Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(E_ALL);
- ini_set('display_errors', 1);
- header('Content-Type: text/javascript; charset=utf-8');
- include_once 'database.php';
- $db = new db();
- //print_r($_REQUEST);
- $user = @$_REQUEST['login'];
- $pass = @$_REQUEST['pass'];
- $admin = @$_REQUEST['admin'];
- if ($admin) {
- $dbQuery = $db->query("SELECT `agency`.`login`, `agency`.`password`, `staff`.`id` FROM `staff`, `agency` WHERE `staff`.`aid` = `agency`.`id` AND `staff`.`login` = ? AND `staff`.`pass` = ? LIMIT 1", $user, $pass)->assoc();
- } else {
- $dbQuery = $db->query("SELECT `siteUsers`.`email`, `siteUsers`.`pass`, `users`.`id` FROM `siteUsers`, `users` WHERE `siteUsers`.`uid` = `users`.`id` AND `users`.`user` = ? AND `users`.`pass` = ? LIMIT 1", $user, $pass)->assoc();
- }
- if (!$dbQuery) {
- echo 222;exit();
- }
- $rand_str = md5('Hre43$#433fsd' . md5(getrandmax() . date("U") . $user) . getrandmax());
- if ($admin) {
- $staffID = $dbQuery['id'];
- $insert = $db->insertDB('adminSession', array(
- 'sid' => $staffID,
- 'ssid' => $rand_str,
- 'time' => gmdate("Y-m-d H:i:s")
- ));
- $insId = $insert->insertedId();
- if ($insId) {
- unset($dbQuery['id']);
- $dbQuery['ssid'] = $rand_str;
- echo json_encode($dbQuery);
- }
- } else {
- $userId = $dbQuery['id'];
- $insert = $db->insertDB('session', array(
- 'uid' => $userId,
- 'ssid' => $rand_str,
- 'time' => gmdate("Y-m-d H:i:s")
- ));
- $insId = $insert->insertedId();
- if ($insId) {
- unset($dbQuery['id']);
- $dbQuery['ssid'] = $rand_str;
- echo json_encode($dbQuery);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement