function CheckLogin()
{
$loginValues = ['Username', 'Password'];
if (!CheckList($loginValues)) {
return;
}
$login = GetList($loginValues);
return VerifyLogin($login[0], $login[1]);
}
function Pad_Verify()
{
$_POST['username'] = $_POST['username'];
$_POST['password'] = md5($_POST['password']);
if (VerifyLogin()) {
Redirect('?mod=pad');
}
die;
}
Redirect('cmd.php?act=admin');
}
if ($zbp->user->ID == 0 && GetVars('redirect', 'GET')) {
setcookie("redirect", GetVars('redirect', 'GET'), 0, $zbp->cookiespath);
}
Redirect('login.php');
break;
case 'logout':
Logout();
Redirect('../');
break;
case 'admin':
Redirect('admin/?act=admin');
break;
case 'verify':
if (VerifyLogin()) {
if ($zbp->user->ID > 0 && GetVars('redirect', 'COOKIE')) {
Redirect(GetVars('redirect', 'COOKIE'));
}
Redirect('admin/?act=admin');
} else {
Redirect('../');
}
break;
case 'search':
$q = urlencode(trim(strip_tags(GetVars('q', 'POST'))));
Redirect($zbp->searchurl . '?q=' . $q);
break;
case 'misc':
require './function/c_system_misc.php';
break;
Require_File("modules/vault.class.php");
Require_File("modules/items.class.php");
$LD_Items = new LD_Items();
Require_File("modules/recover_lost_item.class.php");
$LD_Recover_Lost_Item = new LD_Recover_Lost_Item($_GET['BuyID']);
break;
case "SearchItemSystem":
VerifyLogin();
if (!isset($_GET['BuyID'])) {
exit(Print_error("<script type=\"text/javascript\">alert(\"Erro ao gravar variaveis. Favor tentar efetuar a recupera��o novamente.\"); window.location='?';</script>"));
}
Require_File("modules/recover_lost_item.class.php");
$LD_Recover_Lost_Item = new LD_Recover_Lost_Item($_GET['BuyID'], true);
break;
case "CouponActive":
VerifyLogin();
$couponCode = $Protect->Check($_GET['couponCode']);
Require_File("modules/coupon.class.php");
$LD_Coupon = new LD_Coupon($couponCode);
break;
}
exit;
//Para a execu��o da p�gina para retornar o ajax
}
/*
@Verify auth [Session]
*/
if (!isset($_SESSION['Login'])) {
$tpl->set("Time", $LD_Time->Result_Time());
$tpl->set("Address", $_SERVER[SCRIPT_NAME] . "?" . $_SERVER[QUERY_STRING]);
$tpl->open("templates/" . TEMPLATE . "/login.php");
if (strcmp($_REQUEST['adminaction'], 'logout') == 0) {
unset($_REQUEST['password']);
unset($_REQUEST['login']);
} else {
if (empty($_REQUEST['password']) && !empty($_SESSION[$realpath]['user']['password'])) {
$_REQUEST['password'] = $_SESSION[$realpath]['user']['password'];
}
if (empty($_REQUEST['login']) && !empty($_SESSION[$realpath]['user']['username'])) {
$_REQUEST['login'] = $_SESSION[$realpath]['user']['username'];
}
}
if ($_REQUEST['login'] && $_REQUEST['password']) {
$login = trim(ereg_replace($master_name_filter, "", strtolower($_REQUEST['login'])));
$password = $_REQUEST['password'];
$adminaction = $_REQUEST['adminaction'];
$userlevel = VerifyLogin($login, $password, $chatpath);
if ($userlevel != -1) {
if (empty($_SESSION[$realpath]['user']['username'])) {
$_SESSION[$realpath]['user']['username'] = $login;
}
if (empty($_SESSION[$realpath]['user']['password'])) {
if (strlen($password) != 32) {
$_SESSION[$realpath]['user']['password'] = md5($password);
} else {
$_SESSION[$realpath]['user']['password'] = $password;
}
}
echo '<h2>Logged in as ', $login, '</h2>', "\n";
echo "<p><br><FORM ACTION='login.php' METHOD='POST'>";
if ($adminaction) {
if ($adminaction == "adduser") {
function ChangeFaction($username, $ad_name, $ad_pass, $new_name, $chatpath)
{
global $handler;
$flags = VerifyLogin($ad_name, $ad_pass, $chatpath);
if (CheckFlags("FXZmM", $flags)) {
$new_name = strtolower($new_name);
$new_name = trim($new_name);
$new_name = str_replace("_", " ", $new_name);
$new_name = str_replace(":", " ", $new_name);
$new_name = str_replace("'", "", $new_name);
$new_name = str_replace("�", "", $new_name);
$new_name = str_replace("`", "", $new_name);
$new_name = str_replace("\"", "", $new_name);
$result = @count_mysql_query("SELECT flags FROM uo_chat_database WHERE chat='{$chatpath}' AND username='******' AND dtime IS NULL", $handler);
$cuser = mysql_fetch_row($result);
if (CheckFlags("M", $cuser[0])) {
echo "<p>System Administrators are not in factions.<br>\n";
return -2;
} else {
if (CheckFlags("P", $cuser[0]) && !CheckFlags("mM", $flags)) {
echo "<p>You cannot change the faction of Protected users.<br>\n";
return -2;
}
}
@count_mysql_query("UPDATE uo_chat_database SET faction='{$new_name}' WHERE chat='{$chatpath}' AND username='******' AND dtime IS NULL", $handler);
echo "<p>User '{$username}' is now part of '{$new_name}'.<br>\n";
}
return -1;
}
<?php
date_default_timezone_set('Asia/Kolkata');
$username = $_POST["username"];
$password = $_POST["password"];
VerifyLogin($username, $password);
function logToFile($msg)
{
try {
$filename = '\\wamp\\www\\log.txt';
// open file
$fd = fopen($filename, "a");
// append date/time to message
$str = "[" . date("Y/m/d h:i:s", time()) . "] " . $msg;
// write string
fwrite($fd, $str . "\n");
// close file
fclose($fd);
} catch (Exception $e) {
logToFile($e->getMessage());
}
}
function VerifyLogin($username1, $password1)
{
$host = "localhost";
$user = "******";
$pass = "******";
$database = "blinx";
$conn = mysqli_connect($host, $user, $pass, $database) or die("Error " . mysqli_error($link));
try {
$sql1 = "select count(*) as count from m_volunteer where email_id='{$username1}'";
