Advertisement
Guest User

Untitled

a guest
Jan 24th, 2019
140
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.63 KB | None | 0 0
  1. <?php
  2. error_reporting(E_ALL);
  3. ini_set('display_errors', 1);
  4. header('Content-Type: text/javascript; charset=utf-8');
  5. include_once 'database.php';
  6.  
  7. $db = new db();
  8.  
  9. //print_r($_REQUEST);
  10.  
  11. $user = @$_REQUEST['login'];
  12. $pass = @$_REQUEST['pass'];
  13. $admin = @$_REQUEST['admin'];
  14.  
  15.  
  16. if ($admin) {
  17. $dbQuery = $db->query("SELECT `agency`.`login`, `agency`.`password`, `staff`.`id` FROM `staff`, `agency` WHERE `staff`.`aid` = `agency`.`id` AND `staff`.`login` = ? AND `staff`.`pass` = ? LIMIT 1", $user, $pass)->assoc();
  18. } else {
  19. $dbQuery = $db->query("SELECT `siteUsers`.`email`, `siteUsers`.`pass`, `users`.`id` FROM `siteUsers`, `users` WHERE `siteUsers`.`uid` = `users`.`id` AND `users`.`user` = ? AND `users`.`pass` = ? LIMIT 1", $user, $pass)->assoc();
  20. }
  21.  
  22.  
  23. if (!$dbQuery) {
  24. echo 222;exit();
  25. }
  26.  
  27. $rand_str = md5('Hre43$#433fsd' . md5(getrandmax() . date("U") . $user) . getrandmax());
  28.  
  29.  
  30. if ($admin) {
  31. $staffID = $dbQuery['id'];
  32. $insert = $db->insertDB('adminSession', array(
  33. 'sid' => $staffID,
  34. 'ssid' => $rand_str,
  35. 'time' => gmdate("Y-m-d H:i:s")
  36. ));
  37. $insId = $insert->insertedId();
  38. if ($insId) {
  39. unset($dbQuery['id']);
  40. $dbQuery['ssid'] = $rand_str;
  41. echo json_encode($dbQuery);
  42. }
  43. } else {
  44. $userId = $dbQuery['id'];
  45. $insert = $db->insertDB('session', array(
  46. 'uid' => $userId,
  47. 'ssid' => $rand_str,
  48. 'time' => gmdate("Y-m-d H:i:s")
  49. ));
  50. $insId = $insert->insertedId();
  51. if ($insId) {
  52. unset($dbQuery['id']);
  53. $dbQuery['ssid'] = $rand_str;
  54. echo json_encode($dbQuery);
  55. }
  56. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement