$username = sys_get_param('username'); $password = sys_get_param('password'); if ($username) { $result = sn_login($username, $password, $_POST['rememberme']); switch ($result['status']) { case LOGIN_SUCCESS: $user = $result['user_row']; header('Location: overview.php'); break; case LOGIN_ERROR_USERNAME: case LOGIN_ERROR_PASSWORD: message($result['error_msg'], $lang['Login_Error']); break; default: } die; } elseif (!empty($_COOKIE[$config->COOKIE_NAME])) { $user = sn_autologin(); if ($user['id']) { ob_start(); header("Location: ./index." . PHP_EX); ob_end_flush(); } die; } $query = doquery('SELECT username FROM {{users}} ORDER BY register_time DESC LIMIT 1;', '', true); $query1 = doquery("SELECT COUNT(DISTINCT(id)) AS users_online FROM {{users}} WHERE onlinetime>" . (time() - 900), '', true); $template = gettemplate('login_body', true); $template->assign_vars(array('last_user' => $query['username'], 'online_users' => $query1['users_online'], 'URL_RULES' => $config->url_rules, 'URL_FORUM' => $config->url_forum, 'URL_FAQ' => $config->url_faq)); tpl_login_lang($template, $id_ref); display(parsetemplate($template, $parse), $lang['Login'], false, '', false, false);
<?php /* * common.php * * Common init file * * @version 1.1 Security checks by Gorlum for http://supernova.ws */ require_once 'includes/init.php'; $user = sn_autologin(!$allow_anonymous); $sys_user_logged_in = $user && is_array($user) && isset($user['id']) && $user['id']; $language = $language ? $language : $user['lang']; lng_include('system'); lng_include('tech'); if ($config->game_disable) { $disable_reason = sys_bbcodeParse($config->game_disable_reason); if ($user['authlevel'] < 1 || !(defined('IN_ADMIN') && IN_ADMIN)) { message($disable_reason, $config->game_name); ob_end_flush(); die; } else { print "<div align=center style='font-size: 24; font-weight: bold; color:red;'>{$disable_reason}</div><br>"; } } if (!($allow_anonymous || $sys_user_logged_in) || defined('IN_ADMIN') && IN_ADMIN && $user['authlevel'] < 1) { setcookie($config->COOKIE_NAME, '', time() - 3600 * 25); header('Location: ' . (IN_ADMIN == true ? '../' : '') . 'login.php'); ob_end_flush(); die; }