$submit = isset($_POST['submit']); $ip = @$_GET['ip']; $ip = htmlentities($ip); $errors = array(); $success = false; if ($submit) { $username = $_POST['username']; $password = $_POST['password']; if (empty($ip) || $ip == "localhost" || $ip == "127.0.0.1") { $error = Account::login($db, $username, $password, $user); $success = $error == AccountError::NO_ERROR; if ($success) { $token = $user->loginToken; setcookie("token", $token); } else { $errors[] = AccountError::str($error, $lang); } } else { // log in remotely using botlogin.php $req = "http://" . $ip . "/botlogin.php?username="******"&password="******"Could not log in remotely, login script not found on remote server!"; } else { $response = json_decode($response); $success = $response->success; if (!$success) { $errors[] = $response->error; } else { $token = $response->token; setcookie("token", $token);
<?php header('Cache-Control: no-cache, must-revalidate'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Content-Type: application/json; charset=utf-8'); require_once 'includes/import_me.php'; $submit = isset($_REQUEST['username']) && isset($_REQUEST['password']); $response = (object) []; $response->success = false; $errors = array(); if ($submit) { $username = $_REQUEST['username']; $password = $_REQUEST['password']; $error = Account::login($db, $username, $password, $user); $response->success = $error == AccountError::NO_ERROR; if ($response->success) { $response->token = $user->loginToken; } else { $response->error = AccountError::str($error, $lang); } } else { $response->error = $lang['no_data_submitted']; } echo json_encode($response);