- //$msg = urlencode("Invalid Login. Please try again with correct user email and password. ");
- $err[] = "Invalid Login. Please try again with correct user email and password.";
- //header("Location: login.php?msg=$msg");
- }
- } else {
- $err[] = "Error - Invalid login. No such user exists";
- }
- }
- ?>
- <html>
- <head>
- <title>Atomic Booter • Restricted Area</title>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- <script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
- <script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
- <script>
- $(document).ready(function(){
- $("#logForm").validate();
- });
- </script>
- <link href="styles.css" rel="stylesheet" type="text/css">
- </head>
- <body>
- <br /><br /><br /><br /><br /><br /><br /><br />
- <center>
- <div class="header"><image src="images/logo.png"></div>
- <div class="content">
- <p>
- <?php
- /******************** ERROR MESSAGES*************************************************
- This code is to show error messages
- **************************************************************************/
- if(!empty($err)) {
- echo "<div class=\"msg\">";
- foreach ($err as $e) {
- echo "$e <br>";
- }
- echo "</div>";
- }
- /******************************* END ********************************/
- ?></p>
- <center>Please enter your login credentials below..</center>
- <form action="login.php" method="post" name="logForm" id="logForm" >
- Username: <input name="usr_email" type="text" class="required" id="txtbox" size="25"><br>
- Password: <input name="pwd" type="password" class="required password" id="txtbox" size="25"><br>
- <input name="remember" type="checkbox" id="remember" value="1">Remember me<br>
- <input name="doLogin" type="submit" id="doLogin3" value="Login">
- <hr>
- Getting Attacked By US? Get A Free BlackList To Prevent Attacks Email Markizzcull@gmail.com
- <hr>
- By Visiting This Page You Agree To Our Disclaimer And Terms Of Service
- <div align="center"></div>
- <p align="center"> </p>
- </form>
- </div>
- </div>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement